01 Mart 2009 Pazar
29 Ocak 2008 Salı
The SQL Server Management Pack automatically installs two Run As Profiles: the SQL Server Discovery Account and the SQL Server Monitoring Account. Unless you specify accounts for these two profiles, the Management Pack will use the Default Action Account.
Low-Privilege Environments
To configure your system to restrict access to SQL Server functions, you change Run As Profiles to use low-privilege accounts. This action restricts the level of access that the Management Pack and Operations Manager 2007 operators have on monitored computers running SQL Server. Conversely, if the default action account is too restricted to discover and monitor SQL Server, you can change Run As Profiles to use accounts with elevated privileges.
The minimum required permissions for monitoring objects are DBO privileges.
The minimum requirements for discovery are described in the following table.
Read more!
Low-Privilege Environments
To configure your system to restrict access to SQL Server functions, you change Run As Profiles to use low-privilege accounts. This action restricts the level of access that the Management Pack and Operations Manager 2007 operators have on monitored computers running SQL Server. Conversely, if the default action account is too restricted to discover and monitor SQL Server, you can change Run As Profiles to use accounts with elevated privileges.
The minimum required permissions for monitoring objects are DBO privileges.
The minimum requirements for discovery are described in the following table.
Read more!
Discovery Target | Description |
Database Engine, Reporting Services, Analysis Services | The Run As Account must be able to do the following: Read registry keys under HKLM\SoftwareMicrosoft\MicrosoftSQLServer Connect to and read from WMI Namespace root/cimv2 Connect to and read from WMI Namespace/root/Microsoft/SqlServer |
Agents | The Run As Account must be able to do the following: Connect to and read from WMI Namespace/root/cimv2 |
Databases | The Run As Account must be able to do the following: Have connect right to all databases in the instance (sp_helpdb"dbname") Select from sys.databases table |
File and FileGroup | The Run As Account must be able to do the following: Have connect right to all databases in the instance (sp_helpdb"dbname") |
Jobs | The Run As Account must be able to do the following: Run sp_help_job in the msdb database |
Replication components | The Run As Account must be able to do the following: Run the following stored procedures. sp_get_distributor sp_helpdistributorsp_distpublisher Select from the sys.databases table |
Replication publications and subscriptions | The Run As Account must be able to do the following: Run sp_helppullsubscription (Requires sysadmin or db_owner role) Run sp_helppublication |
How to Configure Clients for Client Monitoring in Operations Manager 2007
This topic provides the procedure to configure clients for the Client Monitoring feature of Operations Manager 2007.
Important
You must first configure a Management Server for the server component of Client Monitoring by running the Client Monitoring Configuration Wizard. For more information, see How to Configure a Management Server for Client Monitoring in Operations Manager 2007.
To configure clients for Client Monitoring in Operations Manager 2007
Run the Group Policy Object Editor (gpedit.msc) for the domain or local computer.
Note
For information about Group Policy, see http://go.microsoft.com/fwlink/?LinkId=70168.
If needed, enable the Turn off Windows Error Reporting policy. This policy can be found in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings.
Add the Agentless Exception Monitoring (AEM) Group Policy administrative template (.ADM) to the domain or local computer policy. The ADM file is created when the Client Monitoring Configuration Wizard is run.
Note
Use the same procedure to Disable the Group Policy settings, thereby disabling Client Monitoring on the clients.
Important
You must first configure a Management Server for the server component of Client Monitoring by running the Client Monitoring Configuration Wizard. For more information, see How to Configure a Management Server for Client Monitoring in Operations Manager 2007.
To configure clients for Client Monitoring in Operations Manager 2007
Run the Group Policy Object Editor (gpedit.msc) for the domain or local computer.
Note
For information about Group Policy, see http://go.microsoft.com/fwlink/?LinkId=70168.
If needed, enable the Turn off Windows Error Reporting policy. This policy can be found in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings.
Add the Agentless Exception Monitoring (AEM) Group Policy administrative template (
Note
Use the same procedure to Disable the Group Policy settings, thereby disabling Client Monitoring on the clients.
System Center Operations Manager Firewall Requirements
The following table describes the necessary firewall requirements for the Root/Management Server, Agent, Operations Console and Web Console components:
Root/Management Server <== Port 1433 ==> Operations Manager Database
Management Server <== Port 5723 ==> Root Management Server
Agent <== Port 5723 ==> Management Server
Operations Console <== Port 5724 ==> Root Management Server
Web Browser <== Port 51908 ==> Web Console Server
Root/Management Server <== Port 1433 ==> Operations Manager Database
Management Server <== Port 5723 ==> Root Management Server
Agent <== Port 5723 ==> Management Server
Operations Console <== Port 5724 ==> Root Management Server
Web Browser <== Port 51908 ==> Web Console Server
03 Ocak 2008 Perşembe
Schedule a machine into maintenance mode
The following code can be used to schedule a machine into maintenance mode.
Note: Machines cannot be scheduled into maintenance mode in the future so for example, adding a machine into maintenance mode at 10pm, the script should launch at 9:55pm and the maintenance mode should be scheduled to start at 9:50pm (in the past).
$computer = Get-Agent where {$_.Name -like ‘computer*’} $computer.HostComputer New-MaintenanceWindow -StartTime: ‘5/22/2007 00:30’ -EndTime: ‘5/22/2007 12:30’ -Comment: "Install security patch"
Note: Machines cannot be scheduled into maintenance mode in the future so for example, adding a machine into maintenance mode at 10pm, the script should launch at 9:55pm and the maintenance mode should be scheduled to start at 9:50pm (in the past).
$computer = Get-Agent where {$_.Name -like ‘computer*’} $computer.HostComputer New-MaintenanceWindow -StartTime: ‘5/22/2007 00:30’ -EndTime: ‘5/22/2007 12:30’ -Comment: "Install security patch"
Schedule a powershell script
I was recently working on a project (SCOM 2007) where I needed to schedule a Windows Powershell script to run. After some searching, I came across a following steps.
Here is how you can schedule a Windows Powershell Script:
The first thing you need to do is make sure that Powershell is set to execute Powershell scripts,
instead of only allowing interactive commands to be run in the Powershell environment.
Type the following at the Powershell command prompt:
set-executionpolicy RemoteSigned
This will allow the system to run Powershell scripts that are created locally (Remote Powershell scripts that may be downloaded must be signed).
Once this is done, you can create your Powershell script using notepad. Just make sure you name the file with an extension of .ps1 .
Now to run the script outside of its Powershell environment you type a command similar to the following:
powershell -command "& 'MyScript.ps1' "
Just put the above command into a .bat or .cmd file and schedule it like you would normally schedule a script to be run with Windows task scheduler.
Happy coding!
Here is how you can schedule a Windows Powershell Script:
The first thing you need to do is make sure that Powershell is set to execute Powershell scripts,
instead of only allowing interactive commands to be run in the Powershell environment.
Type the following at the Powershell command prompt:
set-executionpolicy RemoteSigned
This will allow the system to run Powershell scripts that are created locally (Remote Powershell scripts that may be downloaded must be signed).
Once this is done, you can create your Powershell script using notepad. Just make sure you name the file with an extension of .ps1 .
Now to run the script outside of its Powershell environment you type a command similar to the following:
powershell -command "& 'MyScript.ps1' "
Just put the above command into a .bat or .cmd file and schedule it like you would normally schedule a script to be run with Windows task scheduler.
Happy coding!
SCOM 2007 Minimum Network Bandwith Requirements
- Root\Management Server << == 64 Kbps ==> Agent
- Root\Management Server << == 256 Kbps ==> Database
- Root Management Server << == 768 Kbps ==> Console
- Root\Management Server << == 768 Kbps ==> Data Warehouse
- Reporting DW Reporting << == 1024 Kbps ==> Server
- Root Management Server << == 256 Kbps ==> Reporting Server
- Root\Management Server << == 1024 Kbps ==> Agentless
Kaydol:
Kayıtlar (Atom)
