Category Archives: Operations Manager

OMS and System Center: What's New in June 2018

In June have been announced, by Microsoft, a considerable number of news about Operations Management Suite (OMS) and System Center. Our community, through these articles released monthly, aims to provide a general overview of the main new features of the month, in order to stay up to date on these arguments and have the necessary references for further information.

Operations Management Suite (OMS)

Log Analytics

Recently it was officially announced that the OMS portal will be deprecated, in favour of the Azure Portal. In this article are examined the aspects related to this change and what you should know to avoid being caught unprepared.

Figure 1 - Notifications in the OMS portal

Azure Backup

Azure Backup is enriched with an important new feature that allows you to natively protect SQL workload, running in IaaS virtual machines that reside in Azure. In this article are showed the benefits and the characteristics of this new feature.

Figure 2 – Protection of SQL Server on Azure VMs with Azure Backup

Released an updated version of the’Azure Backup agent (MARS), which can be obtained by accessing this link.

Using Azure Backup there is the possibility of generating the reports needed to be able to easily check the status of resource protection, details on the different backup jobs configured, the actual storage utilization and status of its alert. All this is made possible by using Power BI, allowing you to have a high degree of flexibility in the generation and customization of reports. In this video, recently published, there is show how to configure a Power BI workspace for sharing reports of Azure Backup within your organization. To analyze the steps required to configure the reporting of Azure Backup you can refer this article.

Figure 3 – Sharing PowerBI reports of Azure Backup

Azure Backup introduces the ability to protect workloads running on Azure Stack environment. The tenant who use the Azure Stack solution can then have a short term protection directly on the Azure Stack environment and can make use of Azure Recovery Service vault for long term retention and to perform offsite. For more details on this you can consult therelease announcement.

Figure 4 – Azure Stack Tenant backup with Microsoft Azure Backup Server

Azure Site Recovery

In Azure Site Recovery (ASR) was announced in "general availability (GA)" the ability to configure the Disaster Recovery (DR) of Azure Virtual Machines. Configuring the replication of virtual machines in different regions of Azure, you have the ability to make applications resilient to a fault affecting a specific Azure region. This feature is available in all the Azure regions where you can use ASR. Azure is the first public cloud to offer a native solution for Disaster Recovery for applications that run in IaaS.

During the preview, Microsoft has taken into account the different feedback from the customers and added to the solution, the following import capabilities:

We highlight these useful references regarding this solution:

Security and Audit

The solution Azure Network Security Group Analytics will be replaced by Traffic Analytics that was released in General availability (GA). This solution, fully cloud-based, allows you to have an overall visibility on network activities that are undertaken in the cloud environment. For more details about you can see "How to monitor network activities in Azure with Traffic Analytics"

System Center

System Center Data Protectrion Manager

In environments where System Center Data Protection Manager (SCDPM) is connected to Azure Backup service was introduced the ability to view all the items protected, details on the use of storage and information about the recovery points, direct from the Azure Portal, within the Recovery Service vault. This feature is supported for SCDPM 2012 R2, 2016 and for Azure Backup Server v1 and v2, as long as you have the latest version of Azure Backup Agent (MARS).

Figure 5 – Information from DPM outlined in Recovery Service vault

System Center Configuration Manager

It is usually released a technical preview per month in Configuration Manager, but this month, due to the considerable number of new features, they were released two.

The first is the version 1806 for the Technical Preview branch of System Center Configuration Manager. The main innovation introduced by this update is the addition of support for third-party software update catalogs. From the Configuration Manager console, you can easily subscribe to third-party software update catalogs, then publish updates via Software Update Point. These updates will be issued to the client by using the classic method of Configuration Manager to deploy software update.

Figure 6 – Access to third-party software update catalogs from the SCCM console

In addition to this new feature were released updates on:

  • Sync MDM policy from Microsoft Intune for a co-managed device
  • Office 365 workload transition in co-management
  • Configure Windows Defender SmartScreen settings for Microsoft Edge
  • Improvements to the Surface dashboard
  • Office Customization Tool integration with the Office 365 Installer
  • Content from cloud management gateway
  • Simplified client bootstrap command line
  • Software Center infrastructure improvements
  • Removed Network Access Account (NAA) requirement for OSD Boot Media
  • Removed Network Access Account (NAA) requirement for Task Sequences
  • Package Conversion Manager
  • Deploy updates without content
  • Currently logged on user information is shown in the console
  • Provision Windows app packages for all users on a device

The second is the version 1806.2 for the Technical Preview branch of System Center Configuration Manager, that mainly includes the following news related to the Phased deployment:

  • Ability to monitor the status natively, from the Deployments node.
  • Ability to create Phased deployment of applications and not just for task sequences.
  • Ability to carry out a gradual rollout during the deployment phase.

Also this preview contains updates regarding:

  • Management Insights for proactive maintenance
  • Mobile apps for co-managed devices
  • Support for new Windows app package formats
  • New boundary group options for optimized P2P behaviors
  • Third-party software updates support for custom catalogs
  • Compliance 9 – Overall health and compliance (Report)

Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

Released an updated version of the Management Pack for OS Windows Server 2016 and 1709 Plus which includes several updates and issues resolutions. For further information you can consult this article.

Released the version 8.2 of the MP Author that includes several improvements. For a list of what's new in this version you can see theofficial announcement of the release.

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and after the registration you can start the trial period.

OMS and System Center: What's New in May 2018

Compared to what we were used to seeing in recent months, in the month of may, have been announced by Microsoft a few news about Operations Management Suite (OMS) and System Center. This article will summarize bringing the references needed to conduct further studies.

Operations Management Suite (OMS)

Log Analytics

Microsoft announced the retirement, starting from 8 June 2018, of the following solutions:

This means that, as of this date, you can no longer add this solutions in the Log Analytics workspaces. For those who are currently using it, is appropriate to consider that the solution will still work, but will be missing its support and will not be released new updates.

In this article are reported some important recommendations that should be followed when using the operators "Summarize" and "Join" in Log Analytics and Application Insights query. It is recommended to adjust the syntax of any existing query, using these operators, to comply with the specifications given in the article.

Security and Audit

It should be noted this interesting article where it is shown how you can detect and investigate unusual and potentially malicious activities using Azure Log Analytics and Security Center.

Azure Site Recovery

Microsoft has announced that the following versions of the REST API of Azure Site Recovery will be deprecated since 31 July 2018:

  • 2014-10-27
  • 2015-02-10
  • 2015-04-10
  • 2015-06-10
  • 2015-08-10

You will need to use at least version API 2016-08-10 to interface with Azure Site Recovery. This type of change has no impact on the portal of Azure Site Recovery and to the solution access via PowerShell.

System Center

System Center Orchestrator

The Integration Packs of Orchestrator, version 7.3 for System Center 2016, have been released.
The download can be done at this link and includes the following components:

  • System Center 2016 Integration Pack for System Center 2016 Configuration Manager.
  • System Center 2016 Integration Pack for System Center 2016 Data Protection Manager.
  • System Center 2016 Integration Pack for System Center 2016 Operations Manager.
  • System Center 2016 Integration Pack for System Center 2016 Service Manager.
  • System Center 2016 Integration Pack for System Center 2016 Virtual Machine Manager.

These Integration Packs allow you to develop automation, interfacing directly with the other components of System Center. The Integration Pack for System Center 2016 Operations Manager has been revised to require no more the presence of the Operations Manager console to function correctly.

System Center Operations Manager

Following, are updates released for Operations Manager Management Packs:

  • Active Directory Federation Services version 10.0.1.0
  • Active Directory Federation Services 2012 R2 version 7.1.10100.1

System Center Service Management Automation

Service Management Automation sees the release ofUpdate Rollup 5. Among the issues addressed are:

  • Runbooks that, using cmdlets of System Center 2016 Service Manager, fail with the error "MissingMethodException".
  • Runbooks that fail with the exception "unauthorized access".

Improvements have also been made in the debug logging.

To see the complete list of issues and the details on how to upgrade, you can access to the specific knowledge base.

 

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and after the registration you can start the trial period.

OMS and System Center: What's New in April 2018

Microsoft announces constantly news about Operations Management Suite (OMS) and System Center. Our community releases this summary monthly, allowing you to have a general overview of the main new features of the month, in order to stay up to date on these arguments and have the necessary references to conduct any insights.

Operations Management Suite (OMS)

Log Analytics

Microsoft has decided to extend the Alerts in Log Analytics from OMS to the Azure Portal, centralizing on Azure Monitor. This process will be done automatically starting from 14 May 2018 (the date has been postponed, Initially it was planned for 23 April), will not result in any change to the configuration of Alerts and related queries, and it does not foresee any downtime for its implementation. For further details please consult the specific article “The extension of Log Analytics Alerts in Azure Monitor“.

Figure 1 – Notification of alerts extension in the OMS portal

To avoid situations where, the resources managed in Log Analytics may send in an unexpected way a high volume of data to the OMS Workspace, is introduced the ability to set a Daily Volume cap. This allows you to limit the data ingestion for your workspace. You can configure the Data volume cap in all regions, accessing to the section Usage and estimated costs:

Figure 2 – Setting the Daily volume cap

The portal also shows the trend of the volume of data in the last 31 days and the total volume of data, grouped by solution:

Figure 3 – Data ingestion for solution (latest 31 days and total)

Log Search API usage, used by the old Log Analytics query language, has been deprecated since 30 April 2018. The Log Search API has been replaced with theAzure Log Analytics REST API, which supports the new query language and introduces greater scalability than the results you can return. For more details on this you can consult theofficial announcement.

Agent

This month the new version ofOMS agent for Linux systems resolves a significant number of bugs and introduces new versions of the various components. It also introduced support for Debian 9, AWS 2017 and Open SSL 1.1. To obtain the updated version of the OMS agent you can access to the official GitHub page OMS Agent for Linux Patch v 1.6.0-42.

Figure 4 – Bug fixes and what's new for the OMS agent for Linux

Azure Backup

As for Azure Backup, have been announced the following improvements in service scalability:

  • Ability to create up to 500 recovery services vaults in every subscription for region (previously the limit was 25).
  • The number of virtual machines that can be registered in each vault is increased to 1000 (it was previously 200).

Azure Backup, for the protection of Azure Iaas VM, now supports the storage account secured using storage firewalls and Virtual Networks. More details about this can be found on Microsoft's official blog.

Figure 5 - Protection of Azure Iaas VM in storage protected scenarios

There are different rules to enable the long-term backup for Azure SQL Database . The procedure, to keep the backup of Azure SQL DB up to 10 years, expected saving in an Azure Recovery Vault Service. By introducing this new feature, you have the option to keep the long-term backup directly within an Azure Blob Storage and will terminate the need for a Recovery Vault Service. All this gives you more flexibility and greater control of costs. For more details about it you can see the article SQL Database: Long-term backup retention preview includes major updates.

System Center

System Center Configuration Manager

For System Center Configuration Manager has been released the version 1804 for the Technical Preview branch. In addition to general improvements in the solution this update introduce new features concerning the OSD, the Software Center and the Configuration Manager infrastructure. All the new features included in this update can be found in the article Update 1804 for Configuration Manager Technical Preview Branch. Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

Microsoft has released theUpdate Rollup 5 (UR5) for System Center 2016 Long-Term Servicing Channel (LTSC). This update does not introduce new features, but fixes several bugs.

Following, are the references, about this update, for each System Center product:

There are no updates regarding Service Provider Foundation.

System Center Operations Manager 1801 introduces support for Kerberos authentication when the protocol WS-Management is used from the management server for the communication with UNIX and Linux systems. This allows you to have a higher level of security, eliminating the need to enable basic authentication for Windows Remote Management (WinRM).

Also in System Center Operations Manager 1801 introduces the following improvements on the management of the Linux log file monitor:

  • Support for Wild Card characters in the name and path of the log file.
  • Support for new match patterns that allow customized searches of log.
  • Support for pluging Fluentd published by fluentd community.

Below there are the news concerning the Management Pack of SCOM:

  • MP for Windows Server Operating System 2016 and 1709 Plus 10.0.19.0
  • MP for SQL Server 2008-2012 7.0.4.0
  • MP for SQL Server 2014 7.0.4.0
  • MP for SQL Server 2016 7.0.4.0
  • MP for Microsoft SQL Azure Database 7.0.4.0
  • MP for SQL Server Dashboards 7.0.4.0
  • MP for UNIX and Linux 7.6.1085.0

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and after the registration you can start the trial period.

OMS and System Center: What's New in March 2018

In March there have been several news announced by Microsoft on Operations Management Suite (OMS) and System Center. In this series of articles, which we make with monthly basis, are listed all the main innovations of the current month, accompanied by the necessary references to be able to conduct further studies.

Operations Management Suite (OMS)

Azure Automation

In Azure Automation new features have been officially released that allow you to:

  • Manage the distribution of updates (Update management).
  • Collect inventory information about the applications installed on systems (Inventory).
  • Track changes made on the machines (Change tracking).

The our article, posted in recent months, shows how to configure the Azure Automation Account to take advantage of these new features and reports the key features.

Figure 1 – Related solutions in Log Analytics


Azure Backup

Azure Backup introduces several new features that address the following aspects:

  • Large disk support: ability to protect disks of size up to 4 TB, both typologies: managed and unmanaged. The limit was previously of 1 TB.
  • Backup and Restore performance improvements: to reduce the execution time of the backup and restore will be retained snapshots, performed during the backup process, for 7 days.
  • Instant recovery point: the recovery point is made available instantly at the moment of creation of the snapshot made by the backup job, in a similar way to the checkpoint created by Hyper-V or VMware.
  • Distribute the disks of restored VM: during the restore process you are given the opportunity to choose where to place the disks unmanaged of virtual machines. This reduces the configurations, post restore activities, that would be required putting all disks within the same storage account .

To take advantage of these improvements you need to upgrade your subscription which owns the Recovery Service Vaults. The upgrade can be performed directly from the Azure Portal (there will be an appropriate notification in the dashboard of the Recovery Service vault ) or via PowerShell commands. For further information you can consult theMicrosoft's official announcement.

Figure 2 – Subscription upgrade process at the new stack

Microsoft has also announced that the Azure Backup service is now also available in the regions of Azure France (France Central and France South).

 

System Center

Microsoft has officialized the release of Windows Server 2019 which will be available to the public in the second half of 2018. In the same time will be made available System Center 2019 and it will have full support for Windows Server 2019 from the very first day of release.

System Center Configuration Manager

During the month has been released the version 1802 for the Current Branch (CB) of System Center Configuration Manager that introduces new features and major improvements in the product.

This summarizes the areas impacted by this update:

Modern Management

  • Endpoint Protection workload transition in co-management
  • Management insights
  • Co-management reporting

Figure 3 – Co-management reporting

Microsoft 365 Adoption

  • Phased deployments
  • Windows AutoPilot Device Information report
  • Support for Windows 10 ARM64 devices
  • Surface Device Dashboard
  • Microsoft Edge browser policies
  • Report to show default browser for client machines
  • Windows 10 Servicing for a specific collection report
  • Improvements to Office 365 client management dashboard
  • Improvements for Windows Defender Exploit Guard
  • New settings for Windows Defender Application Guard

Streamlined Infrastructure

  • Configure Windows 10 Delivery Optimization to use Configuration Manager boundary groups
  • Add management points to your boundary group fallback relationships
  • Moving Distribution Points between sites

Improvements in Cloud Management Gateway

  • Cloud management gateway support for Azure Resource Manager
  • Install user-available applications on Azure AD-joined devices
  • Windows 10 in-place upgrade task sequence over the Internet

Improvements in Software Center

  • Approve application requests for users per device
  • Improvements to client settings for Software Center

Improvements in OSD

  • Improvements to Windows 10 in-place upgrade task sequence
  • Deployment Template for Task Sequences

Miscellaneous Improvements

  • Support for hardware inventory strings greater than 255 characters in length
  • Run scripts

Figure 4 – Run Script status

To see the complete list of new features and to get more details about it you can access the Microsoft's official documentation.

The update will be made available globally in recent weeks and will be displayed in the node "Updates and Servicing" in the SCCM console. To force the availability of this update you can use this PowerShell script.

For System Center Configuration Manager has been released the version 1803 for the Technical Preview branch. In addition to general improvements in the solution are introduced useful changes that can improve the Configuration Manager infrastructure. In addition, interesting improvements have been made to the Software Center. All the new features included in this update can be found in the article Update 1803 for Configuration Manager Technical Preview Branch.

Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Updates Publisher

System Center Updates Publisher (SCUP) is the Microsoft solution that allows you to manage custom third-party update. This month a new version of SCUP has been officially released and can be downloaded at this link. The new release introduces support for Windows 10 and Windows Server 2016. All details about this release can be found in the’official announcement.

System Center Operations Manager

Following, are reported the news about Management Packs of SCOM:

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To try System Center products you can access to the’Evaluation Center and after the registration you can start the trial period.

OMS and System Center: What's New in February 2018

The month of February was full of news and there are different updates that affected Operations Management Suite (OMS) and System Center. This article summarizes in concise terms to have a global vision and it contains the necessary references to learn more about it.

Operations Management Suite (OMS)

Log Analytics

Everyone who uses Azure ExpressRoute will be glad to know that you can now monitor it by using the Network Performance Monitor (NPM). This feature has been in previews for a few months and has now passed in the state of general availability. Among the features of this monitor solution we find:

  • Ability to view interactively, using the topology view of NPM, the various components (network on-premises, circuit provider edge, circuit ExpressRoute, edge Microsoft, and the Azure VMs) and latency measured in each hop. This allows you to easily identify any performance issues in connectivity and quickly locate the problematic segment of communication.
  • Ability to view the bandwidth usage of primary and secondary ExpressRoute circuit . Thanks to drill-down is also possible to intercept the bandwidth usage for each vNet connected to the ExpressRoute circuit.
  • Ability to create queries and custom views thanks to the fact that all details of the solution are available in the repository of Log Analytics and therefore you can use the native search functionality and correlation to suit your needs.
  • Ability to diagnose various problems of connectivity present in ExpressRoute circuit .

Figure 1 – Azure ExpressRoute Monitoring

For more information about how to configure the ExpressRoute monitor with NPM please visit the Microsoft's official documentation.

Also in Network Performance Monitor (NPM) was introduced the Service Endpoint Monitor with the integration into the monitor and into the performance of your application also of the performance end-to-end of the network. This feature allows you to create different types of tests (HTTP, HTTPS, TCP and ICMP), that must be carried out in key points of the network infrastructure, so you can quickly identify whether the problem encountered is related to the network or is related to the application. Through the use of the network topology map the problem and its nature is easily locatable. This is a feature in public preview whose characteristics are described in detail in this article.

Agent

This month the new version ofOMS agent for Linux systems fixes some bugs and also introduces an updated version of the components SCX and OMI. To obtain the updated version of the OMS agent you can access to the official GitHub page OMS Agent for Linux Patch v 1.4.4-210.

Figure 2 – Bug fixes and what's new for the OMS agent for Linux

Azure Backup

In this article is described how to build the solution of monitor in Log Analytics for Azure Backup. With this monitor solution, you can control the main aspects of Azure Backup as the backup and restore jobs, backup alert and use of cloud storage. You can do all cross Recovery Service vault and cross subscription, being able to take advantage of the features built into Log Analytics, such as the automated opening of ticket via webhooks or through integration with ITSM. It is a community solution, and each contributed is obviously welcome.

For Azure Backup was announced (in general availability) the possibility of creating consistent backups at the application layer for Linux virtual machines running on Azure. On Windows systems this is done using the VSS component, while for Linux VM it is made available one scripting framework through which you can run the pre-scripts and post-scripts to control the backup execution.

Figure 3 – Mechanism for realization of backup application consistent in VMs Linux on Azure

For more details on this you can consult theofficial announcement, while for more information about Linux virtual machine protection in Microsoft Azure, using Azure Backup, you can view the article: Azure Backup: the protection of Linux on Azure.

Azure Backup introduces the ability to protect natively Azure File Shares. This feature is currently in Public Preview and the main features are:

  • Chance, accessing Recovery Service vault, to make the discovery of storage acccount and detect files shares unprotected.
  • Large-scale protection: there is the possibility to back up multiple file shares contained in a storage account and apply a common security policy.
  • Instant and granular restore. The protection is based on file share snapshots and this allows you to quickly restore files selectively.
  • From the Azure portal you can explore the different restore point available to easily identify which files to restore.

Figure 4 – Backup of Azure File Shares

For further information you can consult theofficial announcement.

This month has been released a Mandatory Update for the Microsoft Azure Recovery Services agent (MARS). For all those who use Azure Backup you must install this update as soon as possible to avoid failures in backup and recovery tasks.

Azure Site Recovery

In Azure Site Recovery was made available a wait functionality, that allows to protect virtual machines having managed disk, in the replication scenario between different Azure regions, allowing greater flexibility for Disaster Recovery scenarios with systems in Azure.

Figure 5 – Enabling replication of a VM with Managed Disks

System Center

As announced in the last few months and as is already the case for the operating system and Configuration Manager, also the others System Center products, in particular, Operations Manager, Virtual Machine Manager, and Data Protection Manager will follow a release of updated versions every 6 months (semi-annual channel). This month there was the first release with the version 1801 of System Center.

Figure 6 – Summary of what's new in version 1801 of System Center

To know the details of what is new in this release, please consult the official announcement. Please remember that for belonging to the semi-annual channel support is guaranteed 18 months.

System Center Configuration Manager

Released the version 1802 for the branch Technical Preview of System Center Configuration Manager: Update 1802 for Configuration Manager Technical Preview Branch.

This release introduces a considerable number of innovations on different areas, including: OSD, Cloud Management Gateway, features of Windows 10 and Office 365, Software Center and Site Server High Availability.

Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

The feature called "Updates and Recommendations", introduced in SCOM 2016 for Management Packs from Microsoft, is useful to facilitate the process of discovery of appropriate MPs to monitor different workloads present in your infrastructure and keep them updated. This feature is enabled by well over 110 Microsoft workloads. Microsoft announced that it is extending this feature also for MPs produced and offered by third parties. In release 1801 of Operations Manager are currently covered MPs of the following external partners:

Figure 7 – Feature Updates and Recommendations with MPs of partners

As a result of the release of version 1801 of System Center were also made available the following new SCOM Management Packs:

System Center Service Manager

Released an new version of the Service Manager Authoring Tool.

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and, after registering, you can start the trial period.

Integration between Service Map and System Center Operations Manager

Service Map is a solution that you can enable in Operations Management Suite (OMS) able to automatically carry out the discovery of application components, on both Windows and Linux systems, and to create a map that shows almost real-time communications between the various services. All this allows you to view the servers as interconnected systems that deliver services.

In System Center Operations Manager (SCOM) there is the possibility to define Distributed Application to provide an overall view of the health status of an application consists of different objects. The Distributed Application does not provide additional monitor functionality, but merely to relate the state of the objects in the system monitor, to provide the overall health status of the application.

Through integration between Service Map and System Center Operations Manager, you can automatically create in SCOM diagrams that represent the Distributed Application based on the detected dependencies from the Service Map solution.

This article will examine the procedure to be followed to activate this integration bringing back the main features.

Prerequisites

This kind of integration is possible if the following requirements are verified:

  • Environment System Center Operations Manager 2012 R2 or later.
  • Workspace OMS with Service Map solution enabled.
  • The presence of a Service Principal with access to the Azure subscription that contains the OMS workspace.
  • Operations Manager-managed servers and that send data to Service Map.

Supports both Windows and Linux systems, but with one important distinction.

For Windows systems you can evaluate the use of the scenario of integration between SCOM and OMS, as described in the article Integration between System Center Operations Manager and OMS Log Analytics and simply add the Dependencing Agent of Service Map on the various servers.

For Linux systems you cannot collect directly data of agents managed by Operations Manager in Log Analytics. It will therefore always required the presence of both the SCOM agent and the OMS agent. At the moment, in a Linux environment, the two agents share some binaries, but these are distinct agents that can coexist on the same machine as long as the SCOM agent is at least version 2012 R2. OMS agent installation on a Linux system managed by Operations Manager updates the OMI and the SCX SCX. We recommend that you always install the SCOM agent first and then the OMS agent, otherwise you need to edit the configuration file of OMI (/etc/opt/omi/conf/omiserver.conf) by adding the parameter httpsport=1270. After the editing you must restart the OMI Server component using the following command: sudo /opt/omi/bin/service_control restart.

The process for activating the integration

The first step required is the import, using the System Center Operations Manager console, of the following management packs (now in Public Preview), contained within the bundle that you can download to this link:

  • Microsoft Service Map Application Views.
  • Microsoft System Center Service Map Internal.
  • Microsoft System Center Service Map Override.
  • Microsoft System Center Service Map.

Figure 1 – Start importing the Management Pack

Figure 2 – Install the Management Pack for the integration with Service Map

After completing the installation of the management pack you will display the new node Service Map, in the workspace Administration, within the section Operations Management Suite. From this node you can start the integration configuration wizard:

Figure 3 – Configuration of the OMS workspace where there is the Service Map solution

At the moment you can configure the integration with a single OMS workspace.

The wizard prompts you to specify a Service Principal for read access to the Azure subscription that contains the OMS workspace, with the Service Map solution enabled. To create the Service Principal you can follow the procedure in Microsoft's official documentation.

Figure 4 – OMS workspace connection parameters

Based on the permissions assigned to the Service Principal the wizard shows the Azure subscriptions and its associated OMS workspaces:

Figure 5 - Selection of the Azure subscription, OMS Resource Group and OMS workspace

At this point you are prompted to select which groups of machines in Service Map you want to synchronize in Operations Manager:

Figure 6 – Selection of the Service Map Machine Group to synchronize in SCOM

On the next screen you are prompted to select which servers in SCOM synchronize with information retrieved from Service Map.

Figure 7 – Selection of items of SCOM

In this regard, in order to make sure that this integration is able to create the diagram of the Distributed Application for a server, this must be managed by SCOM, by Service Map and must be present within the Service Map group previously selected .

Then you are prompted to select an optional Management Server Resource Pool for communication with OMS and if necessary a proxy server:

Figure 8 - Optional configuration of a Management Server Resource Pool and a proxy server

Registration takes few seconds after which the following screen appears and Operations Manager performs the first synchronization of Service Map, by taking the data from the OMS workspace.

Figure 9 – Addition of the OMS workspace successfully completed

The synchronization of Service Map data occurs by default every 60 minutes, but you can change this frequency going to act with an override on a rule named Microsoft.SystemCenter.ServiceMapImport.Rule.

Result of the integration between Service Map and SCOM

The result of this integration is visible from the Operations Manager console in the dashboard Monitoring. It is in fact created a new Service Map folder that contains :

  • Active Alerts: any active alert regarding communication between SCOM and Service Map.
  • Servers: list of servers under the monitor for which the information is synchronized from Service Map.

Figure 10 - Servers with synchronized information from Service Map

  • Machine Group Dependency Views: Displays a Distributed Application for each Service Map group selected for the synchronization.

Figure 11 – Machine Group Dependency View

  • Server Dependency Views: shows a Distributed Application for each server that synchronizes information from Service Map.

Figure 12 – Server Dependency View

 

Conclusions

Many reality that they are going to use, or have already implemented the Service Map solution also have on-premises an environment with System Center Operations Manager (SCOM). This integration will enrich the information in SCOM allowing you to have full visibility of applications and dependencies of the various systems. This is an example of how you can use the power provided by OMS actually even with SCOM, without renouncing to investments made on the instrument, such as the possible integration with IT service management solutions (ITSM).

Integration between System Center Operations Manager and OMS Log Analytics

For those who are using System Center Operations Manager (SCOM) there is the possibility to extend the functionality of the product, enabling integration with Log Analytics. This allows you to benefit the potential of OMS to get a more efficient and complete strategy for monitoring your infrastructure . In this article we will analyze the steps that you must follow to enable this integration and we will parse the function of the architecture.

Before you enable this kind of integration you must ensure that you have one of the following supported versions of SCOM :

  • Operations Manager 2016.
  • Operations Manager 2012 R2 UR2 or higher.
  • Operations Manager 2012 SP1 UR6 or higher.

Also you should allow outgoing traffic, to the OMS cloud services, coming from monitor agents, from the Management Servers and from the SCOM console, directly or via an OMS Gateway.

The integration process is done by using the Operations Manager console according to few simple steps later reported:

Figure 1 – Start the registration process

Figure 2 — Select the OMS environment

Figure 3 – Start the authentication process

Figure 4 – Selection of the OMS workspace you plan to incorporate in SCOM

Figure 5 - Confirmation Screen Settings

Figure 6 -Final Confirmation

At the end of this configuration the connection is established towards the OMS workspace, but no data of SCOM agents connected to the SCOM management group is sent to Log Analytics. In order to collect the data from managed Operations Manager agents in Log Analytics is selectively required going to specify individual computer objects or a group that contains your Windows computer objects. The whole can be carried out directly from the branch Connection in the section Operations Management Suite:

Figure 7 – Selection of computer objects that you want to enable

At the end of this operation in the OMS portal it is possible to check the connection status of its Management Group and the number of connected servers:

Figure 8 - Information reported in the OMS portal after the integration

From the SCOM console you can check the status of the OMS connection browsing the section Operations Management Suite – Health State of the workspace Monitoring:

Figure 9 - Property Authentication service URI in the Health State of the Management Server

After establishing the connection between the SCOM infrastructure and the OMS workspace, the Management Server will start to receive configuration updates by OMS web services in the form of Management Packs, that include both the base MPs that those relating to solutions that have been enabled. Operations Manager carries out checks at regular intervals to check for updates for these Management Packs. This behavior is governed by these SCOM rules:

  • SystemCenter.Advisor.MPUpdate: handles updating of base MPs of OMS and by default runs every 12 hours.
  • SystemCenter.Advisor.Core.GetIntelligencePacksRule: handle upgrade of MPs related to enabled OMS solutions in the connected workspace and by default it is performed every five minutes.

Such behavior can be managed by changing the frequency or completely disabling updates (parameter Enabled) by configuring overrides of the above rules.

By accessing the workspace Administration and filtering the Management Pack for Advisor or Intelligence list the MPs downloaded and installed according to the solutions enabled in your OMS workspace:

Figure 10 – Management Packs list with name containing "Advisor"

Figure 11 – Management Packs list with name containing "Intelligence"

Figure 12 – List of Solutions installed on the OMS Workspace

As you can see for each installed OMS solution there is a corresponding Management Pack imported into the Operations Manager infrastructure.

At the end of this configuration also the communication-enabled monitor agents can send the required data from the solution directly to the OMS web service or the solution's data can be sent directly from the SCOM Management Server to the connected OMS workspace. Everything depends on the solution enabled and in no case this information are saved within the Operations Manager databasea (OperationsManager and OperationsManagerDW). If the Management Server lost the connectivity to the OMS web service data are maintained cached locally until the restart of the communication. In case the Management Server remain offline for an extended period the communication with OMS can be picked up by other Management servers in the same Management Group.

Figure 13 – Chart with communications between SCOM and OMS infrastructure components

In order to control and regulate the internet connections of monitored systems and of Management Servers to the public OMS URL you can implement a OMS Gateway:

Figure 14 – Communications between SCOM and OMS infrastructure components in the presence of an OMS Gateway

In this way the only system that must be enabled to access to the Public URL of Operations Management Suite is the OMS Gateway and all others systems will point to this machine. To apply this type of configuration is necessary, after implementing the system with this role, specify the IP address of the OMS Gateway in the proxy server with the prefix http://.

Figure 15 - Proxy Server configuration used to access the OMS cloud services

Figure 16 – IP address of the OMS Gateway with http prefix://

If you need to enable only certain systems using the OMS Gateway going to act on the rule Advisor Proxy Setting Rule and create an Override for the health service object going to populate the parameter WebProxyAddress with the URL of the OMS Gateway.

Conclusions

Microsoft Operations Management Suite (OMS) is a solution based entirely on the cloud, in constant evolution and with new features being added and extended in rapid frequency. Through this integration you can then combine the speed and efficiency inherent in OMS in collecting, hold and analyze data, with the potential of Operations Manager. This allows you to continue using the existing SCOM infrastructure to monitor your environment, keeping any integration with IT Service Management solutions (ITSM) and benefit at the same time also the potential offered by Microsoft Operations Management Suite (OMS).

OMS and System Center: What's New in November 2017

In November there have been several announcements from Microsoft concerning Operations Management Suite (OMS) and System Center. This article will summarize briefly with the necessary references to be able to conduct further studies.

Operations Management Suite (OMS)

Log Analytics

As already announced since 30 October 2017 Microsoft has launched the upgrade process of the OMS workspaces not yet updated manually. In this regard has been released this useful document that shows the differences between a legacy OMS workspace and a updated OMS workspace, with references for further details.

Solutions

Those that use circuit ExpressRoute will be glad to know that Microsoft announced the ability to monitor it through Network Performance Monitor (NPM). This is a feature currently in preview that allows you to monitor connectivity and performance between the on-premises environment and vNet in Azure in the presence of ExpressRoute circuit. For more details about the features announced you can consult theofficial article.

Figure 1 – Network map showing details of ExpressRoute connectivity

Agent

As usual it was released a new version of the OMS Agent for Linux systems that now takes place on a monthly basis. This release fixes bugs related diagnostics during agents onboarding. Are not being introduced new features. To obtain the updated version please visit the official GitHub page OMS Agent for Linux Patch v 1.4.2-124.

Protection and Disaster Recovery

Azure Backup always protected backups from on-premises world toward Azure using encryption that takes place using the passphrase defined during the configuration of the solution. To protect VMs in Azure the recommendation for greater security in the backup was to use VMs with disk-encrypted. Now Azure Backup uses Storage Service Encryption (SSE) to do the encryption of backups of virtual machines on Azure, allowing to obtain in an integrated manner in the solution a mechanism for the implementation of the backup security. This also will happen to existing backup automatically and through a background task.

Microsoft, in order to bring more clarity with regard to pricing and licensing of Azure Site Recovery, updated the FAQ which you can see in the official page of pricing of the solution.

System Center

As is already the case for the operating system and System Center Configuration Manager, the other System Center products, in particular, Operations Manager, Virtual Machine Manager, and Data Protection Manager will follow a release of updated versions every 6 months (semi-annual channel). The goal is to rapidly deliver new capabilities and to ensure a speedy integration with the cloud world, which is essential given the speed with which it evolves. In November was announced the System Center preview version 1711 which you can download at this link.

Figure 2 – Summary of what's new in System Center preview version 1711

To know the details of the new features in this release, please consult theofficial announcement.

System Center Configuration Manager

For System Center Configuration Manager current branch version 1706 was issued an important update rollup you should apply as it solves a lot of problems.

Released the version 1710 for the Current Branch (CB) of System Center Configuration Manager that introduces new features and major improvements in the product. Among the main innovations of this update definitely emerge the possibilities offered by the Co-management that expand the possibilities for device management using either System Center Configuration Manager and Microsoft Intune.

Figure 3 – Features and benefits of Co-management

For a complete list of new features introduced in this version of Configuration Manager, you can consult theofficial announcement.

Released the version 1711 for the Technical Preview branch of System Center Configuration Manager. The new features in this update are:

  • Improvements in the new Run Task Sequence step.
  • User interaction when installing applications in the System context even when running a task sequence.
  • New options, in the scenario of using Configuration Manager associated with Microsoft Intune, to manage compliance policy for devices Windows 10 related to Firewall, User Account Control, Windows Defender Antivirus, and OS build versioning.

I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

Released an updated version of the Configuration Manager Client Messaging SDK.

System Center Operations Manager

Released the new wave of the SQL Server Management Packs (version 7.0.0.0):

The Management Packs for SQL Server 2017 can be used for the monitor of SQL Server 2017 and subsequent releases (version agnostic), this allows you to avoid having to manage different MPs for each version of SQL Server. The controls for versions of SQL Server earlier than 2014 are included in the generic MP "Microsoft System Center Management Pack for SQL Server".

System Center Service Manager

Microsoft has published a series of tips and best practices to be followed during Authoring Management Pack of System Center Service Manager (SCSM).

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

OMS and System Center: What's New in October 2017

This article lists the main changes announced in October concerning Operations Management Suite (OMS) and System Center. This is a concise summary that contains the necessary references for further study.

Operations Management Suite (OMS)

Log Analytics

In Log Analytics in August was released a major update that introduces a number of changes, as the powerful new query language, the introduction of the new Advanced Analytics portal and greater integration with Power BI. For further information you can consult the specific article Log Analytics: a major update evolves the solution. During the month, Microsoft announced that from 30 October 2017 is started automatically the upgrade process of the OMS workspaces not yet updated manually. Everything will be done in a gradual way for region according to the schedule below:

Figure 1 - Scheduling for rollout of the upgrade of Log Analytics

Also starting from 16 October 2017 the new OMS workspaces are already build in the new mode and there is no possibility to create a legacy workspace. For further information you can consult the article Azure Log Analytics workspace upgrades are in progress.

Solutions

Thanks to the solution Azure Log Analytics Container Monitoring for the Service Fabric under Linux now you can:

  • Centralize and correlate logs that are related to containers.
  • For containers and nodes display in almost real-time metrics for CPU, memory, storage and network utilization.
  • Identify containers with excessive use of resources.
  • Control the use of process-wide resources (Docker container top).
  • See an inventory of the container node that contains information about the Orchestration.

Figure 2 – Container Monitoring solution for Linux Service Fabric

The presence of an Azure Resource Manager (ARM) template that lets you create a new Log Analytics Workspace and install during the deployment the OMS agent on all nodes of the Service Fabric cluster facilitates the activation of the monitor. At the end of the cluster deployment simply add to the workspace of Log Analytics the solution Container Monitoring available in Azure Marketplace, and in a few minutes will be available in Log Analytics information on the Service Fabric. For further information you can consult the article Azure Log Analytics Container Monitoring solution for Linux process Fabric.

By using the Azure Action Groups you can use the Log Analytics solution IT Service Management Connector Solution to automatically open incident in your product or service of IT Service Management (ITSM), if properly supported, against alert generated in the Azure environment. The steps to configure this new feature is documented in the ad Send your Azure alerts to ITSM tools using Action Groups.

Agent

Released a new version of the OMS agent for Linux systems that mainly has solved some bugs and introduced some useful improvements. For more details and to get the updated version please refer to the official GitHub page OMS Agent for Linux GA v 1.4.1-123

Figure 3 – Bug fixes and what's new for the OMS agent for Linux

Azure Automation

As for Azure Automation have been announced, currently in preview, exciting new features:

  • Update management: it allows you to have visibility on the updates compliance for both Windows and Linux systems, regardless of their location (Azure, on-premises or others cloud). It also allows you to schedule the deployment to install the updates within a specific maintenance window. Among the features offered is the ability to exclude specific updates from the deployment and retrieve logs for the deployment useful for troubleshooting.
  • Inventory: it allows you to retrieve inventory information about the installed applications within systems. All this can easily be accessed directly from the portal Azure.
  • Track changes: useful for monitoring changes made to systems for services, daemons, software, registry and files. This feature can be very useful to diagnose specific problems and to enable alerts against unexpected changes.

Figure 4 – New features in preview of Azure Automation

For further details please consult the specific article What's New in Azure Automation: Inventory, Change Tracking and Update Management.

Azure Automation also introduces the ability to implement runbook written in Python 2 and adds support for the role Hybrid Runbook Worker under Linux. These features are currently in public preview.

System Center

TheUpdate Rollup 4 for Microsoft System Center 2016 has been released.

These are the System Center products affected by the update that resolves several issues and introduces some improvements:

The Update rollup 4 introduces support for the security protocol TLS 1.2 for all encrypted communications. Earlier versions of TLS and SSL encryption mechanisms are not considered with a high level of security, for this reason Microsoft has decided to introduce for the following System Center products official support for the security protocol TLS 1.2:

  • System Center Operations Manager (SCOM)
  • System Center Virtual Machine Manager (SCVMM)
  • System Center Data Protection Manager (SCDPM)
  • System Center Orchestrator (SCO)
  • Service Management Automation (SMA)
  • Service Provider Foundation (SPF)
  • System Center Service Manager (SM)

Enabling TLS 1.2 requires that you follow the following macro step:

  1. Install security updates for Windows Server, .NET 4.6 and SQL Server.
  2. Install the Update Rollup 4 of System Center 2016 on the different components. Regarding Service Management Automation (SMA) and Service Provider Foundation (SPF) you still need to apply the latest Update Rollup available. In addition to SMA you need to update its Management Pack.
  3. Change the settings to enable TLS 1.2 in the Windows environment on all System Center components.
  4. Adapt the System Center component-specific settings that require it (SCOM, SCDPM and SCO).

For more details you can follow the specific deployment guide.

System Center Configuration Manager

Released version 1709 for the branch Technical Preview of System Center Configuration Manager: Update 1709 for Configuration Manager Technical Preview Branch – Available Now!

The new features in this update are:

  • Co-management: solution that allows the management of devices using either System Center Configuration Manager and Microsoft Intune. Thanks to Windows 10 Fall Creators Update there is the opportunity to join the device both to the Active Directory domain (AD) on-premises and to Azure AD in the cloud. This expands the possibilities for management of devices using the Configuration Manager client and the MDM agent of Intune.

Figure 5 – Co-Management from the SCCM console

  • Improvement regarding the use of SCCM connected to Intune for the management of the mobile devices with regard to the settings of VPN profiles. With this update, in fact while creating a new VPN profile shows only the appropriate settings for the platform that you intend to configure. More details about you can retrieve them in this article.

Also released version 1710 always for the branch Technical Preview of System Center Configuration Manager. The many innovations introduced with this update are available in the announcement Update 1710 for Configuration Manager Technical Preview Branch – Available Now!.

I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

System Center Operations Manager

In the table below the news about SCOM Management Pack 2016:

The changes introduced by these new MPs can be found in the article DHCP 2016 and 2012 R2 Management Pack release.

System Center Orchestrator

Released the latest version of’Integration Pack for System Center 2016.

To test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

OMS and System Center: What's New in August 2017

This article summarizes the main new features and includes upgrades, concerning Operations Management Suite (OMS) and System Center, that were announced during the month of August.

Operations Management Suite (OMS)

Log Analytics

  • For Log Analytics was published what may be called the most significant upgrade from the date of issue. Among the main changes introduced by this update there is a new powerful query language, the introduction of the new Advanced Analytics portal and greater integration with Power BI. For more details, I invite you to consult the specific article Log Analytics: a major update evolves the solution.

Figure 1 – Upgrade of Log Analytics

Agent

  • The agent who for Linux systems is constantly evolving and we released a new version that has fixed some bugs and improved error handling during onboarding of agent for easier troubleshooting: OMS Agent for Linux GA v 1.4.0-45

Figure 2 – Bug fixes and what's new for the OMS agent for Linux

Solutions

  • The OMS solution Network Performance Monitor has been improved and enhanced with the following new features:
    • The diagnostic agent: the solution now provides the ability to monitor in a specific view the health status of various agents deployed on the network and in case of problems NPM reports useful diagnostic information for troubleshooting.
    • Hop-by-hop latency breakdown: the topology map of the network has been enriched with details of timings found between two specific points.
    • Availability on the Azure Portal: as well as continuing to be available from OMS can be added from the Marketplace Azure and used directly by the Azure Portal.
    • Presence in additional region of Azure: the solution is now also available for the region Azure West Central US.

For more details see the announcement Improvements to the who Network Performance Monitor.

  • The emerging technology is becoming more widespread and monitor containers Docker becomes an essential component. For this reason the OMS team announced the availability of the new solution Container Monitoring that allows you to:
    • Display in a unique location information for all hosts container.
    • Learn which containers are running, where I am and with which image.
    • See audit information concerning action taken on container.
    • View and search logs for troubleshooting without needing access to hosts Docker.
    • Locate the containers that are consuming an excessive amount of resources on the host.
    • Display performance information centrally about the container about CPU usage, of memory, storage and network.

Figure 3 – Synthesis pathway of solution Container Monitoring

Full details on the solution Container Monitoring you can consult them in the document Container Monitoring solution in Log Analytics.

  • Released in preview the new solution for the monitoring of Azure Logic Apps. The solution displays various information about the status of logic app and then drill down to see details useful for troubleshooting. All aspects of this solution you can consult them in Microsoft's official documentation.

Security and Audit

  • The baseline assessment of OMS Security is enhanced with functionality Web security baseline assessment that was announced in public preview and lets you scan the web server with Internet Information Services (IIS) to check for security vulnerabilities and provides useful recommendations regarding the correct environment setup. The document Baseline Assessment in Operations Management Suite Web Security and Audit Solution shows additional information about.

Figure 4 – Assessment dashboard of Web security baseline

 

System Center

System Center Configuration Manager

  • Last month it was released version 1706 for the Current Branch (CB) System Center Configuration Manager as described in the article OMS and System Center: What's New in July 2017. In date 8 August was released a package update to correct some errors that were encountered during the first deployment, but this package introduced problems therefore on 11 August has been replaced with a new version. For those who have updated SCCM to version 1706 between August 8 and August 11 you need to install an additional update as documented in Microsoft knowledge base article Update for System Center Configuration Manager version 1706, first wave. This update can be installed by accessing the node "Updates and Servicing" of the SCCM console. A further update will be released in the coming week to who made the SCCM update to version 1706 prior to August 8.
  • Released version 1708 for the branch Technical Preview of System Center Configuration Manager: Update 1708 for Configuration Manager Technical Preview Branch – Available Now!. I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

System Center Operations Manager

Following the news about the SCOM Management Pack 2016:

  • Advanced Threat Analytics 1.7 Management Pack version 1.7.1.1.
  • Service Map Management Pack in public preview: Thanks to this new MP you can integrate maps are created dynamically by the OMS Service solution Map with diagrams of the Distributed Application in Operations Manager to ensure that the latter are dynamically generated and maintained.

For more information I invite you to consult related documentation available online.

Figure 5 – Integration of the Service Map of who and the SCOM Distributed App

  • Available a hotfix to solve some problems related to the WMI monitor health.