I had a few emails regarding the Agent Maintenance Mode not working for some. It appears that there are a few reasons for this not to work correctly:
1. System Center Essentials 2010 that uses Opsmgr 2007 R2 but they have still don’t include the powershell support (Thanks to Bjorn Axell for this info)
2. The Default Action Account on the RMS must be a member of the Operations Manager Administrators Group. If you configured the action account by using Local System or a user that is not part of the Operations Manager Administrators Group, the script will not work.
This is a standard configuration for several MPs including the Opeartions Manager MP and the Active Directory MP.
Showing posts with label Maintenance Mode. Show all posts
Showing posts with label Maintenance Mode. Show all posts
Wednesday 25 November 2009
Wednesday 18 November 2009
New Agent Maintenance Mode
Here is a new version of the Agent Maintenance Mode MP. This version is only for OpsMgr R2 as it leverages the new powershell modules only available in R2.
--Update--
Read this post if this is not working for you -Permissions Required for Agent Maintenance Mode
The readme has also been updated with this info
----
To recap on this solution:
It allows you to start Maintenance Mode from an monitored server using just a vbscript. Using this requires absolutely no permissions in Operations Manager. All of the components required to have this function are part of a standard OS with an agent installed. It works through Gateways so can be used in firewalled or untrusted environments.
The MaintMode.vbs writes an event to the event log that indicates the length of time Maintenance Mode should remain on. This is picked up by the management pack and processed on the RMS to turn on Maintenance Mode for that server. The on time can be specified in days, hours or minutes.
Download here
The zip file contains a Readme with more information and usage instructions.
Highligh of changes in this version:
Management Pack Changes
* Added Powershell modules in MP (R2 feature) to replace scripts on RMS. Some logic reworking in scripts
* Support for Server 2008
* Fixed ON/Off logic to not put Health Service and Health Service Watcher in to Maint Mode as R2 puts HS and HSW in to MM automatically
• Added Maint Mode event collection rules
• Added Schedule Maint Mode text file option at C:\MaintenanceModeSchedule.txt - origional by Steve Rachui - http://blogs.msdn.com/steverac/archive/2008/12/09/maintenance-mode-by-config-file.aspx
* Disables discovery on RMS as Maintenance Mode should not be used on RMS
MaintMode.vbs
* Now logs the username in the event log of who turned it on: “Maintenance Mode: ON for 6 hour(s): 360 . Turned on by domain\user”
* Adds registry markers to indcate current status under HKLM/Software/OpsMgr/Maintenance Mode. Can be used by patching tools.
* Added STATUS option that reads current status from registry.
--Update--
Read this post if this is not working for you -Permissions Required for Agent Maintenance Mode
The readme has also been updated with this info
----
To recap on this solution:
It allows you to start Maintenance Mode from an monitored server using just a vbscript. Using this requires absolutely no permissions in Operations Manager. All of the components required to have this function are part of a standard OS with an agent installed. It works through Gateways so can be used in firewalled or untrusted environments.
The MaintMode.vbs writes an event to the event log that indicates the length of time Maintenance Mode should remain on. This is picked up by the management pack and processed on the RMS to turn on Maintenance Mode for that server. The on time can be specified in days, hours or minutes.
Download here
The zip file contains a Readme with more information and usage instructions.
Highligh of changes in this version:
Management Pack Changes
* Added Powershell modules in MP (R2 feature) to replace scripts on RMS. Some logic reworking in scripts
* Support for Server 2008
* Fixed ON/Off logic to not put Health Service and Health Service Watcher in to Maint Mode as R2 puts HS and HSW in to MM automatically
• Added Maint Mode event collection rules
• Added Schedule Maint Mode text file option at C:\MaintenanceModeSchedule.txt - origional by Steve Rachui - http://blogs.msdn.com/steverac/archive/2008/12/09/maintenance-mode-by-config-file.aspx
* Disables discovery on RMS as Maintenance Mode should not be used on RMS
MaintMode.vbs
* Now logs the username in the event log of who turned it on: “Maintenance Mode: ON for 6 hour(s): 360 . Turned on by domain\user”
* Adds registry markers to indcate current status under HKLM/Software/OpsMgr/Maintenance Mode. Can be used by patching tools.
* Added STATUS option that reads current status from registry.
Tuesday 12 August 2008
Updated Agent Maintenance Mode
---Update---
Updated version of this MP at http://derekhar.blogspot.com/2009/11/new-agent-maintenance-mode.html
---------
There is a new version of my Maintenance Mode MP and scripts that can do maintenance mode from the Agent with no extras installed (The original post is here). The 4 files are available for download from http://cid-397bb61b75cc76c5.skydrive.live.com/browse.aspx/Public/AgentMaintModeV2?view=details
-----------
EDIT
Be aware the PowerShell execution policy might block the script from being run.
You may need to do the following:
1. Open the Command Shell, and do "set-executionpolicy remotesigned" (using "allsigned" may be considered a bit more secure.
2. Right-click on the .ps1 files, chose properties and click "Unblock" especially if you've downloaded these scripts using Internet Explorer.
Thanks to Marco for catching this. I had a few people contact with with the earlier version not working and I could never figure out why. Could be the same reason.
----------------
This version adds the ability to turn off maintenance mode from the agent as well as turn it on. The vbscript has been updated with some more options and some instructions on how to use it.
To install or update you need to import the management pack and copy the 2 ps1 files to System Center Operations Manager 2007 program folder on the RMS.
Then you need to copy the vbscript file to any agent managed server and run it to set any server in maintenance mode for the desired time period.
------------------------------
VBScript Usage:
Usage: MaintMode ON|OFF [ON Duration][D][H][M]
Examples: MaintMode ON 6H
MaintMode ON 2D
ON is a mandatory keyword to put a server in maintenance mode.
ON Duration is number of [D]ays [M]inutes or [H]ours Maintenance
Mode should remain ON.
If not specified, the default is 6 hours.
This means Maintenance mode will turn itself OFF after 6 hours.
If ON Duration is specified without [D][H][M], the number is
interpreted as hours.
------------------------------
This MP creates a new class which contains all Windows Operating Systems. There are 2 rules in this class. One listens for the Maint Mode ON event and the other listens for the Maint Mode OFF event. The script on the RMS that turns on Maintenance Mode actually turns it on for all the components of the server and then turns it off again only for the Maint Mode class. This means that even in Maint Mode it can listen for the OFF event.
NOTE: The discovery for this class runs every 12 hours so be aware that systems may take this long after install for the scripts to work
Thanks again to Boris for his examples and scripts for doing maintenance mode.
Tuesday 19 February 2008
Initiate Maintenance Mode from an Agent (no extras installed)
---Update---
Updated version of this MP at http://derekhar.blogspot.com/2009/11/new-agent-maintenance-mode.html
---------
This post will detail a method to initiate Maintenance Mode from an agent managed computer using a vbscript. This method is useful in the case where the people doing patching are not the same people who use the Operations Console and when you cannot dictate what is to be installed in the server. Clive Eastwood's AgentMM for example, if run remotely requires .NET 3.0, Operations Manager specific dll's, Admin permissions on OpsMgr and the ability to connect to the SDK service on the RMS.
Using this method, the person running the command needs to have absolutely no permissions on Ops Manager. All of the components required to have this function are part of a standard OS with and agent installed. It works through Gateways so can be used in firewalled or untrusted environments if you have a gateway in place.
There are 3 parts to this solution:
1) A VBScript on each managed computer that writes an event to the local event log.
2) A Management pack containing an rule that detects this event and runs a response on the RMS.
3) The response executes a Powershell script on the RMS that puts the server in to Maintenance Mode. I have borrowed pieces of the powershell script from Boris.
The vbscript is pretty simple and just writes an event to the event log that indicates the length of time Maintenance Mode should remain on. This time is passed as a parameter to the script.
Usage: MaintModeOn 4
- This command turns on Maintenance Mode for 4 hours
The single rule in the management pack picks up the event from the Application Log with event ID of 0, with a source of WSH and where the description contains the words "Maintenance Mode". In response, the rule runs the Powershell script MaintModeON.ps1 and passes to it two parameters -the name of the computer where the script was run and the event description.
The Powershell script puts all three pieces of an agent in the Maintenance Mode. This Powershell script should be copied to the System Center Operations Manager 2007 program folder on the root management server. If you have clustered the RMS it should be in the folder on both nodes.
---Update---
I have updated the links since google appears to have taken down the site hosting the files.
Wednesday 26 September 2007
Embed a Powershell Script in a Management Pack
- Updated -
OpsMgr R2 allows you to embed powershell scripts in a MP - See this MP for an example - http://derekhar.blogspot.com/2009/11/new-agent-maintenance-mode.html
----------
If you want to run powershell, perl or any other scripts not run by cscript.exe from a management pack then you invariably had to create the script and distribute it across all the servers where it needed to run. This could easily become quite complex maintaining all these scripts in multiple different locations. If you are in a situation where you have multiple management groups and none of them are quite the same then you could have multiple different versions of the script and the rule that would call the script.
To avoid this problem it is now possible to embed other scripts in a management pack, not just vbscript and jscript.
To explain how this is done we need to break in to the XML. Open the image below to view the full command. This would be executed using on a recurring basis using a System.Scheduler datasource.
The Write Action aboves enables proxying for all management servers. This check is quite easy to do using the command shell alias.
<ApplicationName>%systemroot%\System32\windowspowershell\v1.0\powershell.exe</ApplicationName>
This line launches the Powershell exe. Remember that Powershell must be installed on any server you are targeting the rule at. The same goes for any other script language that you wish to use.
<WorkingDirectory>%MOMROOT%</WorkingDirectory>
The %MOMROOT% variable point to the Installation path of OpsMgr. This is useful when targeting Powershell scripts at the RMS or Management servers as it allows you to easily load the Command Shell Snap-in. This then gives access to all the Command Shell aliases.
<CommandLine>-Command "& '$File/EnableProxy.ps1$'"</CommandLine>
The arguments being passed specifies to run the script $File/EnableProxy.ps1$. After this the file must be entered.
<Files>
<File>
<Name>EnableProxy.ps1</Name>
<Contents>
The name of the script must match the command line name. While I have not tested this there appears to be the ability to embed multiple files here.
Now we drop into the script itself. This rule is targeted to run only on the RMS so $rootMS is set as localhost. The next 3 lines load the Command Shell snapin, and opens the connection to the local management group.
$rootMS="localhost"
add-pssnapin "Microsoft.EnterpriseManagement.OperationsManager.Client";
set-location "OperationsManagerMonitoring::";
new-managementGroupConnection -ConnectionString:$rootMS;
Here is an example Management Pack
OpsMgr R2 allows you to embed powershell scripts in a MP - See this MP for an example - http://derekhar.blogspot.com/2009/11/new-agent-maintenance-mode.html
----------
If you want to run powershell, perl or any other scripts not run by cscript.exe from a management pack then you invariably had to create the script and distribute it across all the servers where it needed to run. This could easily become quite complex maintaining all these scripts in multiple different locations. If you are in a situation where you have multiple management groups and none of them are quite the same then you could have multiple different versions of the script and the rule that would call the script.
To avoid this problem it is now possible to embed other scripts in a management pack, not just vbscript and jscript.
To explain how this is done we need to break in to the XML. Open the image below to view the full command. This would be executed using on a recurring basis using a System.Scheduler datasource.
The Write Action aboves enables proxying for all management servers. This check is quite easy to do using the command shell alias.
<ApplicationName>%systemroot%\System32\windowspowershell\v1.0\powershell.exe</ApplicationName>
This line launches the Powershell exe. Remember that Powershell must be installed on any server you are targeting the rule at. The same goes for any other script language that you wish to use.
<WorkingDirectory>%MOMROOT%</WorkingDirectory>
The %MOMROOT% variable point to the Installation path of OpsMgr. This is useful when targeting Powershell scripts at the RMS or Management servers as it allows you to easily load the Command Shell Snap-in. This then gives access to all the Command Shell aliases.
<CommandLine>-Command "& '$File/EnableProxy.ps1$'"</CommandLine>
The arguments being passed specifies to run the script $File/EnableProxy.ps1$. After this the file must be entered.
<Files>
<File>
<Name>EnableProxy.ps1</Name>
<Contents>
The name of the script must match the command line name. While I have not tested this there appears to be the ability to embed multiple files here.
Now we drop into the script itself. This rule is targeted to run only on the RMS so $rootMS is set as localhost. The next 3 lines load the Command Shell snapin, and opens the connection to the local management group.
$rootMS="localhost"
add-pssnapin "Microsoft.EnterpriseManagement.OperationsManager.Client";
set-location "OperationsManagerMonitoring::";
new-managementGroupConnection -ConnectionString:$rootMS;
Here is an example Management Pack
Subscribe to:
Posts (Atom)