Preparing SCOM for cross platform monitoring

10:18 pm in Uncategorized by Dieter Wijckmans

Today at a customer I came across a problem with cross platform monitoring.

They had several Linux servers running with RedHat distro. They installed the Linux monitoring pack for cross platform monitoring their Linux environment.

They installed all the agents on the Linux servers but did not configure the proper action accounts to perform the discovery and monitoring.

To give my client some documentation how to perform these actions I came across this article on the Microsoft website.

http://technet.microsoft.com/en-us/library/dd788981.aspx

The instructions however are outdated with SCOM 2007 R2 so I’ll document them below.

First things first.

If you notice these events in the Operations Manager Eventlog:

Event Type: Error
Event Source: HealthService
Event Category: Health Service
Event ID: 1107
Date: 11/24/2008
Time: 2:18:03 PM
User: N/A
Computer: RMS_SERVER
Description:
Account for RunAs profile in workflow “Microsoft.Linux.RedHat.Computer.Discovery”, running for instance “Linux_server_name” with id”{384D2415-A49D-4002-768B-51D8D2EDBDD*}’ is not defined. Workflow will not be loaded. Please associate an account with the profile. Management group “group_name”

This most likely will indicate an issue with the run as accounts to connect to your Linux environment.

Following the article above at some point it’s outdated so here’s the proper way with some more clear instructions and some extra info I’ve learned in the field while configuring it for my customer.

Outlined steps:

  1. Open the Operations console with an account that is a member of the Operations Manager 2007 R2 Administrators profile.

  2. Select the Administration view.

  3. In the navigation pane under Run As Configuration, select Profiles.scom1

  4. In the results pane, double-click the UNIX Action Account, or UNIX Privileged Account. You need to create both.

  5. Click next on the first page. This is the overview page. Nothing can be changed here.

  6. scom2

  7. Click Add to create the action account which we are going to link to the UNIX Action Account.scom3
  8. In the next screen you need to select which user you are going to use as an action account on the Unix / Linux system. This screen consists out of 2 portions. The upper portion which is used to define the user and the bottom portion which will be defining the target.  scom4

  9. Select the Run As account by selecting the drop down list or create a new one. In this case we’ll create a new one. Click new…

  10. Click next on the welcome screen to proceed in creating the account:scom5

  11. The next screen you need to fill in the type of the account and the desired display name in SCOM. In this case we’re going to use the basic authentication type and we’ll name the user “UNIX Action Account” as shown below:scom6

  12. Click next and in the next screen fill in the credentials which have access to the Unix / Linux machine. In this example I’ve used the Root account. This can be any account with the proper access rights on your Unix / Linux server.scom7

  13. Click Next. The next thing you need to select is whether you want to manually select the targets where this action account will be targeted against or if you want to target it to all computers (which is less secure because all the admins on those machines can see the username and password). In this example we’ll choose the more secure way. scom8

  14. Click Create and on the following screen click close. It’s actually telling you that this first step is not enough but you have to associate it to a profile which will be done in the following step. Click Close.scom9

  15. Now we’re back at our 2 portioned screen. The top portion is filled in with the newly created user. So the next step will be to target it.scom10

  16. Select the “A Selected class, Group or object field and click the select button. A little selection list will pop up. In this example we chose to target the action account to a class…scom12

  17. The class selected for this example is Unix Computer. You have to see what’s manageable for your environment. Another approach is to target the run as account to Linux Computer group or specific Linux Objects.scom13

  18. Click OK. Now you’re back at the 2 portioned screen with the 2 sections filled in. Hit OK at this point. scom14

  19. Click save on the next screen.scom15

  20. Because we’ve chosen to manually select the computers we want to target the newly created action account the following screen will appear to do so.scom16

  21. Click on the User Action Account hyperlink to go to the settings page of the User Action Account. scom17

  22. In this example I’ve added the VSERVER07 to the list and clicked ok.

Normally now all your Linux servers should become discovered and the 1107 events should disappear. In the environment I had to manually close the events on the RMS queue and it also came back to a healthy state.

It’s probably a good thing to create a notification of these 1107 events to make sure you don’t miss any of these alerts as they are easy to miss but have a great impact on the monitoring of the Linux servers as they are not monitored when these events come up.

You need to repeat all the steps to create also a UNIX Privileged user to perform tasks which need more elevated rights.

After this the Linux servers status went from unmonitored to monitored and all the components were detected successfully.