My Thinkinground! : SCOM

Hello everyone,

We have been cleaning out our SCOM environment from servers that have been decommissioned from the environment but have not yet been deleted. This turned out to be a quite a bother because you have to one by one find the inactive (grayed) server in the Managed Servers list, right click and delete.

Of course this called for some PowerShell to get the job done faster, but I couldn't find any cmdlets that would help me get this done. My google-fu took me to this article where I was able to gather the servers that were inactive.

Acquired source code:

#Import the OperationsManager module

Import-Module OperationsManager

#Define the output file

$file=”C:\Temp\GreyAgents.txt”

#Get the agent class and the each object which is in a grey state

$agent = Get-SCClass -name “Microsoft.SystemCenter.Agent"

$objects = Get-SCOMMonitoringObject -class:$agent | where {$_.IsAvailable –eq $false}

#Export each objet into a file

foreach($object in $objects){

$object.DisplayName+ “,”+ $object.HealthState | Out-File $file -Append

}

* I had to fix a typo in the original code

Now that I had the objects I had to find out how to remove them, and I found my solution in this msdn article

Acquired source code:

# Summary

# Delete an agent hosted by a non-existent computer.

# Params

# AgentNames - An array of strings that contain the FQDN of agents to delete.

# Returns

# None

function global:Delete-Agent([System.String[]] $agentNames)

{

$NoAgentsErrorMsg = "`nNo agent names specified. Please specify the FQDN for each agent you want to delete.`n";

if ($agentNames -eq $null)

{

Write-Host $NoAgentsErrorMsg;

return;

}

$administration = (get-item .).ManagementGroup.GetAdministration();

$agentManagedComputerType = [Microsoft.EnterpriseManagement.Administration.AgentManagedComputer];

$genericListType = [System.Collections.Generic.List``1]

$genericList = $genericListType.MakeGenericType($agentManagedComputerType)

$agentList = new-object $genericList.FullName

foreach ($agentName in $agentNames)

{

$agent = Get-Agent | where {$_.PrincipalName -eq $agentName}

if ($agent -eq $null)

{

$msg = "Agent '{0}' not found." -f $agentName;

Write-Host $msg;

}

else

{

$agentList.Add($agent);

}

if ($agentList.Count -eq 0)

{

Write-Host $NoAgentsErrorMsg;

return;

}

$genericReadOnlyCollectionType = [System.Collections.ObjectModel.ReadOnlyCollection``1]

$genericReadOnlyCollection = $genericReadOnlyCollectionType.MakeGenericType($agentManagedComputerType)

$agentReadOnlyCollection = new-object $genericReadOnlyCollection.FullName @(,$agentList);

$msg = "`nDeleting {0} agents:`n" -f $agentReadOnlyCollection.Count;

Write-Host $msg;

foreach ($agent in $agentReadOnlyCollection)

{

Write-Host $agent.PrincipalName;

}

$administration.DeleteAgentManagedComputers($agentReadOnlyCollection);

}

However, this isn't quite what I was looking for as I wanted something to remove the servers from the CSV file that I have, and so I had to modify the script and this is the end result:

# Get the Class Object

$agentClass = Get-SCClass -Name "Microsoft.SystemCenter.Agent" -ComputerName SCOMSERVERS[blankifyourrunfromManagementServer]

# Get the MonitoringObject based on the class, and filter out only the available ones and the ones that have the HealthState not as Uninitialzied

# This will prevent that new servers will be removed.

$inactiveObjects = Get-SCOMMonitoringObject -Class $agentClass -ComputerName SCOMSERVERS[blankifyourrunfromManagementServer] | ? IsAvailable -eq $false | ? HealthState -ne "Uninitialized"

# Import your CSV File, my column name is "InactiveServers" and I added the Unique key to ensure no repeats are added which would cause an issue later.

$csv = (Import-Csv C:\temp\SCOMInactiveServers.csv | select * -Unique)

# Createa a new GenericList

$genericListType = [System.Collections.Generic.List``1]

$genericList = $genericListType.MakeGenericType([Microsoft.EnterpriseManagement.Administration.AgentManagedComputer])

$agentList = New-Object $genericList.FullName

# Get the ManagementGroup Object

$managementGroup = Get-SCOMManagementGroup -ComputerName SCOMSERVERS[blankifyourrunfromManagementServer]

# Get the Administration Property from the ManagementGroup Object

$Administration = $managementGroup.Administration

foreach($server in $csv.InactiveServers) # Loop through the servers in your CSV file

{

# Create a new report object

$reportObject = New-Object psobject

# Add a member property to the object that will represent the name

$reportObject | Add-Member -MemberType NoteProperty -Name "InactiveServers" -Value $server

if($inactiveObjects.DisplayName -contains $server) # Check if the server is found in the inactive objects

{

$reportObject | Add-Member -MemberType NoteProperty -Name "Status" -Value "Inactive"

# If the server is found in the inactive list then we do want to remove it

# Get the SCOMAgent object and add it to the Generic List created above

$agent = Get-SCOMAgent -DNSHostName $server -ComputerName SCOMSERVERS[blankifyourrunfromManagementServer]

$agentList.Add($agent)

} # endif

else # If it is not found that means that the server is now back to being active and we don't want to remove it anymore

{
# Edit #1

$agent = Get-SCOMAgent -DNSHostName $server -ComputerName wp-scom-ms-01

if($agent -eq $null)

{

$reportObject | Add-Member -MemberType NoteProperty -Name "Status" -Value "Offline"

}

else

{

$reportObject | Add-Member -MemberType NoteProperty -Name "Status" -Value "Active"

}

} # endelse

# Export the results of the query to a CSV file.

$reportObject | Export-Csv C:\temp\SCOMInactiveServers.csv -Append

} # endloop

# Create a ReadOnly Collection

Truth be told I'm not 100% sure why this is needed, and I did tried it without it and got some errors,

but then found out it was because of the "Unique" value on line 8 and wasn't able to test again

$genericReadOnlyCollectionType = [System.Collections.ObjectModel.ReadOnlyCollection``1]

$genericReadOnlyCollection = $genericReadOnlyCollectionType.MakeGenericType([Microsoft.EnterpriseManagement.Administration.AgentManagedComputer])

$agentReadOnlyCollection = New-Object $genericReadOnlyCollection.FullName @(,$agentList)

# Print out a message with the number of computers that will be removed

$msg = "`nDeleting {0} agents:`n" -f $agentReadOnlyCollection.Count;

Write-Host $msg;

# Removes the computers from SCOM.

$Administration.DeleteAgentManagedComputers($agentReadOnlyCollection)

The comments pretty much explain the logic that I followed but in a TL;DR version: The script will gather all of the currently inactive servers and then check that the servers in your list are indeed inactive, and export a report of it, before sending them to be removed.

Do let me know if you find this helpful or if you have any feedback, questions or concerns.

Kind regards,
Me.

Edit:
I made a change for reporting purposes on the Else on line 35. This was mainly because it was showing "active" for servers that were active or that no longer exist on the SCOM Environment.

Hello everyone!

We are currently in the process of migrating our all of the servers from one domain to our 'main' domain and as part of this project we are migrating the servers from their current SCOM environment to ours. This is normally very simple to be done through the SCOM Management Console; however, I have found that about 25% of the servers that I have been migrating are failing either during the uninstall, or the installation of the new client.

The failures are due to a number of things, because of permission issues, or ports not being opened, or just because the server doesn't feel like cooperating. Either way in order to make my work easier I created two functions to remotely install and uninstall the agent using Invoke-command and msiexec.exe and would like to share this scripts.

.SYNOPSIS

Install SCOM Agent in a remote computer using MSIExec

.DESCRIPTION

This function will Install the SCOM Agent on a remote computer using msiexec.exe. The function will require that you provide the name of the computer, and if different to modify the path where the SCOM Agent folder is located.

.PARAMETER computerName

The computer where you wish to uninstall the SCOM Agent from.

.PARAMETER agentPath

The script will use the MOMAgent.msi to install the SCOM Agent, therefor we'll need to copy the file over to the server.

This is currently done by copying the folder where the file is located. The folder will be copied to the C drive under the folder

name SCOMAgent and will clean it up after the installation is completed.

You can hard code this parameter so that it will always use a default location under the 'Begin' section.

.EXAMPLE

PS C:\> Install-SCOMAgentMsiExec -ComputerName SERVERNAME

.EXAMPLE

PS C:\> Install-SCOMAgentMsiExec -ComputerName SERVERNAME -agentPath C:\agentPath\Folder

* Note: This is the folder where it is located, not the msi file itself.

.INPUTS

System.String, [System.String]

.OUTPUTS

System.String

function Install-SCOMAgentMsiExec

{

[CmdletBinding()]

param (

[Parameter(Position = 0, Mandatory = $true)]

[System.String]$computerName,

[Parameter(Position = 0, Mandatory = $false)]

[System.String]$agentPath

)

begin

{

if ($agentPath.Length -eq 0 -or $agentPath -eq $null)

{

$msiPath = # Default path here

}

$serverAgentPath = "\\$($computerName)\c$\SCOMAgent"

} # endbegin

process

{

if (-not (Test-Connection -ComputerName $computerName -Count 1 -Quiet)) # Testing if Computer is online.

{

Write-Error -Message "$computerName cannot be pinged." -Category ResourceUnavailable -ErrorAction Stop

}

else

{

Write-Verbose -Message "$computerName is accepting pings."

} # endelse

if (-not(Get-Service HealthService -ComputerName $computerName -ErrorAction SilentlyContinue)) # Ensure that the HealthService doesn't exists.

{

# Install the Agent if the service is not found.

Write-Verbose -Message "The HealthService service is not installed. Installing."

if (-not (Test-Path -Path $msiPath)) # Test to ensure the Agent Path exists.

{

Write-Error -Message "Unable to find the location $msiPath." -Category ObjectNotFound -ErrorAction Stop

} # endif

try

{

if (Test-Path -Path $serverAgentPath) # Test if the destination folder exists.

{

Write-Verbose -Message "The destination folder already exists. Ensure no files are missing."

# If the Path exists, we'll compare the files to not have to re-write data.

$sourceFiles = Get-ChildItem $msiPath

$destinationFiles = Get-ChildItem $serverAgentPath

if (-not (Compare-Object -ReferenceObject $sourceFiles -DifferenceObject $destinationFiles)) # Test if the folders are the same, and not missing files.

{

# If the folders do not match delete the current folder.

Write-Verbose -Message "The folders do not match completely."

Remove-Item $serverAgentPath -Recurse

# Copy the correct Agent data into the local folder.

Write-Verbose "Copying files from $msiPath to $serverAgentPath"

Copy-Item $msiPath -Destination $serverAgentPath -Recurse -Force

} # endif

else

{

Write-Verbose -Message "The folders are identical. Proceeding."

} # endelese

}

else

{

# If the folder doesn't exist copy the Agent data into the local drive.

Write-Verbose "Copying files from $msiPath to $serverAgentPath"

Copy-Item $msiPath -Destination $serverAgentPath -Recurse -Force

}

} # endtry

catch

{

Write-Error -Message $Error[0].Exception -ErrorAction Stop

} # endcatch

Write-Verbose -Message "Uninstalling the SCOM Agent."

Invoke-Command -ComputerName $computerName -ScriptBlock {

Start-Process "C:\Windows\System32\msiexec.exe" -ArgumentList "/i C:\SCOMAgent\MOMAgent.msi /qn USE_SETTINGS_FROM_AD=0 USE_MANUALLY_SPECIFIED_SETTINGS=1 MANAGEMENT_GROUP=[GROUPNAME] MANAGEMENT_SERVER_DNS=[SERVERNAME] SECURE_PORT=[PORT] AcceptEndUserLicenseAgreement=1" -Wait

}

# We look in the computers eventlog to find the MsiExec log for the installation in the last 5 minutes.

Write-Verbose -Message "Confirming that the installation has been a success."

$eventLog = Get-EventLog -ComputerName $computerName -LogName Application -InstanceId 11707 -Newest 1 -Message "Product: Microsoft Monitoring Agent -- Installation operation completed successfully." -After $((Get-Date).AddMinutes(-5))

if ($eventLog -ne $null) # Check if the EventLog was found.

{

Write-Verbose -Message "The HealthService service has been installed."

} # endif

else

{

Write-Error -Message "The installation failed." -Category NotInstalled -ErrorAction Stop

} # endcatch

} # endif

else

{

Write-Error -Message "The HealthService is already installed." -Category InvalidOperation -RecommendedAction "Uninstall the agent before proceeding." -ErrorAction Stop

} # endelse

} # endprocess

end

{

Write-Verbose -Message "Removing the Agent folder."

Remove-Item $serverAgentPath -Recurse

} # endEnd

} # endfunction

.SYNOPSIS

Uninstall SCOM Agent in a remote computer using MSIExec

.DESCRIPTION

This function will Uninstall the SCOM Agent on a remote computer using msiexec.exe. The function will require that you provide the

name of the computer, and if different to modify the path where the SCOM Agent folder is located.

.PARAMETER computerName

The computer where you wish to uninstall the SCOM Agent from.

.PARAMETER agentPath

The script will use the MOMAgent.msi to uninstall the SCOM Agent, therefor we'll need to copy the file over to the server.

This is currently done by copying the folder where the file is located. The folder will be copied to the C drive under the folder

name SCOMAgent and will clean it up after the uninstallation is completed.

You can hard code this parameter so that it will always use a default location under the 'Begin' section.

.EXAMPLE

PS C:\> Uninstall-SCOMAGentMsiExec -ComputerName SERVERNAME

.EXAMPLE

PS C:\> Uninstall-SCOMAGentMsiExec -ComputerName SERVERNAME -agentPath C:\agentPath\Folder

* Note: This is the folder where it is located, not the msi file itself.

.INPUTS

System.String, [System.String]

.OUTPUTS

System.String

function Uninstall-SCOMAgentMsiExec

{

[CmdletBinding()]

param (

[Parameter(Position = 0, Mandatory = $true)]

[System.String]$computerName,

[Parameter(Position = 0, Mandatory = $false)]

[System.String]$agentPath

)

begin

{

if ($agentPath.Length -eq 0 -or $agentPath -eq $null)

{

$msiPath = # Default path here

}

$serverAgentPath = "\\$($computerName)\c$\SCOMAgent"

} # endbegin

process

{

if (-not (Test-Connection -ComputerName $computerName -Count 1 -Quiet)) # Testing if Computer is online.

{

Write-Error -Message "$computerName cannot be pinged." -Category ResourceUnavailable -ErrorAction Stop

} # endif

else

{

Write-Verbose -Message "$computerName is accepting pings."

} # endelse

if (Get-Service HealthService -ComputerName $computerName -ErrorAction Stop) # Check if the HealthService exists.

{

Write-Verbose -Message "The HealthService service is installed. Proceeding with uninstallation."

if (-not (Test-Path -Path $msiPath)) # Test to ensure the Agent Path exists.

{

Write-Error -Message "Unable to find the location $msiPath." -Category ObjectNotFound -ErrorAction Stop

} # endif

try

{

if (Test-Path -Path $serverAgentPath) # Test if the destination folder exists.

{

Write-Verbose -Message "The destination folder already exists. Ensure no files are missing."

# If the Path exists, we'll compare the files to not have to re-write data.

$sourceFiles = Get-ChildItem $msiPath

$destinationFiles = Get-ChildItem $serverAgentPath

if (-not (Compare-Object -ReferenceObject $sourceFiles -DifferenceObject $destinationFiles)) # Test if the folders are the same, and not missing files.

{

# If the folders do not match delete the current folder.

Write-Verbose -Message "The folders do not match completely."

Remove-Item $serverAgentPath -Recurse

# Copy the correct Agent data into the local folder.

Write-Verbose "Copying files from $msiPath to $serverAgentPath"

Copy-Item $msiPath -Destination $serverAgentPath -Recurse -Force

} # endif

else

{

Write-Verbose -Message "The folders are identical. Proceeding."

} # endelese

}

else

{

# If the folder doesn't exist copy the Agent data into the local drive.

Write-Verbose "Copying files from $msiPath to $serverAgentPath"

Copy-Item $msiPath -Destination $serverAgentPath -Recurse -Force

}

} # endtry

catch

{

Write-Error -Message $Error[0].Exception -ErrorAction Stop

} # endcatch

Write-Verbose -Message "Uninstalling the SCOM Agent."

Invoke-Command -ComputerName $computerName -ScriptBlock { Start-Process "C:\Windows\System32\msiexec.exe" -ArgumentList "/x C:\SCOMAgent\MOMAgent.msi /qb" -Wait }

# We look in the computers eventlog to find the MsiExec log for the uninstallation in the last 5 minutes.

Write-Verbose -Message "Confirming that the uninstallation has been a success."

$eventLog = Get-EventLog -ComputerName $computerName -LogName Application -InstanceId 11724 -Newest 1 -Message "Product: Microsoft Monitoring Agent -- Removal completed successfully." -After $((Get-Date).AddMinutes(-5))

if ($eventLog -ne $null) # Check if the EventLog was found.

{

Write-Verbose -Message "The HealthService service has been uninstalled."

} # endif

else

{

Write-Error -Message "The uninstallation failed." -Category NotInstalled -ErrorAction Stop

} # endcatch

} # endif

else

{

Write-Error -Message "The HealthService is not installed." -Category InvalidOperation -ErrorAction Stop

} # endelse

} # endprocess

end

{

Write-Verbose -Message "Removing the Agent folder."

Remove-Item $serverAgentPath -Recurse

} # endEnd

} # endfunction

The main thing to notice here is that the script will need to have access to the location where the msi SCOM Installation file is located, and local administrator rights to the server.

The script will then copy the files to the local drive of the server and run the msi file. Once the installation runs it will check for a successful installation/uninstall eventlog and delete the data that it copied to the C drive.

I hope that this might help someone out there, and please let me know if you have any questions, feedback or concerns.

Kind regards,

Me.

My Thinkinground!

Wednesday, March 9, 2016

SCOM Deleting Inactive (Grayed) servers from CSV

Friday, January 15, 2016

SCOM Migration