Home » Articles posted by Anders Bengtsson (Page 30)
Author Archives: Anders Bengtsson
Notification on all unassigned incidents
User does not have permissions to access the Service Management API
Building a SLEEP activity for OrchestratorTechEd Hands-On Labs
This morning I have been on MCT proctor briefing at the conference center. There was a lot of activity going on in the building today, a lot of things that needs to be ready for tomorrow. Along with other things during the briefing we tried the hands-on labs. I must say that TechEd hands-on labs this year is at a higher level than earlier year, at least the management and operations (MGT) labs.
There are both introduction labs but also a number of advanced labs like Ops Mgr labs about cross-platform monitoring, SAP monitoring and about building connectors in Visual Studio. There are also a number of good labs about SCCM, SCE and DPM. Some example of labs are upgrade from SMS 2003 to SCCM 2007, how to configure branch office distributed points, distribute OS with SCCM, SCCM native mode and how to protect both Exchange and SQL with DPM.
Don’t miss this great opportunity to try Microsoft products and cool features!
Using Pre-Backup and Post-Backup Scripts in DPM
You can configure DPM to run scripts before (pre) and after (post) each DPM backup job. This can used to prepare the data source for backup and also to start a service again after backup.Â
On each agent machine, in the DPM folder under \DPM\Scripting there is a file named ScriptingConfig.xml. This is the file that you use to configure pre-backup scripts and post-backup scripts. These scripts are run with the local system account. The script needs to be configured on each agent, or you could use some find of deployment system to deploy the configuration file to multiple machines.
In my test I simply stopped the print spooler (spooler) service and started it again after backup. I created two CMD files in C:\Scripts. The files include “net start spooler†and “net stop spoolerâ€. My test machine ScriptConfig.xml looks like this (click to view the full image):
The BackupCommandLine lines is for command-line parameters to be passed to the script. The DataSourceName attribute is the data source volume or name, for example a storage group name in Exchange.
I have not found a good way to see if the pre-backup and post-backup script ran successfully. But if you have Operations Manager in your environment, you can configure your scripts to echo to event viewer. Then you can use the missing event monitor to make sure the scripts are run successfully every X minute, for example if you do a backup every hour, then you want an event every hour too.
Remember to include your scripts in your disaster recovery plan.
Â
Files created last X hours including Y in the filename
This is a script that checks if there is a new file, contains a keyword, and that the file has been created last X hours. For example if you have a couple of servers uploading files every hours, you can check with this script if all servers have uploaded a new file the last hour. Even if the filename is not always the same, for example many applications add a timestamp to the filename like server05_20081012.
Configuration.txt contains all keywords that should be included in a filename. Contoso_filecheck.hta is a GUI that you can use to add keyword, delete keywords and show current keywords. contoso_filechecker.vbs is the script that does the filecheck.
- The script counts number of files in the folder, that was created last X hours (default folder is C:\LogFiles and default time is 24 hours)
- The script creates an array of all the files that was created last X hours
- The script loops all selected files and checks if the keyword is in the filename. It then moves on to the next keyword and loops all selected filenames.
- If the keyword, for example a server1, is in Configuration.txt but there is no file including server1 created last 24 hours, a local event will be created including the time configuration and the keyword.
- You can configure MOM 2005 or Ops Mgr to pickup these events and generate an alert.
Download the script here.
Microsoft Hyper-V Server and System Center
I installed a Microsoft Hyper-V Server a couple of days ago. Hyper-V Server is a version of Windows Server 2008 core that includes the Hyper-V role, all other roles are disabled. There is a new simple interface to configure the server. You can also use the Hyper-V MMC and System Center Virtual Machine Manager to administer your Hyper-V server. More info about Hyper-V Server here.
I installed an agent from Operations Manager 2007 without any problem. However I found out that Ops Mgr found the machine as 2008 full installation (installation type = full), not as a core machine (installation type = core). Not the worst thing, but it is good to know. You can see it if you create a new state view target Windows Server 2008 Computers.
I also tried to install a Data Protection Manager 2007 agent on my Hyper-V server. First DPM could not identify my Hyper-V server as a known Windows version. In Active Directory I could see that my Hyper-V server operating system is set to “Hyper-V Server”, not “Windows Server 2008 Enterprise” as my other core machines. When I changed it to “Windows Server 2008” there was no problem adding it to DPM and installing the agent. I guess that the DPM query does not recognize “Hyper-V Server” as a supported operating system, but that works too after this “workaround”.
Protecting Exchange 2007 with DPM 2007
This week I have been doing some tests with Microsoft Data Protection Manager 2007 (DPM). Data Protection Manager 2007 is a member of the Microsoft System Center family of management products, the product family that I work primary with. Focused on the primary Microsoft server workloads, DPM 2007 was specifically built to protect and recover SQL Server, Microsoft Exchange Server, SharePoint Portal Server, Microsoft Virtual Server, as well as Windows file services. I have been testing protection of Microsoft Exchange 2007. You can find more info about DPM here.
ESEUTIL offload and log file database integrity
I configure my DPM server to do express full backup (all blocks that has changed since last express full backup, update the replica on the DPM server) every night, and synchronization every 15 minute. That will give me 96 recovery points per day, one recovery point for each full backup or synchronization.
To ensure consistent backups, DPM can run ESEUTIL against the Exchange data replica on the server. In other words DPM offloads the overhead from the Exchange server and still ensures a consistent, fully supported backup. After the synchronization is complete DPM sends a message to VSS on the Exchange server to truncate the logfiles. You can review this in the local event views on the Exchange server. You can also use the ESEUTIL determine which logs have been committed to the exchange database, this is good for troubleshooting scenarios. For example if you have the following logfiles on you Exchange server
- E02000000CD
- E02000000CE
- E02000000CF
- E02000000D0
and you run the ESEUTIL /mk command you can see that for example E02000000D0 is the first uncommitted log for the appropriate database, that means that all the C* log files will be truncated after the next synchronization. There will always be some log files in the folder , even if you have a idle Exchange server, a idle stand-alone mailbox server can generate up to 96 logs during a day. More info about that here
According to this KB you need to copy a number of files to your DPM server before it can run ESEUTIL. That is correct, but I never found an Exosal.dll file on my Exchange server and the database check seems to be working without it.
 
“Latest†recovery pointÂ
Another feature I tested is the “latest†recovery point. It means that DPM first will first restore the database to the latest syncronization, in my case 15-minute recovery point, then reapply all log files that are still on the Exchange server. I tried this by first sending an e-mail between two users, in a time slot between two synchronizations. I then shut down the Exchange server and removed the data volume. I added a new blank disk and restarted the Exchange server. From my DPM server I started the recovery wizard and selected “latest†as recovery point, for my storage group. When the recovery was complete and I started Outlook at my workstation I could see that the e-mail that I had sent between two synchronizations was in my inbox. That means that DPM had first restored the latest synchronization and then reapplied Exchange log files.
Â
Â
Recovering a mailbox
You can easy restore a mailbox with the recovery wizard. Double click the storage group, select a mailbox and click restore. Before you do this, note that DPM will not setup a recovery storage group for you. You will need to do that on your own and also configure the “database can be overwritten by restore†flag. When the database is restored, the work in DPM is finished. You now need to use Exchange tools to mount the database in the recovery storage group and recover the mailbox data. MS Exchange Troubleshooting Assistant in Exchange 2007 can help you with that, for example to merge two mailboxes. If you want to restore the mailbox to another mailbox (not the same GUID), for example if you deleted the mailbox and create a new mailbox for the user, you can use the “restore-Mailbox†power shell command. The DPM restore is always a mailbox database (edb) and log files. You need to use Exchange tools to get the data into a PST.
Â
Last year I did a test on DPM System Recovery Tool. The DPM System Recovery Tool (SRT) is a tool within Microsoft System Center Data Protection Manager 2007. SRT helps you recover systems that no longer start at all. Instead of having to first restore the operating system, then install all patches, updates, applications and then restore the application backup, SRT can roll back a complete system. you can read about that here.
I found a couple of useful links when protecting Exchange with DPM.
• Using Eseutil to Determine Which Logs Have Been Committed, link
• Hexa to Binary and Decimal converter/convertor, link
Microsoft TechEd EMEA 2008 IT Professionals
Â
I will attend at Microsoft TechEd in Barcelona, will be working in the Hands-on-Labs (HOL) and Ask-the-Experts (ATE) areas. If you are plannig to go, come by and say hi. You can find more info about the event here.Â
Change Default View in the Web Console
If you want to change the default web console view there are at least two ways to do it:
- Start the web console, find the view that you want to open first, for example “Contoso Alerts”. Then create a new shortcut to http://WebConsoleServer:51908/default.aspx?ViewName=Contoso Alerts
- The second way is a little bit more complicated. Start the web console, navigate to the view, right click in the navigation tree and select “view source”. The in the source, search for the name of the view and you will find the “onNodeClicked code” on the same line, for example 4cb2t5a7-b4b4-2621-2e7b-e346ag52f2ed22. You will also need the ViewType, you can find that next to the “onNodeClicked code”.Then create a new shortcut to http://webconsoleserver:51908/default.aspx?ViewID=8db1f5a7-f3f3-2646-6c6b-e34672f7ed98&ViewType=AlertView , insert the ViewType and onNodeClicked code.
Groups to Classes
This management pack allows security groups in Active Directory to be used to discover classes in Operations Manager 2007. For example if you already have your servers divied into security groups in Active Directory you can use populate classes from those groups and use the same in Operations Manager 2007 for targeting.This management pack needs to be adapt to your environment before you can use it. I recommend you to do that in the Authoring Console.
The management pack includes two classes, Contoso.GRP2CL.Fileservers and Contoso.GRP2CL.AppServers. Both these classes have one discovery rule each. The discover rules use script to check if the local machine is member of a specified security group in Active Directory. If they are, they create a instance of the class. The LDAP path is configure in the script. You should also change the discovery schedule, default time is every two minute.
The management pack also includes two state views to show which machines that are in the classes.
Every two minute it runs a script on all windows servers to see if they are member of a security group in Active Directory. If they are, a instance of the class is created.
Download the package here. Please note that this is a sample/idea, make sure to test and review it in a testenvironment.
Script: Notification Based on Keyword
I have written a script to show an idea how to get notification based on keywords. I have a power shell script that checks new alerts for the keyword and sends notification. This is occurs outside of the Ops Mgr console, so you will not see this under recipients or subscriptions in the console. The power shell scripts get both keywords and recipients from a configuration file. After a notification is sent the custom field 1 is updated on the alert, so the script will not send multiple notification for the same alert.
You can modify this script to include more attributs from an alert, with default settings it is only searching the alert description.
All information is included in the readme file.
Download the package here.
Script: Shares Creation
Earlier I have post scripts to check network shares, if they are available over the network. This script is also working with shares, it verify if all shares on the machine is approved. Unfortunately we don´t have a central database with all configuration yet but in this example I have solved that with a file on the agent managed machine, including the names of all approved shares.
This script lists all shares, it compare them with share names in a local file. If the share is not in the local file a local event will be generated with the share name and the path to the shared folder. You can pick up that event with Ops Mgr or MOM and generate an alert.
Download there script here
Recent Comments