Tasks - FFSMP for SCOM 2007

  • Article

 

Tasks provide centralized control over some basic administrative processes that may be required to troubleshoot or correct problems identified through the Operations Manager 2007 Console. The included tasks are all optional. You can run them manually for selected agent-managed systems. These tasks are not triggered automatically by Operations Manager 2007.

These are the key functions that can be controlled by the tasks on agent-managed systems:

  • Display the Forefront Server Security Administrator or the Forefront Server Security Management Console. See Client console tasks.

  • Set the statistic threshold percentage.

  • Trigger an immediate manual scan job.

  • Trigger an immediate background scan.

  • Control services centrally: stop, start, and restart them.

  • Run scan engine updates.

  • Retrieve scan engine update versions.

Scripts

All tasks execute scripts remotely on the selected agent-managed systems. When you trigger a script-based task from the Operations Manager 2007 Operator Console, it is scheduled to run on the agent-managed systems.

All scripts are written in VBScript and are imported into Operations Manager 2007 as part of the FFSMP installation. These scripts are called by tasks and rules.

Important

You should neither modify these scripts nor run them directly.

To successfully execute VBScript code, agent-managed systems must support the Windows Scripting Host and Windows Management Instrumentation. These requirements are met by default on Microsoft Windows 2000 and Microsoft Windows Server 2003 operating system environments.

Script parameters

Script parameters are variable values that control script functionality. Script parameters are passed to the script by the controlling task when it is initialized from the Operations Manager 2007 Operator Console. All included scripts have at least one script parameter.

Most of the script parameters used in the tasks have been preset with the appropriate value. There are, however, some tasks for which you may need to set or modify a script parameter when the task is executed. Specific parameters are discussed further in these sections: Client console tasks, Set statistic threshold percentage, Immediate manual scan task, Immediate background scan task, Services control tasks, Engine update tasks, Retrieve update version tasks.

Controlling script logging

When scripts are executed, they make entries in a log on the remote agent-managed systems. These entries are simple text records describing each task that was executed and its result. The log file (Tasks.log) is automatically created in the Operations Manager 2007 Logs subfolder under the Microsoft Forefront Security product installation folder. If the file already exists, new entries are appended to it.

This is the path for the Tasks.log file:

<Forefront Product Install Path>\MOMLogs\

For example, the default path is:

C:\Program Files(x86)\Microsoft Forefront Security\Exchange Server\MOMLogs\

Note

If the subfolder or the log file is deleted, it will be recreated automatically on the next log file WRITE action generated by a script.

TextLog parameter

Each scripting task has a parameter called TextLog that controls logging for that task. The default value for the TextLog parameter is True (that is, data should be logged). To disable logging of a particular task, set its TextLog parameter to False when you execute the task. However, since logging is non-verbose and can be very useful, we recommend that it remain enabled.

Running a task

This is the procedure for running a task.

To run a task

  1. Select the Monitoring space on the Operations Manager 2007 Operator Console.

  2. Select the Computers node.

  3. Select one or more computers in the Computers pane. You can use the CTRL and SHIFT keys to make multiple selections.

  4. Right-click and select Windows Computer Tasks. A menu with all available tasks appears; choose the task to be run. If the Actions pane is visible, all of the tasks appear in it; you can click a task to run it. For most tasks, the Run Task dialog box then opens. The Forefront Server Security Administrator and Forefront Server Security Management Console run with no modifiable parameters and therefore do not display the Run Task dialog box.

  5. You can clear any of the server check boxes shown in the Target section, so that the task does not run on those particular servers.

  6. The parameters for the task are shown in the Task Parameters section. You can change them by clicking Override, to display the Override Task Parameters dialog box. Enter the modified value in the New Value field, and then click Override.

    Note

    Most values should not be changed (see the individual tasks to learn more about specific parameters).

  7. You can either use the predefined Run As account or select Other and enter a User Name, Password, and Domain.

  8. If selected, the Task Confirmation indicates that, when this task runs again, the information specified in this dialog box is reused and that the dialog box will not normally be displayed again. If you want to change the parameters at a later time, you can force the Run Task dialog box to appear by right-clicking the task name in the Actions pane and selecting Run Task. This displays Run Task and clears the Task Confirmation.

  9. Click Run to submit the configured task.

Client console tasks

There are two Client Console tasks that can be launched from the Operations Manager 2007 Console. One opens the Forefront Server Security Administrator Console and the other opens the Forefront Server Security Management Console (FSSMC). As there are no configurable parameters for these tasks, neither displays the Run Task dialog box.

  • The Forefront Server Security Administrator task opens the local Forefront Server Security Administrator client by launching FSSAClient.exe from a command line on a pre-configured path.

    Note

    This requires the Forefront Server Security Administrator to be installed on the system where the Operations Manager 2007 Operator Console is running.

  • The Forefront Server Security Management Console task launches a local web browser and opens the Management Console by navigating to https://localhost/FFSMConsole.

Set statistic threshold percentage

Allows you to set the percentage of infected messages received within the last hour to designate a virus outbreak in your organization. The default is 50%. (That is, if more than 50% of the messages received in the last hour were infected, it is considered a virus outbreak and an error event is generated.) This task permits you to change the percentage.

The script for this task accepts two parameters:

  • Threshold. A number representing the percentage of infected messages received within the last hour to designate a virus outbreak. Possible values are 0 to 100; the default is 50.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling script logging.

Immediate manual scan task

The Immediate manual scan task triggers an immediate manual scan job on the selected agent-managed systems.

The script for this task accepts two parameters:

  • ScanID. The value '3' identifies the job as a manual scan. Do not change this parameter.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling script logging.

Immediate background scan task

The Immediate background scan task triggers an immediate background scan job on the selected agent-managed systems to scan mailboxes and public folders. The job starts in approximately one minute from the time the task is launched.

The script for this task accepts two parameters:

  • ScanID. The value '43' identifies the job as a background scan. Do not change this parameter.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling script logging.

Services control tasks

The Services Control tasks control Forefront Security and related services on the selected agent-managed systems.

The tasks are:

  • Restart All. A combination of the Stop All and Start All Tasks.

    Note

    On some environments, services might not restart with the "Restart All" command. This could happen if the task takes over five minutes to stop and restart all of the services. If this occurs, simply use the "Stop All" and "Start All" tasks instead of "Restart All".

  • Restart Essential. A combination of the Stop Essential and Start Essential Tasks.

  • Start All. Starts all Forefront- and Exchange-related services. This is the reverse of the Stop All task.

  • Start Essential. This will start only the required Forefront services. This is the reverse of the Stop Essential task.

  • Stop All. This task will properly stop all Forefront- and Exchange-related services, taking into account any service dependencies.

  • Stop Essential. This task will only stop those services required to stop Forefront. No Exchange services will be stopped.

The script for this task accepts three parameters:

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling script logging.

  • Mode. Has the value 1 (Essential) or 2 (All). Do not change this parameter.

  • Function. Has the value Start, Stop, or Restart. Do not change this parameter.

Engine update tasks

These tasks trigger scan engine updates on the selected agent-managed systems. There is a separate update task for each of the scan engines, plus one for the Worm List.

The script for these tasks accepts three parameters:

  • UpdatePath. Sets the engine update source path. The UpdatePath parameter is initially set to the default Microsoft HTTP update path. If you are not using that path for engine updates you must modify this parameter to reflect the correct one. Enter any valid HTTP or UNC path to an engine update source.

    Note

    If you change the path in the Run Task dialog box when you run an update task, it will temporarily override the default.

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling script logging.

  • Engine. Identifies the engine to be updated. Do not change this parameter.

Retrieve update version tasks

These tasks retrieve engine update versions for the scan engines on the selected agent-managed systems. Each task retrieves and displays a scan engine’s Update Version as an event entry in the Operations Manager 2007 Operator Console.

There is a separate task available for each of the scan engines, plus one for the Worm List.

Note

The Forefront Security Retrieve Update Number script is also automatically triggered as a response to the "UpdateSuccessful" Event Rule. Therefore, when a scan engine is successfully updated, the new Update Version for that engine is automatically retrieved and written as an event to the Operations Manager 2007 Operator console.

The script for these tasks accepts two parameters:

  • TextLog. Sets text file logging. To turn off text file logging, see Controlling script logging.

  • Engine. Identifies the engine to be updated. Do not change this parameter.