I’ve been busy building out various demo scenario’s in my lab and after getting SCOM 2012 humming along, I decided to get to work on some of the cool new dashboard features.

First things first…

PART 1: INSTALLATION AND PRE-REQ’S

What all do we need.

• SCOM 2012 (duh!) – make sure you have the web console piece installed.  You can install it on the same server as the SCOM management server, especially if this is a lab configuration. 

• SCOM 2012 ISO or DVD – you’ll need some files from here to get the OpsMgr SharePoint web parts up and running
• Visio 2010
• Visio & SharePoint 2010 Extensions for System Center 2012
• Windows 2008 & .NET Framework SDK (you’ll need this for a utility to install the Visio trusted add-in into SharePoint – you may already have the files you need…more later…)

So, obviously we need SCOM 2012 running somewhere, that’s a given.

The next thing is to get SharePoint installed.  I opted for SharePoint 2010 Enterprise edition.  We won’t go through the SharePoint install here, but once you get it running, you’ll need to do a few things to get the OpsMgr web parts installed.  The full details can be found here, but I’ll copy in the important part.  http://technet.microsoft.com/en-us/library/hh212924.aspx

You want to go ahead and install just the SCOM console on to your SharePoint server.  This is only if you want to do the Visio integration.  You’ll need the SCOM console installed so that the Visio web drawings that we store in SharePoint can connect to the SCOM RMS server for real-time updates.  If you don’t want to do that part, then no need to install the console.

To deploy the Operations Manager web part

1. Copy the install-OperationsManager-DashboardViewer.ps1 file from the Operations Manager installation folder under Setup\amd64\SharePoint to a location that the SharePoint 2010 Management Shell can access.

2. Open the SharePoint 2010 Management Shell and navigate to the directory where you saved the install-OperationsManager-DashboardViewer.ps1 file.

3. In the SharePoint 2010 Management Shell, type the following command, and then press Enter.

   .\install-OperationsManager-DashboardViewer.ps1 –solutionPath <directory for Microsoft.EnterpriseManagement.SharePointIntegration.wsp> -url <optional, for installing to a specific portal address or website>

   Example that deploys the web part to a specific portal address:

   .\install-OperationsManager-DashboardViewer.ps1 “C:\Program Files\System Center Operations Manager 2012\” http://localhost:4096

   If an error occurs when you run the script, you must disable the RemoteSigned default code-signing execution policy for the SharePoint 2010 Management Shell. To allow the install-OperationsManager-DashboardViewer.ps1 script to run, type the following command, and then press enter:

   Set-ExecutionPolicy Unrestricted

   You will see some confirmation messages, select Y to confirm, and then run the script.

4. Verify that the web part is deployed and activated by performing the following steps:

   1. Open the site http://localhost.
   2. In the Site Actions dropdown menu, click Site Settings.
   3. In the Site Collection Administration section, click Site collection features.
   4. Locate Operations Manager Dashboard Web Part.
      • If the button to the right says Activate, then the feature was not automatically activated during deployment. To activate the web part, click the Activate button.
      • If the button to the right says Deactivate, no steps are required. The Operations Manager Dashboard web part can now be inserted into site pages.

5. If you disabled the RemoteSigned default code-signing execution policy to run the install-OperationsManager-DashboardViewer.ps1 script, you should re-enable it after the script runs. Type the following command and then press enter:

   Set-ExecutionPolicy Restricted

   You will see some confirmation messages, select Y to confirm.

Your output will look something like this:

While we’re dinking around on the SharePoint server, we might as well go ahead and get the Visio integration going as well.  Once these are done, you’re pretty much good as most of the creating dashboards and SCOM web consoles are already configured as a part of the SCOM management server installation.

In the pre-req’s at the beginning of this document I recommended downloading the .NET Framework SDK components.  I did that only because I didn’t happen to have Visual Studio installed anywhere in my demo environment and you’ll need a file called gacutil.exe to get the Visio SharePoint components installed. 

The setup will want to install a massive amount of stuff – like gig’s worth.  You don’t need the whole thing installed if you are just trying to get gacutil.exe like I was.  Here’s the options I chose and I got the file installed I needed.

The next part (configuring the Visio integration) is also pretty straightforward.  It’s tedious, but I didn’t have any issues walking through setup guides that come with the Visio/SharePoint Add-In that you have already downloaded.  These are the 3 files you’ll find in the zip file you’ll download.  There are two other folders in this download – the client add-in (install wherever you are running Visio) and the server piece which doesn’t really install anything – it extracts the files you’ll need to manipulate into a folder on your SharePoint server.  Just follow the directions to get the add-in installed on the client (after Visio is installed of course) and then extract the server side files on the SharePoint server and do what the “Manually Installing the SharePoint Data Provider” file tells you to do.

Once all of that is done, you should be able to see the Operations Manager Add-in in Visio:

You should be able to see the Operations Manager Web Part in SharePoint:

And, when you save a Visio Web Diagram formatted file to a SharePoint document library, it should connect and render real-time data to the Visio diagram.  But, more on that later…

PART 2: SETTING UP DASHBOARDS IN SCOM

First of all, creating new dashboards couldn’t be any easier.  Right-click in the SCOM console on “Monitoring”, select new –> dashboard view and off you go.

First, I decided to create one for the Veeam nWorks VMware management pack.  I decided to use the SLA template.

After you name your dashboard, you’ll be asked to pick from any existing SLA’s you’ve created.

If you don’t have one – you can create one by going to Authoring –> Management Pack Objects.  Creating a SLA is pretty straightforward – it can be trial and error picking the objects and such that you want to monitor, but the good news is – feedback is immediate and the SLA’s are easy to edit and make changes.

Once you have the SLA dashboard created you’ll see it show up in the SCOM console.

Detail view looks like this:

So, the next part was…how do I get this into SharePoint?  Since we’ve already done all the heavy lifting in Part 1, we should be able to connect up to SharePoint, add a new web part to a page and then insert the web console URL for the dashboard view right into the web part.  It’s easy.

First, go to your SCOM web console and get the URL of the dashboard you want to publish.  You would use http://YourScomServer/operationsmanager to connect to the web console.  Click on the dashboard you want to publish and copy the full URL you see in the browser bar:

It will look something like this:

Now, add the Operations Manager Dashboard View Web Part to your page:

You will have to edit the web part after you add it.  Basically, you need to paste that URL you just copied from the console into the appropriate field.  Of course, you can change the title or any other parameters in here as well, if you see fit.

Once you OK the changes here, you should see your web part show up on the SharePoint page:

PART 3: FUN WITH VISIO

Finally, we’ll get to some fun Visio integration.  We’ve already got Visio installed, the SCOM Add-in on the client, we’ve got the SCOM console (not the web console – just the console) installed on the SharePoint server and we’ve configured the SharePoint server so that it can communicate properly with the SCOM RMS server.  We should be good to go.

The easiest way to start messing with this is to open up a diagram view of something in SCOM.  I picked a few components from my vSphere environment I have running in my lab.  Once you get the diagram set the way you want it to appear in Visio, click the Visio icon on the toolbar to export that view into Visio.

Once you get this into Visio, you can totally customize this thing however you want to see it.  You can add new stuff to monitor, change the formatting…whatever.  Now, important here – when you save this file out of Visio…make sure you choose the VISIO WEB DRAWING option.  If you’re going to host this in SharePoint and want to see live data, you’ll need to do this (and this is what we went through all that work on the SharePoint server for…).

Now, you can simply stick that web drawing into a document library in SharePoint.  When you connect to the SharePoint site and click on it – you’ll see it ‘connecting’ to the SCOM RMS server for the latest data.  Pretty cool:

Click on that to get this:

Now, what’s really cool here is…you can click through each of the objects to get more details in the SCOM monitoring view.  It will take you directly to the SCOM web console where you can dig into that particular component.

Pretty dang cool!

Of course, the last option here is to simply make this Visio web drawing a web part.  That’s easy to do as well.  Open the page where you want the web part to go, insert a web part, choose the Visio Web Access web part:

When you edit the web part, it just wants the location of the web drawing we uploaded to the SharePoint site:

Off you go! 

This is one of the most improved upon and compelling features of SCOM 2012 – I hope you enjoy it!

-Ken

One of the great new features in Windows Server 2012 is Data Deduplication.   There’s a cool tool that allows you to see what kind of savings you’d get on a particular volume.  You can see more details on dedup, including this feature here:

http://technet.microsoft.com/en-us/library/hh831700.aspx

When the deduplication feature is installed, the DDPEval.exe tool is automatically installed to the \Windows\System32\ directory. This tool can be copied from any Windows Server® 2012 installation and then run on Windows 7, Windows Server 2008 R2, or Windows Server 2012 systems to determine the expected savings that you would get if deduplication was enabled on a particular volume.

DDPEval.exe can be run using the following command syntax for any given folder. DDPEval.exe supports local drives and also supports evaluating mapped or unmapped remote shares.

One folder that you’d want to try this one for sure is your VMM Library.  Here’s what happened with mine.  Definitely something to think about as you start installing Server 2012 and System Center 2012.  Since VMM 2012 SP1 requires installation on Server 2012, you might want to consider a dedicated volume for the VMM library (if you don’t do that already) and enable dedup.

In my case, I have almost 100GB in my library.  Dedup optimized that to around 16GB at a 82% space savings!

One of the demos that I do in my lab uses an Opalis workflow that is triggered by a SCOM rule watching the security event log on my domain controller for any changes to the domain admins group.  Once the alert gets triggered in SCOM, Opalis picks it up, disables the offending account, removes it from the domain admins group, populates the ‘notes’ field with some text indicating why the account is disabled, closes the alert in SCOM and sends an Exchange email to the administrator.

This blog post describes how to configure the SCOM piece.  If you want to know how to configure the Opalis piece – I created a separate post HERE.

I’ve been asked a number of times how I did this in SCOM.  Here you go.  It’s pretty simple. 

The first thing you’ll have to do – if you haven’t done this already – is to enable auditing on your DC’s.  This is done via GPO.  I won’t cover the details of that here – but this KB will walk you through the process.  Basically, auditing of directory services objects (add/moves/changes) is not enabled by default - you have to do that manually and it's a prerequisite to making this process work properly.

Alright, enough of that...let's head over to the SCOM Admin Console...

Authoring –> Management Pack Objects –> Rules –> Create a New Rule

Essentially what we’re doing here is creating an alert that gets triggered by a specific event id in the DC’s security log.  In our case, it’s 4728 for Server 2008 R2 domain controllers.  If your DC’s are not 2008 R2, the event id is different – you’ll have to look it up.

Here are the steps.  Make sure you create a custom management pack – don’t stick this in the default…it’s not good practice.

Make sure that you select a DC in the ‘target computer’ field:

Data Source is where we configure the event id and parameters – Response is where we configure the description field of the actual event and any other customizations (in our case populating a custom field):

Click the “…” to configure “Parameter 3” – for the values, you’ll just type those in:

By the way – here’s what the actual event log looks like:

You do have options here – what priority level and severity (affects how it alerts in SCOM) and then what you want the alert description to look like.  You can also make changes to the Alert Name which is what you’ll see top line in the ‘alert view’ in SCOM:

In the Custom Fields section, I used #2 and populated that with the text DAACCESS.

I populate CustomField1 with the domain\username information (I use that in the Opalis workflow)

The reason I did this is because that’s how I’m telling Opalis what to look for when an event pops in SCOM.  Now, every time this rule gets triggered and this alert pops in SCOM, Opalis will pick it up and start our workflow.

Good stuff!  Hope this was helpful!

Volume Activation Management Tool (VAMT) 2.0 is a managed MMC plug-in. VAMT uses Windows Management Instrumentation (WMI) to configure managed systems. A convenient command line interface (CLI) allows automated, scheduled VAMT tasks without UI interaction.
Using the VAMT console, administrators can perform many activation-related tasks on remote computers:

• Manage product keys obtained from the Volume Licensing Service Center (VLSC) or other sources including retail and Microsoft subscription programs such as MSDN, TechNet and partner programs -- and product activations using those keys.
• Activate remote systems using Key Management Service (KMS), Multiple Activation Key (MAK) or retail activation methods.
• Perform disconnected proxy activation and reactivation of systems without each system having to connect with Microsoft activation services individually.
• Assist with license compliance by enabling IT administrators to monitor system license state, including whether systems are licensed and running genuine Windows or Office.

http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=11936

Make sure you read the help file for more details – but a common scenario I see is using the tool to figure out how many MAK activations are left on a MSDN/TechNet subscription key.

Here’s how you go about that process:

Add a MAK and determine the remaining activation count

1. Click the Product Keys node under the VAMT node.

2. Find the Add Product Keys pane in the center pane and expand it, if it is minimized.

3. Enter a MAK and click Verify. Once verified, the Edition field will automatically populate.

4. Provide a meaningful description in the Remarks text box and click Add Product Key. The MAK will now be listed in the product key list-view below.

5. Select this key, as well as any additional keys you want to work with.

6. Right-click the selected product keys to display the context-sensitive Actions menu, or choose from the Action menu on the top menu bar, or choose from the Selected Items menu on the right-hand pane.

7. On the menu, click Refresh Product Key Data Online to retrieve the number of remaining activations for the MAKs from Microsoft. This step requires Internet connectivity.

8. The remaining activation numbers are shown under the Remaining Activation column in the center pane.

One of the first things I wanted to play with in my Windows 8 lab was the new data deduplication feature. 

In my case, I decided to make a small volume and see how well it worked with VHD files.  Well, I’m happy to announce that it works pretty well!

First of all, you need to have the File and Storage Services role installed.  Make sure you drill down in there and get ‘data deduplication’ checked.

Once you get that going – you need to configure deduplication on a volume.  It cannot be the C:\ drive.  In my test server I have a giant RAID 5 array so I used disk management to peel off 100GB and created a F:\ drive that I named “DEDUP”.

You can now enable deduplication and configure the options to suit your environment.

It’s important to note that deduplication is not ‘real time’.  The optimization process runs every hour but you can force it to run manually using some simple PowerShell commands.  (This is great for demo’s when you want to copy a file in the directory, for example, and then immedately show the effect of dedup’ing)

You can trigger an optimization job on demand in PowerShell using the Start-DedupJob cmdlet. For example:

PS C:\> Start-DedupJob E: –Type Optimization

You can query the progress of the job on the volume by using the Get-DedupJob cmdlet:

PS C:\> Get-DedupJob

The Get-DedupJob command show current jobs that are running or are queued to run.You can query the key status statistics including the achieved savings on the volume by using the Get-DedupStatus cmdlet:

PS C:\> Get-DedupStatus

In my case, with all VHD files (and a mix of Windows 7, Windows 8 Client and Server), I saw some pretty significant space savings on the dedup’d volume.

Properties on the disk shows me:

What I actually have on the drive:

A Windows 7 VHD @ 7.4GB with 3 copies.  This would use ~22GB without dedup.

A Windows 8 Client CTP VHD @ 9.2GB

A Windows 8 Server VHD @ 9.0GB

So, total I would have seen ~40GB of space used without dedup.

With Windows 8 Deduplication enabled:

Nice job Windows Server team!

Worth noting…in a dual-boot scenario…what happens when you are in another OS and want to access that dedup’d volume?

• Any file that was deduped with server will not be available (You will be able to see the file system Reparse Points that define the optimized file stub for the deduped file)
• Any file that was not deduped will be available