Archive | February, 2012

Let “System Center 2012 Visual Studio Authoring Extensions” unseal your MP

22 Feb

Short post for al our reverse engineers.

You can use the System Center 2012 Visual Studio Authoring Extensions (VSAE) to unseal other vendors MPs.

This a really handy feature.

 

How to

1) Install the VSAE

2) open VS and create a new MP project

3) add you MP to unseal to the references

image

select the sealed MP

image

 

4) Right click on the just added reference and select View XML

image

5) and whala , look at the new document and you are done.

image

Happy Scomming!

Michel Kamp

[Solve] Forefront Unified Access Gateway (UAG) Management Pack Import Error

22 Feb

Problem:

You want to import the Microsoft Forefront Unified Access Gateway management pack. But you will be hit with an import error showing the message:

Forefront Unified Access Gateway could not be imported.
If any management packs in the Import list are dependent on this management pack, the installation of the dependent management packs will fail.
Database error. MPInfra_p_ManagementPackInstall failed with exception:
Database error. MPInfra_p_ManagementPackInstall failed with exception:
ManagementPack cannot be imported because it contains a Managed Type with the same name as an existing type: Teredo_Server_Class

 

Analyze:

Looking at the message it looks like the import is failing because there is a name conflict. Every class in SCOM must have a unique internal name. In this case there is already an management pack imported that defined a class with a name “Teredo_Server_Class” . So we are going to look what this MP is.

We are going to use PowerShell for this. Because in the SCOM console we can’t see the internal names , we only see the display names.

Open PowerShell and type:

PS D:\> get-SCCLASS -Name ‘*Teredo*’

DisplayName ManagementPackName Name Id
Teredo Server DirectAccess_Server Teredo_Server_Class 67886a42-d91d-1752-41e9…
Teredo Relay DirectAccess_Server Teredo_Relay_Class 78cd6ee6-f774-8811-dac9…

 

Got it ! This the Direct Access MP. Awake readers have noticed I used SCOM 2012 for this Knipogende emoticon

 

Solution:

Okay since we want also to monitor the direct access we can’t remove the Direct access MP. So we will have to unseal the Forefront Unified Access Gateway management pack and change the class names. Seal it again and import. This is not so complex as it sounds.

There are several tools on in the community that can unseal a sealed MP for you.  Just pick one. I however use the new System Center 2012 Visual Studio Authoring Extensions (VSAE) for this job.  How to do this I will blog after this post.

After done this. You open the unsealed MP with any plain text editor you have. I use Visual Studio (VS) for this. Next step is to do a global replace on the text below:

Search Replace with
IPHTTPS_Gateway_Class UAG_IPHTTPS_Gateway_Class
ISATAP_Router_Class UAG_ISATAP_Router_Class
Network_Security_Class UAG_Network_Security_Class
Router_6to4_Class UAG_Router_6to4_Class
Teredo_Relay_Class UAG_Teredo_Relay_Class
Teredo_Server_Class UAG_Teredo_Server_Class

 

Save the xml file. At this point you could import the unsealed MP into SCOM but keep in mind that every override you will be making that is using a target class for this MP will we stored in this MP. And also using any target form this MP in a DAM will fail. (or you will have to save this DAM into this MP also)

So best way is to seal this MP. Search on the web to do this or follow below:

1) Install the “System center Authoring Console 2007” software

2) Open the MP with the authoring console

3) And go to File –> Save as –> Sealed and Signed Management Pack

image

 

4) choose a location and save. Don’t change the file name!

5) Now you will have to assign the company name and the key file. This key file you will have to create before. (see http://msdn.microsoft.com/en-us/library/6f05ezxy(VS.80).aspx )

image

6) Press OK and you’re done

(of course you can also use the FastSeal.exe to do this all from a one-liner command line/PowerShell)

After this you can import the sealed MP into SCOM.

 

Drawbacks:

If you are going to use this solution you have to realize that if Microsoft is updating his “front Unified Access Gateway” management pack you will not be able to upgrade ! This because the seals don’t match. To solve this you can uninstall your version and import the MS one. Ore you can unseal the Microsoft one and do the seal trick again with your seal.

But I think MS is never going to release a updateable version of this MP because they would have to change the internal class names too. And if you do this the MP will loose its upgrade feature!! So you will always have to uninstall the MP first. So the conclusion is no real drawback!

 

The end:

Hope you enjoyed this post.

 

Happy SCOMMING….

 

Michel Kamp

SCOM Author Meets the REAL VS Authoring Extensions

19 Feb

Yhea! Now its time for the real stuff. In my last post I mentioned the Visual studio Authoring Extensions. And now I am going to give you a first quick hands on. We are going to build an management pack that will discover all your Symantec Agents and monitor the running state of it. When not running it will give an error and a unhealthy state. Pretty easy stuff for you reading this blog but its not the MP but the Authoring VS extensions that have the focus here.

Okay here we go.

First this. This blog post is based on a pre build and can contain other features that may or may not be present in the RTM build.

After installing the VS Authoring extensions we startup VS and select to create a new project.

image

Now select the Management Pack –> Operations Manager –>

You will see for now 2 project templates. We select the Core template and fill in a good name.

SNAGHTMLb67fb6a 

We have now a empty MP project. So next we have to think what we need to create for this MP.

1) Class type for the Symantec Agent

2) Discovery rule to discover the Symantec Agent

3) Monitor rule for the NT service Check of the Symantec Agent

4) Views to display the Symantec health state.

1 Class Type

As always we start at number 1. Go to add a project item for the class to create. Right click on the project and add –> New Item

image

Go to the XML templates and choose Class. And give it the correct name.

SNAGHTMLb742621

If you choose a item template out of the XML folder it will means that you will have to go type the old fashioned XML again. Ill think this will be replaced by an real class create template wizard soon. I hope so…

So said that we open the just created Class MP fragment. And we change the class internal / display name first. Next we change the base to “Windows!Microsoft.Windows.LocalApplication” because I like to use this predefined MS class. Oh do not to forget to set the Hosted to true. As a bonus we add a property “ProductVersion” as a string value.

image

And yes we have finished step 1.

2 Discovery rule

To create class instances for the class created in step 1 we need a discovery rule. Since the best way to discover the Symantec agent is the registry we are going to use a registry key discovery rule. So when a windows computer has the Symantec agent on it a new class instance Symantec agent will be created and the product version number will be filled in. The registry key to check for the agent service existence is “SYSTEM\CurrentControlSet\services\Symantec AntiVirus” and for the product version “SOFTWARE\Symantec\Symantec Endpoint Protection\SMC\ProductVersion”.

Again next we are going to add a project item. This time it will be a Discovery template.

SNAGHTMLb85baa3

Good for us it is a real template so (almost) no need for XML. 

SNAGHTMLb8889b4

Take a good look at what you are seeing now. On the left you will see all the objects created by the templates. In this case it will be one. But you can create more by pressing right click. On on right side we see the property window. And this is the most important one. All the wizard stuff we where having in the ‘normal’ authoring console is gone. You will have to use the property window to supply the values. It looks a bit more work but its not so bad at all because most of the properties have filled select lists behind it.

So we are going to specify the properties. After we fill in the common properties as: Display name , ID , Description, we start with the Module –> Datasource Type ID . Press on the … icon. And choose the filtered registry module type.

SNAGHTMLb914ec7

  Next is to specify the Module type configuration. Go to the “Data Source Configuration” and press on the (Configuration XML). And now we have to type in the registry configuration  by using XML. Hope this will be changed to a wizard later on. For now we will have to create the XML by hand. Good for us the is a XSL schema helping out. We are going to use the registry keys mentioned earlier in this module.

SNAGHTMLb9cd45b

Next we specify the class instance to create. This is a bit more click work but very self explaining.

SNAGHTMLba12316

The complete discovery properties will be at the end.

image

 

3 Monitor rule

Now the real core why we are making this MP. The monitoring check of the Symantec Agent service state. Again we add a new project item. This time we select the Templates –>  Monitor (unit) template.

SNAGHTMLba843b1

 

And again we have to specify the properties. After the general ones we set the Target for this monitor.

image

Select the Class we have created in step 1.

SNAGHTMLbb2beaa

Now we have to specify the Monitoring module type to use.

image

And we select the NT service monitor module type.

SNAGHTMLbb6af20

Next the parent monitor for the heath rollup

image

SNAGHTMLbb76a92

And also important the instance states to use.

image

SNAGHTMLbb868ed

But the most important is of course the configuration of the module type.

image

And again we have to type XML with XSL schema help. We will have to know first the NT service name. Lets use PowerShell to get this name instead to the SC command.

SNAGHTMLbbba16a

So the name will be “Symantec AntiVirus”. So the XML configuration will be:

SNAGHTMLbbd333d

The complete final properties list will be:

SNAGHTMLbc0339b

 

Now the MP is operational , you could now build and import it , but some end user view would be nice too.

4 Views to display

We are going to create 2 state views in a folder.  One showing all Agent states and one showing only the unhealthy ones.

And yes , I know what you are thinking …. we are going to add a new project item Knipogende emoticon

We start with creating a folder to hold the views.

SNAGHTMLbc684a7

We have to specify the folder in XML:

image

Now we have the folder we are going to create the views. Templates –> View (Custom)

SNAGHTMLbc8ec3f

 

this time we have to use the properties to specify the view configurations. We fill in the common ones.

image

And we specify the View configuration and View Folder.

For the second view showing the unhealthy ones  we have to specify the View Configuration as below:

image

SNAGHTMLbcf8e67

 

And yes yes we are ready to build !!!!

Simply press F6 to build. Now after a successful build go to the management pack created.

image

The MP file location will be :

image

and the MP (unsealed) file will be here:

SNAGHTMLbd21800

At this point you can test the MP with the already super tool Authoring Console with the Work flow simulator. If all is okay you can do the last step.

Last step is to import the MP into the SCOM MNG group. An no we don’t have to do this by hand!! We can do it from out of VS too.

Go to the project properties and select the “Management Group” tab.

image

Add a new MNG connection.

After testing the connection you can simply press F5 to build and deploy the unsealed MP to the MNG group.

If you want a sealed one you must specify in the build tab a certificate.

SNAGHTMLbd82c4b

So simple as this it is….

So now you have created your first MP with the new VS authoring Extensions. But WAIT what did we forget !!!! Check-in the solution into Visual Source Safe … really use a Source Safe system to safe your live some day!!!

Next time I will blog more about this super cool new authoring tool. I think I am going to take you guys on the how to create a dashboard widget tour….

Hope you liked this blog and …..

Happy Scomming.

Michel Kamp

SCOM author meets VisualStudio

11 Feb

Hi,

As promised I will write 1 blog post a week. This time I will describe a method I used the last 5 years for authoring my management packs. I can say that all of this below will change completely over about 2(?) months. This because the “VisualStudio Authoring Console Extensions” will be officially released by Microsoft. But I was one of the lucky ones to test this extensions and I must say its amazing. Before you think ‘give me more’ I say… wait till next blog post .. This blog post will be all about the old method making authoring less time consuming.

For daily authoring I use VisualStudio , VSS and the Scom Authoring Console. This combination works really good. The main MP body I make in VS and when I must create modules / rules / monitors … I use the Scom authoring console. Then when I want to verify the MP I use the MPverify tool and when I want to seal it I use the MPseal tool. Because I didn’t want to open a external window every time, I created  External tools in VS. So now I simply click the external tool and the work (verify / seal / import) is done. The output of the external tool will be displayed in VS. So no need for switching windows.

Using this combination is really decreasing the duration of making a SCOM management pack.

Here’s my External tool window in VS:

image 

And here is a (old) MP I created using XML in VS and the authoring studio

SNAGHTML72fee3e4

So when I want to Verify the MP I go to the tools menu and select the “MP Verify” tool. Now the MP XML will be checked and the output will be written to the output windows below.

image

If any error is detected it will report also in this window so you can quickly see what’s wrong without leaving VS.

image

 

For the MP seal action it’s the same way. Pick the tools –> mp fast seal. The output will be:

image

When I want to add a module I could choose to create it in XML (see also my blog on how to enable the MP schema check in VS) but I could also simply use SCOM authoring console , select tools > MP autoing console ,  and create the module here , save it , and reload the XML file by clicking YES to all in VS.

image

 

Hope you see the time saving here.

Okay enough bla bla. Give me the the code to do this…

What you have to do is:

1. Install VSS 2005 if you want to safe you’re work with revisions. I say this is a MUST for every MP author USE A SOURCESAFE TOOL!! Sometime later this will be your live safer.

2. install VS 2010

3. install the SCOM authoring console AND the Authoring tools so you can use the workflow simulator.

4. create empty VS solution

5. add a Empty VS project

6. make a directory tree and put here your certificate you want to use for MP sealing.

7. now create the external tools in VS. Press tools > External tools…

image

And press Add.

SNAGHTML7317556c

Fill in the new name “MP verify” and fill in the command , arguments , install directory .

See the table below for all the tools I created.

 

Title MP Verify
Command C:\Program Files\System Center Operations Manager 2007\MPVerify.exe
Arguments /I "$(ProjectDir)" /I "G:\OPS\Development\Root MP Libs" $(ItemFileName)$(ItemExt)
Initial directory $(ItemDir)
Title MP Authoring Console
Command C:\Program Files\System Center MP Authoring Console 2007\Microsoft.EnterpriseManagement.UI.MPAuthoring.exe
Arguments $(ItemFileName)$(ItemExt)
Initial directory $(ItemDir)

 

Title MP Fast Seal
Command C:\Program Files\System Center MP Authoring Console 2007\FastSeal.exe
Arguments /KeyFile "d:\ONTW\ScomVirtualSourceSafe\ScomVirtualSourceSafe\mpseal\tbb.snk" /Company "Your Company" $(ItemPath)
Initial directory /KeyFile "d:\ONTW\ScomVirtualSourceSafe\ScomVirtualSourceSafe\mpseal\tbb.snk" /Company "Your Company" $(ItemPath)

 

The tool below need a Powershell script. If you google Bing you will find plenty of MP import scripts you can use.

Title Import MP To LAB
Command C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe
Arguments -NoExit  "D:\ONTW\ScomVirtualSourceSafe\ScomVirtualSourceSafe\SCOM_VS_AddIn\ImportMP.ps1" $(ItemFileName)$(ItemExt)
Initial directory

 

Now you have created all the tools you need.

One thing before I stop. Save your just created tools settings. I have seen plenty of issues after installing VS patches that will reset you tools configuration. You can save it by doing an export. And if needed you can restore it by using the import function.

 image

SNAGHTML732e4324

SNAGHTML73302a47

 

SNAGHTML733117b1

 

So now you are ready to develop with speed.

Next time I will blog on the new way of doing the SCOM authoring by using the “VisualStudio Authoring Console Extensions” and believe me this tool you may not miss !!

Happy Scomming,

Michel Kamp