A couple of weeks ago I was speaking at a System Center 2012 event in Stockholm/Sweden. My session was around Orchestrator and Service Manager integration. On stage I created and demo a scenario where Service Manager, Virtual Machine Manager and Orchestrator was used to administrate lifecycle of virtual machines and virtual services. My laptop only hosted Orchestrator and Service Manager so in many of the example runbooks I only create a computer object in Service Manager. But as you realize you could re-place that with any kind of Virtual Machine Manager activity. In this post I will share with you the demo files, runbooks and management packs I used.

The demo scenario was that someone could order a virtual machine or a service (service template) from the self service portal in Service Manager. Orchestrator and Virtual Machine Manager then created the machines and so on. When you order a new virtual machine you needed to input a expire date, for how long will you need the virtual machine. You also need to input a cost center, to know who should approve and how will pay for it. When a virtual machine is close to the expire date it is picked up by a runbook that notify the owner. The owner can use the portal to extend the date or simple don’t. If the machine pass the expire date Orchestrator will shut it down. When it has been shut down for some months it is deleted. The demo also showed how to generate reports to follow up which how much each cost center should pay. When the order is complete the user can see the result in the Service Manager portal

The cool thing about this demo is not only that we can create any kind of virtual environment with Virtual Machine Manager 2012, instead of just deploying machines we can follow up on who order, who approved and we can also see how much each cost center is using.

The solution is divided into multiple steps

1. Extend the Windows Computer CI class in Service Manager with a couple of extra properties, like order date, cost center, owner, expire date, approver and cost. (MP attached)
2. Create a new CI class in Service Manager to store cost information (MP attached)
3. Create a runbook that creates computer objects (export file attached)
4. Publish a service in the self-service portal in service manager (not included in this post, ping me if you need step by step guide)
5. Create a report to follow up number of orders and total cost per cost center
6. Create runbooks to administrate removal of expired objects (export file attached)

Extend the Windows Computer Class

To add extra attributes to all Windows Computer CI objects in Service Manager we need to extend the Windows Computer class. We can do that with the Service Manager Authoring Tool, download here. (http://www.microsoft.com/en-us/download/details.aspx?id=28726). When the Authoring Tool is installed follow these steps to extend the Windows Computer class

1. We need to seal the management pack we will create in the Authoring Tool. If we don’t seal it we cant use it with Orchestrator or the data warehouse. To seal it we need a keyfile. SN.EXE (.NET Framework Strong Name Utility) is a tool that we can use to generate that key file. Open a command prompt and navigate to C:\Program Files (x86)\Microsoft SDKs\Windows\v6.0A\bin
2. To generate a key pair run, SN.EXE -k C:\temp\snKey.snk
3. Start Service Manager Authoring Tool
4. From the File menu choose New
5. New Management Pack, save the new management pack in a suitable folder, for example C:\TEMP\Contoso.WinCompExt
6. Use the Class Browser to find the Windows Computer class, right-click it and select View
7. In the Management Pack Explorer pane, note all the default properties. Right-click on the Windows Computer class and select Extend Class
8. Target Management Pack, select Contoso.WinCompExt to save the extension in the management pack
9. Click Create Property and add the following properties. Edit each property in the Details pane

   Internal Name	Name	Data Type	Note
   ContosoOrderDate	Order Date	Date Time
   ContosoCostCenter	Cost Center	String
   ContosoOwner	Owner	String
   ContosoExpireDate	Expire Date	Date Time
   ContosoApprover	Approver	String
   ContosoCost	Cost	Integer

10. Save your management pack
11. In the Management Pack Explorer pane, right-click Contoso.WinCompExt and select Seal Management Pack
12. Seal Management Pack,
    Output Directory: C:\TEMP
    Key File: C:\temp\snKey.snk
    Company: Contoso
    Click Seal and then Close
13. Start Service Manager Console and import the sealed Contoso.WinCompExt management pack from C:\temp\Contoso.WinCompExt.mp (make sure to select the .MP management pack, MP=Sealed XML=Unsealed)
14. Close the Service Manager Console and open it again, this will re-load class information
15. Navigate to Configuration Items/Computers/All Windows Computers and open a computer. Note all the new properties that are shown on the Extensions tab. We have now extended the Windows Computer class with the properties we need for the computer lifecycle demo.

The pricelist

One of the properties we extended the Windows Computer class with is Cost. My idea is to use this field to show the monthly price of the configuration item, the computer. We could input that price manual but we can also build a price list inside of Service Manager. To do that we can use the Authoring Tool to create a new CI class, Contoso Price List.

1. Start Service Manager Authoring Tool
2. From the File menu create a new management pack, for example C:\TEMP\ContosoCost
3. In the Management Pack Explorer pane, right-click Classes and select Create Configuration Item Class
4. Create Class, input ContosoCostItem as internal class name
5. In the Details pane change the Name to Cost Item
6. Delete default Property_4
7. Add two properties, AvailabilityLevel and Cost. Change AvailabilityLevel name to Availability Level. Change data type to Integer for the Cost property. Change Key to TRUE on the Availability Level property
8. Save the managemente pack
9. Seal the management pack the same way we did with the first management pack
10. Import the management pack into Service Manager. Remember to import the sealed version, MP file.
11. Restart the Service Manager Console
12. Navigate to Configuration Items
13. Create a new folder, name it Price List. Create a new management pack, for example Contoso, and store the folder in it
14. Select the Price List folder and click Create View in the Tasks pane
15. Create View
    Name: All Items
    Criteria: All objects of the ContosoCost Item class, where object status does not equals Pending Delete
    Display: Availability Level and Cost
16. Select the new All Items view and click Create Contoso Cost Item from the Tasks pane
    DisplayName: Gold
    Availability Level: Gold
    Cost: 100
17. Click Create Contoso Cost Item from the Tasks pane
    Contoso Cost Item Properties
    DisplayName: Silver
    Availability Level: Silver
    Cost: 70
18. Click Create Contoso Cost Item from the Tasks pane
    Contoso Cost Item Properties
    DisplayName: Bronze
    Availability Level: Bronze
    Cost: 40
19. Click OK

Runbooks

This example use a number of runbooks, all included in the export file attached to this blogpost. I will explain each one of them and you can import them and look at the in the Orchestrator Runbook Designer

•  700.10 Cost. This runbook will get the correct price for the new computer based on the price list in Service Manager
• 700.11 Count Machines. This runbook counts existing machines to figure out a suitable computer name for the new machine
• 700.2 Update Approver. This runbook updates the approver step in the service request template based on the cost center. The runbook attach approver to the manual approval step
• 700.3 Create VM (picture) creates the new computer
• 700.4 Update Service Request, updated the Description attribute on the Service Request. This is used when the machine is create to communicate the new computer name to the user. The user will see this in the self-service portal
• 700.5 This one will find all VMs that are close to expire date (2 months or less) and send a e-mail to the owner of the machine. Also flag the virtual machine that e-mail has been sent
• 700.6 Get Cost Center. This runbook gets approver for each cost center. This could be done with a external database or any other way
• 700.7 When a VM have passed expire date it is shut down in Virtual Machine Manager
• 700.8 Deleted expired VM, when the VM has been shutdown for 2 months it is deleted
• 700.9 Update expire date, if the user order a new expire date for the computer in the portal, this runbook will update the virtual machine with the new expire date
• 500.1-500.3, these runbooks are used to generate the HTML based report. One master runbook and then one runbook for each cost center

Report

Reporting have changed a lot with Service Manager 2012. We now have cubes to analyze the data and we use Excel to easy drag and drop fields to build table. The first image below show a table with everything that cost center 2 is running right now. If you want to sum everything into a one cell, total cost, it is a bit more difficult now when we are running cubes. We need to extend the cube to include that field. If you don’t know how to do that you could solve it with SQL reports or using Orchestrator. In the second image below you can see a HTML based report generated by a couple of runbooks in Orchestrator.

Runbooks, SC12day_demo_wolf
Management packs SC12 day MPs

Please note that this is provided “as is” with no warranties at all.

A couple of days ago there was a question about converting a incident in Service Manager to a service request. The scenario was around a support call first register as an incident, but later the operator finds out it should be a service request. Out of the box in Service Manager there is no tool to move the data we have already input in the incident over to a new service request. But of course we could use Orchestrator to do it 🙂 We could also build this workflow as an internal workflow in Service Manager… but that would take me a lot of hours; this runbook only took two cups of coffee. In this post I will show a idea how to build a task that you can run against a incident in Service Manager to “convert” it into a service request. The incident is not really converted, we copy the info we have in the incident over to a new service request, link them together and close the incident.

The runbook is trigger by a task in Service Manager, input parameter is only the incident ID.

1. Initialize Data. Input parameter is IncidentID. ID of the incident we want to “convert” to a service request
2. Get Object. Gets the incident from Service Manager. This step also verify that the incident don’t have Closed as status
3. Send Platform Event. If the incident is closed or cant be found a platform event is generated. For example if you trigger the runbook with a incorrect incident ID from the Orchestrator console it will not run
4. Get Relationship. Gets related Active Directory User to the incident
5. Get Object. Gets the user that step 4 found
6. Create Object. Creates a new service request and writes info to it from the incident
7. Create Relationship. Create a relationship between between the service request and the affected user (relationship type = user)
8. Create Relationship. Create a relationship between the service request and the incident (relationship class = is related to work item)
9. Format Date/Time. Gets the current time stamp in a correct format, will be used when creating comments on the incident and the service request
10. Run .NET Script. A small PowerShell script that generates a GUID. The GUID will be used as ID for the incident comment
11. Create Related Object. Creates a Trouble Ticket Action Log (action log comment) on and relates it to the incident. The runbook writes a comment saying the incident has been converted to a service request (relationship type = Trouble Ticket Has Action Log)
12. Update Object. Resolve the incident, change status to Resolved
13. Run .NET Script. A small PowerShell script that generates a GUID. The GUID will be used as ID for the service request comment
14. Create Related Object. Creates a Trouble Ticket Analyst Comments (log comment) and relates it to the service request. The runbook writes a comment saying the service request was based on the incident
15. Send Platform Event. Writes a platform event with service request ID and incident ID

That is the runbook, the next component is the task in Service Manager. We could trigger the runbook from Orchestrator console and input the incident ID manually, but it is easier with a task in Service Manager. In the Service Manager console, in the Library workspace you can create a new task with the following settings.

• General/Task name: Contoso - Convert Incident to Service Request
• General/Target class: Incident
• Categories/Categories: Incident Management Folder Tasks and Incident Support Groups Folder Tasks
• Command Line/Full path to command: C:\TEMP\ORT251\ORTRunbookLauncherCLI.exe
• Command Line/Parameters: /IncidentID=$Context/Property[Type=’WorkItem!System.WorkItem’]/Id$
  (the parameter is the work item ID that you can insert from the  “Insert Property” button)

…the runbook runs and generates a platform event

…if we look at the incident it is now resolved and has a new comment

…also a relationship to the new service request

…and when look at the service request we can see that data has been copied over from the incident

Summary: We have built a task in Service Manager that use the Orchestrator Remote Tool to trigger a runbook. The runbook connects to Service Manager, copies the data we have in the incident over to a new service request, resolve the incident and update both incident and service request with relationships and comments.

You can download my runbook example here, 20120410_Incident2ServiceReq_WOLF.  Please note that this is provided “as is” with no warranties at all.

In Service Manager we can configure an approval step with “Line manager should review”. That means that the manager for the user who created the for example service request needs to approve. The manager is configured on user account in Active Directory.  This works dynamic and fine as long as it is actually the manager that needs to approve. But what if we request a service and the approver depends on who is requesting the service and what kind of settings of the service? Then we can’t use the “line manager should review” feature and we don’t want to create one template for each possible scenario.

In this blog post I will show how you can build dynamic approval steps in Service Manager together with Orchestrator. I will use Orchestrator and Service Manager 2012, but it works almost the same in Service Manager 2010 with the Service Manager Integration pack for Orchestrator or Opalis. The really cool thing is that we use a runbook to update an approval step within the same service request.

In my scenario engineers can request temporary permissions from the Service Manager self-service portal. Instead of engineers have accounts with all permissions that they can possible need, they need to request permissions when they need it, and the permissions are removed after X hours. If we lose an account it doesn’t have any permission after X hours and no engineer will have an account with too much permission.

High level steps

1. Engineers request permissions for a system from the self-service portal. The engineer fills in a form with all needed information based on a service request template. The engineer can select system from a drop down menu.

2. The service request template includes tree steps

2a. Update manual approval step (Runbook)

2b. Manual approval step (Default approval step in Service manager). This approval step is blank, no configuration by default. Instead it is the first runbook activity that updates this approval step with reviewers.

2c. Grant engineer permissions (Runbook)

3. The first runbook activity in the template run and update the approval step with suitable approval group based on which system the engineer request permission. For example if the engineer have request permissions to Exchange the manual update step will be configure with the Exchange Expert Team group.

4. An expert team approves the request. This step is blank in the template; the previous runbook activity will add a security group as reviewers depending on the permissions that were requested.

5. The second runbook activity run and adds the engineer to a suitable security group in Active Directory depending on what kind of permissions that was requested. The runbook also writes a log to a log database and updates the service quest with the result.

6. The engineer can track the service request during the process and also see the result of the service request in the self-service portal

Let’s look at the runbooks

This first runbook starts with the runbook activity ID; it then gets the related service request. After that it maps the service the engineer input to a security group in Active Directory. After that it finds related Review activity and creates a related reviewer object. It then gets the group of reviewers from the CMDB and creates a relationship between the new reviewer object and the group from the CMDB. The second runbook is the runbook that will grant the engineer permissions. It starts after the manual approval step that the first runbook configured.

The second runbooks goes from runbook activity ID to service request, and then it gets the requesting user from the input in the Service Request. The runbook creates a time stamp plus the number of hours that the engineer requested permissions for. Then it maps the service in the service request to a security group in Active Directory and adds the user to the group, it then writes the settings to a log database. The last activity triggers next runbook. This runbook updates the service request with the result.

Looking at the process from the self-service portal it will look like

The runbook that grants permissions to the engineer writes all settings to a database. This database will be used to figure out when it is time to remove engineers from security groups again.  The database in my example is very simple, see picture. You can schedule a runbook like the one below to Query the database every X minute to see if there is any expire date passed, and if there are the user will be removed from the security group. You can also use this database as source for a report showing current temporary permissions. You can use SQL Report Builder to build a report like that, download Report Builder here.

None of my example runbooks have any activities for error handling; please see this blogpost for more info around fault tolerance in runbooks. I have not uploaded an export file of these runbooks, as it is a lot of values to re-configure in every environment. Instead I have uploaded a ZIP file,  20120319, with screenshots of all settings in all activities.

 Please note that this is provided “as is” with no warranties at all.

In this post I will show you some ideas how you can administrate announcements in SharePoint with Service Manager and Orchestrator. The idea is that announcements are owned by Service Manager and you only use the Service Manager console to create, update and delete announcements. Everything around announcements are then synchronized to SharePoint with Orchestrator. In Service Manager 2012 the announcement part is removed from the self-service portal, but there is an announcement webpart in SharePoint that you can use. To add an announcement webpart to your Service Manager 2012 self-service portal you can

1. Browse to your Service Manager self-service portal with an administrator account
2. Click Home to navigate to the root page
3.  On the Site Actions menu, select edit page
4. Click the Insert tab and select Web Part
5. Select Lists and Libraries/Announcements and click Add
6. Now, select the Announcements web part and from the List Tools menu select List/List Settings
7. On the List Settings page, select Create Column
8. Name the new column Announcement and click OK to save. We will use this column to store the Service Manager announcement ID, to keep the link between an announcement in Service Manager and and announcement in SharePoint.

The first runbook is monitoring new announcements in Service Manager. When a new announcement is created in the Service Manager console this runbooks is triggered. The runbook first converts the text that Service Manager has in the announcement from rich text format to plain text. During tests I found some issues around publish text in rich text format on the SharePoint site, so now all text gets published as plain text. The last activity comes from the SharePoint Integration Pack that you can download from Codeplex. The activity creates a list item in the new announcement webpart.

As you can see in the pictures we created a announcement in the Service Manager console, the runbook picked it up and created a list item in SharePoint. The title on the list item in SharePoint  is a mix of the announcement title and priority. Next runbook handle updates. When you update a announcement in Service Manager this runbook writes the changes to SharePoint. We use the column we added in the announcement webpart to keep the link between announcement in Service Manager and list item in SharePoint.

It get a bit more complicated when looking at how to handle deleted announcements. Many items in Service Manager have a status that we can look at, for example if the status is equals to closed or resolved. Announcement is deleted as soon as we delete them from the console. Orchestrator can monitor for changes on objects and when a object is created. But we cant monitor when a object is deleted with Orchestrator. But, Service Manager can do that. Service Manager can trigger a workflow when a object is deleted. That is how we will do, we will have a internal Service Manager workflow that will run when a announcement is deleted, it will trigger a runbook that will remove the corresponding list item in SharePoint. The Service Manager workflow will actually drop a file in a folder that Orchestrator will pick up. You can build the workflow with Service Manager Authoring Tool. If you want to look at the example I use you can download it here, SCSMAnnouncements . The picture below show the script that the workflow run. As you can see it writes the announcement ID to a file, the file is named with a GUID and stored in a remote folder on the \\FIELD-SCO02 server.

Orchestrator will monitor the folder and pick up any file written to the folder. The file includes the announcement ID of the deleted announcement. Orchestrator will find the corresponding list item in the announcement web part in Sharepoint and delete it.

I also created one runbook that will start when a new problem is created in Service Manager with priority 5 or lower. It will then create a announcement in Service Manager with information from the problem work item. It will also update the action log of the problem work item with information about the announcement. The other runbooks could then trigger on the announcement and create the announcement in SharePoint. This runbook includes a Run .NET script activity that generates a GUID. The GUID is used as ID for the trouble ticket action log on the problem work item. The runbook also includes a Map Published Data activity, that is because the Service Manager announcement and the problem work item handle priority different.

These runbooks use a “RTF to Plain Text” activity that my friend Patrik Sundqvist have built for the community. You can download the RTF-to-PlainText integration pack here. Thanks for the help Patrik, as always!

Please note that this is provided “as is” with no warranties at all.