Category Archives: Unix / Linux

SCOM and Deprecating SHA1 Certificates what you need to know!

With the recent deprivation of SHA1 certificates in favour of the more secure SHA2 it’s important to know that SCOM uses  SHA1 to manage workloads for cross platform monitoring (Unix / Linux).

Have no fear the MS SCOM team have released an article on how to replace your existsing SHA-1 certificates with the newer SHA256 certificates.

It is important to note that you will need to update your 2012 R2 environments to UR 12 and your 2016 environments to UR2 respectivly in order to use the new SHA256 certificates by default.

The article is available here

SCOM 2016: TP 5 new features Updated 03/05

This posting will be updated as more features come to light

Install splash

At first glace there isn’t a whole lot new floating around, the administration pane has the following, Tune Management Packs and Partner Solutions:

Tune Management Packs

This feature will show which management packs are generating the most noise.


Once alerts are populating the Tune Management pack view will give you an overview of how many alerts are being generated by each management pack, filtered by a date range you specify. Unfortunately you cannot choose a filter such as “previous week”


Clicking the Tune Alerts task will display a list of the alerts from that management pack with count, location, type and name. You can access the rule / monitor settings directly from this location to make it easy to reduce noise.


Partner Solutions

This feature is actually from one of the later 2012 UR’s but I’ll keep it here due to it being relatively unnoticed. Partner solutions gives a nice view into the 3rd party management packs that are available, it’s easier to than the marketplace and less hassle then trawling through search engines. I’d like to see more from this feature.


Console optimization 

Some improvements have been made to the console this should be especially noticeable in environments with heavy load on the databases. Hopefully this mean less “busy” in the bottom left corner.

  • Alert view is optimized to load efficiently
  • Alert tasks and alert details in alert view is optimized to load efficiently
  • Context menus of an alert in alert view is optimized to load efficiently

Improved scalability for Unix/Linux Agents monitoring

A nice addition for those with large *nix environments is that the supported amount of cross platform agents per management server has been effectively doubled.

This has been achieved by using the new Async Windows Management Infrastructure (MI) APIs instead of WSMAN Sync APIs. By default, Operations Manager would use the sync APIs. To switch to the new method you need to create a new Registry key “UseMIAPI” to enable Operations Manager to use the new Async MI APIs.

To enable the new Async MI APIs – create a Registry key “UseMIAPI” under HKLM:\Software\Microsoft\Microsoft Operations Manager\3.0\Setup

SCOM: Updated MP for Unix and Linux v7.5.1042.0

A new version of the cross platform management pack has been released version 7.5.1042.0 is available for download here.

Updates in this version:

  • Update release – version 7.5.1042.0 for System Center 2012 R2 – includes agents with version 1.5.1-150
  • Added support for SUSE Linux Enterprise Server 12 MP

SCOM: Guided walkthrough for troubleshooting UNIX and Linux agent discovery

Microsoft has just released a Guided Walkthrough for troubleshooting UNIX and Linux agent discovery issues in System Center 2012 Operations Manager.

It is available here:KB2993901

It’s nice to see this type of guide being released, cross-platform monitoring with SCOM is still not very common and it can be tricky to get right.

SCOM: NiCE releases management pack for zLinux

It is always great when the  capabilities of Operation Manager are extended to monitor new areas that were previously outside of the general WinTel scope. The latest addition from NiCE is a zLinux management pack.

The NiCE zLinux MP is the first product of its class that provides monitoring of Linux server distributions on the IBM  system z platform using Microsoft System Center. IBM System z is a universal name used by IBM for all its mainframe  computers. These mainframe computers have gone through a number of name changes and are also known as System/390 or zSeries.

This management pack allows for inclusion of your zLinux components into your SCOM system which enables you to get a complete picture of the systems that are dependent on zLinux in a single end-to-end view.

• Perform ‘Logical Disk Health checks’
i.e. easily ascertain the availability and performance of your Logical Disk (File System) instances
• Carry out ‘Network Adapter Health checks’ i.e. determine the availability and performance of your Network Adapter instances
• Execute ‘Operating System Health assessments’ i.e. effortlessly discover the availability and performance for Red Hat Enterprise
Linux Server Operating System instances
• Determine the health of your processor by effectively monitoring your processor instances

More information is available at the NiCE Customer Portal

SCOM *nix Monitoring: The WinRM client cannot process the request because the server name cannot be resolved

All Linux monitored servers in a critical state is not an ideal way to start a Monday morning. Especially when none of the servers are actually experiencing an issue.

The issue at hand:
All of the Linux servers generated a heartbeat failure at the same time. Looking through the health explorer revealed the following error:

 The WinRM client cannot process the request because the server name cannot be resolved.

Testing WinRM with the following command also yielded the same result, and testing with DNS resolved the server name successfully.

winrm enumerate -username:username -password:password -remote:https://servername:1270/wsman -auth:basic -skipCACheck -encoding:utf-8 -format:#pretty

The Solution:

WinRM uses the windows proxy to resolve host names, I checked the windows proxy settings on the Management Server using the following command.

netsh winhttp show proxy

and discovered that my proxy was set correctly but the bypass list for excluded servers had been replaced with a single server, using the below command I was able to amend the bypass list to include all of the local domain servers.

netsh winhttp set proxy proxy-server=”http=<proxy FQDN” bypass-list=”*<Domain Suffix>”

One that was completed the WinRM test returned the correct data and the servers started to turn green again.