Dell have released a new version of Dell managmenet pack

You can download it here

1) Added support for the latest versions of Dell OpenManage Server Administrator v5.0 (including the enhanced Storage Management Service 2.0) and Dell OpenManage Array Manager. See read me for more detail.
2) Remote power control tasks and LED Identification tasks for Dell servers with BMC hardware and Server Administrator installed.
3) Support for new events in Storage Management and battery events in Server Administrator.
4) Additional tool tips for Dell Computers – Server Administrator version, BMC IP Address, IPMI Version, BIOS Version, and RAC Web address.
5) State View with Dell OpenManage Services along with Dell hardware agents’ status.
6) Additional classification for Dell systems without Server Administrator and a Warning alert for the Dell systems where Server Administrator is required to be installed.
7) Update of Dell Knowledge Base information to support new event processing rules of Server Administrator (including the enhanced Storage Management Service) and Array Manager.
8) Fixed the issue where Dell scripts were spawning multiple instances of cmd.exe and omreport.exe when the agent managed nodes were on load.

A couple of beta management packs has been released. Please note this is BETA! 

Project Server 2007 Beta 2 Pack for Microsoft Operations Manager 2005

Windows SharePoint Services 3.0 Beta 2 Pack for Microsoft Operations Manager 2005

SharePoint Server 2007 Beta 2 Pack for Microsoft Operations Manager 2005

Do you recognize this alert? 

SMS_SERVER - SMS 2003 Perf Threshold: SMS SQL Connections > 500 over 2 hours.
SQLServer:General Statistics: User Connections: value = 300,5. The average over last 2 samples is 300.5. 

The cause might be that the MOM agent has a large number of connection from sqldmo_%/sqldmo_(number) to the database. The agent not always disconnect. Try to restart you mom agent, you can do that by the following command 

net stop mom
net start mom   

 

A MOM Operator can sometimes experience that alerts disappear. This phenomenon depends on a function that will auto resolve alerts after a specified time if no one does anything with them. MOM will keep track how long an alert has been in a resolution state.

For example if a alert exceed times settings under “Alert Resolution States” and “Service Level Agreement” there will be an alert in the service-level exception alert view in Operators Console. This is a way to make sure alerts are handle the correct way.

Auto alert resolution gives MOM the possibility to update the MOM database (OnePoint) when an alert is not active anymore, without a operator has done anything. Under global settings in the Administrator console you can setup all times controlling when an alert will be auto resolved. There is two type of alerts “normal alerts” and “state alerts”. Normal alerts have problem state = Investigate. State problem have problem state = active or inactive. MOM cant auto resolve alerts that has problem state = active since the problem remain and no one knows if there will be more alerts. MOM will auto resolve alerts that fulfill this

resolution state = 'new' and problem state != 'active'

Default time settings is
Automatically resolved critical error alerts 90 days
Automatically resolved error alerts 2 days
Automatically resolved inactive alerts 1 hours
Automatically resolved informational alerts 4 hours
Automatically resolved security issue alerts 90 days
Automatically resolved service unavailable alerts 90 days
Automatically resolved success alerts 4 hours
Automatically resolved warning alerts 1 day

The following is a example from the history tab on an alert in Operators Console. It shows how an alert was created, according to the global settings it was auto resolved after 2 days. 2 days is default for serverity = error.

2006-06-09 05:30:03: AutoResolved
Auto Resolving Alert
Changed ‘Resolution State’ from ‘New’ to ‘Resolved’.  2006-06-07 10:51:43: NT AUTHORITY\NETWORK SERVICE
Alert is created in management group Contoso.   

 

There is a new version of SQL Management pack for SQL 2000 and 2005 ready for download 

• Support for SQL 2003 SP1 and database mirroring
• Improved support for X64
• Improved support for monitoring of database space
• Improvied product knowledge

You can download it here

Do you have some strange application with a logfile? It is suitable to monitor that logfile with MOM. Below there is a short walkthrough how to do that. To get this to work you will need a new provider and a new rule.

1.
Create a new provider.
You create provides in Administrator Console, Management Packs, Provides.
Right-click Provides and choose “Create Provide”, fill in information as below
Source of the provider: Application Log
Type: Application Log
Settings: Generic single-log file
Directory: for example C:\LOG
Format: Generic
File Pattern: for example system.log or log*
Click Finish when done

2.
Create a new computer group, name it to some something suitable for example MyApp. Add all computers you want to monitor.

3.
Create a new rule group. Associate the new computer group with your new rule group.

4.
In you new rule group, right-click Event Rules and choose “Alert on or response to event…”
fill in information as below at Advanced on the Event Rule Properties – Criteria tab.
Provider Name: Choose the provider you created before
Field: Parameter 4
Condition: matches wildcard
Value: For example *warning* if we want an alert when that word is in the logfile.
                Click Add to list
                Click Close
Event Rule Properties – Criteria, click next
Event Rule Properties – Schedule, click next
Event Rule Properties – Alert, check “Generate alert, then click next
Event Rule Properties – Alert Suppression, click next
Event Rule Properties – Responses, click next
Event Rule Properties – Knowledge Base, click next
Event Rule Properties – General, input a name and click finished

That should do it!

Note that it can take some minutes before new rules is active. Also note that MOM will start “read” a line when the application has started on a new line. So when the application has start write to line 2 MOM will read line 1.

I have upload screenshots with all settings, you can find them under screenshots.

Billy Grind is administrator for a server named CONTOSOFILE01. Billy wants to get a e-mail if something happens with CONTOSOFILE01. This short instruction is based on a working MOM installation and that SMTP is already setup and working.

First we need to add Billy as a operator, we can do that under “Nofification” in Administrator Console

1.       Right-click “Operators” and choose “Create Operator…”

2.       Operator Properties – General” tab, input name of the operator, then click next

3.       Operator Properties – Email, Mark “Email this operator”, input the operator e-mail , then click next

4.       Operators Properties – Page, click next

5.       Operators Properties – Command, click finish

Then we need to create a notification group where the new operator will be member

1.       Right-click “Notification Groups” and choose “Create Notification Group…”

2.       Input a name, for example fileserver administrators

3.       Mark the operator you just created, and click left arrow, click finish

Then we need to create a new computer group where CONTOSOFILE will be member and a rule that will send e-mail to Billy Grind

1.       First create a new computer group and include CONTOSOFILE01

2.       Then create a new rule group

3.       Right-click the new rule group, choose “Associate with Computer Group…” choose the computer you just created, then close that window

4.       Right-click “Alert Rules” and choose “Create alert rule…”

5.       Alert Rule Properties – Alert Criteria”, click next (there will be no criterias)

6.        Alert Rule Properties – Schedule, click next7.       Alert Rule Properties – Responses, choose add and then “Send a notification to a Notification group”, choose you new operators group and then click OK

8.       Alert Rule Properties – Responses, click next

9.       Alert Rule Properties – Knowledge Base, click next

10.   Alert Rule Properties – General, input a name for your new rule, verify that “This rule is enable” is marked, then click finish.

Ok, now it’s done. Note that it can take some minutes before the new rule is active.

If you want to setup more criteria for e-mail notification I recommend you to install Notification Workflow. Another thing to thing about is which e-mail server you are running MOM alerts on, what happens if  that mailserver goes offline? It could be a good ideas to install a extra SMTP server for MOM.

 

KB article,  “Failed to send SMTP message” error when MOM 2005 tries to send SMTP e-mail notification response”

 

When you work with console scope in MOM 2005 you will soon notice that you can only add username to a scope, not groups. If you have a service desk with 50 persons  it will be a lot of work to add them all. presumably there is already a security group named service desk in your organization and then you can use a tool named csutility.exe, included in MOM 2006 resource kit.I this example I have  a security group named “Exchange Administrators”. All exchange administrators is member of that group. In MOM I have a console scope for them named “Exchange Administrators Scope”. When new exchange administrators is hired or quite they are added/removed to/from that group. After that group has been modify I run the following command

CSUTIL.EXE Synchronize "Exchange Administrators Scope" "DOMAIN\Exchange Administrators"

What will happened is that all members of “Exchange Administrators” will be added to the scope named “Exchange Administrators Scope”. If I have removed a user from Exchange Administrators it will be removed from the scope too. The scope is synchronized with the MOM scope.

This will save you a lot of time, because the security group is already in place.

 

MOM 2005 Resource Kit

 

To be enable to work with operators console your account has to be member of a MOM security group, MOM Users, MOM Administrators or MOM Authors. You account can be member of a another security group that is member of a MOM security group, group nesting. When you start operators console your permissions will be checked and if you have permission operators console will start.

You account is also bound to a console scope. Console scope is based on computer groups. Console scope control what you can see in the operators console. If a computer group is in your console scope you will enable to work with them in operators console. A account can be member of many console scopes.

Administrator, Operator and User console scope is created during installation and can work with all computer groups. You can modify them, but it is not recommended. If a client is member of for example MOM User security group and you add him/her to another console scope, the last added console scope will be the one he/she use.

In MOM 2005 permissions to console scope is based on username and domain, not SID as it use to be. This could give some funny results, for example:

If you have a client named Anton Berg (ANBE) and you add him to a console scope (scope1) and then he quite, his SID will be removed from all security groups in AD, but there will still be a DOMAIN\ANBE in the console scope. If you then hire a new guy named Antonio Beludas (ANBE) he will be enable to run scope1, because he and Anton Berg have the same DOMAIN and logonname, DOMAIN\ANBE.

Console Scope is used to filter computer groups in operators console. This is not a security boundary. If you need a security boundary you will have to deploy multiple management groups and then connect them to each other.

You do all console scope settings in MOM Administrator Console
MOM 2005 Administrator Console
-Micrsosoft Operations Manager
–Administration
—Console Scopes