[OMS] Complete Hidden and Available Solutions List

14 Sep

Hi here a short post.

I was doing some research work and noticed in one of my web traces that there are a lot more Intelligence Packs (aka Solutions) that are available but not shown on the solution gallery site.

Here below the list, focus on the Gallery Invisible column, if it’s True then it is real hidden but may come soon. 😉

Name Description Available Visible Gallery Invisible
Capacity Planning Calculates current and future utilization of each component of your environment. True True True
Security and Audit Provides the ability to explore security related data and helps identify security breaches. True True False
System Update Assessment Identify missing system updates across your servers. True True False
Antimalware Assessment View status of antivirus and antimalware scans across your servers. True True False
Log Management Configure and manage Windows Events that you want to collect and upload to Operations Management Suite. True True True
Change Tracking Track configuration changes across your servers. True True False
SQL Assessment Assess the risk and health of SQL Server environments. True True False
SCOM Assessment Assess the risk and health of System Center Operations Manager Server environments. False True False
SQL Assessment Premier Assess the risk and health of SQL Server environments. True True True
SharePoint Assessment Premier Assess the risk and health of SharePoint Server environments. True True True
AD Assessment Assess the risk and health of Active Directory environments. True True False
AD Assessment Premier Assess the risk and health of Active Directory environments. True True True
Premier Solution Pack Add or remove solutions that are only available to premier customers. True True True
Alert Management View your Operations Manager and OMS alerts to easily triage alerts and identify the root causes of problems in your environment. True True False
MDS Provides data collection services from MDS for internal Microsoft engineers. True False True
Data Visualizer Provides insight into data allowing for customized data visualizations and log search analytics for internal Microsoft engineers. True True True
Configuration Assessment Identify configuration problems across your servers. True True True
Azure Automation Automate time consuming and frequently repeated tasks in the cloud and on-premises. True True False
Wire Data Provides the ability to explore wire data and helps identify network related issues. False True False
Azure Site Recovery Monitor virtual machine replication status for your Azure Site Recovery Vault. True True False
Backup Manage Azure IaaS VM backup and Windows Server backup status for your backup vault. True True False
Surface Hub Provides the ability to monitor Microsoft Surface Hub devices. True True False
Network Performance Monitor (Preview) Offers near real time monitoring of network performance parameters like loss and latency. True True False
Containers See Docker container performance metrics and logs from containers across your public or private cloud environments. True True False
Application Dependency Monitor Automatically discover and map servers and their dependencies in real-time. False True False
Azure Networking Analytics (Preview) Gain insight into your Azure Network Security Group and Application Gateway logs True True False
AD Replication Status Identify Active Directory replication issues in your environment. True True False
Office 365 (Preview) Get full visibility into your Office 365 user activities perform forensics as well as audit and compliance True. True False
Upgrade Analytics (Preview) Use a data-driven approach to streamline and accelerate Windows upgrades. True True False
Key Vault (Preview) Understand your Key Vault usage through Analysis of Key Vault logs True True False
Service Fabric Identify and troubleshoot issues accross your Service Fabric cluster False True False
DDI Analytics Provides security performance and operations related insights into DNS DHCP and IP address infrastructure False
Application Insights Connect Application Insights Accounts and leverage your visibility across applications. True True True
Wire Data 2.0 Provides the ability to explore wire data and helps identify network related issues. False True False
Update Analytics (Private Preview) View security update compliance and feature update status across all of your Windows 10 devices. False True True
Agent Health The Agent Health solution gives customers insight into the health performance and availability of their agents (both Windows and Linux agents). True True False
MLRecommendation Unavailable False False False

Happy OMS’ing

Michel Kamp


[Workaround] OMS View Designer Pitfall alias Bug ?

5 Jul


In my last post I warned you for a design time issue when using the “Data-flow verification” on the Tile. (https://michelkamp.wordpress.com/2016/07/05/oms-view-designer-pitfall-alias-bug/ )

Now because I was of course myself hit by this and afraid losing my just designed dashboard I looked for a way to just open it behind the screen.

And I found a workaround.

Steps to take:

Open the OMS home Page


Now press F12 (using IE)

And (1) select the DOM Explorer. Now (2) and (3) select your custom designed View / dashboard and copy the GUID (4)



Now copy the URL form the current OMS page (1)


Edit the URL as below:

Replace the GUID after ?Solutionid= with the GUID you got from above step (4)


Open a new IE tab

And paste this new URL above. And yes you are in !!!! Now first to do is to disable the Data-flow verification feature and save the dashboard.

Happy OMS’ing

Michel Kamp

Touching SCOM





OMS View Designer Pitfall alias Bug ?

5 Jul

Hi OMS’ers,

Just a short post to warn you for a nasty situation during designing your fantastic OMS dashboards using the brand new View designer. (Public preview)

When you add a Tile you will have the feature called “Data-flow verification”. This feature will enable you to put a message on the Tile when no data records are found in the OMS system.

This is a handy feature because you don’t want to show an empty dashboard…. But this could also raise an issue during design time.

Because … what will happen when you have setup the “Data-flow verification” to check the past x days for any data but have made a typo or the data isn’t flowing in any more…. Yes of course the dashboard will show the message you specified but you will get more (for free) ….

You CAN NOT open your custom view (dashboard) any more to edit it !!! So you are somewhat stuck here … ; – (

Be warned!


So here the steps to see what happens:

Open de View designer


Add the Ttile , and enable the Data-flow verification


Now look at the tile when you add the query, it will give you a error when it hasn’t got any data back. So this will indicate you are going to have this issue….


Now save the dashboard.

And try to open it from the Home page……


Happy OMS’ing

Michel Kamp

Touching SCOM


O no I forgot my SCOM account passwords!!

25 May



O no I forgot my SCOM account passwords!! I don’t know the password of the Data Access, Data Reader and Writer account anymore. Resetting it in AD will force me to do a lot of tweaking to correct the accounts in SCOM.

Don’t worry we will find them for you.



SCOM stores the account passwords in the “Run AS Configuration -> Accounts” section. This account information is linked to a “Run As profile”. This Run as Profile can be assigned to a SCOM Workflow (Rule/Monitor/Task…) so that this workflow is going to run under the account security context.


Nice but we still can’t see the password on the accounts.




But we can also do other things with the Run As profile. We can just assign them as a parameter to for example a script. In the script we can readout the account information and find our lost password.

In SCOM we can use the secure script provider (vbscript) aka “Microsoft.Windows.ScriptWriteAction”. The secure script provider streams the run as information as an input stream to the VBScript. So if you read this input stream at top of your script you will get the account information. This can be tricky sometimes.

See an example below:


<WriteAction ID=”sc” TypeID=”Windows!Microsoft.Windows.ScriptWriteAction”>


<Arguments />

<ScriptBody><![CDATA[ Set oAPI = CreateObject(“MOM.ScriptAPI”)

Set oArgs = WScript.Arguments


password= WScript.StdIn.ReadLine()

Call oAPI.LogScriptEvent(“ScriptName.vbs”, 101, 2, “Debug password = ” & password)


<SecureInput>$RunAs[Name=”RUNAS_PROFILE_1″]/UserName$ $RunAs[Name=” RUNAS_PROFILE_1″]/Password$</SecureInput>





Using the SecureInput parameter we can provide the Run as account information. For getting the UserName we use :


And for the password we use


The RUNAS_PROFILE_1 is the internal name of the Run as profile in SCOM. You can use Powershell “Get-SCOMRunAsProfile” to get the internal names.

I hear you thinking, this is way too old, this is VBScript, we WANT PowerShell! And I agree completely.

So for PowerShell we can use the normal PowerShell script provider aka “Microsoft.Windows.PowerShellProbe”. We don’t have to apply a secureinput parameter but just very simple supply the RunAs as a normal parameter. And this will do the trick.

<ProbeAction ID=”Probe” TypeID=”Windows!Microsoft.Windows.PowerShellProbe”>







# output the input paramters

Write-Output “UserName: $USERNAME”

Write-Output “Password: $PASSWORD”


# end script



<SnapIns />



<Name> USERNAME </Name>




<Name> PASSWORD </Name>









Now we make a simple workflow for example a task and add use this probeaction.



You see it’s very simple to get account information that’s stored in the run as accounts / profiles. If this is good is up to you.

To make it even easier I created a MP that will display the most important account information (so the usernames and passwords).

You simply import the MP and select the Managementserver target and press the special task “GetRunAsCredentials”.

The account information will be displayed in the task output.


Download link for the Management Pack:


NOTICE: Please remember that the task output is stored in the SCOM Databases so it can be traced back not very secure I think. So use this only in emergencies. Or change the PowerShell script to write it to a file!!



Michel Kamp

Touching SCOM





Finding the latest System Center 2012 Rollup in the update jungle

11 Mar


This post is just a reminder for myself. Since I work in many different SCOM environments as SCOM 2012, 2012 SP1 , 2012 R2 and even 2007!! I get sometimes lost to find the latest rollup package.

Yes of course I can enable the auto update but that’s not something I would advise for the System Center updates because they have some manual task (SQL) to apply too.

Yes I know there’s a site ( https://support.microsoft.com/en-us/kb/2906925 ) that has all the patches on but this site is sometimes also not updated right after releasing. So I wanted a simple but effective way. By using this simple URL you can get the latest rollup packages at an easy way and download them. Also adding the RSS feed can be handy too.


Updates for SYSTEM CENTER 2012 R2


http://catalog.update.microsoft.com/v7/site/Search.aspx?q=update+rollup+system+center+2012+R2 and then order by ‘Last Updated’




Updates for SYSTEM CENTER 2012 SP1


http://catalog.update.microsoft.com/v7/site/Search.aspx?q=update+rollup+system+center+2012+SP1 and then order by ‘Last Updated’




Updates for SYSTEM CENTER 2012


http://catalog.update.microsoft.com/v7/site/Search.aspx?q=System+Center+2012+-+Operations+Manager and then order by ‘Products’ . The product “System Center 2012 – Operations Manager” is the one to use.


http://catalog.update.microsoft.com/v7/site/Rss.aspx?q=update+rollup+system+center+2012 &lang=en


So you see absolutely no rocket science going on here 😉








[O so Cool] Connecting your Raspberry PI (RPi) to OMS.

8 Feb


At my home I have a Raspberry to do all my home automation. (Light, temperature, alarm, cams etc.) . Since the OMS Linux agent is available I was wondering if I could use this agent to monitor my raspberry pi without having a SCOM environment in place.

AND guess what? YES you can!!!

First before you are accusing me of plagiarism I have to say all the credits go to the guy of this blog ( http://kentablog.cluscore.com/2015/12/raspberry-pi-iot-oms_62.html ).

So I followed the steps and it worked. You can’t use the wget described on the oms Quick install Guide ( https://github.com/Microsoft/OMS-Agent-for-Linux ) because this one will fail due to the pre check of AMD64.

Since the RPI platform isn’t AMD64 you will have to trick it a little.

So you will have to follow the steps below:


Install The OS on your RPI

We take the latest RASPBIAN WEEZY



Open a putty and log on as pi / raspberry



Now we install the Ruby , and fluent modules

sudo aptitude install ruby-dev git make

sudo gem install fluentd

sudo fluent-gem install fluent-plugin-td



Next we create a user that the OMS agent service is using for running. Remember the password you provide

sudo adduser omsagent



Now we are going to get the OMS source code for github

git clone https://github.com/Microsoft/OMS-Agent-for-Linux.git


Next is to create the directory structure since we can’t use the OMS installer

sudo mkdir -p /etc/opt/microsoft/omsagent/certs

sudo mkdir -p /etc/opt/microsoft/omsagent/conf/omsagent.d

sudo mkdir -p /etc/opt/microsoft/omsagent/sysconf

sudo mkdir -p /etc/opt/microsoft/scx/conf

sudo mkdir -p /opt/microsoft/omsagent/bin

sudo mkdir -p /opt/microsoft/omsagent/plugins

sudo mkdir -p /var/opt/microsoft/omsagent/tmp

sudo mkdir -p /var/opt/microsoft/omsagent/run

sudo mkdir -p /var/opt/microsoft/omsagent/log

sudo mkdir -p /var/opt/microsoft/omsconfig/log

sudo mkdir -p /var/opt/microsoft/omsconfig/run

sudo chown omsagent:omsagent -R /var/opt/microsoft/omsconfig

sudo chown omsagent:omsagent -R /var/opt/microsoft/omsagent

sudo ln -s /usr /opt/microsoft/omsagent/ruby

sudo ln -s /usr/local/bin/fluentd /opt/microsoft/omsagent/bin/omsagent


We setup the correct config files for the OMS agent service

sudo cp OMS-Agent-for-Linux/installer/scripts/auth_key.rb /opt/microsoft/omsagent/bin/

sudo cp OMS-Agent-for-Linux/installer/scripts/omsadmin.sh /opt/microsoft/omsagent/bin/

sudo chmod u+x /opt/microsoft/omsagent/bin/omsadmin.sh

sudo cp OMS-Agent-for-Linux/installer/scripts/service_control /opt/microsoft/omsagent/bin/

sudo cp OMS-Agent-for-Linux/installer/scripts/omsagent.ulinux /etc/init.d/omsagent

sudo chmod u+x /etc/init.d/omsagent

sudo cp -Rf OMS-Agent-for-Linux/source/code/plugins /opt/microsoft/omsagent/


We copy the default agent configuration files , we are going to change this later on to specify what we want to monitor

sudo cp OMS-Agent-for-Linux/installer/conf/omsagent.conf /etc/opt/microsoft/omsagent/conf/

sudo mv /etc/rsyslog.conf /etc/rsyslog.conf.default

sudo cp OMS-Agent-for-Linux/installer/conf/rsyslog.conf /etc/


And this is probably the trick for this all. We fake the OMS agent to believe it’s an AMD64 platform.

sudo echo “1.0.0-47 20151102 Developer_Build” > /tmp/installinfo.txt

sudo echo `date +%Y-%m-%dT%H:%M:%S` >> /tmp/installinfo.txt

sudo mv /tmp/installinfo.txt /etc/opt/icrosoft/omsagent/sysconf/

sudo echo “OSName=Ubuntu” > /tmp/scx-release

sudo echo “OSVersion=14.04” >> /tmp/scx-release

sudo echo “OSFullName=Ubuntu 14.04 (x86_64)” >> /tmp/scx-release

sudo echo “OSAlias=UniversalD” >> /tmp/scx-release

sudo echo “OSManufacturer=Canonical Group Limited” >> /tmp/scx-release

sudo mv /tmp/scx-release /etc/opt/icrosoft/scx/conf/


Now we are going to onboard the OMS agent to your OMS workspace.

Get your (1) <workspace id> and (20 <key> from the OMS page -> Settings -> Connected Sources





And we fill it in the omsadmin script as parameters

sudo /opt/microsoft/omsagent/bin/omsadmin.sh -w <workspace id> -s <key>


If everything is successful it will give you the onboard message. If not check the keys.


Next is to edit the OMS agent config to let it know what it should monitor.

Since the OMI agent isn’t installed on this platform we can only do the syslog stuff for now.

sudo vi /etc/opt/microsoft/omsagent/conf/omsagent.conf


The most important is to check if this elements exists in the file


type syslog

port 25224


tag oms.syslog



<filter oms.syslog.**>

type filter_syslog



Now we are going to let the OMS agent startup correctly as a service. We have to manipulate the init.d file a bit to have it run from of the source files we got from git hub.

sudo vi /etc/init.d/omsagent


Edit the file

Change this line:

START_QUALS=”-d $PIDFILE –no-supervisor -o $LOGFILE”


START_QUALS=”-d $PIDFILE –no-supervisor -o $LOGFILE -p /opt/microsoft/omsagent/plugins -c /etc/opt/microsoft/omsagent/conf/omsagent.conf


Next we setup the syslog log levels. Just get all 😉

sudo vi /etc/rsyslog.conf

add this row

*.* @


And we startup the OMS agent

sudo service omsagent start


And the syslog deamon

sudo service rsyslog restart


Now you logon to the portal http://oms.microsoft.com

And you watch for the syslog event type messages. Could take some minutes.

Go to Search and type: “* Type=Syslog” (without the quotes)

Or you search by name if you know the PRI host name: “* HostName=raspberrypi” (without the quotes)


This could be the output. We see the startup syslog messages!!!


Cool isn’t it!!

Next step would be to get the OMI agent working so we can readout the performance data.


Happy OMS’ing

Michel Kamp

Touching SCOM




[FOR the MP Devs] Grooming your managed objects completely from scom

8 Feb


I some situations when you are developing a new MP you want to be sure that your discovery’s are working correctly.

The problem

Normally you would let the discovery run and watch if the managed object is created, but after the first time discovering and un-discovering the managed object it could trick you for the next discovery.

Basically we as MP devs know that we can simply manual delete a managed object from scom by using a SQL query and set the isDeleted to true. But this can be tricky. If the discovery workflow runs again and create a managed object (the same) it will just update the isDeleted to False. So basically you are getting ‘old’ discovery data. Knowing this in some cases the configuration is not updated and the workflows under this managed object just won’t get executed. So you will be stuck in having an uninitialized managed object(s). Especially when using Managed objects that are managed by a scom resource pool can be facing this issue.


Two solution could help you out. (ALL UNSUPPORTED BY MICRSOSOFT, but yhea … no guts no glory)

  1. Wait 2 days … then the normal purge will kick in
  2. Modify the purging threshold and manual run the purge

The SQL script below provides step 2. Connect to the operational DB as admin and follow the steps.

Before you run it you will have to change ‘vcenterlab.contoso.com‘ to the first parent name you want to delete. (By not including the right % in the like) In this case it’s the parent of all VMWARE monitoring managed objects.

— Delete a managed object completely from scom


— Michel Kamp


————- Find the object

from dbo.BaseManagedEntity where FullName like

————- delete it (hmmm okay mark it as delete)

update dbo.BaseManagedEntity set IsDeleted=1 where FullName like

— object is still in DB but now as isdeleted = true

— it will be deleted after 2 days. but we don’t want to wait.

— we force the delete by setting the purgedate delta to 0

————- Update the purge date time function

FUNCTION [dbo].[fn_DiscoveryDataPurgeThreshold]()



    –RETURN DATEADD(dd, -2, getutcdate())

DATEADD(dd, 0, getutcdate())


— now we call the purge stp to clean it all

————- do the real purge

exec p_DiscoveryDataPurging

— we do a check if it is gone.

————- Find the object

from dbo.BaseManagedEntity where FullName like

— and there should not be any (0) result.

— End script

O don’t forget to change the DiscoveryDataPurgeThreshold back to its original when you are ready …


Michel Kamp