In this post series I went through step by step into System Center Operations Manager 2007 R2 starting from “Pre-Build”, then I continued with “Installing Operations Manager Database”, followed by another post “Installing Root Management Server”, then “Configure GPO for SCOM”, then followed by “Configuring SQL Reporting Service”, then followed by “Installing Data Warehouse Database”, then followed by “Installing Audit Collection Service” then followed by “Download and Import Management Pack”, and lately followed by “Discover Windows Computer and Deploy SCOM Agents”
In this post I will go through basic configuration in System Center Operations Manager 2007 R2, and the focus in this post will be on Discovering Unix\Linux Servers and Deploy Agents.
Steps are as the following:
Step
Description
Screenshot
User local administrator privileges to log on to the SCOM 2007 R2 Root Management Server (SCOM) [Member of "OpsMgrAdmins" Group]. This account must also have system administrator privileges on the instance of SQL Server that will host the Operations Manager 2007 R2 database
1.
Open a command prompt as a Local Administrator and execute the following command:
Winrm set winrm/config/client/auth @{Basic=”true”}
2.
Open the SCOM console. Highlight Administration and Click Discovery Wizard
3.
On the What do you want to manage page, Click and select Unix/Linux computers then Click Next
4.
On the Discovery Method page, Click Add
5.
On the Define discovery criteria dialog box, do the following:
· Provide the IP address of the Unix/Linux Server
· Provide the Credentials
· Click OK
6.
On Discovery criteria page, do the following:
· Select the Management Server
· Check Enable SSH based discovery
· Click Discover
7.
On the Discovery results page, Select the computer and click Next
8.
On the Deployment complete page, Click Done
In the next posts I will continue go through the main configuration areas in Operations Manager 2007 R2, starting with Configure Notification.
Related Posts:
I have been asked a number of times on the possibility of allowing or denying Windows 7 installation to specific MAC addresses.
If you are performing a light touch installation (LTI) using MDT, you can append the MAC address to your customsettings.ini file. A sample configuration is shown below:
[Settings]
Priority=MacAddress, Default
[00:15:5D:84:2F:24]
OSInstall=Y
[Default]
OSInstall=N
The above entries will install the operating system only to the MAC address [00:15:5D:84:2F:24]. Any other MAC address won’t be able to perform the OS installation. When you try to run a task sequence from an unauthorized machine, you will get the below error:
You could also make use of the SQL Express for dynamic configuration. To do so, expand your deployment share, expand Advanced Configuration, expand Database, right click on Computers and click New Computer.
Fill in the information to identify the computer machine as shown below and click Apply:
Click the Details tab, and scroll down to Miscellaneous section. On the OSInstall value, type NO and click OK:
Right click Database and select Configure Database Rules. On the Configure DB Wizard page, select the first option to query for computer-specific settings only:
Click Next and Deselect All for Location Options. Repeat this for the remaining pages till you reach the confirmation page.
Check your customsettings.ini and it should look as below:
When you try to run an operating system deployment from an unauthorized machine, you would get a similar error to the one at the top of this article.
On the other hand, if you are performing a zero touch installation (ZTI) with Configuration Manager, the steps would be similar to LTI but you would need to add a Gather step to read customsettings.ini at the beginning of your task sequence.
From the configuration manager console, expand Operating System Deployment and click on Task Sequences. Right click your desired task sequence and click on Edit.
Place your cursor on the Initialization group, click on Add, select MDT and click Gather.
Select Gather local data and process rules and browse to your Settings package that was created prior to the task sequence creation. On the Rules file field, type CustomSettings.ini:
Machines with MAC address not listed for deployment will get the following error:
You can also deny the installation at the PXE level by adding a string value MACIgnoreListFile to the registry of the PXE server. This key should reference a text file placed on the same server which lists the MAC addresses to be ignored for PXE boot:
On a 32-bit system, the registry key needs to be created at HKLM\Software\Microsoft\SMS\PXE. On a 64-bit system, the registry key needs to be created at HKLM\Software\Wow6432Node\SMS\PXE.
Machines listed in the text file would get the following error when booting from the PXE:
Conversely, you can allow only specific MAC addresses to boot from a PXE server. To do so, from the configuration manager console, expand your Site Settings, select your site server, right click your PXE service point and click on properties.
Under Interfaces, select “Respond to PXE requests on specific network interfaces” and add your MAC addresses as shown below:
In this post series I went through step by step into System Center Operations Manager 2007 R2 starting from “Pre-Build”, then I continued with “Installing Operations Manager Database”, followed by another post “Installing Root Management Server”, then “Configure GPO for SCOM”, then followed by “Configuring SQL Reporting Service”, then followed by “Installing Data Warehouse Database”, then followed by “Installing Audit Collection Service” and lately followed by “Download and Import Management Pack”
In this post I will go through basic configuration in System Center Operations Manager 2007 R2, and the focus in this post will be on Discovering Windows Computer and Deploy SCOM Agents,
On the What do you want to manage page, Click and select Windows computers then Click Next
On Auto or Advanced page, do the following:
· Select Advanced discovery
· Select Servers Only in the dropdown list
· Select a Management Server SCOM.contoso.com· Click Next
On the Discovery Method page, Select Scan Active Directory and Click Configure.
On Find Computers dialog box, Select the Role Any and click OK
On the Discover Method page, Click Next
On the Administrator Account page, Check Use selected Management Server Action Account and Click Discover
On the Select Objects to Manage page, select the computers to manage and click Next
9.
On the Summary page, confirm the Agent installation directory, Select Local System and Click Finish
10.
Close the Agent Management Task Status dialog box
In the next posts I will continue go through the main configuration areas in Operations Manager 2007 R2, starting with Discovering Unix\Linux Servers and Deploy Agents.
Master Data Services, also known as MDS, is one of the key business intelligence features being introduced with SQL Server 2008 R2. The basic goal of Master Data Services is to provide a single authoritative source for information within your enterprise.This information can then be used by other applications and databases so that every application in your environment is always looking at a single authoritative copy of the same information.In this series I will introduce this feature to you and I will share with you our industry standards , my practices and my experience in this area.
Before you can use Master Data Services, you need to install it. This requires a 64-bit server because the MDS installer in only available in a 64-bit build. Yet , I dedicate this post to the installation for SQL Server 2008 R2 Master Data Services .
Supported 64 bit operating systems include:
Supported 64 bit SQL Server editions include:
Master Data Services requires .NET Framework 3.5 SP1 or later. If you do not already have .NET Framework 3.5 SP1 installed on your computer, Setup will install it before installing the Master Data Services components and tools.
If PowerShell 1.0 or above is not installed on the operating system, MDS Configuration Manager will not be able to perform all operations.
If IIS7 or above is not installed on your computer, the Web Configuration selection will be disabled in Configuration Manager.
Master Data Services requires installation of the Web Server (IIS) role and the following IIS role services:
Master Data Services requires installation of the following features on the host server:
Navigate to the MasterDataServices.msi located in the \1033_enu_lp\x64\setup directory and double click on the file to start the installation and follow the installation wizard per the below screen shots.
Click Run
Click Next to continue
Review the license Agreement and Click Next to continue
Enter Name and Company
And then Click Next to continue
Define the installation path and Click Next to continue
Click install to start the installation
Click finish
Create and configure the Master Data Services database. .
Click on the Create Database button on the left side
Enter SQL Server Instance name , select your authentication type and type your user name and password
Type the Database Name
Enter the windows account that you will grant permission to the master data services database. this account will be used by the master data services web sites and web services to connect to the database.
Enter the account that you want to grant permission for administration
Click Finish to exit the wizard
Create and configure the Master Data Manager Web application. .
Associate the Master Data Services database and Master Data Manager Web application
In my previous post (Deleted SCOM Default Management Pack), I have discussed that how to restore your complete SCOM Console view, if the Default Management Pack is deleted somehow. Here I am discussing how to avoid this deletion and how to remove those Management Packs which have dependencies on Default Management Pack. When you create an override and don’t save it to a custom Management Pack it will by default save to the Microsoft.SystemCenter.OperationsManager.DefaultUser.xml management pack.
Here is how you can remove the dependencies on a Management Pack. But first of all please take backup you Management Packs.
Related post:
Deleted SCOM Default Management Pack (http://blogs.technet.com/b/meamcs/archive/2011/08/21/deleted-scom-default-management-pack.aspx)
Sometime you do some mistakes which look very distractive, and seem that you have done something which can be a terrifying, but most of the time solution or recovery is a matter of few clicks. One mistake is that if you have deleted SCOM Default Management Pack, while you were removing another Management Pack which has the dependency of Default Management Pack. Once Default Management Pack is deleted then what will you see… are you missing Active Alerts, Discovered Inventory and a few other things under the Monitoring pane?
Remember before deletion of Default Management Pack monitoring used to look like this?
And after deleting Default Management Pack, I bet, if you have deleted you are familiar with this....
So relax your panic no longer, because it is very easy to fix, as I said earlier some a matter of few clicks. The same thing happened to me, and I spent few hours or so trying to find out how to fix this issue. I found fragments of information, and finally I sort matter and fix it.
When you delete the default management pack (for whatever reason), you also delete some of the default views that are associated with it.
The solution is quite easy – you have to manually import the Default Management Pack. Import a management pack as you normally would, but navigate to the directory where you have System Center Operations Manager installed. Look for the Microsoft.SystemCenter.OperationsManager.DefaultUser management pack. In my server tis was located in C:\Program Files\System Center Operations Manager 2007.
Click Open, then click Install (as per the below diagram).
Then click Close
After that Close the SCOM Console and Re Open it,
So be happy, you got all your SCOM views back again.
Removing SCOM Management Pack Dependencies (http://blogs.technet.com/b/meamcs/archive/2011/08/21/removing-scom-management-pack-dependencies.aspx)
In this post series I went through step by step into System Center Operations Manager 2007 R2 starting from “Pre-Build”, then I continued with “Installing Operations Manager Database”, followed by another post “Installing Root Management Server”, then “Configure GPO for SCOM”, then followed by “Configuring SQL Reporting Service”, then followed by “Installing Data Warehouse Database”, and then followed by “Installing Audit Collection Service”
In this post I will go through basic configuration in System Center Operations Manager 2007 R2, and the focus in this post will be on Management Packs Download and Installation,
User local administrator privileges to log on to the SCOM 2007 R2 Root Management Server [Member of "OpsMgrAdmins" Group]. This account must also have system administrator privileges on the instance of SQL Server that will host the Operations Manager 2007 R2 database
Open System Center Operations Manager console and do the followings:
· Expands Administration
· Right Click Management Packs
· Select Download Management Packs from the popup menu
On the Select Management Packs, Click Add and Select the Download folder.
On the Select Management Pack from Catalog page, Select All management packs in the catalog under view and click Search.
Select All Required Managements Packs and click Add.
Click OK.
On the Select Management Packs page, Click Download.
When the Management Packs are downloaded, Click Close.
· Select Import Management Packs from the popup menu
On the Select Management Packs page, Click Add and Select Add from disk from the menu
Select the Management Packs to import and click Open
11.
Click Install
12.
Click Close when the Management Packs are Imported.
In the next posts I will continue go through the main configuration areas in Operations Manager 2007 R2.
In this post series I went through step by step into System Center Operations Manager 2007 R2 starting from “Pre-Build”, then I continued with “Installing Operations Manager Database”, followed by another post “Installing Root Management Server”, then “Configure GPO for SCOM”, then followed by “Configuring SQL Reporting Service”, and lately followed by “Installing Data Warehouse Database”.
In this post I will cover the installation of Audit Collection Service (ACS),
Log on as local administrator privileges to log on to SCOM Server. This account must also have system administrator privileges on the Operations Manager 2007 R2 database for the management group
On the Operations Manager 2007 R2 installation media, double-click the SetupOM.exe file, On the Start Page, Click Install Audit Collection Server
On the Welcome page, Click Next.
On the End-User License Agreement page, accept the agreement, and then click Next
On the database Installation Option, Click Create a new database and Click Next
On the Data Source page, provide the Data source name as OpsMgrAC and Click Next
On the Database page, do the followings:
a. Select Remote Database Server
b. Provide the Server Name as SCOMDB
c. Provide the Database name as OperationsManagerAC
d. Click Next
On the Database Authentication page, Select Windows authentication and Click Next
On the Database Creation Options page, Select Use SQL Server’s default data and log file directories and Click Next (If SQL installed on default installation drive C:\ then you should chose to Specify directories where AC Database will be created)
On the Event Retention Schedule page, provide a Schedule and Click Next, (It was suggested to have 14 to 30 days retention period for ACS)
On the ACS Stored Timestamp Format Select Local and Click Next
On the Summary page, Click Next
On the following Page, Click Finish
In the next posts I will go through the main configuration areas in Operations Manager 2007 R2.
In this post series I went through step by step into System Center Operations Manager 2007 R2 starting from “Pre-Build”, then I continued with “Installing Operations Manager Database”, followed by another post “Installing Root Management Server”, then “Configure GPO for SCOM”, lately followed by “Configuring SQL Reporting Service”,
In this post I will cover the installation of Data Warehouse Database that is store all Data for Operations Manager Reporting.
SQL 2008 Reporting Service should be installed and configured before starting Operations Manager 2007 R2 Reporting installation,
Use local administrator privileges to log on to SQL Server. This account must also have system administrator privileges on the instance of SQL Server that will host the Operations Manager 2007 R2 Reporting database
Launch SetupOM.exe from installation folder. Click Pre-requisites under Prepare. Select data warehouse and confirm it passes all pre-requisite tests. Then click Close. Under Install click Install Operations Manager 2007 R2 Reporting.
On the Welcome page, Click Next
On the End-User License Agreement page, accept the agreement and then click Next.
On the Product Registration page, provide the User and Organization names and Click Next
On the Custom Setup page, Select Data Warehouse and Reposting Server as Available locally and Click Next.
On the Connect to the Root Management Server page, provide the RMS name (MIS_SCOM) and Click Next
On the SQL Server database Instance page, Select the Instance from the dropdown list and enter the SQL Server Port (1433 is the default). Then Click Next
On Database and Log File Options
1) Keep Database Name as default OperationsManagerDW.
2) Set the database size for example 200000 MB
3) Click Advanced.
(Optional if need to move Database Warehouse to different drive and Logs in different drive as recommended, however if there is no enough resources as in Coca Cola Egypt case then use the available disk drives) Under Look in: Select U: drive and under Folder name type U:\Data
On the SQL Server Reporting Services Instance, Select the Instance from the dropdown list and Click OK
On the Data Warehouse Write Account page, Provide the DWHWrite credentials and Click Next
This account was created before
On the Data Reader Account page, Provide the DWHRead credentials and Click Next.
This account was created before.
13.
On the Operational Data Reports page, Click No and then Click Next.
14.
On the Ready to Install the Program page, Click Install
15.
On the following page, Click Finish
In the coming post I will go through the steps to installing Audit Collection Service...
There are a very huge changes and enhancements from SCCM 2007 in Configuration Manager 2012, in this post series I will go through the main new changes and enhancements in System Center Configuration Manager 2012,
I will start in this post with addressing the main areas of changes as the following:
In this area there is a big change related to setup options like Site Recovery which is integrated in Configuration Manager 2012 Setup Wizard, also no more Setup Option to install secondary sites and secondary site can only be installed from the Configuration Manager 2012 console.
The new SCCM 2012 Console is totally different from SCCM 2007 console, and the new console become more easier than before and looks like Operations Manager Console, the new console provides allot of benefits and as an example of these new benefits is Role Based Administration which allow a certain Administrator to see only the objects that he is allowed to see as defined by role-based administration.
There are allot of changes from SCCM 2007 in SCCM 2012 related to Sites and Hierarchies, one of these changes in site mode, sites are no longer configured for mixed or native mode, instead you secure client communication endpoints by configuring individual site system roles to support client connections over HTTPS or HTTP.
There are some changes in Client Deployment and Operations, and as an example of these changes is that in Configuration Manager 2012 you can easily include or exclude the contents of another collection from a specified collection, also Software updates can be monitored now from Administrator Console to provide the following: Key software updates compliance and deployment views. Detailed state messages for all deployments and assets. Software updates error codes with additional information to help identify issues. Status for software updates synchronization. Alerts for key software updates issues.
There are some changes in Client Deployment and Operations, and as an example of these changes is that in Configuration Manager 2012 you can easily include or exclude the contents of another collection from a specified collection, also Software updates can be monitored now from Administrator Console to provide the following:
There is new features available in SCCM 2012 that provide improvements to Software updates deployment process, including Automatic Approval and Deployment for Software updates, so no more Administrative Action to approve updates from SCCM, This plus other new features in SCCM 2012 related to Software Deployment.
There is new features available in SCCM 2012 that provide improvements to Software updates deployment process, including Automatic Approval and Deployment for Software updates, so no more Administrative Action to approve updates from SCCM,
This plus other new features in SCCM 2012 related to Software Deployment.
There are some enhancement in SCCM reporting and Monitoring, and one of the new monitoring features is “Alerts” which provide near real-time awareness of current site operations and conditions in the Configuration Manager console. There is really a big change and enhancement in System Center Configuration Manager 2010 from 2007. In the coming posts I will go through the details of each area and the related changes, enhancements and new features in SCCM 2012, and how to use each new feature in SCCM 2012. Note: This information is prerelease information and maybe some changes and updates can be found in RTM version later. Related Posts: Configuration Manager 2007 R3 Dynamic Collection http://blogs.technet.com/b/meamcs/archive/2011/01/23/system-center-configuration-manager-2007-r3-dynamic-collection.aspx Configuration Manager 2007 R3 Power Management Part1 "Overview": http://blogs.technet.com/b/meamcs/archive/2011/01/09/system-center-configuration-manager-2007-r3-power-management-part1-overview.aspx Configuration Manager 2007 R3 Power Management Part2 "Update Clients for Power Management": http://blogs.technet.com/b/meamcs/archive/2011/01/11/system-center-configuration-manager-2007-r3-power-management-part-2-update-clients-for-power-management.aspx Configuration Manager 2007 R3 Delta Discovery http://blogs.technet.com/b/meamcs/archive/2011/01/23/system-center-configuration-manager-2007-r3-delta-discovery.aspx Step-by-Step how to Audit Configuration Manager 2007 Activities: http://blogs.technet.com/b/meamcs/archive/2011/01/17/step-by-step-how-to-audit-configuration-manager-2007-activities.aspx
There are some enhancement in SCCM reporting and Monitoring, and one of the new monitoring features is “Alerts” which provide near real-time awareness of current site operations and conditions in the Configuration Manager console.
There is really a big change and enhancement in System Center Configuration Manager 2010 from 2007.
In the coming posts I will go through the details of each area and the related changes, enhancements and new features in SCCM 2012, and how to use each new feature in SCCM 2012.
Note: This information is prerelease information and maybe some changes and updates can be found in RTM version later.
Configuration Manager 2007 R3 Delta Discovery http://blogs.technet.com/b/meamcs/archive/2011/01/23/system-center-configuration-manager-2007-r3-delta-discovery.aspx
Step-by-Step how to Audit Configuration Manager 2007 Activities: http://blogs.technet.com/b/meamcs/archive/2011/01/17/step-by-step-how-to-audit-configuration-manager-2007-activities.aspx
One of the best features in Operations Manager 2012 is network monitoring. Out of the box, Operations Manager gives you the opportunity to discover and monitor your network environment. In addition, you can execute reports against your network devices in a simple and single pane.
It is good to start by running a discovery against our network devices. For that purpose, go to the Administration tab and click on Discovery Wizard
Select Network Devices, and click on Next
On the General Properties page, enter a Name and a Description for the discovery rule. Under Select a management server or gateway server, select a server from the available servers’ list.
It is important to note that the selected server must have SNMP or ICMP access to the network device it is going to discover.
Under Select a management Pool, select a pool from the Available pools and click on Next
Resource Pool is another feature in Operations Manager 2012 which supports high availability. You will now have the option to select one or many management servers, group them in a pool, and assign your network devices to be monitored by the pool. If a server goes down from that pool, it will automatically failover any monitoring that is occurring on that management server to the other members of the pool.
Out of the box, All Management Servers Resource Pool is created which includes all management servers.
On the Discovery Method page, select Explicit discovery if you know which devices you want to discover. On the other hand, select recursive discovery if you don’t know much about your devices and thus you wish to do a recursive discovery starting from few discovered network devices.
On the Default Accounts page, we will create a Run-As account. Click on Create Account and then on Next. Provide a display name and a description as shown below:
Click on Next and provide a read-only community string
Click on Create.
The interesting aspect is that if you have a large number of devices which require different community strings, you can specify them here.
Click on Next and on the Devices page, and then click on Import if you wish to import your network devices from a text file or click on Add to add your devices one by one.
On your Add a device page, type your device FQDN or IP address and select the Access mode and the SNMP version you want to use.
In the SNMP V1 or V2 Run As account, select the appropriate community string, or choose Use selected default accounts if you wish Operations Manager to do the matching for you and create the 1:1 relation between the network device and the community string. This is very useful if you are importing a large number of network devices that use a number of community strings.
Click Ok and then Next.
On the Include filters page, you can filter the discovered network devices in the case of a recursive discovery and filter them by device type as shown below:
Select the network device type you wish to include, click on Ok and then Next.
On the Exclude filters page, you can specify a network device type to be excluded from the discovery. The list of network device type looks similar to the one shown above.
Select the devices you wish to exclude, click on Ok and then Next.
On the Schedule Discovery page, set the scheduled date and time for running the discovery rule or select Run the discovery rule manually to run the rule manually.
On the Summary page, click on Discover to start the discovery and save the newly created discovery rule.
Once the discovery runs and gets completed, you will be able to quickly view the result of the network discovery by clicking on Discovery Rules in the Administration tab as shown below:
Network Devices that could not be discovered will be placed in the Network Devices Pending Management.
From the monitoring tab, you will find a list of sealed views and dashboards.
By default, the operations manager will monitor the active port/interface, the connection health, the VLAN health, and the HSRP group.
If you click on the VLANs view, and select any VLAN from your discovered VLANs, you will be able to navigate to its specific view or execute a report against it as shown below:
In OpsMgr 2007, you would need to go to the Reporting tab, open the report, look for the object, and add it. Now with OpsMgr 2012, you just need to select the object such as the VLAN, click on your desired report, and the report will open with the selected object being added.
Similar to running a report, you can now run a dashboard in the same way. If you select any view such as the Routers view, select the router object and launch the Vicinity Dashboard from the right pane as shown below:
From the Vicinity Dashboard, you can also run the Network Node Dashboard.
The steps and screens in this article are provided from an Operations Manager 2012 CTP3 version and therefore might change in future releases of the product.
The User Profile Synchronization Service gets stuck on "Starting", and I browse the event log and notice the event 8306 "An exception occurred when trying to issue security token...". I checked the Security Token Service status and realized it was "Security Token Service is unavailable" in Health Analyzer.
When trying to browse the SecurityTokenService application in IIS manager, I got 500.19 Internal Server Error "The requested page cannot be accessed because the related configuration data for the page is invalid" as the following screenshot depicts. Fixed the error which was a redundant module registration (till now I can't figure out how this happened). Just comment out the add tag in the SecurityTokenService's web.config located at “C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\SecurityToken”.
<!-- <add name="WindowsAuthenticationModule" /> -->
Again, tried to kick the User Profile Synchronization Service starting just to notice that it stopped after a couple of minutes. When browsing the event log I noticed event 234 "ILM Certificate could not be created...". Searched for a solution and the best bet was Paul Culmsee's blog post titled "More User Profile Sync Issues in SP2010: Certificate Provisioning Fun". Error 234 will appear if you have already tried to provision the User Profile Synchronization Service before. A self-signed certificate was created as part of FIM provisioning (UPSS) and now you are trying to provision it again (and this entails recreating the certificate). A certificate is already there for FIM and the provisioning code doesn’t check if a certificate is already there, and hence the error.
Run MMC, add the Certificates snap-in, and examine The Trusted Root Certification Authorities store and you will notice that there is already many entries for ForefrontIdentityManager. Delete all ForefrontIdentityManager Certificates.
Now, re-provision the User Profile Synchronization Service Instance on Application Server by running the following PowerShell script. (Copied the script from Spence's fantastic post on UPA)
##uncomment the following Add-PSSnapin line if the snapin is not already loaded
##Add-PSSnapin Microsoft.SharePoint.Powershell
Write-Host “Get the user profile service application” –ForegroundColor Green
$syncDBType = "Microsoft.Office.Server.Administration.SynchronizationDatabase"
$upaSAType = "User Profile Service Application"
$syncDB = Get-SPDatabase | where-object {$_.Type -eq $syncDBType}
$upa = Get-SPServiceApplication | where-object {$_.TypeName -eq $upaSAType}
Write-Host “Unprovision” –ForegroundColor Green
$syncDB.Unprovision()
$syncDB.Status = "Offline"
$upa.ResetSynchronizationMachine()
$upa.ResetSynchronizationDatabase()
Write-Host “Provision” –ForegroundColor Green
$syncDB.Provision()
Write-Host “Restart SP Timer service” –ForegroundColor Green
restart-service SPTimerV4
Write-Host “UPSS re-provisioned successfully” –ForegroundColor Green
Finally, start the User Profile Synchronization Service.