Deploying the SMS 2003 Management Pack

  • Article

Published : January 1, 2005

Before deploying the Microsoft® Systems Management Server (SMS) 2003 Management Pack, review the recommended deployment processes described in Chapter 6: “Deploying Management Packs” in the Microsoft Operations Manager 2005 Deployment Guide. This section provides additional instructions for deploying the SMS 2003 Management Pack.

To deploy the SMS 2003 Management Pack, you must complete the following processes:

  • Deploy the Microsoft® Operations Manager (MOM) agent to all SMS server component computers.

  • Import the SMS 2003 Management Pack into a MOM configuration group.

  • Configure SMS Providers and SMS Site Database servers to so that  MOM agents can proxy for other computers.

  • Run the configuration script on all SMS 2003 RTM server component computers.

  • Complete the recommended test and pilot test tasks.

  • Complete the recommended tuning tasks.

On This Page

Deploying the MOM Agent
Importing the Management Pack
Running Configuration Scripts
Testing and Piloting the Management Pack
Tuning the Management Pack

Deploying the MOM Agent

The MOM agent runs on each computer that MOM monitors. To view the computer groups that the SMS 2003 Management Pack monitors, see the Computer Groups section in this guide. The MOM agent collects monitoring data on the managed computer, applies rules to the collected data, and then sends the resulting data to the Data Consolidator Agent Manager (DCAM). The MOM agent runs as a Microsoft Win32® service named MOM on each managed computer.

To deploy the MOM agent, you can use the MOM installation wizard or SMS software distribution. For details on deploying the MOM agent and using the MOM installation wizard, see Chapter 4: “Discovering Computers and Deploying MOM Agents” in the Microsoft Operations Manager 2005 Deployment Guide.

note.gif  Note
It is recommended that you run the MOM 2005 agent on the SMS Provider computers by using the LocalSystem account or an account with sufficient rights to access the SMS 2003 WMI namespaces root, root\cimv2, root\sms, and the SMS registry key and subkeys.

To determine whether agentless monitoring can be used in your environment, see Agentless Monitoring Support in this guide.

Deploying the MOM Agent Using SMS Software Distribution

You can use SMS 2003 software distribution functionality to install the MOM agent on SMS client computers. To do so, you will complete the usual steps to deploying software, including creating a package source folder, creating an SMS program, and advertising the program to SMS clients.

Create the Package Source Folder

  1. Locate the MomAgent.msi from the \Microsoft Operations Manager 2005\x86 folder.

  2. Place the MomAgent.msi file in the package source folder.

  3. Propagate the package source folder to distribution points.

Create the SMS Program and Advertisement

  1. Create an SMS software distribution program using the command line shown below. The quotation marks are required, and the word “Full” must use uppercase and lowercase as shown in the code sample below.

    note.gif  Note
    Some parts of the following code snippet have been displayed in multiple lines only for better readability. These should be entered in a single line.

    2. 



msiexec /i MOMAgent.msi /qn /l*v %temp%
\AgentfullControl.log

AM_CONTROL="Full"
CONFIG_GROUP="<your_MOM_Management_Group_Name>"

MANAGEMENT_SERVER="<MOM_Server_Name>"



    

  1. Advertise to clients. After installing the MOM agent using SMS software distribution it is possible to add the computer to additional management groups.
    

    note.gif  Note
    
Using software distribution in a cross-forest scenario does not work, for instance, if a client resides in one forest and the MOM server resides in a different forest. This is because the local system account is used as the action account on the client, and this account is unable to connect to a MOM server in an untrusted domain for configuration information. A workaround for this scenario is to use a software installation account.
    

    2. 



Use SMS software distribution to add your managed computer to additional management groups


    

  1. After installing the MOM agent using software distribution, verify that the MOM agent has successfully installed on the target computers and is sending data to the MOM server. You can then create a new software distribution program by using the same package that contained the MomAgent.msi program, with the following program command line:
    

    note.gif  Note
    
Some parts of the following code snippet have been displayed in multiple lines only for better readability. These should be entered in a single line.
    

    2. 



msiexec /i MOMAgent.msi /qn /l*v %temp%
\AgentfullControl.log

AM_CONTROL=”Full”

CONFIG_GROUP_OPERATION="AddConfigGroup"
CONFIG_GROUP=” <Second config group name>”

MANAGEMENT_SERVER=”<Your Management Server>”



    

  1. Advertise this program to the same client collection that received the advertisement for the MOM agent.
    

    2. 

  2. Verify that your target computers have populated the correct computer groups in the MOM Administrator console.
    

    3. 



Configuring Agent Computers to Run in Low Privilege Scenarios


Monitoring functionality on an agent computer is provided by the MOM Service (MOMService.exe), MOM Host (MOMHost.exe) and the Agent Action Account. On Microsoft Windows® 2000, the Action Account must be a member of the local administrators group. On Microsoft Windows™ 2003, you can use a low-privileged account for the agent’s Agent Action Account under certain circumstances. However, configuring the Action Account and the user context that the MOM Service and MOM Host process run under with the necessary rights and permissions to run the SMS 2003 Management Pack features requires significant manual configuration on the agent computer. On Microsoft Windows Server™ 2003, the Agent Action Account must have the following minimum user rights and permissions:


    

  • Member of the Local Users group
    

    • 

  • Access to Windows Event Logs
    

    • 

  • Manage auditing and security log permission (SeSecurityPrivilege)
    

    • 

  • Generate security audits” permission (SeAuditPrivilege)
    

    • 

  • Allow log on locally permission (SeInteractiveLogonRight)
    

    • 



In a low-privileged scenario, the SMS 2003 Management Pack requires that the account used for the Agent Action Account have additional rights and permissions. The following table details the access rights that must be configured manually.


Table 3   Access Types Required By the SMS 2003 Management Pack












Resource


Access Type


Instructions








Windows Event Log


Read


The Action Account must be given the Manage auditing and security log privilege using Local or Global Policy.






SMS registry keys


Read


HKLM\Software\Microsoft\SMS 


Add the Action Account to the registry properties and provide read access that is inherited by all subkeys.






Win32 Services registry keys


Read


HKLM\System\CurrentControlSet\Services


Add Action Account to the local users group.






Script generated temp files


Read and Write


%Windir%\Temp


Add Action Account to the local users group.






Script generated log files


Read and Write


%Windir%\Microsoft Operations Manager


Add the Action Account to the folder properties.






SMS log files


Read


\SMS\Logs


Add the Action Account to the folder properties.






WMI namespaces


Read


root and root\cimv2


No action should be required.






SMS WMI namespaces


Read


No action should be required.






SMS WMI classes


Read


SMS_Site


SMS_R_System


SMS_SystemResourceList  SMS_SiteSystemSummarizer  


Add the Action Account to the class for all instances






Security login rights to the default instance


Grant access


For the default instance on a managed SQL Server computer, the Action Account must be given Grant access rights for security logins. In SQL Server Enterprise Manager, add the Action Account to the following node: instancename\Security\Logins.






Access to the Master database on the default instance (required to identify the SMS Site database)


Permit


For the default instance on a managed SQL Server computer, the Action Account must be given permit access to the Master database. In SQL Server Enterprise Manager, add the Action Account to the following node: instancename\Databases\Master\Users.


Keep all default permissions associated with this new user.






Access to the SMS Site database on  the default instance


Permit


For the default instance on a managed SQL Server computer, the Action Account must be given permit access to the SMS Site database. In SQL Server Enterprise Manager, add the Action Account to the following node: instancename\Databases\<SMS site>\Users.


Keep all default permissions associated with this new user.







Importing the Management Pack


In addition to the general recommendations for Management Packs that are described in Chapter 6: “Deploying MOM 2005 Management Packs” in the Microsoft Operations Manager 2005 Deployment Guide, this section lists importing tasks that are appropriate for the SMS 2003 Management Pack.


Using the Import Options


There are two import options available: update and replace. The Update Existing Management Pack option allows company knowledge to be retained under a rule group. The Replace Existing Management Pack option deletes and replaces current rules with the imported rules. Copied rules are also deleted, unless they are copied to a location outside the Management Pack folder.


Update Option


There might be circumstances when you want to preserve customizations to your Management Packs, regardless of whether you are merging or replacing it with a newer version. This option renews an existing Management Pack. With the new version, user-modified rules, scripts, data providers, and computer groups on vendor-shipping rules are overwritten, but the following are retained:


    

  • User-added company knowledge on vendor-shipping rules.
    

    • 

  • User modifications to the default state of rules (enabled or disabled).
    

    • 

  • User-added custom rules.
    

    • 



This option is recommended if you want to completely synchronize the existing Management Packs with the latest version, and retain company knowledge, enabled or disabled settings, and custom rules. Because the Update option does not preserve customizations to vendor-provided rules, other than those to the company knowledge, you must take additional steps to preserve these changes.


The Update Existing Management Pack option replaces current rules with the imported rules by using the rule GUID as the identifier. When you copy a rule, MOM assigns the duplicate rule with a new GUID. Any copied rules are not replaced when importing a Management Packs with the Update option. However, the original rules, and any changes to them, are overwritten.


To preserve customizations to rules, you must copy the rules. You can copy these rules to the same rule group, to another rule group within the Management Pack folder, or to a rule group outside the Management Pack folder. Using the Update option does not overwrite these copied rules. The company knowledge is always preserved when using the Update option.


Important Considerations When Using the Update Option


The SMS Management Pack Update includes a number of changes to improve processing performance. One change is that the SMS site database is now queried directly for status messages, rather than the SMS Provider. To accomplish this, the rules supporting status message monitoring previously contained in the SMS Providers rule group have been deleted and recreated in the SMS Site Database Servers rule group, so that they will be applied to the computer hosting SQL Server and the SMS site database.


caution.gif  Caution

Any custom knowledge or tuning for these rules will be lost after importing the management pack. Customers should take note of all custom knowledge and tuning settings prior to importing the management pack. This custom knowledge and tuning will need to be reapplied to the rules after updating the existing Management Pack.


Custom knowledge and tuning contained in other processing rule groups is not affected.


Another important new consideration when using the Update Existing Management Pack option involves Windows Management Instrumentation (WMI). Because service monitoring now leverages the MOM Service Availability feature, all of the previous rules for monitoring services based on Windows Management Instrumentation (WMI) Event providers have been deleted.


note.gif  Note

The WMI providers associated with the deleted rules for monitoring services must be manually deleted. See Table 5: WMI Providers To Manually Delete.


Table 4   Rules Deleted When Using Update Option












Rule name


Enabled/Disabled


Deleted?








SMS 2003 service stopped: SMS Agent Host


Enabled


Yes






SMS 2003 service started: SMS Agent Host


Enabled


Yes






SMS 2003 service stopped: SMS Client Service


Enabled


Yes






SMS 2003 service started: SMS Client Service


Enabled


Yes






SMS 2003 service stopped: SMS Agent Host


Enabled


Yes






SMS 2003 service started: SMS Agent Host


Enabled


Yes






SMS 2003 dependent service status: Windows Management Instrumentation


Enabled


Yes






SMS 2003 dependent service cannot be started: Windows Management Instrumentation


Enabled


Yes






SMS 2003 dependent service stopped: Windows Management Instrumentation


Enabled


Yes






SMS 2003 service stopped: SMS_REPORTING_POINT


Enabled


Yes






SMS 2003 service started: SMS_REPORTING_POINT


Enabled


Yes






SMS 2003 dependent service stopped: World Wide Web Publishing Service


Disabled


Yes






SMS 2003 dependent service started: World Wide Web Publishing Service


Disabled


Yes






SMS 2003 dependent service stopped: IIS Admin Service


Disabled


Yes






SMS 2003 dependent service started: IIS Admin Service


Disabled


Yes






SMS 2003 service stopped: SMS_EXECUTIVE


Enabled


Yes






SMS 2003 service started: SMS_EXECUTIVE


Enabled


Yes






SMS 2003 service stopped: SMS_SERVER_LOCATOR_POINT


Enabled


Yes






SMS 2003 service started: SMS_SERVER_LOCATOR_POINT


Enabled


Yes






SMS 2003 service stopped: SMS_SQL_MONITOR


Enabled


Yes






SMS 2003 service started: SMS_SQL_MONITOR


Enabled


Yes






SMS 2003 dependent service stopped: MSSQLSERVER


Disabled


Yes






SMS 2003 dependent service started: MSSQLSERVER


Disabled


Yes






SMS 2003 service stopped: SMS_SITE_COMPONENT_MANAGER


Enabled


Yes






SMS 2003 service started: SMS_SITE_COMPONENT_MANAGER


Enabled


Yes






SMS 2003 service stopped: SMS_SITE_BACKUP


Enabled


Yes






SMS 2003 service started: SMS_SITE_BACKUP


Enabled


Yes







In addition to deleting the rules in Table 5, you must manually delete the corresponding WMI providers. To do this, right-click Providers in the MOM Administrator console and select Delete for each of the providers in the following table.


Table 5   WMI Providers to Manually Delete










WMI Providers








SMS 2003 Agent Host Service stops






SMS 2003 Agent Host Service starts






SMS 2003 Site Backup Service stops






SMS 2003 Site Backup Service starts






SMS 2003 Client Service stops






SMS 2003 Client Service starts






SMS 2003 Executive Service stops






SMS 2003 Executive Service starts






SMS 2003 IIS Admin Service stops






SMS 2003 IIS Admin Service starts






SMS 2003 IIS World Wide Web Publishing Service stops






SMS 2003 IIS World Wide Web Publishing Service starts






SMS 2003 MS SQL Server Service stops






SMS 2003 MS SQL Server Service starts






SMS 2003 Reporting Point Service stops






SMS 2003 Reporting Point Service starts






SMS 2003 Server Locator Point Service stops






SMS 2003 Server Locator Point Service starts






SMS 2003 Site Component Manager Service stops






SMS 2003 Site Component Manager Service starts






SMS 2003 SQL Monitor Service stops






SMS 2003 SQL Monitor Service starts







Replace Option


The Replace Existing Management Pack option replaces an existing Management Pack with the new version being imported.


This option is recommended if you want a fresh install of the latest Management Pack and do not want to retain any user-created company knowledge or custom rules. You can also use this option to import a Management Pack from your test environment to your production environment. Replacing the content results in the following:


    

  • Company knowledge that was added to vendor-provided rules is removed.
    

    • 

  • All user-added custom rules are removed.
    

    • 

  • User-modified rules, scripts, data providers, and computer groups on vendor-shipping rules are overwritten.
    

    • 

  • Views are retained. Delete any views that you want to update.
    

    • 

  • Tasks are retained. Delete any tasks that you want to update.
    

    • 



Objects outside of the rule groups that are no longer in the build are not removed as part of the replace option and must be manually removed. These include computer groups, computer attributes, providers, scripts, operators, tasks, and notification groups.


To preserve customizations to rules, you must copy the rules to another rule group outside the Management Pack. Using the Replace option does not overwrite these copied rules.


note.gif  Note

The SMS 2003 Management Pack has a subset of rules that are disabled by default. You must enable the appropriate rules after importing.


Running Configuration Scripts


Modifying MOM Information About SMS 2003 (Only) Site Systems


The SMS 2003 Management Pack contains two Microsoft Visual Basic® scripts to create, remove, or modify operations management information about each SMS 2003 site system.


    

  • SMS 2003 Manage Site Systems Operations Management Information - Automatic
    

    • 

  • SMS 2003 Manage Site Systems Operations Management Information - Manual
    

    • 



Running either of these scripts modifies the registry to allow the SMS Management Pack to identify SMS 2003 site system roles that existed in earlier releases. It is not necessary to run these scripts on SMS 2003 SP1 systems.


The operations management information is located in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Operations Management registry key. The registry modifications also allow the SMS Management Pack to report information about distribution points and central site servers. You must run the script to modify the operations management information every time you add or remove a SMS 2003 RTM site system or change the roles that a site system performs. The script can add roles to, or delete roles from, the operations management information about all SMS 2003 site systems or from just one computer. Running the script on SMS 2003 SP1 is not necessary because the operations management information is automatically maintained.


If you do not modify the operations management information on the site systems by running one of the scripts, the following SMS 2003 computer groups are not populated:


    

  • Microsoft SMS 2003 Central Site Servers
    

    • 

  • Microsoft SMS 2003 Client Access Points Servers
    

    • 

  • Microsoft SMS 2003 Component Servers based on SMS Executive
    

    • 

  • Microsoft SMS 2003 Distribution Point Servers
    

    • 

  • Microsoft SMS 2003 Providers
    

    • 

  • Microsoft SMS 2003 Sender Servers
    

    • 

  • Microsoft SMS 2003 Servers
    

    • 

  • Microsoft SMS 2003 Site Database Servers
    

    • 



Before you run the scripts, you must copy them from the MOM Administrator console, paste them into text files, and save those files with .vbs file name extensions.


To create executable versions of the scripts


    

  1. In the MOM Administrator console, navigate to Microsoft Operations Manager, Rules, Advanced, and then click Scripts.
    

    2. 

  2. In the Details pane, double-click the script that you want to save.
    

    3. 

  3. In the Script Properties dialog box, click the Script tab.
    

    4. 

  4. To select all the text in the script, press CTRL+A.
    

    5. 

  5. To copy all the text to the Clipboard, press CTRL+C.
    

    6. 

  6. Paste the text into a text editor, such as Notepad, and then save the script with a .vbs file name extension.
    

    note.gif  Note
    
Some text editors automatically append a .txt file name extension to all documents. Therefore, verify that the file name extension is .vbs. You might want to save the script or a copy of it to the server where you are running the script.
    

    7. 



To view which site systems currently have the MOM registry key


    

  1. In the MOM Operator console, navigate to Public Views, Microsoft Systems Management Server (SMS) 2003, and then click General.
    

    2. 

  2. Click All SMS 2003 Versions detected in the last 24 hours, and then note the systems listed in the Details pane.
    

    note.gif  Note
    
This information is as current as the last Computer Attribute scan.
    

    3. 



Security Requirements to Run the Scripts


When you log on to run the Visual Basic configuration script, you must use an account that has sufficient permissions to access to all SMS 2003 site systems to be modified. Administrator accounts can make all necessary modifications because they have more than the necessary permissions. At a minimum, the account requires the following permissions on the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS registry key:


    

  • Query Value
    

    • 

  • Set Value
    

    • 

  • Create Subkey
    

    • 



To remove a site system, the account requires the following minimum permissions on the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS registry key:


    

  • Query Value
    

    • 

  • Delete
    

    • 



Running the Scripts


To modify site systems individually, run the SMS 2003 Manage Site Systems Operations Management Information - Manual script locally on each site system. This is recommended only in limited situations because it is inefficient. To modify all SMS 2003 site systems automatically, run the SMS 2003 Manage Site Systems Operations Management Information - Automatic script on a server with the SMS Provider installed.


The SMS Provider resides on either the site server or on the computer where the SMS site database is installed. You designated the SMS Provider location during the installation of SMS.


You can run the automatic script on any server with the SMS Provider in the SMS hierarchy, but the script modifies site systems listed in that site’s database only. If you run the script from the SMS Provider computer at the central site, you automatically modify all site systems in the SMS hierarchy. If you run the script from a child site, the script modifies all site systems in that site and all child sites.


Whether you run the manual or automatic script, you must have access to every site system involved, as described in the Security Requirements to Run the Scripts section in this guide.


To locate all SMS Providers in your configuration group


    

  1. In the MOM 2005 Operator console, navigate to Computers and Groups, Microsoft Systems Management Server (SMS) 2003 and then click Computer Groups.
    

    2. 

  2. In the Details pane, in the Computer Group column, double-click Microsoft SMS 2003 Providers.
    

    3. 



Listing Which Site Systems Should Be Marked as SMS 2003 Site System


The automatic script includes the ability to show which systems would be marked as SMS 2003 site systems without actually adding the operations management information to the registry.


To list potential SMS 2003 site systems


    

  1. Log on to a computer in the SMS hierarchy that has the SMS Provider installed. You can modify a greater number of site systems at one time by starting higher in the SMS hierarchy.
    

    2. 

  2. Open the command prompt and change to the directory where you saved your SMS 2003 Manage Site Systems Operations Management Information - Automatic.Vbs script.
    

    3. 

  3. At the command prompt, type the following:
    

    Cscript.exe “SMS 2003 Manage Site Systems Operations Management Information - Automatic.Vbs” /LIST
    

    4. 



If you chose not to add the operations management information to all listed systems, you can run the automatic script from a lower-level site in the SMS hierarchy to exclude all sites above it, or you can run the manual script to modify each site system in each site individually.


To modify all SMS 2003 site systems automatically from one central location


    

  1. Log on to a computer in the SMS hierarchy that has the SMS Provider installed.
    

    note.gif  Note
    
The higher the computer is in the SMS hierarchy, the more site systems are modified. Logging on to the SMS Provider computer at the central site detects and modifies all SMS 2003 site systems in all child sites if your account has sufficient permissions to make the modifications. It is not necessary to perform this operation on an SMS 2003 parent site if it is an SMS 2003 SP1 site and all of its child sites are also SMS 2003 SP1. This is because SMS 2003 SP1 maintains the Operations Management information.
    

    2. 

  2. Open the command prompt and change to the directory where you saved your SMS 2003 Manage Site Systems Operations Management Information - Automatic.Vbs script.
    

    3. 

  3. At the command prompt, type the following:
    

    Cscript.exe “SMS 2003 Manage Site Systems Operations Management Information - Automatic.Vbs” /ADD 
    

    4. 



To modify each SMS 2003 site system manually


    

  1. Log on to the SMS 2003 site system that you want to modify.
    

    2. 

  2. At the command prompt, type the following:
    

    Cscript.exe “SMS 2003 Manage Site Systems Operations Management Information - Manual.Vbs” /ADD < ServerRole > < SiteCode > < Version > < SiteType >
    

    Where ServerRole, SiteCode, Version, and SiteType are defined as follows:
    

    ServerRole is the type of site system you are adding. The type of site system must be one of the following and must be delimited with quotation marks as shown:
    

      

    • “SMS Client Access Point”
      

      • 

    • “SMS Component Server”
      

      • 

    • “SMS Distribution Point”
      

      • 

    • “SMS Provider”
      

      • 

    • “SMS Site Server”
      

      • 

    • “SMS SQL Server”
      

      • 

    

    SiteCode is the site code where the site system is located.
    

    Version is the SMS version running on the site server for the specified site code.
    

    SiteType is Central, Primary, or Secondary * *depending on the site server for the specified site code.
    

    3. 



If a computer is performing multiple roles, you must run the manual script multiple times and specify all roles individually. If a computer performs many roles, you might want to create a .cmd file with all the appropriate commands.


To locate the version number for your site


    

  1. In the MOM Operator console, click Public Views. In the Public Views pane, navigate to Microsoft Systems Management Server (SMS) 2003, and then click General.
    

    2. 

  2. Select All SMS 2003 Site Server Versions detected in the last 24 hours.
    

    3. 

  3. In the Details pane, in the Computer column, locate your site server name and note the version in the Value column.
    

    For example, to add an SMS 2003 client access point for site ABC, type:
    

    Cscript.exe “SMS 2003 Manage Site Systems Operations Management Information - Manual.Vbs” /ADD “SMS Client Access Point” ABC 02.50.2780.0000 Primary
    

    4. 



Removing the Operations Management Information That Identifies SMS 2003 Site Systems


These same scripts can be run with an option to remove the operations management registry information, either automatically from all SMS 2003 site systems or locally on each site system. If you change the role assigned to a site system, you must run a script with the /DEL option to delete any roles that are no longer assigned. The automatic version of the script removes all roles, even if they are still applicable.


To remove the operations management information from all SMS 2003 site systems automatically


    

  1. Log on to a computer in the SMS hierarchy that has the SMS Provider installed. The higher the computer is in the SMS hierarchy, the more site systems are modified.
    

    2. 

  2. Open the command prompt and change to the directory where you saved your SMS 2003 Manage Site Systems Operations Management Information - Automatic.Vbs script.
    

    3. 

  3. At the command prompt, type the following:
    

    Cscript.exe “SMS 2003 Manage Site Systems Operations Management Information - Automatic.Vbs” /DEL
    

    4. 



To remove the operations management information for a site system role from an individual system


    

  1. Log on to the SMS 2003 site system that you want to modify.
    

    2. 

  2. At the command prompt, type the following:
    

    Cscript.exe “SMS 2003 Manage Site Systems Operations Management Information - Manual.Vbs /DEL < ServerRole >”
    

    where <ServerRole> is the type of site system that you are removing. The type of site system must be one of the following and must be delimited with quotation marks as shown:
    

      

    • “SMS Client Access Point”
      

      • 

    • “SMS Component Server”
      

      • 

    • “SMS Distribution Point”
      

      • 

    • “SMS Provider”
      

      • 

    • “SMS Site Server”
      

      • 

    • “SMS SQL Server”
      

      • 

    

    3. 



If you are removing multiple roles from a computer, you must run the manual script multiple times and specify each role to be removed. If you are removing many roles, you might want to create a .cmd file with all the appropriate commands.


Updating Site System Roles


If you frequently change site system roles in your SMS hierarchy, you should create a scheduled task on the SMS Provider server to run the automatic script with the /ADD and /DEL options. For an overview of creating scheduled tasks, see Windows Help.


If you change site system roles occasionally, you can run the manual script locally on each SMS 2003 site system. Make sure you run the manual script with the /DEL option to remove any roles that the site system no longer performs.


Modifications from these scripts do not appear until the next MOM managed computers attribute scan, which by default is every 24 hours. To see the results immediately, you can manually initiate the scan on any computer.


Testing and Piloting the Management Pack


In addition to the general recommendations for testing Management Packs that are described in the Microsoft Operations Manager 2005 Deployment Guide, this section lists testing and piloting tasks that are appropriate for the SMS 2003 Management Pack.


Testing Tasks


    

  • Verify that the SMS 2003 computer groups are populated with computers running SMS 2003.
    

    • 

  • After enabling the relevant rules, ensure that the views and reports in MOM are functioning properly. These include views relating to SMS processing rates and SMS backlogs. To view reports you must run the SystemCenterDTSPackageTask in Scheduled Tasks, in order for data to be moved from the MOM Database Server (OnePoint database in SQL Server) over to the MOM Data Warehouse (SystemCenterReporting database in SQL Server).
    

    • 

  • By default, some rules related to other Management Packs, such as the IIS and SQL Server Management Packs, are disabled in the SMS 2003 Management Pack. Depending on what additional Management Packs you have deployed, you should review these disabled rules to identify any rules that you might want to enable in your environment.
    

    • 

  • By default, all performance measuring rules are disabled to minimize the impact on the agent’s CPU, memory, and network resources. These rules can be enabled for more in-depth monitoring of the agent.
    

    • 

  • Some of the SMS scripts that run on an SMS Provider computer, an SMS site database server, or access an SMS site database do not run in agentless mode. Verify that all computers in the Microsoft SMS 2003 Provider and Microsoft SMS Site Database Server computer groups are configured as agent-managed computers. Also, because some of these scripts may proxy events, verify that these agents are configured to enable proxying.
    

    • 



Pilot Testing Tasks


    

  • Verify that the deployment or upgrade process for the SMS 2003 Management Pack completed successfully from the previous version.
    

    • 

  • Verify custom thresholds for your environment.
    

    • 

  • Enable performance rules in stages to evaluate the impact that these rules have on MOM performance.
    

    • 

  • Verify that the SMS 2003 computer groups are populated with computers running SMS 2003.
    

    • 

  • After enabling the relevant rules, ensure that the views and reports in MOM are functioning properly. These include views relating to SMS processing rates, processing totals, and SMS backlogs.
    

    • 

  • By default, some rules related to other Management Packs are disabled. Depending on what additional Management Packs you have deployed, you should review the disabled rules to identify any rules that you might want to enable in your environment.
    

    • 

  • By default, some performance rules are disabled to minimize the impact on the agent’s CPU, memory, and network resources. These rules can be enabled for more in-depth monitoring of the agent.
    

    • 

  • Verify that SMS 2003 script-based events are not generated. These typically indicate problems with access permissions for the script.
    

    • 

  • Verify that the sizing of the DCAM and SQL Server are sufficient for your production load.
    

    • 

  • Verify operations processes and personnel requirements.
    

    • 

  • Verify that paging and e-mail notification is working properly.
    

    • 

  • Verify that the permissions that MOM 2005 is using are sufficient to run properly, without being excessive.
    

    • 

  • If the MOM 2005 agent is not specified to run under the LocalSystem account, then ensure that the minimum security rights have been met. For more information, see the Configuring Agent Computers to Run in Low Privilege Scenarios section in this guide.
    

    • 

  • Verify that the SMS Server and SMS Client roles appear in the State view. Click a computer that is hosting each of these roles and check that components are visible in the instance pane.
    

    • 

  • Verify that SMS Administrator console tasks are working by clicking a task. If the task fails to execute, check that the SMS 2003 SP1 Administrator console has been installed and that the logged on user has logged off, and then logged on again at the completion of the console installation.
    

    • 

  • In the Computers view, click an SMS Server and an SMS Client to verify that the Roles page shows the appropriate role(s) and property data.
    

    • 

  • In the Diagram view, navigate to Systems Management Server (SMS) 2003, click Diagram, and then click SMS 2003 Hierarchy. Verify that all site systems are displayed for sites that have the MOM agent installed locally on their SMS Provider. If a site system does not appear, check the SMS Administrator console to see if the site system was discovered by the site and appears in the All Systems collection.
    

    • 



After you complete your pilot testing, export the SMS 2003 Management Pack to back up the changes that you made to the Management Pack.


Tuning the Management Pack


For optimal monitoring, tune the SMS 2003 Management Pack based on the business needs of your organization. If the existing rules do not meet the needs of your organization, modify them or create new rules.


Start a tuning log for the Management Pack and use the log to keep a record of all configuration changes that you make. For more information about tuning the Management Pack, refer to the Microsoft Operations Manager 2005 Deployment Guide.


note.gif  Note

Always back up the SMS 2003 Management Pack before upgrading or making changes. The MOM Management Pack Import/Export Wizard allows you to back up your Management Pack before upgrading or  you can export and save your Management Pack before making changes.


Tuning can include any of the following:


    

  • Enabling and disabling rules.
    

    • 

  • Assigning unique names to new rules or rules that you copied.
    

    • 

  • Creating new rules.
    

    • 

  • Modifying alert criteria, alert severity, and alert suppression.
    

    • 

  • Setting custom thresholds for rules. All performance threshold rules are configurable. If the default threshold is not optimal, you might receive unnecessary alerts or you might not be alerted because a threshold is set too high for your environment.
    

    For example, if your connections to the SMS site database server are normally higher than 500, you might want to modify the following rule to alert you at a higher threshold:
    

    SMS 2003 Perf Threshold: SMS SQL Connections > 500 over 2 hours
    

    Conversely, you might want to modify the following rule and set a lower threshold because you find that 4,000 software inventory files is an unacceptable backlog in your environment:
    

    SMS 2003 Perf Threshold: MP SINV Backlog > 10,000 over 3 hours
    

    While it is possible to modify a default rule directly, it is better to make a copy of the existing rule, modify the copy, and disable the default rule. This leaves the default rule intact in case you want to use it later. Use the Action menu or the shortcut menu to copy a rule and paste it into the appropriate container. After you paste it, change the threshold and the name of the rule by modifying the rule properties.
    

    • 

  • Configuring inbox monitoring event rule threshold and polling interval.
    

    • 

  • Adding new inbox monitoring event rules. To add a new inbox monitoring rule, copy and rename an existing inbox monitoring rule. Adjust the schedule and modify the two script parameters: FileCountThreshold and InboxDirectoryName. Additionally, you can adjust the file count threshold to meet your requirements.
    

    • 

  • Setting polling intervals for performance measuring.
    

    • 

  • Adding content to the company knowledge.
    

    • 

  • Customizing views, or copying and customizing views in My Views.
    

    • 

  • Customizing responses to alerts by changing or adding new responses to rules or by adding alert processing rules for those alerts.
    

    • 

  • Enabling performance measuring rules on the agent, the server running MOM, and the database generates a large amount of data and might potentially cause performance issues.
    

    Performance measuring rules are disabled by default to allow you to decide whether a potential performance impact is acceptable. Review the performance rules and enable these rules in small batches so you can assess the impact that these rules have on MOM performance, including the size of the database. By default, MOM 2005 does not configure SQL Server to grow automatically.
    

    Also, ensure that your MOM database grooming settings do not impact performance measuring and views and reports. Your database grooming settings should be configured with the schedule for the SystemCenterDTSTask in mind. By default, this task will run once a day at midnight and replicate data from the MOM database to the System Center Reporting database for long term storage.
    

    • 

  • Adding members to default notification groups.
    

    • 

  • Creating additional notification groups as needed in your enterprise. The SMS 2003 Management Pack notifies SMS 2003 server administrators and SMS 2003 client administrators only. If you want the network administrator or any custom network administrator group to be notified about network related alerts, you must manually modify the Response tab for that rule.
    

    • 

  • Creating custom views to view the data that the Management Pack has monitored and collected, based on your rules and alerts. For each public view, select the period for which performance data is displayed in graph mode. Rename View Name and Description as necessary, based on your changes to specified actions of the public view.
    

    For example, if you changed a time period for data collection from a specific date range to in the last 7 days, you should alter the name of the public view to reflect the data you expect to view.
    

    • 

  • Creating My Views by copying a public view to the My View node and modifying the view to specifically address your monitoring requirements. It is recommended that you rename the view and description to map to any changes to specified actions of the public view.
    

    • 

  • Reports display data that resides in the SystemCenterReporting database, not the MOM (OnePoint) database. In SQL Server this database is called the. By default, data is migrated once per day by the SystemCenterDTSPackage task in Scheduled Tasks. Change this schedule if data is required on a different schedule, to less or more frequently.
    

    • 

  • Set parameters for periodic database grooming. Ensure that your MOM database grooming settings do not impact performance views and reports. The minimum MOM Database grooming period for the SMS 2003 Management Pack is 72 hours in order to support Public View intervals. Your database grooming settings should also be configured with the schedule for the SystemCenterDTSPackage task in mind. By default, this task will run once per day at 01:00 AM and replicate data from the MOM database (OnePoint), to the MOM Data Warehouse (SystemCenterReporting database), for long term storage.
    

    For more information about MOM 2005 database grooming, see the Microsoft Operations Manager 2005 Operations Guide.
    

    • 

  • Reports display data from the SystemCenterReporting database, not the OnePoint database. By default, data is migrated once per day by the SystemCenterDTSPackage task in Scheduled Tasks. Change this schedule if data is required on a different schedule, to less or more frequently.
    

    • 

  • Setting parameters for inbox monitoring event rules and related rules. To add a new inbox monitoring rule, copy and rename an existing inbox monitoring rule. Adjust the schedule and modify the two script parameters: FileCountThreshold and InboxDirectoryName. Additionally you can adjust the file count threshold to meet your requirements.
    

    • 

  • Re-evaluating which servers you want to manage by adding or removing a managed computer by using the Install\Uninstall Agents Wizard. 
    

    • 

  • Reviewing rules for applicability to your environment. By default, some rules related to other Management Packs are disabled. Depending on what additional Management Packs you have deployed, you should review the disabled rules to identify any rules you might want to enable in your environment.
    

    • 



Inbox Monitoring


Inbox monitoring provides direct monitoring or counting of files in critical SMS server inboxes and raises an alert when the number of files in a particular inbox exceeds a user configured threshold value. When SMS inbox average file counts are trending above nominal levels, it is a strong indication that SMS processing is becoming backlogged. Every environment will have different nominal values, depending upon its SMS site load. Backlogs are caused by a variety of issues, including services that are not responding; stopped processes; environmental issues, such as lack of disk space; or unusual activity levels in software distribution. The processing rules for inbox monitoring are shipped in disabled mode, with default performance thresholds.


Configuring Inbox Monitoring Rules


To deploy these rules to central, primary and secondary site servers, you must copy the following rules from SMS Site Servers - Common to the appropriate processing rule group for the site server, modify the threshold and enable the rule.


    

  • SMS 2003 Inbox: Monitor inbox
    

    • 

  • SMS 2003 Inbox: Monitor inbox script error
    

    • 

  • SMS 2003 Inbox: Threshold exceeded
    

    • 



The SMS 2003 Inbox: Threshold exceeded event processing rule monitors events from the SMS 2003: Monitor Inbox script error script. A unique alert is generated for each inbox that is over the specified threshold count.


The default threshold setting for this script is 10,000 files in an inbox. If exceeded, a “threshold exceeded” event is raised. You can modify the threshold settings by calculating the daily expected load on servers for each correctly functioning process, and then adding an acceptable percentage of buffer. The inbox monitoring rules run once per day by default, in fifteen minute increments beginning at 0:100. To minimize performance impact, it is recommended that you create a new timed provider for each SMS 2003 Inbox: Monitor Inbox rule, in order to load balance the launching of the inbox monitoring scripts.


The following table lists the inbox monitoring rules, default thresholds, and inboxes that are monitored under the SMS Executive provider.


Table 6   SMS Executive Inbox Monitoring












Inbox Monitoring Rule Name


Default Threshold


Inbox Name








SMS 2003 Inbox: Monitor inbox script error


n/a


n/a






SMS 2003 Inbox: Threshold exceeded


n/a


n/a






SMS 2003 Inbox: Monitor auth\dataldr.box


10000


Inboxes\auth\dataldr.box






SMS 2003 Inbox: Monitor auth\ddm.box


10000


Inboxes\auth\ddm.box






SMS 2003 Inbox: Monitor auth\sinv.box


10000


Inboxes\auth\sinv.box






SMS 2003 Inbox: Monitor compsumm.box\repl


10000


Inboxes\ compsumm.box\repl






SMS 2003 Inbox: Monitor dataldr.box


10000


Inboxes\ dataldr.box






SMS 2003 Inbox: Monitor ddm.box


10000


Inboxes\ ddm.box






SMS 2003 Inbox: Monitor despoolr.box\receive


10000


Inboxes\despoolr.box\receive






SMS 2003 Inbox: Monitor offermgr.box\INCOMING


10000


Inboxes\offermgr.box\INCOMING






SMS 2003 Inbox: Monitor offersum.box\repl


10000


Inboxes\ offersum.box\repl






SMS 2003 Inbox: Monitor replmgr.box\incoming


10000


Inboxes\replmgr.box\incoming






SMS 2003 Inbox: Monitor schedule.box\outboxes\LAN


10000


Inboxes\ schedule.box\outboxes\LAN






SMS 2003 Inbox: Monitor statmgr.box\statmsgs


10000


Inboxes\statmgr.box\statmsgs






SMS 2003 Inbox: Monitor swmproc.box\usage


10000


Inboxes\swmproc.box\usage







note.gif  Note

Because the following inboxes are new in SMS 2003 SP1, monitoring of them is limited to sites running SMS 2003 SP1.


    

  • SMS 2003 Inbox: Monitor auth\dataldr.box
    

    • 

  • SMS 2003 Inbox: Monitor auth\ddm.box
    

    • 

  • SMS 2003 Inbox: Monitor auth\sinv.box
    

    •