You are browsing the archive for Orchestrator.

Orchestrator Web Console 2012 R2: HTTP Error 404.17 – Not Found

2:51 pm in Orchestrator by Christopher Keyaert

Hi everyone,

I just installed a brand new Orchestrator 2012 R2 preview on a dedicated console and when I tried to launch the Web Console or to connect to the Web Service, I had the following error message :

HTTP Error 404.17 – Not Found. “The requested content appears to be script and will not be served by the static file handler.”

In fact, it’s due to missing roles/features on the server which is hosting Orchestrator installation.

Go to Add Roles and Features, and select ASP.NET 4.5 in Server Roles.


In Features, under .Net Framework 4.5 Features > WCF Services, select HTTP Activation.

When done, I’m not able to lunch the Orchestrator Web Console

And also connect Service Manager 2012 R2 to Orchestrator 2012 R2 Web Service.


I hope this help 😉


System Center Orchestrator 2012 R2 Preview: Installation Step by Step

9:50 am in Orchestrator by Christopher Keyaert

Hi all,

As you read in my previous blog post, Microsoft released the preview bits of System Center 2012 R2 and Windows Server 2012 R2 on MSDN/TechNet.


As I want to focus on Orchestrator 2012 R2 installation itself and not on Windows Server 2012 R2, I will install Orchestrator 2012 R2 on a regular Windows Server 2012 (not R2).
Prerequisites for the installation of Orchestrator :

  • Windows Server 2012 server
  • .Net 3.5 SP1 features
  • A service account which is local administrator of the server



Let’s go with a step by step installation overview of Orchestrator 2012 R2 preview.

Double click on the mu_system_center_2012_r2_preview_orchestrator_x86_x64_2363715.exe file.
The Wizard is saying than the installation will start, in fact, it’s not really the installation, it’s just the extract of the files.
Click on Next to continue.

Specify the folder where you want to extract the bits. This is not the installation folder.
Browse the folder and click on Next.

Verify the information and click on Install.

Extract of the files in progress.

All the files have been extracted, click on finish.

Go to the folder that you specified earlier and double click on SetupOrchestrator.exe

Click on install.

If you didn’t install .Net 3.5 SP1, you will see the following error message.

Specify a Name and Organisation. No product key is required. Click in Next

Accept the license terms and click on Next.

Select all the features that you want to install on this machine and click on Next.

Prerequisites check is in progress.

Review the information, fix the problem and click on Next.

Orchestrator will automatically install and configure IIS role for the Orchestration Console, click on Next.

Configuration of the IIS role in progress.

All prerequisites are installed, click on Next.

Configure the service account that Orchestrator 2012 R2 will use.

Configuration the SQL instance for your installation.

Specify the DB Name.

Select which group (AD or local) will be have access to Orchestrator 2012 R2.

Specify the port used by the Web Console and Web Service.

Browse to the installation folder.

Select the most appropriate option for your environment.

Select the most appropriate option for your environment.

Review all the information and click in Install.

Installation of all the Orchestrator 2012 R2 features in progress.

Installation completed successfully.

Let’s start the Orchestrator 2012 R2 Runbook Designer for the first time

The deployment Manager

The Orchestrator Console



If you already installed Orchestrator 2012, you have noticed that the setup process of Orchestrator 2012 R2 is identical.
I will soon write a new post about what’s new in Microsoft System Center Orchestrator 2012 R2.



Orchestrator 2012: Runbook server in an untrusted AD Domain

3:46 pm in Orchestrator by Christopher Keyaert

Dear All,

In this post, I’ll explain you how to install an Orchestrator 2012 runbook server in an untrusted Active Directory domain.
Installing a runbook server in an untrusted AD domain is required when your integration pack or workflow activities are not able to manage several Active Directory domain/credentials and are using only the Orchestrator Service Account to run.

With this new runbook server installed, you will be able to start runbooks from your Runbook management server located in your primary domain and execute it directly on the runbook server hosted in the untrusted domain. You just need to ensure that the service account which is used by the runbook server in the untrusted domain has the necessary rights to execute the required actions in that untrusted active directory domain.

Let’s go for this implement J



I will define two “key words” that I’ll use for the rest of this post:

  • Primary domain: Active Directory domain where you have your Orchestrator 2012 infrastructure installed.
  • Untrusted domain: Active Directory domain that doesn’t have any AD trust with your Primary domain.


  • An Orchestrator 2012 infrastructure installed in your primary domain.
  • A fresh new installed server in the untrusted domain on which we will install the runbook server role.

Service Accounts

  • In your primary domain, on your SQL server, Orchestrator 2012 SQL Instance, you have to create a SQL User Account that is DB_Owner of the Orchestrator database.
  • Ensure the SQL is in mixed mode and allows connection from AD and SQL accounts.
  • In the untrusted domain, you have to create a service account that is identical (Same SamAccoutName and Password) to the Orchestrator service account that is currently used by the Orchestrator 2012 infrastructure in you primary domain. If the service account used in your primary domain is SA_Orchestrator with the password: P@$$w0rd you have to create the service account SA_Orchestrator with the same password in the untrusted domain. This account must be local admin of the server on which you will install the Orchestrator Runbook server role.



Logon the fresh new installed server in the untrusted domain and start the Orchestrator installer.

In the Standalone installation part, click on Runbook server.

Accept the licence terms and click on Next >.

Prerequisites check in progress

Specify the service account that you previously created in the non-trusted domain which is identical to the account used in the primary domain.

Click on Test.

Click on Next >.

Specify the SQL Instance (by using the IP address or the FQN if you have a DNS resolution between your AD domain) of the Orchestrator DB which is located in the primary domain.

Specify the SQL user account that you created in the prerequisite part.

Click on Test Database Connection.

Click on Next >.

Select the existing Orchestrator Database and click on Next >.

Specify the installation folder and click on Next >.

Select No, I am not willing to participate and click on Next >.

Review the information and click on Install.

Installation in process.

Installation completed

Click on Close.

You could confirmation that the installation succeeded by starting the System Center 2012 Orchestrator Deployment Manager in your primary domain.

In the Runbook Servers part, you will see the runbook server that you just installed in the untrusted domain.


Integration pack installation


Integration pack installation on a runbook server which is in an untrusted domain must be done domain manually.

For that, go to your Orchestrator Manager Server which is installed in your primary domain, copy the IPs that you want to install on your new runbook server in the untrusted domain.

The integration packs are location in the following folder:

C:\Program Files (x86)\Common Files\Microsoft System Center 2012\Orchestrator\Management Server\Components\Objects

One the IPs copied on the new runbook server, just double click on the file to install.

Ip Installation in progress.

Check in the Add/Remove programs if the IP is well installed.


You have new an Ochestrator Runbook server that is installed in another active directory domain that your Orchestrator Management server.
I hope that this post is helpful for your and fell free to post your comments 😉




Orchestrator 2012 : Monitor SNMP Trap activity affected by trap content

11:07 am in Orchestrator by Christopher Keyaert


During a migration project from Opalis 6.3 to Orchestrator 2012, I had to migrate a runbook that was using the Monitor SNMP Trap activity. The idea of this runbook is to receive a trap that is composed of two OIDs, first one contains the target name and the second one contains the description and to raise an alert in Operations Manager (SCOM) based on there values.



In Opalis, as I explained here : this configuration is working. Now, it’s time to migrate it ! As this is a quite simple runbook, I just did a runbook export in Opalis, an import in Orchestrator and started the runbook.

To test the good working of my newly imported runbook, I sent several SNMP traps to my orchestrator server. I noticed that the Monitor SNMP Trap activity catch the trap, published the result correctly, but when I checked the content of the trap, the result was really not what I was expecting. Let’s me explain what I did in detail.

I used the command line application SNMPTrapGen ( ) , to send a SNMP trap to the Orchestrator server. Below the content of my SNMP Trap :

As my trap contained the string ‘azerty’, I was expecting to receive the same value from the Monitor SNMP Trap activity in Orchestrator, but I received the following value :

I did several tests and every time that I sent a SNMP Trap that was containing a string to Orchestrator, the Monitor SNMP Trap activity published a suite of numbers, which was really not the contain that I was expecting. I also did a network capture on the Orchestrator to check if the trap content was correct and yes, it was.

As it was not working when I sent a string value, I tried to sent an integer value to Orchestrator :

and there, Orchestrator returned the right value.

After all my tests, I observed that the Monitor SNMP Trap activity always returned a suite of number when the SNMP trap was containing a string value. In that project, It’s what I need to do, I have to pass a string value to this activity. As this was working perfectly with Opalis and not anymore with Orchestrator, I continued my investigation and I focused on the Monitor SNMP Trap activity itself.

By default, this activity  use the Microsoft SNMP Trap Services :


I decided to choose the “No dependency’” connection. For that configuration, the first step is to stop and disable the SNMP Trap service on the Orchestrator server.


I changed the connection setting of the Monitor SNMP Trap activity and I started my runbook again.


I sent a new trap, which was containing a string value, to my Orchestrator with the SNMPTrapGen command line..

And this time, when I checked the value returned by the Monitor SNMP Trap activity, it was correct Smile

Yes, We have a solution to get this working ! I don’t know exactly why this was working correctly with the Microsoft SNMP Trap Service in Opalis 6.3 and not anymore with the same service in Orchestrator 2012. If you have me more information about it, please contact me.

As I changed the Monitor SNMP Trap activity connection to No Dependency, we are now limiting to run only one instance of the Monitor SNMP Trap activity on this Orchestrator server (on the same port),  which was not the case by using the Microsoft SNMP Trap Service connection. By changing the connection type, this activity is taking the control on the defined port and it seems logical that it cannot be shared with another activity.

Now that I can only use one Monitor SNMP Trap activity, what can I do if I need to receive SNMP Traps from several locations  ? Well, You will have to redesign your runbooks to get only one entry point for all the SNMP traps :


Configured the Monitor SNMP Trap activity to get and publish all the different OIDs that you will need .


On the link between the Monitor SNMP Trap and the Invoke Runbook activities, apply a filter based on the SNMP Trap sender IP address.


You have to define all the published OIDs value that you need to pass to your Invoke Runbook activity.


And finally pass these information to your original runbook by replacing the Monitor SNMP Trap activity with an Initialize Data activity .


I hope this post could help you to configure the SNMP Trap monitor with Orchestrator 2012.

Christopher Keyaert

Orchestrator 2012 : Kelverion IP – problem with the update activity

9:17 am in Orchestrator by Christopher Keyaert

Hi Guys,

I recently worked on a project for creating a connection between Operations Manager 2007 (SCOM) and BMC Remedy. As we have Orchestrator 2012 in place, we will use the Kelverion IP (

This integration pack use the BMC Remedy Web Service, it’s quite easy to configure. Everything was working as expected, excepted the Update Request activity.


The field was well updated in Remedy but the activity always returned with a failed status :


In fact, the response returned from the Set operation does not contain any fields.

The Kelverion Support Team haven’t seen this before as in Remedy v7.1, 7.5 & 7.6 there is always a field returned.  This appears to be a Remedy version 7.01 web service anomaly.

The solution is quite simple, in the configuration of the Set operations of the Remedy Web Service, just return a field. In our case, we configured the Remedy Web Service to return the Incident_Number. Don’t forget to delete your cache : Orchestrator 2012 / Kelverion IP : Remedy Web Service Reference Cache


And after that the Update activity from the Kelverion Integration Pack is now returning a Success Smile


I would like to thank Greg Charman from the Kelverion Support Team for his contribution.