· All discoveries run every 12 hours (DFS-R discoveries run every 4 hours)

· Agent Proxy must be enabled on servers hosting Namespaces or Replication to obtain full functionality.

o Suggest just enabling Agent Proxy across the board these days.

· Profiles

o DFS Namespace Discovery Account

§ Scripts requiring account

· DFS Namespace Discovery

· Namespace Server Discovery

· DFS Folders and Folder Targets Discovery

o DFS Paths Access Account

§ For DFS Namespace Folder and Folder Target monitoring.

§ Must have READ permissions on target folders.

§ A Windows Run As Account MUST be created and associated to this Profile.

o File Services Role Monitoring Account

§ No mention of this account in the guide

o DFS Replication Monitoring Account

§ We must create a Run As Account that has administrator privileges on every DFS-R server, because when we need to get a backlog between A and B the script needs to get information from A DFS-R WMI provider and B DFS-R WMI provider. LocalSystem access is not enough.

Client Monitoring

· Enable DFS Client Computer Discovery (Target: Windows Computer, Class: DFS Client Computer)

o For a small set of computers (create a group of Windows Computer objects)

o This enables the DFS-N: Client-Side DFS Folder Availability monitor.

· Configure DFS-N: Client-Side DFS Folder Availability monitor by overriding the UNCPaths parameter. This is a colon delimited list of paths, like \\path1:\\path2:\\etc

Namespace Folder and Folder Target Monitoring

· Enable DFS Namespaces Components Discovery (Target: DFS Namespace Server, Class: DFS Folders)

o There is a parameter named “Path to DFSUtil.exe”, but this is only for the console task. Does not affect discovery. Just set the Enabled param to True.

o Caution: Do not enable this discovery if there are more than 1000 DFS folders in customer deployment! This will adversely affect performance of the agents, and cause excessive network traffic.

· Enabled DFS-N: Folder Target Availability monitor (Target:

o Enable only for a small set of folders (create a group of DFS Folder Targets objects)

Replication Monitoring

· DFS Replication Monitoring Account

o We must create a Run As Account that is a member of the Administrators local group on all monitored DFS-R computers.

· Enable DFS Replication Backlog Discovery (Target: DFS Replication Service, Class: Replication Connection)

o Enable for all objects of Type: DFS Replication Service

There are two things to keep in mind while tracing.

1. Tracing uses additional resources on the Root Management Server.

2. Stop tracing as soon as the issue has been reproduced.

This method has only been testing in SCOM 2007 SP1 and R2.

1. Logon to the Root Management Server

2. Open a Command Prompt and navigate to %ProgramFiles%\System Center Operations Manager\Tools. (keep this command prompt open to this locations until you have stopped tracing)

3. Issue the following command

StopTracing.cmd

4. Open explorer and navigate to C:\WINDOWS\temp\OpsMgrTrace.

5. You should see 10-20 *etl, *log and *sum files.

6. While still in explorer, navigate to %ProgramFiles%\System Center Operations Manager\Tools.

7. Make a copy of TracingGuidsBID.txt.

8. Then open TracingGuidsBID.txt. Comment all lines by typing # before each line, except for:

947883FC-801B-8F53-FB37-39730F608894 Microsoft.EnterpriseManagement.HealthService.Modules.Notification.3.0

455329E9-3C18-BB5B-D9B8-B5EA0DF8FCDC Microsoft.Mom.AlertSubscriptionDataSourceModule.1

9. Save and close TracingGuidsBID.txt.

10. Go back to the Command Prompt and issue the following commands:

StartTracing.cmd VER

TraceLogSM.exe -stop TracingGuidsNative

TraceLogSM.exe -stop TracingGuidsUI

11. You are now tracing the Notification Channel components. Continue tracing until the issue has been reproduced.

12. When the issue has reproduced, immediately issue the following command to stop tracing. If tracing isn’t stopped immediately after reproduction, you may risk rolling the log file.

StopTracing.cmd

13. While still in the command prompt, issue the following to format the output

FormatTracing.cmd

14. After formatting has completed, explorer should open at the location where the formatted files were copied to.

Gather Data and Send to Microsoft

Now we’ll package this data and send it to Microsoft. If you have a good understanding of ETL logs and OpsMgr error conditions, you may be able to decipher the log yourself.

1. Gather the *etl, *log and *sum files that were formatted and copied to the trace output directory from step 14 above.

2. Gather the Operations Manager event log from the Root Management Server.

3. Zip these files and send to Microsoft.

4. Make note of the Alert Id for which the alert notification was expected, and send that along with the zipped files or in separate email.

5. Include any other data you feel is relevant. Screenshots of Alert History or duplicate tickets in ticketing system, any logging you’re performing beyond Operations Manager, etc.

Note: Upload the files to the secure FTP site that was provided by Microsoft.

Introduction

Periodically, the Health Service Store may become badly fragmented. There is a rule in SCOM that performs a daily defrag of this database file, but it’s an online defrag and doesn’t always do the trick if there are frequent instance space changes occurring.

Performing the Defrag

On the Root Management Server, perform the following steps.

1. Open command propmpt and navigate to “%Program Files%\System Center Operations Manager 2007\Health Service state\health service store“.

2. Type net stop HealthService

a. If service does not shutdown clean, see recoverybelow before continuing.

3. Type esentutl /d HealthServiceStore.edb

4. Type net start HealthService

Recovery

If Health Service incurs a dirty shutdown, replay transaction log before continuing with defragmentation.

1. Type esentutl /r <HealthServiceStoreFile>.edb

a. If recovery doesn’t work, try esentutl /p <HealthServiceStoreFile>.edb

2. Continue with step 3 above

1. Export the Default MP.

2. Find the Rules and DisplayStrings sections relating to the deleted AD Integration rules, and delete everything highlighted in yellow (below example) for each instance found.

3. Save and Import cleaned Default MP.

4. Delete associated security groups in Active Directory.

  <Monitoring>

    <Rules>

<Rule ID=”OPSMGRLAB_omms_1_opsmgrlab.com” Enabled=”true” Target=”SC!Microsoft.SystemCenter.RootManagementServer” ConfirmDelivery=”false” Remotable=”true” Priority=”Normal” DiscardLevel=”100″>

        <Category>Maintenance</Category>

        <DataSources>

          <DataSource ID=”DS1″ TypeID=”Windows!Microsoft.Windows.LdapProvider”>

            <Domain>opsmgrlab.com</Domain>

            <Query>(&amp;(sAMAccountType=805306369)(objectCategory=computer)(cn=admin*))</Query>

            <Params>

              <Param>distinguishedName</Param>

              <Param>dNSHostName</Param>

            </Params>

            <UserAndDomain />

            <Password />

            <Frequency>3600</Frequency>

          </DataSource>

        </DataSources>

        <WriteActions>

          <WriteAction ID=”WA1″ TypeID=”SC!Microsoft.SystemCenter.ADWriter”>

            <ManagementServerName>72f2e063-3332-7c1b-b393-e8cf2d83545d</ManagementServerName>

            <Domain>opsmgrlab.com</Domain>

            <UserAndDomain />

            <Password />

            <SecureReferenceId />

            <dNSXPath>DataItem/Property[@Name=’dNSHostName’]</dNSXPath>

            <distinguishedNameXPath>DataItem/Property[@Name=’distinguishedName’]</distinguishedNameXPath>

            <FailoverList>

              <ManagementServerGuid>bd1b6aed-27d3-71ec-dd34-66b9f7818c90</ManagementServerGuid>

              <ManagementServerGuid>696e6c4c-c80d-6e61-5dc2-7ab6aff975f0</ManagementServerGuid>

            </FailoverList>

          </WriteAction>

        </WriteActions>

      </Rule>

    </Rules>

Also the Display Strings associated

<DisplayString ElementID=”OPSMGRLAB_omms_1_opsmgrlab.com”>

          <Name>AD rule for Domain: opsmgrlab.com, ManagementServer: OPSMGRLAB\omms-1</Name>

          <Description>AD agent assignment rule for Domain: opsmgrlab.com, ManagementServer: OPSMGRLAB\omms-1</Description>

        </DisplayString>