SCOM: Automatically enable AgentProxying

May 10, 2013 at 2:31 pm in Uncategorized by Dieter Wijckmans

 

When setting up a new SCOM environment with a lot of Clusters, exchange, DC’s involved the alerts that Agent Proxying is not enabled will quickly pop up. This is in fact one of the most common alerts you get when starting to roll out agents and management packs.

What is this Agent proxying?

This setting is set on agent level and grants the agent to forward data to the management server on behalf of another entity. This basically means that the agent can send info from another entity. Common scenarios are in fact a DC on behalf of the domain or a cluster which can send info about the cluster resources.

In various management pack guides the agent proxy setting is documented as obligatory to be able to do the initial discovery (cluster management pack) so If you did not read the guide and forgot to set this setting the discovery will just not work.

In fact this setting is disabled by default disabled. SCOM will check when data is sent by an agent which is not originated by it’s own entity and will alert you about this happening. But that’s it. No further action is taken.

You can manage this manually by browsing to the Administration pane => agent managed and open the properties of the agent and check the “allow this agent to act as a proxy and discover managed objects on other computers” tick box.

But this can be a hassle especially in a new management group.

There are various scripts out there to enable the agentproxying option on all agents. This however could pose a security risk if malicious data comes into your management group and floods your management server.

Therefore I’m pro for a more selective approach

So this is my short solution to automate this process.

My approach

First take a look at the alert. One of the most common misunderstandings is in fact that it’s not the alert source which need to have the agent proxying option enabled (in this case VSERVER03) but the server in the Alert description (in this case VSERVER001).

SNAG-0052

This alert is generated by the operations management packs which are installed by default so no tweaking required here.

My solution to automate this process it to use a PowerShell script in combination with a notification channel to react on the alert shown above.

The PowerShell script:

#=====================================================================================================
# AUTHOR:    Dieter Wijckmans
# DATE:        10/05/2013
# Name:        set_proxy_enabled.PS1
# Version:    1.0
# COMMENT:    Automatically activate agent proxy through notification channel
#
# Usage:    .\set_proxy_enabled.ps1
#
#=====================================================================================================

Param ([String]$sAlertID)

###Prepare environment for run###

##Read out the Management server name
$inputScomMS = $env:computername

#Initializing the Ops Mgr 2012 Powershell provider#
Import-Module -Name “OperationsManager”
New-SCManagementGroupConnection -ComputerName $inputScomMS

#Get the alert details
$oAlert = Get-SCOMAlert | where { $_.Id -eq $sAlertID}
$AlertID
$oAlert.ID

$oalert.customfield1 = “agent proxy enabled”
$oalert.update(“”)

#Get the FQDN name of the agent to set the proxy for

$input = ($oAlert.Description).ToString()
$outputtemp = $input.Split(‘()’)[1]
$agentname = $outputtemp.Trim()

#Set the Agent proxy setting
‘”‘ + $agentname + ‘”‘ | Get-SCOMAgent | Enable-SCOMAgentProxy –Passthru

exit

 

download the script here:

170765de573f1

In a nutshell the following steps will be performed:

  • Read in the parameters from the subscription
  • preparing the environment
  • Reading the alert
  • Finding the server name
  • Setting the Agent proxy setting.

Note I’m also updating customfield1 here to make sure the script ran correctly.

So on to the configuration of our notification:

Navigate to Administration => Notifications => channels

Right click and choose new notification channel:

SNAG-0053

Name your command notification channel:

SNAG-0054

Fill in the following (update with your respective paths of course):

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

“c:\scripts\set_proxy_enabled.ps1″ ‘$Data/Context/DataItem/AlertId$’

C:\Windows\System32\WindowsPowerShell\v1.0

SNAG-0055

Move on to the Subscribers:

 

SNAG-0056

Click add

SNAG-0058

Fill in a name:

SNAG-0059

Configure the subscriber with the channel we just created:

SNAG-0060

Click Finish twice.

SNAG-0061

Set up the subscription:

Create a new subscription:

SNAG-0062

Choose the criteria. In this case we want to trigger this subscription when the Agent proxy not enabled rule logs an alert.

SNAG-0063

Select the addresses (I choose to send a mail to myself as well as backup option)

SNAG-0064

Select the channels

 

SNAG-0065

 

And save

SNAG-0066

Now wait for an alert and check the alert details for our update of custom field 1 and check whether the tick box is enabled at this point.

If you have any question make sure to drop me a line in the comments or ask your question via twitter (better monitored than the comments).

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditShare on LinkedIn