Contoso.se

Welcome to contoso.se! My name is Anders Bengtsson and this is my blog about Azure infrastructure and system management. I am a senior engineer in the FastTrack for Azure team, part of Azure Engineering, at Microsoft.  Contoso.se has two main purposes, first as a platform to share information with the community and the second as a notebook for myself.

Everything you read here is my own personal opinion and any code is provided "AS-IS" with no warranties.

Anders Bengtsson

MVP
MVP awarded 2007,2008,2009,2010

My Books
Service Manager Unleashed
Service Manager Unleashed
Orchestrator Unleashed
Orchestrator 2012 Unleashed
OMS
Inside the Microsoft Operations Management Suite

Console Scope

To be enable to work with operators console your account has to be member of a MOM security group, MOM Users, MOM Administrators or MOM Authors. You account can be member of a another security group that is member of a MOM security group, group nesting. When you start operators console your permissions will be checked and if you have permission operators console will start.

You account is also bound to a console scope. Console scope is based on computer groups. Console scope control what you can see in the operators console. If a computer group is in your console scope you will enable to work with them in operators console. A account can be member of many console scopes.

Administrator, Operator and User console scope is created during installation and can work with all computer groups. You can modify them, but it is not recommended. If a client is member of for example MOM User security group and you add him/her to another console scope, the last added console scope will be the one he/she use.

In MOM 2005 permissions to console scope is based on username and domain, not SID as it use to be. This could give some funny results, for example:

If you have a client named Anton Berg (ANBE) and you add him to a console scope (scope1) and then he quite, his SID will be removed from all security groups in AD, but there will still be a DOMAIN\ANBE in the console scope. If you then hire a new guy named Antonio Beludas (ANBE) he will be enable to run scope1, because he and Anton Berg have the same DOMAIN and logonname, DOMAIN\ANBE.

Console Scope is used to filter computer groups in operators console. This is not a security boundary. If you need a security boundary you will have to deploy multiple management groups and then connect them to each other.

You do all console scope settings in MOM Administrator Console
MOM 2005 Administrator Console
-Micrsosoft Operations Manager
–Administration
—Console Scopes

What is index.dat?

Index.dat is used by Internet Explorer to store webpages. When you visit a webpage Internet Explorer will save address, time, pictures, scripts, cookies and the contents of that webpage to your harddisk. The reason of this is to speed up your next visit on that webpage. Information about this files, cookies and where Internet Explorer have saved them is in index.dat.

In Internet Explorer you can delete a lot of the information that is stored in your computer. But you cant delete information in index.dat. For that reason it is easy for a person with the right tools to see which webpages you have visit and which files you have downloaded.

Index.dat is locked so even if you find it you can’t edit it. The easiest way to clear it is to use a tool.
Here are some tools that you can use

Privacy Guardian™ 4.0 for Windows
http://www.pctools.com/privacy-guardian/

Super Winspy
http://www.acesoft.net/wssetup.exe

 

FreeSpace

A common question is why MOM don’t generate an alert when diskspace is out. “Run Storage State Monitoring” is a script that among other things check free space. This script has a couple of parameters that will affect when an alert is generated. If we look in the Base OS MP guide we will find the following text:

Alerts are generated based on the values that are set for the free-space thresholds. Values below the established thresholds trigger alerts. However, alerts for non-system and system drives are generated only when the values for both the free space megabytes and the free space percentage are below the configured thresholds.

This means that both values have to be fulfilled before an alert is generated. Default threshold is 500Mb on non-system disks and less that 10% free space. If you have a disk at 1GB total space, that disk has to have less than 100Mb free space before an alert is generated.

A solution can be to setup free percent to 100% and then control the alert with free Mb. You always  have less that 100% free disk. You can also setup free Mb to 9999999 and control the alert with free %.

You can change the parameters in Administrator Console
-Microsoft Operations Manager (MOM)
–Management Packs
—Scripts
—-Microsoft Windows Storage State Monitoring Script
—–Parameters

 

Notification Workflow Solution Accelerator

Will you install MOM Notification Workflow Solution Accelerator? When you download it from Microsoft webpage you have the option to also download a hotfix. Do not install that hotfix until you have experience the issue. I have done some tests and it seems that if you don’t have the issue, you will get it if you install the hotfix.

Install NTWF according to the installation documentation that is included in the package. Then setup SMTP according to the MS KB.  If you already have installed the hotfix and suspect that it is generating problems, uninstall it according to the last page in the document that is included in the package.

Prerequisites and configuration settings that are required to make the Notification Workflow Solution Accelerator fully functional with Microsoft Operations Manager (MOM) 2005

Notification Workflow Solution Accelerator

The specified language is not supported for DSN creation

Exchange 12 CTP (now Exchange 12) will only work in English or Japanese. If you server is setup in any other language the installation will halt with the following message:  

“The specified language is not supported for DSN creation”

The solution is to change “Regional and Language Options” and “Standards and formats” in the controll panel.
I have upload screenshots of the issue and also screenshots of the work around here

MMC3.0 and Exchange 12/2007

Exchange 2007 (former Exchange 12) CTP require MMC3.0, even if it is installed Exchange installation can halt because it is not found. The cause is that Exchange 2007 CTP is looking for a key in the registry that only MMC 3.0 RC1 refresh will create. The RTM version of MMC 3.0 do not have this key, thats why the installation halts. It’s easy to fix, just create a empty regkey

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\MMC30Core

I have upload screenshots of the issue and also screenshots of the work around here

 

 

Book of the day

Book of the day is “Essential Microsoft Operations Manager”, from O’Reilly. 

There is a lot of useful chapters in this MOM, it assume that the reader have some knowledge about MOM already. There is many useful examples and also a short chapter about SQL and how to operate and maintenance MOM databases. 

Swedish online bookstore
http://www.adlibris.se/product.aspx?isbn=0596009534

More information about the book
http://www.oreilly.com/catalog/microsoftopmgr/

 

Basic MOM

In January 2007 I wrote a article about MOM.

With this article I would like to give the reader basic knowledge of MOM components. The article is for IT personnel who know what MOM can be used to in general.  

MOM artikel (acrobat pdf format)

 

MOM Prerequisites

Microsoft SQL Server 2000 SP3 or later. SQL Server 2000 SP3 or later not detected

MOM will halt during installation if SQL 2000 SP4 is installed. MOM require SP3 och don’t recognize SP4. If you run this file the version number will be change in the registry and installation will work. After installation you can run this file and change the version number back to SP4. 

Swedish MOM sendlist

I have created a swedish sendlist with focus on Microsoft Operations Manager. Its a place for questions, tip-offs and ideas. You can easy sign up here. Remember, the sendlist is swedish.