Operations Manager Management Pack Guide for Operations Manager 2007 R2

Microsoft Corporation Published: November 2010

Feedback
Send suggestions and comments about this document to mpgfeed@microsoft.com. Please include the management pack guide name with your feedback.

Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted in examples herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2010 Microsoft Corporation. All rights reserved. Microsoft, and MS-DOS, Windows, Windows Server, and Active Directory are trademarks of the Microsoft group of companies. All other trademarks are property of their respective owners.

Revision History
Release Date Changes

April 2007 July 2007

Original release of this guide New topics in this release: Create a New Management Pack for Customizations

October 2007

New topics in this release: Monitors and Overrides for Management Packs

February 2008

Updated for release of Operations Manager 2007 Service Pack 1 (SP1). No changes to management pack or documentation. Updated for Operations Manager 2007 R2. Management pack guide updated to new format and new topics added. Added Changes in This Update. Added new Changes in This Update

May 2009

October 2009 February, 2010

Release Date

Changes

and retitled the previous list as Changes in Version 6.1.7533.0. Added details to the The health of the Health Service for agents and servers scenario in the Key Monitoring Scenarios topic. Added item to Troubleshooting. New topics in this release: June, 2010 Appendix: Reports Appendix: Operational Data Reports Management Pack

Added new Changes in This Update and retitled the previous list as Changes in Version 6.1.7599.0. Added Monitoring routine database maintenance to Key Monitoring Scenarios. Added Monitoring duplicate relationships between agents and management servers to Key Monitoring Scenarios. Added Agent Counts By Date, Management Group and Version to Appendix: Reports.

July, 2010

Added new Changes in This Update and retitled the previous list as Changes in Version 6.1. 7672.0. Added new Changes in This Update and retitled the previous content as Changes in July 2010 Release. Added topic Enable Recoveries to the Optional Configuration section. Added topic Manual Reset Monitors to the Optional Configuration section.

November, 2010

Contents
Operations Manager 2007 R2 Management Pack Guide...............................................................5 Introduction to the Operations Manager Management Pack Guide.............................................5 Changes in This Update...........................................................................................................6 Supported Configurations.......................................................................................................12 Getting Started..........................................................................................................................12 How to Import and Configure the Operations Manager Management Pack...........................12 Files in This Management Pack.............................................................................................16 Recommended Additional Management Packs......................................................................17 Optional Configuration...............................................................................................................17 Disable Performance Data.....................................................................................................18 Configure a Connected Management Group..........................................................................19 Enable Monitors for the Local Health Service.........................................................................20 Enable Recoveries.................................................................................................................22 Manual Reset Monitors..........................................................................................................22 Security Considerations.............................................................................................................23 Low-Privilege Environments...................................................................................................23 Computer Groups...................................................................................................................24 Understanding Management Pack Operations..........................................................................24 Objects the Management Pack Discovers..............................................................................24 How Health Rolls Up..............................................................................................................24 Key Monitoring Scenarios......................................................................................................25 Placing Monitored Objects in Maintenance Mode..................................................................30 Troubleshooting.........................................................................................................................31 Appendix: Reports.....................................................................................................................35 Appendix: Operational Data Reporting Management Pack.......................................................36

Operations Manager 2007 R2 Management Pack Guide

The Operations Manager Management Pack helps you manage your System Center Operations Manager 2007 R2 infrastructure by monitoring the health of the Operations Manager components and services. The Operations Manager Management Pack alerts you to problems with components such as the management servers, the Operations Manager database, agents, modules used by workflows, and services so that you can continue to monitor the servers and clients that your business depends on. The management pack includes tasks that you can automate to get easy access to common diagnostic tools, such as restarting a health service or reloading an agent configuration.

In This Guide
Introduction to the Operations Manager Management Pack Guide Getting Started Optional Configuration Security Considerations Understanding Management Pack Operations Troubleshooting

Introduction to the Operations Manager Management Pack Guide

Document Version
This guide was written based on version 6.1.7695.0 of the Operations Manager Management Pack for Operations Manager 2007 R2 and version 6.1.7695.0 of the Operational Data Reporting Management Pack.

Getting the Latest Management Pack and Management Pack Documentation

You can find the latest Operations Manager Management Pack at http://go.microsoft.com/fwlink/? LinkId=82105. The latest version of this document is available at http://go.microsoft.com/fwlink/? LinkId=85414.

Changes in This Update

Version 6.1.7695.0 of the Operations Manager Management Pack for Operations Manager 2007 R2 includes the following changes: Added the Agents by Health State report which will list all agents, management servers, gateway servers and the root management server grouped by their current health state (i.e. unavailable, error, warning or success). For more information, see Appendix: Reports. Added the An alert subscription has been automatically disabled due to invalid configuration rule to generate an alert when an alert subscription is disabled due to invalid configuration, such as when the account that created the subscription being deleted. Added the WMI Service Availability aggregate monitor and the Windows Management Instrumentation Service unit monitor to monitor the state of the Windows Management Instrumentation (WMI) service (winmgmt) on agents. By default, the unit monitor samples the WMI service every 125 seconds and generates an alert when the WMI service is not running for 3 consecutive samples. These settings can be changed by using overrides. Added rules to that can be enabled in place of monitors that require manual reset of the health state. For more information, see Manual Reset Monitors. Updated product knowledge for some workflows. Changed the "Computer Verification: Verification Error" event collection rule to be disabled by default. The alert from this rule would only be generated when running the discovery wizard, when the user would directly observe that one or more computer verifications failed. The alert is an unnecessary duplication. Change the Collect Configuration Parse Error Events rule to be disabled by default. Changed the parameter used for alert suppression for the following rules: Alert generation was temporarily suspended due to too many alerts Workflow Runtime: Failed to access a Windows event log Workflow Initialization: Failed to initialize access to an event log An error occurred during computer verification from the discovery wizard A generic error occurred during computer verification from the discovery wizard

Removed alerting from the Data Integrity aggregate monitor and added alerting to its unit monitors: Repeated Event Raised Spoofed Data Check Root Connector Data Validity Check

The Operational Data Reporting Management Pack has not changed in this release. The version number of the Operational Data Reporting Management Pack was updated to keep the versions the same across all of the management packs in this package.

Changes in July 2010 Release

The July 2010 release contains an updated version of the Operational Data Reporting Management Pack. The Operations Manager Management Pack has not changed; the latest version of the Operations Manager Management Pack is still 6.1.7672.0. 6

Version 6.1.7676.0 of the Operational Data Reporting Management Pack was updated to fix an issue where the Management Packs ODR report would fail to submit data.

Changes in Version 6.1.7672.0

Version 6.1.7672.0 of the Operations Manager Management Pack for Operations Manager 2007 R2 includes the following changes: Added the Agent Counts By Date, Management Group and Version report, which compiles information on the Operations Manager agents deployed in your environment. For more information, see Appendix: Reports. Added monitoring of Operations database partitioning and grooming workflows. For more information, see Monitoring routine database maintenance in Key Monitoring Scenarios. Added functionality for detecting and repairing duplicate relationships between agents and management servers. For more information, see Monitoring duplicate relationships between agents and management servers in Key Monitoring Scenarios. Fixed display strings and product knowledge for various rules and monitors. Changed the following performance collection rules to ensure they write to both the operational database and the data warehouse database: Collect System\System Uptime Collect SDK Performance Data

Collects data from the Processor\% Processor Time performance counter (Deprecated) Collects Operations Manager SDK Service\Client Connections Management Server State for Dashboard View is now Management Server State Management Server State for State View is now Management Server State Changed the following view names:

AD based Agent Assignment Module Events for Dashboard View is now AD based Agent Assignment Module Events AD based Agent Assignment Module Events for Event View is now AD based Agent Assignment Module Events Disabled the following rules: Collects data from the Processor\% Processor Time performance counter (Deprecated) Collect Management Configuration Service Configuration Updated Events Health Service Connector Bind Failure

Fixed an issue with the display of reports when the time format is set to other than ENUS. Fixed an issue with Critical Parameter Replacement Failure During Alert Creation failing to generate an alert. Disabled the Collect Performance Data Source Module Events event collection rule and hid the corresponding view, Performance Data Source Module Events. The rule collected a significant amount of data which can result in performance problems. The most important 7

events associated with this rule are monitored by the alert-generating rule, Performance Data Source Module could not find a performance counter. The criteria for the monitor Processing Backlogged Events Taking a Long Time has been updated to prevent the monitor from being reset when the agent is restarted. A series of rules which monitor failure of scripts, commands and WMI queries have been updated to make them less noisy and easier to understand. Each rule had its name updated to be more explanatory and the alert names generated by these rules were aligned to match the name of the rule so that lookups between alerts and the rules that raised them would be easier. The rules were renamed as follows:
Old name New name

Alert on Failure to Create Process for Batch Response Alert on Failed Batch Responses WMI Probe Module Runtime Failure WMI Probe Module Initialization Failure WMI Event Module Runtime Failure WMI Event Module Initialization Failure WMI Raw Performance Counter Module Runtime Failure WMI Raw Performance Counter Module Initialization Failure (new rule)

Workflow Initialization: Failed to start a process or script Workflow Runtime: Failed to run a process or script Workflow Runtime: Failed to run a WMI query Workflow Initialization: Failed to start a workflow that queries WMI Workflow Runtime: Failed to run a WMI query for WMI events Workflow Initialization: Failed to start a workflow that queries WMI for WMI events Workflow Runtime: Failed to run a WMI query for performance data Workflow Initialization: Failed to start a workflow that queries WMI for performance data Workflow Initialization: Failed to start a workflow that runs a process or script

Consolidation has been added to all rules with a name that begins with Workflow Runtime so that alerts will only be raised for multiple occurrences.

Changes in Version 6.1.7599.0

Version 6.1.7599.0 of the Operations Manager Management Pack included the following changes: Added functionality that monitors data volume by management pack, workflow, and instance. For details, see the Analyzing data volume scenario in Key Monitoring Scenarios.

 Added monitoring of agent version and compatibility of agent and operating system. For details, see the Monitoring agent version and architecture mismatch scenario in Key Monitoring Scenarios. Added monitoring of CPU use by agents and related processes. For details, see the Monitoring CPU utilization scenario in Key Monitoring Scenarios. This release of the Operations Manager Management Pack also includes an updated version of the Operational Data Reports Management Pack, which is installed with Operations Manager. The Operational Data Reporting Management Pack gathers information and sends reports to Microsoft on a weekly basis (if you select to send reports). Microsoft uses these reports to improve the quality of its management packs and Operations Manager 2007. Participation in the program is strictly voluntary. For more information, see Appendix: Operational Data Reporting Management Pack. Added or updated product knowledge, descriptions, display names, and alert details. Changed the Critical Parameter Replacement Failure During Alert Creation rule to disabled by default because is not actionable; review the product knowledge before enabling this rule. Updated criteria to only show active alerts in the AD based Agent Assignment Module Alerts view, which is part of the AD-based Agent Assignment Module Events Dashboard view. Aligned monitor states with alert severity for following monitors: Run As Account/Password Expiration Check Alert Subscription Acknowledgement Running Slow Alert Subscription Query Performance Monitor Processing Backlogged Events Taking a Long Time Communication Certificate Expiration Check

Enabled auto-resolution for the Run As Account/Password Expiration Check monitor.

All monitors have been made public so users can add custom diagnostics and recoveries. Updated the Collects Opsmgr SDK Service\Client Connections rule to sample data every 900 seconds (previously was 300 seconds). Changed the interval for Sql Broker Availability Monitor Type from 10 seconds to 3600 seconds. Renamed the "Health Service Configuration" view folder to "Run As Configuration" to more accurately reflect the folder's new (revised) purpose. Disabled the following event collection rules and removed the associated views because they caused a large amount of data collection that was of limited use to customers: Collect Health Service Configuration Updated Events Collect Management Configuration Service Configuration Updated Events Collect Run As Account Failure Events Collect IIS Discovery Probe Module Events Scheduler Condition Module Initialization Failure 9

Tuned alert suppression for following rules to reduce alert volumes:

Scheduler Data Source Module Initialization Failure Timer Condition Module Initialization Failure

Fixed bug with the Run As Account(s) Expiring Soon monitor that was preventing state changes and causing event 11903.

Changes in Version 6.1.7533.0

Version 6.1.7533.0 of the Operations Manager Management Pack included the following changes: Changed the time-out value to 1 minute for recovery tasks associated with the following monitors: Health Service Handle Count Threshold Health Service Private Bytes Threshold Monitoring Host Handle Count Threshold Monitoring Host Private Bytes Threshold

Changed the threshold values for the Health Service Handle Count Thresholds and Monitoring Host Handle Count Thresholds monitors to 10,000 on management servers and 6,000 on agents. Changed the threshold values for the Health Service Private Bytes Threshold and Monitoring Host Private Bytes Threshold monitors to 1500 MB on management servers and 300 MB on agents. Updated the layout and default filters and sort order for a number of views. Fixed an issue that was previously preventing all rules related to agentless exception monitoring from generating alerts. Added display names, descriptions, and product knowledge where missing. Added the rule Collects Opsmgr SDK Service\Client Connections to collect the number of connected clients for a given management group. This data is shown in the view Console and SDK Connection Count under the folder Operations Manager\Management Server Performance. Updated a number of monitors and rules to ensure that data is reported to the correct management group for multihomed agents. The following rules and monitors are now disabled by default as they are generally not actionable: A GroupPopulator module unloaded due to an unrecoverable error Health Service Cannot Find Management Group Data Validity Check Root Connector Data Validity Check

Added event collection rule for events 5400, 5401, 5402, 5404 5405, and 5500.

Updated the alert suppression criteria for the rule Alert on Dropped MultiInstance Performance Module in order to significantly reduce the alert volumes generated by this rule and make it easier to identify the root cause. The monitors listed below have been updated so that the value of the sample must exceed the threshold for a specific number of consecutive samples, as opposed to the 10

average of the samples over the consecutive samples. This will increase the accuracy of the monitors by handling periodic spikes in resource utilization better: Health Service Handle Count Threshold Health Service Private Bytes Threshold Monitoring Host Handle Count Threshold Monitoring Host Private Bytes Threshold

Updated the knowledge for the rule Data Access Service Spn Registration significantly.

Fixed the configuration of the rule IIS Discovery Probe Module Execution Failure to so that the parameter replacement will now work correctly for alert suppression and generating the details of the alerts description.

Changes in Version 6.1.7221.0

The release of version 6.1.7221.0 of the Operations Manager Management Pack included the following changes: Added rules and monitors to support Operations Manager 2007 R2 features. Added content to knowledge and descriptions.

Fixed a problem with discovery of Windows computers that resulted in multiple IP addresses. Updated rules and monitors to ensure that, on multi-homed agents, data is sent only to the appropriate management group. Updated the Discover Windows Computer Properties discovery to support computers in workgroups. Added the /admin switch to tasks that use Remote Desktop, to enable compatibility with Windows Server 2008 and Windows Vista SP1. Reenabled rollup of state from computers to computer groups. For details, see the Knowledge Base article 967537 (http://go.microsoft.com/fwlink/?LinkId=146985). Provided additional error handling in the Discover Health Service Properties discovery. Changed the severity of the alert generated by Data Access Service SPN Registration rule to critical to better reflect the importance of the issue. Changed the RunAs Authorization Check to ensure it is not auto-resolved when the health service is restarted. Added a monitor targeting the Health Service class that provides a warning when the authentication certificate is within 2 weeks of expiration. Changed the Log Distributed Workflow Test Event rule time-out from 30 seconds to 300 seconds. Modified the information displayed in the agent updates list to improve readability. Fixed the Configuration Service monitor to generate alerts correctly on clustered root management servers. Fixed a problem in which the agent version was incorrectly discovered on the Operations Manager Reporting server. Fixed the Remote Desktop task for the Health Service Watcher so that it contacts the correct targeted computer. 11

 Corrected the knowledge associated with the SDK Spn Registration rule so that it refers correctly to MSOMSdkSvc. Added collection rules to the baseline health model for events related to self-tuning thresholds and baselines. Fixed the Discover Windows Server Properties script to work on Windows 2000 Server. For details, see problem 2 in the Knowledge Base article 951979 (http://go.microsoft.com/fwlink/?LinkId=146986). Changed the behavior of the Operational Database Space Free (%) monitor to more accurately calculate free space. Changed the default sort behavior for Operations Manager -> Notifications -> All Events view. Expanded the scope of the Health Manager events view and added supporting collection rules. Improved the monitoring for Product Evaluation Has Expired by changing from rules to monitors with timer reset. Changed the name of the Monitoring Host Events view to Monitoring Host Crash Events to reflect the events collected more accurately. Added monitoring for WMI query failures by capturing WMI event 10457 from source Health Service modules. Fixed a problem with Health Service restart.

Supported Configurations
The Operations Manager Management Pack supports all configurations documented in the support configurations guide for Operations Manager. For more information, see Supported Configurations for Operations Manager 2007 R2. The Operations Manager Management Pack supports agentless monitoring. No configuration of the management pack is needed to enable agentless monitoring.

Getting Started
This section describes the actions you should take before you import the management pack, any steps you should take after you import the management pack, and information about customizations.

How to Import and Configure the Operations Manager Management Pack

The Operations Manager Management Pack is automatically installed when you install System Center Operations Manager. To import updated versions of the management pack, download the management pack from the System Center Operations Manager 2007 Catalog. For instructions on importing a management pack, see How to Import a Management Pack in Operations Manager 2007. 12

If your reporting server is running SQL Server 2008, before you run the reports in this management pack, you should install the cumulative update for SQL Server 2008 which you can request at http://go.microsoft.com/fwlink/?LinkID=167699.

Configuring the Operations Manager Management Pack

After you install Operations Manager, configure the Operations Manager Management Pack as follows: Configure automatic agent management. Create a Run As account with administrator access on the target computers. Add a Run As account to the Automatic Agent Management Account Run As profile to enable automatic agent recovery. Create a new management pack for customizations. Enable recovery for the Health Service Heartbeat Failure monitor. Add a Run As account to the Validate Alert Subscription Account Run As profile.

Enable the Operational Database Watchers Group to Management Group Availability Health Rollup. Set the configuration service to automatically restart. Make sure that the action account on the root management server (RMS) is a member of the Operations Manager Administrators Group. The following sections explain how to make these changes. Create One or More Run As Accounts for Use with the Automatic Agent Management Account Run As Profiles If you did not create a Run As account with administrator access when you installed Operations Manager, you must do so before you can set the Automatic Agent Management Account Run As profile and the Validate Alert Subscription Account Run As profile. For instructions on creating a Run As account, see How to Create a Run As Account in Operations Manager 2007 (http://go.microsoft.com/fwlink/?LinkId=165410). Create the Necessary Associations in the Automatic Agent Management Account Run As Profile Before Operations Manager can automatically recover agents, you must add a Run As account to the Automatic Agent Management Account Run As profile. The Run As account must have administrator access on the target computers. To add a Run As account to the Run As profile for the Automatic Agent Management Account 1. In the Operations console, on the Go menu, click Administration. 2. In the navigation pane, expand Administration, expand Security, click Run As Configuration, and then click Profiles. 3. Double-click Automatic Agent Management Account, and then click the Run As Accounts tab. 13

4. Click Add, and then in the Run As Account drop-down menu, click an existing account that has administrator access to the agents or click New to create a new account to use. 5. For This Run As account will be used to manage the following objects, ensure All targeted objects is selected, and then click OK. 6. Click Save. Create a New Management Pack for Customizations Most vendor management packs are sealed so that you cannot change any of the original settings in the management pack file. However, you can create customizations, such as overrides or new monitoring objects, and save them to a different management pack. By default, Operations Manager saves all customizations to the Default Management Pack. As a best practice, you should instead create a separate management pack for each sealed management pack you want to customize. Creating a new management pack for storing overrides has the following advantages: It simplifies the process of exporting customizations that were created in your test and pre-production environments to your production environment. For example, instead of exporting a Default Management Pack that contains customizations from multiple management packs, you can export just the management pack that contains customizations of a single management pack. It allows you to delete the original management pack without first needing to delete the Default Management Pack. A management pack that contains customizations is dependent on the original management pack. This dependency requires you to delete the management pack with customizations before you can delete the original management pack. If all of your customizations are saved to the Default Management Pack, you must delete the Default Management Pack before you can delete an original management pack. It is easier to track and update customizations to individual management packs. For more information about sealed and unsealed management packs, see Management Pack Formats. For more information about management pack customizations and the Default Management Pack, see About Management Packs in Operations Manager 2007. To create a new management pack for customizations 1. Open the Operations console, and then click the Administration button. 2. Right-click Management Packs, and then click Create New Management Pack. 3. Enter a name (for example, ADMP Customizations), and then click Next. 4. Click Create. Enable Recovery for the Health Service Heartbeat Failure Monitor The Health Service Heartbeat Failure monitor can be configured to automatically enable or start the Health Service on agents where that is not already the case. To enable that recovery, take the following steps to create the necessary overrides.

14

To enable automatic recovery 1. Open the Operations console, and then in the navigation pane, click the Authoring button. 2. Under Authoring, expand Management Pack Objects, and then click Monitors. 3. Under Monitors, expand Health Service Watcher (Agent), expand Entity Health, and then expand Availability. 4. Right-click Health Service Heartbeat Failure, click Properties, and then click the Overrides tab. 5. In the list, under Recovery, click Enable and Restart Health Service, click Override, and then click For all objects of class: Health Service Watcher (Agent). 6. Under Override-controlled parameters, in the Override column, select the check box next to the Enabled value that appears in the Parameter Name column. 7. In the Override Value column, in the drop-down box, click True. 8. In the Select destination management pack section, select the management pack that you created for storing customizations for this Operations Manager Management Pack, and then click OK. 9. Repeat steps 5 through 8 for Restart Health Service and Reinstall Health Service (triggered from Diagnostic). Add a Run As Account to the Run As Profile for the Validate Alert Subscription Account The Validate Alert Subscription Account Run As profile provides credentials for the rule Validate Alert Subscription. Each account used in this Run As profile must be a member of the Operations Manager Administrators user role and have administrator access to the root management server. Note To find out whether a Run As account is a member of the Operations Manager Administrators users role, in the navigation pane, under Administration, expand Security, click User Roles, and then double-click Operations Manager Administrators. For instructions on adding a Run As account to a Run As profile, see How to Modify an Existing Run As Profile (http://go.microsoft.com/fwlink/?LinkId=165412). Enable the Operational Database Watchers Group to Management Group Availability Health Rollup It is recommended that you enable the Operational Database Watchers Group to Management Group Availability Health Rollup monitor so that the state of the Operational Database Watchers Group rolls up to the management group. To enable the monitor 1. Open the Operations console, and then in the navigation pane, click the Authoring button. 2. Under Authoring, expand Management Pack Objects, and then click Monitors. 15

3. Under Monitors, expand Operations Manager Management Group, expand Entity Health, and then expand Availability. 4. Right-click Operational Database Watchers Group to Management Group Availability Health Rollup, point to Overrides, point to Override the Monitor, and then click For all objects of class: Operations Manager Management Group. 5. Under Override-controlled parameters, find the Enabled value that appears in the Parameter Name column, and then select the check box next to it in the Override column. 6. In the Override Setting column for the Enabled parameter, in the drop-down box, click True, and then click OK. Set the Configuration Service to Restart Automatically The override that automatically restarts the configuration service for the Windows service state is disabled by default. To automatically start the configuration service when it stops, you must enable an override. To set the monitor to automatically restart the configuration service 1. Open the Operations console, and then in the navigation pane, click the Authoring button. 2. Under Authoring, expand Management Pack Objects, and then click Monitors. 3. Under Monitors, expand Root Management Server, expand Availability, and then expand Configuration Service Availability. 4. Right-click Configuration Service - Windows Service State, click Properties, and then click the Overrides tab. 5. In the list, under Recovery, click Start Management Configuration Service, click Override, and then click For all objects of type: Root Management Server. 6. Under Override-controlled parameters, in the Override column, select the check box next to the Enabled value that appears in the Parameter Name column. 7. In the Override Setting column, in the drop-down box, click True, and then click OK. Make Sure That the Action Account on the Root Management Server Is a Member of the Operations Manager Administrators Group The Operations Manager Management Pack includes the Check for Updated Management Packs rule, which checks whether an updated version of an installed management pack is available. The rule runs a script, Powershell.exe, which requires the action account on the RMS to be a member of the Operations Manager Administrators Group. If you configured the action account by using Local System or a user that is not part of the Operations Manager Administrators Group, the script will not work.

Files in This Management Pack

The System Center Operations Manager 2007 setup installs the Operations Manager Management Pack as part of the standard software installation. After installation, you can 16

upgrade to the latest version of the management pack by downloading it from http://go.microsoft.com/fwlink/?LinkId=82105. The following management packs are included as a part of the Operations Manager 2007 R2 Management Pack: System Center Core Monitoring (Microsoft.SystemCenter.2007.mp): This management pack defines all of the monitoring components and tasks for this package. System Center Core Monitoring Views (Microsoft.SystemCenter.OperationsManager.2007.mp): This management pack defines all of the views for this package. System Center Core Monitoring Agent Management (Microsoft.SystemCenter.OperationsManager.AM.DR.2007.mp): This management pack contains the definitions for various diagnostics and recoveries that can be used for automation of agent management and remediation. Refer to the Getting Started and Key Monitoring Scenarios sections of this guide for more details on this functionality. System Center Core Monitoring Reports (Microsoft.SystemCenter.OperationsManager.Reports.2007.mp): This management pack contains reports for this package. Operational Data Reporting Management Pack (ODR.mp): The Operational Data Reporting Management Pack gathers information and sends reports to Microsoft on a weekly basis (if you select to send reports). Microsoft uses these reports to improve the quality of its management packs and Operations Manager 2007. Participation in the program is strictly voluntary. For more information, see Appendix: Operational Data Reporting Management Pack..

Recommended Additional Management Packs

To help monitor your Operations Manager infrastructure, you can import the following management packs: Windows Server Operating System Management Pack. This management pack can help you manage and monitor the operating system on your Operations Manager infrastructure servers and Operations Manager agents. Microsoft SQL Server Management Pack. This management pack provides discovery of and monitoring for the Operations Manager infrastructures systems that have SQL Server components installed, such as the operational and data warehouse database servers.

Optional Configuration
You can configure the Operations Manager Management Pack for your environment. For instance, to reduce network traffic, you can override the rules that collect performance data. The following table lists optional configurations for the Operations Manager Management Pack and specifies where you can find additional information about each option.
Configuration Option Additional Information

Change the default settings by overriding rules.

See How to Monitor Using Overrides. 17

Configuration Option

Additional Information

Disable performance data, warnings, and See the section in this guide titled Disable events that you do not want to receive. To Performance Data. reduce network traffic, you can disable the rules that collect warnings, data, and noncritical events in environments such as the following: Deployments in a wide area network with slow links Deployments across satellite links Deployments involving large branch offices Deployments in which alerts are forwarded to a global network operations center Configure monitoring of connected management groups. Enable health rollup from the Local Health Service to the Health Service Watcher for monitoring performance, configuration, and security. Enable recovery tasks See the section in this guide titled Configure a Connected Management Group. See the section in this guide titled Enable Monitors for the Local Health Service.

See the section in this guide titled Enable Recoveries.

Disable Performance Data

To reduce network traffic or to improve performance on servers with slow WAN links, you can use overrides to disable the rules that collect performance data. When you disable a rule that collects performance data, the reports that rely on the rule's data will not work. To disable performance data 1. In the Operations console, on the Go menu, click Authoring. 2. In the navigation pane, expand Management Pack Objects, and then click Rules. 3. Under Rules, click the rule that you want to stop collecting performance data for. 4. On the Operations console toolbar, click Overrides and then point to Override the Rule. You can choose to override this rule for objects of a specific type or for all objects within a group. After you choose which group of object type to override, the Override Properties dialog box opens, enabling you to view the default settings contained in this monitor. 18

5. In the Override Properties dialog box, select the Override check box that corresponds to the Enabled parameter. 6. In the Override Setting column, click False. 7. In the Select destination management pack list, click the appropriate management pack in which to store the override, or create a new unsealed management pack by clicking New. Note By default, when you create a management pack object, disable a rule or monitor, or create an override, Operations Manager saves the setting to the Default Management Pack. As a best practice, you should create a separate management pack for each sealed management pack you want to customize, rather than saving your customized settings to the Default Management Pack. For more information, see Customizing Management Packs (http://go.microsoft.com/fwlink/?LinkId=140601). 8. When you complete your changes, click OK.

Configure a Connected Management Group

The Operations Manager Management Pack includes monitoring for testing the connectivity between connected management groups. This monitoring, which is disabled by default, performs a synthetic transaction and requires specific permissions to work. To ensure the required permissions are granted, configure the Connected Management Group Account Run As profile with the necessary associations. If your environment includes connected management groups and you want to use monitoring for testing the connectivity between connected management groups, perform the following steps to configure the Connected Management Group Account Run As profile and enable the necessary monitors to turn on this monitoring. To create the necessary associations for the Connected Management Group Account Run As profile for the connected management group account 1. Open the Operations console, and then in the navigation pane, click the Administration button. 2. Under Administration, expand Security, and then click Run As Profiles. 3. Double-click Connected Management Group Account, and then click the Run As Accounts tab. 4. Click New, and then in the Run As Account drop-down menu, click a Run As account that has permission to access the connected management group. 5. Under Matching Computers, click your connected management group, and then click OK.

19

To enable the Tiered Management Group Synthetic Transaction monitor 1. Open the Operations console, and then in the navigation pane, click the Authoring button. 2. Under Authoring, expand Management Pack Objects, and then click Monitors. 3. In the list of monitors, expand Connected Management Group, expand Entity Health, expand Availability, and then click Tiered Management Group Synthetic Transaction. 4. On the toolbar, click Overrides, point to Override the Monitor, and then click For all objects of type: Connected Management Group. 5. Under Override-controlled parameters, find the Enabled value that appears in the Parameter Name column, and then select the check box next to it in the Override column. 6. In the Override Setting column for the Enabled parameter, in the drop-down box, click True. 7. In the Select destination management pack list, click the appropriate management pack in which to store the override or create a new unsealed management pack by clicking New. Note By default, when you create a management pack object, disable a rule or monitor, or create an override, Operations Manager saves the setting to the Default Management Pack. As a best practice, you should create a separate management pack for each sealed management pack you want to customize, rather than saving your customized settings to the Default Management Pack. For more information, see Customizing Management Packs (http://go.microsoft.com/fwlink/?LinkId=140601). 8. When you complete your changes, click OK.

Enable Monitors for the Local Health Service

The Health Service Watcher monitors the state of the remote health service from the perspective of the root management server (RMS). The Health Service Watcher for agents includes four dependency monitors that assess the local health service and roll it up to the Health Service Watcher: Local Health Service Configuration Local Health Service Performance Local Health Service Security Local Health Service Availability

By default, only the Local Health Service Availability dependency monitor is enabled. The local health service dependency monitors for configuration, performance, and security are disabled

20

because, if enabled in an environment with more than 500 agents, they can degrade the processing performance of the RMS. If your environment has fewer than 500 agents, you might want to enable one or more of these dependency monitors for specific agents or groups of agents. Note If you have a large configuration or a high number of management packs installed, please refer to the Knowledge Base article The Entity Health monitor for an Operations Manager 2007 management server displays "Critical" together with a Health Service threshold setting. To enable the dependency monitors 1. Open the Operations console, and then in the navigation pane, click the Authoring button. 2. Under Authoring, expand Management Pack Objects, and then click Monitors. 3. In the list of monitors, expand Health Service Watcher (Agent), expand Configuration, and then click Local Health Service Configuration, Local Health Service Performance, or Local Health Service Security. 4. On the toolbar, click Overrides, point to Override the Monitor, and then click For all objects of type: Health Service Watcher (Agent). 5. Under Override-controlled parameters, find the Enabled value that appears in the Parameter Name column, and then select the check box next to it in the Override column. 6. In the Override Setting column for the Enabled parameter, in the drop-down box, click True. 7. In the Select destination management pack list, click the appropriate management pack in which to store the override or create a new unsealed management pack by clicking New. Note By default, when you create a management pack object, disable a rule or monitor, or create an override, Operations Manager saves the setting to the Default Management Pack. As a best practice, you should create a separate management pack for each sealed management pack you want to customize, rather than saving your customized settings to the Default Management Pack. For more information, see Customizing Management Packs (http://go.microsoft.com/fwlink/?LinkId=140601). 8. When you complete your changes, click OK. Note If the Operations Manager agent is unable to restart the Health service after its monitored thresholds are exceeded, please refer to the Knowledge Base article The System Center 21

Operations Manager 2007 agent is unable to restart the health service after its monitored thresholds are exceeded

Enable Recoveries
The following monitors have recovery tasks that are disabled by default: The Windows Management Instrumentation Service monitor sets state as unhealthy when the Windows Management Instrumentation (WMI) service is not running Recovery: If enabled, the recovery task for this monitor will attempt to automatically restart the WMI service when the monitor state is unhealthy. The Relationships between Agents and Management Servers Monitor monitor sets state as unhealthy when an agent is detected to have more than one relationship to a management server, which can cause data corruption and prevent the configuration service from generating configuration for the full management group. Recovery: If enabled, the recovery task for this monitor remove unnecessary relationships between agents and management servers. Use the following procedure to enable a recovery. To enable a recovery 1. In the Operations console, click the Authoring button. 2. In the navigation pane, expand Management Pack Objects and then click Monitors. 3. In the Look for box, type the name of the monitor. 4. Right-click the monitor and then click Properties. 5. On the Diagnostic and Recovery tab, in the Configure recovery tasks section, ensure the desired task is selected and then click Edit. 6. On the Overrides tab, click Override. You can choose to override this monitor for objects of a specific type or for all objects within a group. After you choose which group or object type to override, the Override Properties dialog box opens 7. In the Override-controlled parameters section, click Enabled, and then click OK. 8. Close the task and monitor properties windows.

Manual Reset Monitors

The Operations Manager Management Pack contains two monitors that require manual reset of health state, which are listed below. In version 6.1.7695.0 of the management pack, rules have been included that you can enable in place of those monitors. The rules generate alerts for the same conditions as the monitors. You can disable Alert Subscription Configuration Monitor and in its place, enable the following rules: Alert Subscription Configuration Critical Notification Rule, which generates a critical alert on the same critical conditions as the monitor. 22

 Alert Subscription Configuration Warning Notification Rule, which generates a warning alert on the same warning conditions as the monitor. You can disable the Alert Subscription Available monitor, and in its place, enable Alert Subscription Availability Critical Notification Rule, which generates a critical alert on the same critical conditions as the monitor. For information about disabling a monitor, see How to Disable a Monitor or Rule Using Overrides (http://go.microsoft.com/fwlink/?LinkID=125661). Use the same procedure to enable the rules, but set the Enabled parameter to True.

Security Considerations
This section describes the security considerations for the Operations Manager Management Pack, including the actions that require a high-privilege account to run, a reserved internal account that you should not modify, and computer groups that you can use to scope user roles.

Reserved Internal Operational Database Account

To provide security for backward compatibility, the management pack includes a Reserved Internal Operational Database Account Run As profile, but the account is not in use. Do not modify the Reserved Internal Operational Database Account Run As profile.

Low-Privilege Environments
The following table describes monitors and rules that require a high-privilege account to run. When these monitors or rules run, they do not use the agent action account or the low-privilege account that you specified. Instead, they use the Privileged Monitoring Account Run As profile, which defaults to Local System and does not require association with a Run As account and target computer. No user intervention is required.
Monitor or Rule Comments

AD Integration Relationship Discovery Discover Windows Computer Properties

Discovers the Active Directory integration relationship. Discovers the following properties of the Windows computer type: NetBIOS Computer Name NetBIOS domain name IP address DNS domain name Organizational unit DNS forest name Active Directory site

Agent Management Log Event

Tests end-to-end event collection. 23

Monitor or Rule

Comments

Agent Management Restart Health Service Action

Restarts the Health service.

Computer Groups
The Operations Manager management packs provide the following groups: Agent Managed Computer Group Agentless Managed Computer Group Collection Management Server Computer Group Gateway Management Server Computer Group Management Server Computer Group Root Management Server Computer Group

These groups can be used for scoping in numerous ways, including overrides, views, notifications, and the operator level of privileges for user roles. For more information about user roles, see About User Roles in Operations Manager 2007.

Understanding Management Pack Operations

This section describes the objects that the Operations Manager Management Pack discovers, how health rolls up, key monitoring scenarios, and the console views that display monitoring and performance information.

Objects the Management Pack Discovers

The Operations Manager Management Pack discovers the server running Operations Manager on which it is imported. This management pack defines classes used internally by other management packs, but it does not perform discoveries of those classes.

How Health Rolls Up

The Operations Manager Management Pack views the services of Operations Manager as a hierarchy. The health of each level depends on the health of the level below it. The top level is the Operations Manager Management Group, which you can use to gauge the health of your monitoring infrastructure. At the lowest level are the counters, events, scripts, and service states that the Operations Manager monitors. When a number of these items changes state, the level above changes state to match; in other words, the health of the lower level rolls up to the level above it. At the lowest level, unit monitors check the operational state of objects. For example, the agent manager includes unit monitors that assess aspects of the configuration health service, such as whether an agent installer failed to start, failed to install, or already exists. Unit monitors roll up to either aggregate or dependency rollup monitors. 24

An aggregate rollup monitor reflects the state of a collection of unit monitors, dependency rollup monitors, or other aggregate rollup monitors. For example, the unit monitors for the configuration health service roll up to the configuration health service aggregate monitor. The aggregate rollup monitor can then specify the health state and generate an alert. A dependency rollup monitor rolls up health states from targets linked by either a hosting or a membership relationship that is defined in the management pack. The dependency rollup monitor can be used to group other monitors to set the health state and generate alerts. For example, you can use a dependency monitor to check the availability of multiple management servers and then roll up their health into a management server group.

Key Monitoring Scenarios

The Operations Manager Management Pack monitors the availability, configuration, performance, and security of the Operations Manager agents, services, workflow, and database. The management pack monitors the following key scenarios: Active Directory integration Agent health and remediation Agent management and recovery 25

Core System: secure storagepassword expiration The health of the Health Service for agents and servers The health of the Operations Manager database Data volume by management pack Agent version and architecture mismatch CPU utilization by agents and related processes Routine database maintenance Duplicate relationships between agents and management servers

The following table describes these monitoring scenarios.

Scenario Description

Active Directory integration Agent Health

This scenario monitors the LDAP module for Active Directory integration agent assignment. This scenario checks agents for out-of-date configurations from the perspective of the agent. When the configuration is at the warning or critical level, the monitor logs the event. The Health Service rolls up the health of the agents and alerts you when the configured threshold of agents is out of date. The Health Service Watcher checks the heartbeat of agents and warns you when they fail. You can disable the monitor for managed clients or for a management server. By using the management pack, you can perform the following actions: Repair the agent by automatically reinstalling it Repair the agent by manually reinstalling it Check the Health Service Windows Service State Query the service state and the configuration Ping the computer by using Internet Control Message Protocol Recover and diagnose the agent by using the Automatic Agent Management Account Run As profile Remotely enable and restart the health service 26

Agent management and recovery

Scenario

Description

Core System: secure storagepassword expiration

Remotely restart the health service

This scenario checks the secure storage's public key and configuration. The monitor alerts you about password expirations and configuration errors of Run As accounts. This scenario includes the following monitors for the Health Service: Monitoring Host Handle Count Threshold. When consecutive samples for the Handle Count counter for the MonitoringHost.exe process exceed the configured threshold, the monitor changes state. The default threshold for this monitor is 6000 for agents and 10,000 for management servers. Monitoring Host Private Bytes Threshold. When consecutive samples of the Private Bytes counter for MonitoringHost.exe exceed the configured threshold, the monitor changes state. The default threshold for this monitor is 300 MB for agents and 1500 MB for management servers. Health Service Handle Count Threshold. When this monitor detects that consecutive samples of the Handle Count counter for the HealthService.exe process exceed the configured threshold, the monitor changes state. The default threshold for this monitor is 6000 for agents and 10,000 for management servers. Health Service Private Bytes Threshold. When this monitor detects that consecutive samples of the Private Bytes counter for HealthService.exe exceed the configured threshold, the monitor changes state. The default threshold for this monitor is 300 MB for agents and 1500 MB for management servers. Notes The monitors above roll up the worst of their combined states to an 27

The health of the Health Service for agents and servers

Scenario

Description

aggregate monitor named Health Service State, which in turn has a recovery associated with its error state. The recovery, which is enabled for agents by default and disabled for management servers, will restart the Health service on the system where excessive memory utilization has been detected. To determine whether the threshold for these monitors should be increased, disable the recovery for the Health Service State aggregate monitor so that the service will not be restarted while you are establishing a baseline. Use Perfmon to observe or collect the performance counters for the agents over a 24-hour time period or regular activity. Review the data collected and determine the typical maximum value. If necessary, apply overrides to the applicable monitors with values appropriate for your environment. Remove the override that disabled recovery for the Health Service State aggregate monitor. To change the thresholds, apply overrides for specific groups to the monitors, targeting the Agent class. Action Account Configuration State. This monitor checks the configuration state of the action account and alerts you to errors. System Rules Loaded State. This monitor checks that the rules are loaded. If an aggregation of the rules is not loaded, the monitor alerts you. The health of the Operations Manager database This scenario monitors the free space threshold of the Operations Manager database and alerts you if the monitor is in a warning or critical state. 28

Scenario

Description

If the Operations Manager database runs out of space, the monitoring of other components and services can be interrupted. Analyzing data volume This scenario provides you with data that you can use to tune management packs more effectively. This management pack provides reports which enable you to analyze the amount of data produced by the management packs in your environment. When you run the Data Volume by Management Pack report, you can view the data volume for each management pack. You can then click any of the count cells to open the Data Volume by Workflow and Instance report, which provides a more detailed look at the volume of data. The information you obtain from these two reports can help you identify the management packs and workflows producing the largest amount of data, which you can then evaluate to determine whether tuning would be useful. This scenario checks the installed agents and sends an alert when a 32-bit agent is installed on a 64-bit operating system. Running a 32-bit agent on a 64-bit operating system will produce unreliable results and is not a supported configuration. This management pack enables you to check whether all installed agents are a specific version or newer. You can configure the agent version by using overrides for the Agent Version Monitor monitor. By default, the monitor checks for version 6.0.7221.0, which is the agent provided with Operations Manager 2007 R2, and generates an alert for any agent that is an earlier version. For best performance, stability, and functionality, agents should be upgraded to the most recent version. Monitoring Operations Manager agent CPU utilization This scenario monitors CPU utilization by agents and related processes, and generates an alert when CPU utilization exceeds a specified threshold for a specified number of 29

Monitoring the version and architecture of the Operations Manager agent

Scenario

Description

consecutive samples. Excessive CPU utilization by the agent over a period of time is a symptom that something is not operating properly. This scenario adds the Agent Performance view. Monitoring routine database maintenance This scenario monitors whether routine database maintenance, such as partitioning and grooming, are completed in a timely manner. Incomplete or failed maintenance can result in performance problems and database free space alerts. The Partitioning and grooming has completed recently monitor runs a script that compares successful completion of partitioning and grooming workflows to a specified time period. By default, this monitor sets a warning state when database maintenance has not succeeded in the past 48 hours. This scenario monitors for duplicate relationships between agents and management servers. When duplicate relationships between agents and management servers exist, data becomes corrupted and the configuration service will stop generating configuration for the entire management group. The Relationships between Agents and Management Servers Monitor monitor detects potential problems with the Operations database by checking for corrupted records of relationships between agents and management servers and generates an alert. You can run a task in the alerts product knowledge that will repair the database. You can also configure automatic recovery on the Relationships between Agents and Management Servers Monitor monitor.

Monitoring duplicate relationships between agents and management servers

Placing Monitored Objects in Maintenance Mode

When a monitored object, such as a computer or distributed application, goes offline for maintenance, Operations Manager 2007 detects that no agent heartbeat is being received and, as a result, might generate numerous alerts and notifications. To prevent alerts and notifications, put the monitored object into maintenance mode. In maintenance mode, alerts, notifications, rules, monitors, automatic responses, state changes, and new alerts are suppressed at the agent. 30

For general instructions on putting a monitored object into maintenance mode, see How to Put a Monitored Object into Maintenance Mode in Operations Manager 2007 (http://go.microsoft.com/fwlink/?LinkId=108358).

Troubleshooting
The following table describes issues that can occur with the Operations Manager Management Pack and presents possible solutions. For more information about resolving a problem with the Operations Manager Management Pack, see the product release notes. You can also search for the term "Operations Manager Management Pack" on Microsoft Help and Support.
Problem Solution

When you run the Data Volume by Management Pack or Data Volume by Workflow and Instance reports and drill down into any of the values, an error message states The 'StartDate_BaseType' parameter is missing a value.

On the reporting server, install the cumulative update for SQL Server 2008 (http://go.microsoft.com/fwlink/? LinkID=167699).

An alert is generated indicating that the script Use the following steps to determine SCOMpercentageCPUTimeCounter.vbs failed with an which class or classes are not present error message that states Invalid class. Following is on the system: an example of the error message that would be shown in 1. Log on to the server via the event description: terminal services. The process started at 8:11:41 PM failed to create System.PropertyBagData. Errors found in output: C:\Program Files\System Center Operations Manager 2007\Health Service State\Monitoring Host Temporary Files 1\2767\SCOMpercentageCPUTimeCounter.vbs(125, 5) SWbemRefresher: Invalid class One or more workflows were affected by this. Workflow name: Microsoft.SystemCenter.HealthService.SCOMpercentag eCPUTimeMonitor Cause: One or more of the WMI classes that the script queries is not loaded properly on the system. The script requires that the following WMI classes be available in the root\cimv2 namespace: Win32_Processor Win32_Process Win32_PerfFormattedData_PerfProc_Process 2. Run the program WBEMTEST.exe. 3. Click Connect and connect to the root\cimv2 namespace. 4. Under IwbemServices, click Enum Classes. 5. In the Superclass Info dialog box, leave the superclass name empty, select Recursive, and click OK. 6. When Query Results displays the results, scroll through the list and ensure that the three WMI classes are available. If you do not see one of more of the classes in the query result, follow the steps below. 1. Run the following command from a command prompt with administrator level permissions: 31

Problem

Solution

WMIADAP /F 2. Re-check to see if the class or classes are still missing. If they are still missing, run the following commands from a command prompt with administrator level permissions cd %windir%\system32 lodctr /R 3. Re-check to see if the class or classes are still missing. If one or more are still missing, use the Extensible Counter List Tool (Exctrlst.exe) and check if the PerfProc or PerfOS are disabled, and enable them if they are. You can download the Extensible Counter List Tool from Windows 2000 Resource Kit Tool : Extensible Performance Counter List (http://go.microsoft.com/fwlink/? LinkId=183182). 4. Re-check to see if the class or classes are still missing. If one or more are still missing, run the following as a batch file. This will re-register all WMI Modules: @echo off sc config winmgmt start= disabled net stop winmgmt /y %systemdrive% cd %windir %\system32\wbem for /f %%s in ('dir /b *.dll') do regsvr32 /s %%s regsvr32 %windir %\system32\tscfgwmi.d 32

Problem

Solution

ll wmiprvse /regserver winmgmt /regserver net start winmgmt 5. Re-check to see if the class or classes are still missing. If one or more are still missing, contact Microsoft Customer Service and Support. In Operations Manager 2007, a large number of computer groups and a high volume of state changes occurring on computer objects can result in one or both of the following conditions: High CPU and disk utilization on the root management server coming from the <<ProcessName(s)>> process. This is the Health Service process. Queues back up (<<Provide counter name>>) on the gateway, management server, and root management server system(s). This is the counter \Health Service Management Groups(Management Group Name)\Send Queue % Used. Every time the state changes on one of the top-level monitors for a computer (for example: Availability, Performance, Security, and Configuration), that state change is rolled up to every computer group of which the computer is a member. This can result in a cascading series of state changes and in environments where the volume of state changes are significant and the number of computer groups rolling up the changes are high. For instructions on resolving this issue, see Knowledge Base article 967537 (http://go.microsoft.com/fwlink/? LinkId=146985).

The Failed Accessing Windows Event Log monitor is in a None. It is recommended that you do warning state even though it has access to the event not enable the monitor. log. If you have enabled it, you can disable This monitor is disabled by default. If you enable the it. monitor and it does not have access to the event log, it changes to a warning state (yellow). After you fix the issue by giving the monitor access to the event log, the monitor remains in a warning state even though it should change to a healthy state (green). The connected management group is not forwarding alerts and other monitoring data to the local management group. Enable the Tiered Management Group Synthetic Transaction monitor for the connected management group. For instructions, see "Configure a Connected Management Group" in Optional Configuration. 33

Problem

Solution

When the Health Service Heartbeat Failure monitor for agents attempts to recover an agent automatically, access is denied.

Add a Run As account to the Automatic Agent Management Account Run As profile. The Run As account must have administrator access on the target computers. For instructions, see "Enable recovery for the Health Service Heartbeat Failure Monitor" in Getting Started.

Notification subscriptions are out of scope.

Add a Run As account to the Validate Alert Subscription Account Run As profile. The Run As profile requires a Run As account that is a member of the Operations Manager Administrators user role and has administrator access to the root management server. For instructions, see "Add a Run As Account to the Run As Profile for the Validate Alert Subscription Account" in Getting Started.

The configuration service for the Windows service state does not restart automatically.

To automatically start the configuration service when it stops, you must enable an override. For instructions, see "Set the Configuration Service to Restart Automatically" in Getting Started.

The availability health of the Operational Database Watchers Group does not roll up to the management group.

Enable the Operational Database Watchers Group to Management Group Availability Health Rollup. For instructions, see "Enable the Operational Database Watchers Group to Management Group Availability Health Rollup" in Getting Started.

Computers running Windows Vista or Windows Server 2008 fail to respond to ping.

The default firewall settings for computers running Windows Vista or Windows Server 2008 prevent the computers from providing a ping response. The Ping task in Operations Manager and any diagnostic or recovery tasks that use ping will fail 34

Problem

Solution

when run against a computer running Windows Vista or Windows Server 2008 unless the firewall settings on the computer are configured to allow incoming ICMP traffic. The Ping Status monitor and the Heartbeat Failure monitor use ping. You can disable these monitors for computers running Windows Vista or Windows Server 2008, or you can configure the computers to allow incoming ICMP traffic. For instructions on changing the firewall configuration, see Create an Inbound ICMP Rule on Windows Vista or Windows Server 2008 (http://go.microsoft.com/fwlink/? LinkId=161045).

Appendix: Reports
The Operations Manager Management Pack includes the following reports. The Data Volume by Management Pack report compiles information on the volume of data generated by management packs. The report lists the number of occurrences per management pack for the following data types: Discoveries Alerts

Performance (number of instances submitted for performance counters collected by management pack) Events State changes

The purpose of this report is to provide insight into which management packs are driving the data volumes in your environment so that you can establish baselines and identify opportunities for tuning. From this report, you can obtain more specific details per management pack, using the Data Volumes by Workflow and Instance report. The Data Volume by Workflow and Instance report compiles information on the volume of data generated, broken down by workflows (discoveries, rules, monitors, etc.) as well as by instances. There are two ways to access this report:

35

 In the Data Volume by Management Pack report, click one of the counts cells in the table at the top of the report to open the Data Volume by Workflow and Instance report for the management packs. Run the report directly from the Reporting section in the Operations console. If you run the Data Volume by Workflow and Instance report directly, you should set the parameters of the report to customize the results; this report is designed to provide details for information in the Data Volume by Management Pack report and so the default parameter settings may not provide the information you are looking for. The Agent Counts By Date, Management Group and Version report compiles information on the Operations Manager agents deployed in your environment. You can use this report to track the progress of agent deployments and the current distribution of agent versions. You can filter the information in the report by adjusting the parameters for date and time, aggregation, and management group. Note By default, the report will contain data for all management groups that have data in the data warehouse database. The Agents by Health State report displays a list of all health services on agents, management servers, gateway servers, and the root management server. Health service states that you can select to include in the report are the healthy state (green), warning state (yellow), critical state (red), and unavailable state (gray). You can select to include or exclude computers that are in maintenance mode in this report. The report includes the length of time that each unhealthy health service has been in that state.

Appendix: Operational Data Reporting Management Pack

The Operational Data Reporting Management Pack is installed with Operations Manager 2007. Version 6.1.7695.0 of the Operational Data Reporting Management (ODR) Pack, which is included with the Operations Manager Management Pack, is identical to version 6.1.7676.0, however the version number of the ODR Management Pack was updated to maintain consistency with the Operations Manager Management Pack. The Operational Data Reporting Management Pack gathers information and sends reports to Microsoft on a weekly basis (if you select to send reports). Microsoft uses these reports to improve the quality of its management packs and Operations Manager 2007. Participation in the program is strictly voluntary. You can run and use the reports produced by the Operational Data Reporting Management Pack whether you choose to send reports to Microsoft or not.

Changes in This Update

There are no changes to the Operational Data Reporting Management Pack in version 6.1.7695.0. 36

Changes in Version 6.1.7676.0

The 6.1.7676.0 version of the Operational Data Reporting Management Pack fixes an issue where the Management Packs ODR report would fail to submit data.

Changes in Version 6.1.7672.0

The 6.1.7672.0 version of the Operational Data Reporting Management Pack includes the following changes: Changed the name from Microsoft ODR Report Library to Operational Data Reporting Management Pack Added the following columns to the Management Packs report: Override Type: displays the type of override that has been applied Workflow ID: displays the ID of the workflow that was overridden Workflow Name: displays the name of the workflow that was overridden Target Type: displays whether the override was applied to a class, group, or instance

Changes in Version 6.1.7599.0

The 6.1.7599.0 version of the Operational Data Reporting Management Pack includes the following changes: The instance space report is available on both Operations Manager 2007 SP1 and Operations Manager 2007 R2. Previously, this report was only available on Operations Manager 2007 R2. The Management Packs report is updated so that the list of overrides also shows disabled rules and monitors. A new report is added which shows the number of alerts per day generated by a particular rule or monitor. Report descriptions were updated. The Most Common Alerts report was updated to show the top 50 alerts instead of the top 25.

Reports in This Management Pack

To see the Operational Data Reporting reports, in the Operations console, click Reporting. In the Reporting pane, expand Reporting, and then click Microsoft ODR Report Library. The management pack includes the following reports: Instance Space Report This report shows the number of instances of each class (for example, Exchange Servers) that are created in your management group. By default, this report needs no parameters, but it is possible to modify the start and end dates. Management Group Report

37

This report shows the operating system version used in the Operations Manager infrastructure (management servers). By default, this report needs no parameters, but it is possible to modify the start and end dates. Management Packs Report This report shows the versions of each management pack that is installed in your environment. It also summarizes all the overrides you have defined in your environment, as well as custom rules and monitors you have authored. By default, this report needs no parameters, but it is possible to modify the start and end dates. Most Common Alerts Report This report shows the most common alerts generated within the report period (by default one week). It also shows this data by management pack. By default, this report needs no parameters, but it is possible to modify the start and end dates. Alerts Per Day Report This report shows the number of alerts generated per day from each rule or monitor that alerted within the report period (by default one week). By default, this report needs no parameters, but it is possible to modify the start and end dates.

Sending Reports to Microsoft

If you elect to send operational data reports to Microsoft, Operations Manager 2007 Reporting collects a summary of how Operations Manager 2007 is being used and sends reports to Microsoft on a weekly basis. Microsoft uses these reports to improve the quality of its management packs and Operations Manager 2007. You do not need to join the Customer Experience Improvement Program (CEIP) to send operational data reports. Note Before configuring operational data reports, make sure that Operations Manager 2007 Reporting is installed, and that the management server has access to the Internet so that reports can be sent to Microsoft. To configure the operational data reports settings 1. Log on to the computer with an account that is a member of the Operations Manager Administrators role for the Operations Manager 2007 management group. 2. In the Operations console, click the Administration button. 3. In the Administration pane, expand Administration, and then click Settings. 4. In the Settings pane, expand Type: General, right-click Privacy, and then click Properties. 5. In the Global Management Server Settings - Privacy dialog box, on the Operational Data Reports tab, click Yes, send operational data reports to Microsoft (recommended) to send reports or click No, don't send operational data reports to Microsoft to decline participation. 6. Click OK. 38

39