The SQL Server Management Pack automatically installs two Run As Profiles: the SQL Server Discovery Account and the SQL Server Monitoring Account. Unless you specify accounts for these two profiles, the Management Pack will use the Default Action Account.

Low-Privilege Environments
To configure your system to restrict access to SQL Server functions, you change Run As Profiles to use low-privilege accounts. This action restricts the level of access that the Management Pack and Operations Manager 2007 operators have on monitored computers running SQL Server. Conversely, if the default action account is too restricted to discover and monitor SQL Server, you can change Run As Profiles to use accounts with elevated privileges.
The minimum required permissions for monitoring objects are DBO privileges.
The minimum requirements for discovery are described in the following table.


Read more!

Discovery Target	Description
Database Engine, Reporting Services, Analysis Services	The Run As Account must be able to do the following:  Read registry keys under HKLM\SoftwareMicrosoft\MicrosoftSQLServer  Connect to and read from WMI Namespace root/cimv2  Connect to and read from WMI Namespace/root/Microsoft/SqlServer
Agents	The Run As Account must be able to do the following: Connect to and read from WMI Namespace/root/cimv2
Databases	The Run As Account must be able to do the following:  Have connect right to all databases in the instance (sp_helpdb"dbname")  Select from sys.databases table
File and FileGroup	The Run As Account must be able to do the following: Have connect right to all databases in the instance (sp_helpdb"dbname")
Jobs	The Run As Account must be able to do the following:  Run sp_help_job in the msdb database
Replication components	The Run As Account must be able to do the following:  Run the following stored procedures.  sp_get_distributor  sp_helpdistributorsp_distpublisher  Select from the sys.databases table
Replication publications and subscriptions	The Run As Account must be able to do the following:  Run sp_helppullsubscription (Requires sysadmin or db_owner role)  Run sp_helppublication

How to Configure Clients for Client Monitoring in Operations Manager 2007

This topic provides the procedure to configure clients for the Client Monitoring feature of Operations Manager 2007.
Important
You must first configure a Management Server for the server component of Client Monitoring by running the Client Monitoring Configuration Wizard. For more information, see How to Configure a Management Server for Client Monitoring in Operations Manager 2007.
To configure clients for Client Monitoring in Operations Manager 2007
Run the Group Policy Object Editor (gpedit.msc) for the domain or local computer.
Note
For information about Group Policy, see http://go.microsoft.com/fwlink/?LinkId=70168.
If needed, enable the Turn off Windows Error Reporting policy. This policy can be found in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings.
Add the Agentless Exception Monitoring (AEM) Group Policy administrative template (.ADM) to the domain or local computer policy. The ADM file is created when the Client Monitoring Configuration Wizard is run.
Note
Use the same procedure to Disable the Group Policy settings, thereby disabling Client Monitoring on the clients.

System Center Operations Manager Firewall Requirements

The following table describes the necessary firewall requirements for the Root/Management Server, Agent, Operations Console and Web Console components:

Root/Management Server <== Port 1433 ==> Operations Manager Database

Management Server <== Port 5723 ==> Root Management Server

Agent <== Port 5723 ==> Management Server

Operations Console <== Port 5724 ==> Root Management Server

Web Browser <== Port 51908 ==> Web Console Server

Schedule a machine into maintenance mode

The following code can be used to schedule a machine into maintenance mode.
Note: Machines cannot be scheduled into maintenance mode in the future so for example, adding a machine into maintenance mode at 10pm, the script should launch at 9:55pm and the maintenance mode should be scheduled to start at 9:50pm (in the past).

$computer = Get-Agent where {$_.Name -like ‘computer*’} $computer.HostComputer New-MaintenanceWindow -StartTime: ‘5/22/2007 00:30’ -EndTime: ‘5/22/2007 12:30’ -Comment: "Install security patch"

Schedule a powershell script

I was recently working on a project (SCOM 2007) where I needed to schedule a Windows Powershell script to run. After some searching, I came across a following steps.


Here is how you can schedule a Windows Powershell Script:
The first thing you need to do is make sure that Powershell is set to execute Powershell scripts,
instead of only allowing interactive commands to be run in the Powershell environment.

Type the following at the Powershell command prompt:

set-executionpolicy RemoteSigned

This will allow the system to run Powershell scripts that are created locally (Remote Powershell scripts that may be downloaded must be signed).
Once this is done, you can create your Powershell script using notepad. Just make sure you name the file with an extension of .ps1 .
Now to run the script outside of its Powershell environment you type a command similar to the following:

powershell -command "& 'MyScript.ps1' "

Just put the above command into a .bat or .cmd file and schedule it like you would normally schedule a script to be run with Windows task scheduler.
Happy coding!

SCOM 2007 Minimum Network Bandwith Requirements

• Root\Management Server << == 64 Kbps ==> Agent
• Root\Management Server << == 256 Kbps ==> Database
• Root Management Server << == 768 Kbps ==> Console
• Root\Management Server << == 768 Kbps ==> Data Warehouse
• Reporting DW Reporting << == 1024 Kbps ==> Server
• Root Management Server << == 256 Kbps ==> Reporting Server
• Root\Management Server << == 1024 Kbps ==> Agentless

SCOM 2007 (Installation Tips & Tricks)

In Progress ....

Active Directory Domain Services integration will not work if local machine group is used as the Operations Manager 2007 Administrators group