Category Archives: Update Rollup

SCOM 2012 R2: Update Rollup 9 has been released!

Update Rollup 9 for SCOM 2012 R2 has been released and contains a variety of fixes. As usual the update is available through windows update or in the download catalogue here.

As always test thoroughly before implementing in a production environment.

Issues that are fixed in this update rollup

  • SharePoint workflows fail with an access violation under APMA certain sequence of the events may trigger an access violation in APM code when it tries to read data from the cache during the Application Domain unload. This fix resolves this kind of behavior.
  • Application Pool worker process crashes under APM with heap corruptionDuring the Application Domain unload two threads might try to dispose of the same memory block leading to DOUBLE FREE heap corruption. This fix makes sure that memory is disposed of only one time.
  • Some Application Pool worker processes become unresponsive if many applications are started under APM at the same timeMicrosoft Monitoring Agent APM service has a critical section around WMI queries it performs. If a WMI query takes a long time to complete, many worker processes are waiting for the active one to complete the call. Those application pools may become unresponsive, depending on the wait duration. This fix eliminates the need in WMI query and significantly improves the performance of this code path.
  • MOMAgent cannot validate RunAs Account if only RODC is availableIf there’s a read-only domain controller (RODC), the MonAgent cannot validate the RunAs account. This fix resolves this issue.
  • Missing event monitor does not warn within the specified time range in SCOM 2012 R2 the first time after restartWhen you create a monitor for a missed event, the first alert takes twice the amount of time specified time in the monitor. This fix resolves the issue, and the alert is generated in the time specified.
  • SCOM cannot verify the User Account / Password expiration date if it is set by using Password Setting objectFine grained password policies are stored in a different container from the user object container in Active Directory. This fix resolves the problems in computing resultant set of policy (RSOP) from these containers for a user object.
  • SLO Detail report displays histogram incorrectlyIn some specific scenarios, the representation of the downtime graph is not displayed correctly. This fix resolves this kind of behavior.
  • APM support for IIS 10 and Windows Server 2016Support of IIS 10 on Windows Server 2016 is added for the APM feature in System Center 2012 R2 Operations Manager. An additional management pack Microsoft.SystemCenter.Apm.Web.IIS10.mp is required to enable this functionality. This management pack is located in %SystemDrive%\Program Files\System Center 2012 R2\Operations Manager\Server\Management Packs for Update Rollups alongside its dependencies after the installation of Update Rollup 9.

    Important Note One dependency is not included in Update Rollup 9 and should be downloaded separately:

    Microsoft.Windows.InternetInformationServices.2016.mp

  • APM Agent Modules workflow fail during workflow shutdown with Null Reference ExceptionThe Dispose() method of Retry Manager of APM connection workflow is executed two times during the module shutdown. The second try to execute this Dispose() method may cause a Null Reference Exception. This fix makes sure that the Dispose() method can be safely executed one or more times.
  • AEM Data fills up SCOM Operational database and is never groomed outIf you use SCOM’s Agentless Exception Monitoring to examine application crash data and report on it, the data never grooms out of the SCOM Operational database. The problem with this is that soon the SCOM environment will be overloaded with all the instances and relationships of the applications, error groups, and Windows-based computers, all which are hosted by the management servers. This fix resolves this issue. Additionally, the following management pack’s must be imported in the following order:
    • Microsoft.SystemCenter.ClientMonitoring.Library.mp
    • Microsoft.SystemCenter.DataWarehouse.Report.Library.mp
    • Microsoft.SystemCenter.ClientMonitoring.Views.Internal.mp
    • Microsoft.SystemCenter.ClientMonitoring.Internal.mp
  • The DownTime report from the Availability report does not handle the Business Hours settingsIn the downtime report, the downtime table was not considering the business hours. This fix resolves this issue and business hours will be shown based on the specified business hour values.

    The updated RDL files are located in the following location:

    %SystemDrive%\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server\Reporting

    To update the RDL file, follow these steps:

    1. Go to http://MachineName/Reports_INSTANCE1/Pages/Folder.aspxMachineName //Reporting Server.
    2. On this page, go to the folder to which you want to add the RDL file. In this case, click Microsoft.SystemCenter.DataWarehouse.Report.Library.
    3. Upload the new RDL files by clicking the upload button at the top. For more information, see https://msdn.microsoft.com/en-us/library/ms157332.aspx.
  • Adding a decimal sign in an SLT Collection Rule SLO in the ENU Console on a non-ENU OS does not workYou run the System Center 2012 R2 Operations Manager Console in English on a computer that has the language settings configured to use a non-English (United States) language that uses a comma (,) as the decimal sign instead of a period (.). When you try to create Service Level Tracking, and you want to add a Collection Rule SLO, the value you enter as the threshold cannot be configured by using a decimal sign. This fix resolves the issue.
  • SCOM Agent issue while logging Operations Management Suite (OMS) communication failureAn issue occurs when OMS communication failures are logged. This fix resolves this issue.

SCOM 2012 R2: Update rollup 8 has been released

Microsoft has released update rollup 8 for SCOM 2012 R2. As usual the update can be obtained through Windows update for the update catalog.  The update gives additional certification for network devices as well as several bug and performance fixes.

Issues that are fixed in this version

  • Slow load of alert view when it is opened by an operator
    Sometimes when the operators change between alert views, the views take up to two minutes to load. After this update rollup is installed, the reported performance issue is eradicated. The Alert View Load for the Operator role is now almost same as that for the Admin role user.
  • SCOMpercentageCPUTimeCounter.vbs causes enterprise wide performance issue
    Health Service encountered slow performance every five to six (5-6) minutes in a cyclical manner. This update rollup resolves this issue.
  • System Center Operations Manager Event ID 33333 Message: The statement has been terminated.
    This change filters out “statement has been terminated” warnings that SQL Server throws. These warning messages cannot be acted on. Therefore, they are removed.
  • System Center 2012 R2 Operations Manager: Report event 21404 occurs with error ‘0x80070057’ after Update Rollup 3 or Update Rollup 4 is applied.
    In Update Rollup 3, a design change was made in the agent code that regressed and caused SCOM agent to report error ‘0x80070057’ and MonitoringHost.exe to stop responding/crash in some scenarios. This update rollup rolls back that UR3 change.
  • SDK service crashes because of Callback exceptions from event handlers being NULL
    In a connected management group environment in certain race condition scenarios, the SDK of the local management group crashes if there are issues during the connection to the different management groups. After this update rollup is installed, the SDK of the local management group should no longer crash.
  • Run As Account(s) Expiring Soon — Alert does not raise early enough
    The 14-day warning for the RunAs account expiration was not visible in the SCOM console. Customers received only an Error event in the console three days before the account expiration. After this update rollup is installed, customers will receive a warning in their SCOM console 14 days before the RunAs account expiration, and receive an Error event three (3) days before the RunAs account expiration.
  • Network Device Certification
    As part of Network device certification, we have certified the following additional devices in Operations Manager to make extended monitoring available for them:

    • Cisco ASA5515
    • Cisco ASA5525
    • Cisco ASA5545
    • Cisco IPS 4345
    • Cisco Nexus 3172PQ
    • Cisco ASA5515-IPS
    • Cisco ASA5545-IPS
    • F5 Networks BIG-IP 2000
    • Dell S4048
    • Dell S3048
    • Cisco ASA5515sc
    • Cisco ASA5545sc
  • French translation of APM abbreviation is misleading
    The French translation of “System Center Management APM service” is misleading. APM abbreviation is translated incorrectly in the French version of Microsoft System Center 2012 R2 Operations Manager. APM means “Application Performance Monitoring” but is translated as “Advanced Power Management.” This fix corrects the translation.
  • p_HealthServiceRouteForTaskByManagedEntityId does not account for deleted resource pool members in System Center 2012 R2 Operations Manager
    If customers use Resource Pools and take some servers out of the pool, discovery tasks start failing in some scenarios. After this update rollup is installed, these issues are resolved.
  • Exception in the ‘Managed Computer’ view when you select Properties of a managed server in Operations Manager Console
    In the Operations Manager Server “Managed Computer” view on the Administrator tab, clicking the “Properties” button of a management server causes an error. After this update rollup is installed, a dialog box that contains a “Heart Beat” tab is displayed.
  • Duplicate entries for devices when network discovery runs
    When customers run discovery tasks to discover network devices, duplicate network devices that have alternative MAC addresses are discovered in some scenarios. After this update rollup is installed, customers will not receive any duplicate devices discovered in their environments.
  • Preferred Partner Program in Administration Pane
    This update lets customers view certified System Center Operations Manager partner solutions directly from the console. Customers can obtain an overview of the partner solutions and visit the partner websites to download and install the solutions.

SCOM 2012 R2: Update Rollup 7

Microsoft has announced the release of U7 for SCOM 2012 R2, this update was originally delayed due to technical issues but is now available here:

This update contains many fixes which are listed below:

  • The home page link in the Web Console Noscript.aspx file is vulnerable to cross-site scripting (XSS)

    A security vulnerability exists in the Web Console for System Center 2012 R2 Operations Manager that could allow elevation of privilege if a user goes to an affected website by using a specially crafted URL. This fix resolves that vulnerability. For more information, see Microsoft Security Bulletin MS15-086.

  •  “Agents by Health State” report shows duplicate entries and inconsistent data

    Sometimes a single agent has multiple entries displayed in the “Agents by Health State” report. The fix for this issue makes sure the most recent state of the agent is displayed in the report.

  • Dependent tables are not groomed (Event.EventParameter_GUID table)

    The following issues are fixed:

    • In a database, the grooming of certain MT$X$Y tables were missed because of the filtering logic. Therefore, the tables were never groomed. There were scenarios in which lots of unwanted data was stored in these tables. This issue is now fixed, and data is groomed data from these table. This results in performance gains because there is less data from which to query.
    • In Data Warehouse, the grooming of certain tables was missed occasionally because current logic expects the rows to be returned in a certain order. This issue is now fixed, and the grooming of these tables will not be missed. In some scenarios, millions of rows were stored in these tables. This issue is now fixed. Data is now groomed from these tables. This results in performance gains because there is less data from which to query.
  • Management Packs do not synchronize between management servers

    In a SQL AlwaysOn setup, the SQL in the times of failover does not acknowledge the notifications that are registered by SCOM. This leads to inconsistent data in the environment, and the changes in management pack are not reflected in the whole environment. This update resolves this issue.

  • Leaked transaction causes over 100 SPIDs in SCOM database to be permanently blocked by the “p_DataPurging” stored procedure 

    Sometimes, because of a leaked transaction in the p_DataPurging stored procedure, the SPID becomes stuck. This causes other SPIDs to be blocked, and SCOM is brought to a standstill. This issue is fixed in this update. The fix prevents other SPIDs from being blocked.

  • Operations Manager SDK crashes because of SQL errors when QueryResultsReader.Dispose is called

    The Operations Manager SDK could potentially crash when it disposes of a database connection in some scenarios. Additionally, you receive an error message that resembles the following:

    Exception object: 00000004058197a0
    Exception type: System.Data.SqlClient.SqlException
    Message: A transport-level error has occurred when receiving results from the server. (provider: TCP Provider, error: 0 – An existing connection was forcibly closed by the remote host.)
    InnerException: System.ComponentModel.Win32Exception, Use !PrintException 0000000405819050 to see more.

    This update handles these scenarios gracefully.

  •  You can’t view dashboard performance counters that are created by using the TCP Port Monitoring template

    When you use the TCP Port Monitoring template to monitor network connectivity and the availability of local and remote assets, the template is missing a write action to the data warehouse. With the update, you can present this information on dashboards.

  • Dynamic inclusion rule is added to a group definition unexpectedly if an explicit member instance of the group disappears

    If all the explicit member instances of the group disappear, a dynamic rule is added to the group unexpectedly. With the update, no dynamic rule is generated in these situations.

  •  You can’t create group by using the SQL Server 20XX Installation Seed

    On the Dynamic Members tab of the Group Creation wizard, if you have a host class of your desired class, and if you try to select the inherited property of the host class, group creation fails. For example, if you select the Display Name(Object) property of Host=Windows Computer of the Management Server class on the Dynamic Members tab, group creation fails, and you receive the following exception:

    Processing the template failed. See inner exception for details.
    Verification failed with 1 errors:
    ——————————————————-
    Error 1:
    Found error in 1|StressCollectPerformancecounterMP|1.0.0.0|UINameSpaceb2240e1340254758bc3a0f1bd0082f4d.Group.DiscoveryRule/GroupPopulationDataSource|| with message:
    The configuration specified for Module GroupPopulationDataSource is not valid.
    : Cannot find specified MPSubElement DisplayName, on MPElement= Windows!Microsoft.Windows.Computer, in expression: $MPElement[Name=”Windows!Microsoft.Windows.Computer”]/DisplayName$

    This update resolves this issue.

  • Add MPB support to the SCOM online catalog

    The Management Pack catalog supports only those management packs that have the .mp extension and not the .mpb file-name extension. When this feature is implemented, the Management Pack catalog now supports MPB files.

    This update helps include management packs such as Azure Management Pack and SQL Management Pack on the Management Pack catalog that were not featured because of the .mpb file-name extension.

  • Active Directory Integration in Perimeter Network fails when there is only an RODC present

    When Active Directory Integration is enabled, the SCOM agent cannot talk to an RODC to obtain SCP information and instead looks for a RW domain controller. With this update, the Agent obtains SCP information from the RODC if information is available.

  • System Center Operations Manager subscriptions that use the filter to search for specific text in the description (of the message) do not work

    When you create a message subscription by using a criterion that contains specific text in the message description, no alerts were received through notifications. With this update, you receive notifications when the message description has specific text.

  • CLR load order change

    The current behavior for agents is to choose a CLR version based on the operating system version. For Windows Server 2012 and newer, the .NET Framework 4.0 is loaded. For operating systems older than Windows Server 2012, the .NET Framework 2.0 family is loaded. On management servers, the .NET Framework 2.0 family is loaded. This essentially maps the .NET Framework version used to the version available out-of-box on the server. The problem with the current behavior is that even if the Management Pack author knows that .NET Framework 4.0 is present on the system, it cannot be used.

    In the new behavior, the agent loads the .NET Framework 4.0 if it is available else it falls back to the .NET Framework 2.0.

  • Problems in obtaining monitoring objects by using “managementGroup.EntityObjects.GetObjectReader”

    In large System Center Operations Manager installations, when entity objects under a management group are retrieved by the object reader by using buffered mode, the object reader sometimes encounters System.Collections.Generic.KeyNotFoundException messages. With this update, the object reader ignores the invalid objects if they are not available.

  • The “Threshold Comparison” setting in the consecutive-samples-over-threshold monitor cannot be configured

    Although you configured the Threshold Comparison setting in the consecutive-samples-over-threshold monitor, the conversion of the Threshold float value from the management pack was incorrect for the German locale and caused monitor configuration failures. This issue is now fixed in this update for every supported locale.

  • Agentless Exception Monitoring (AEM) causes the Health Service to crash because the maximum path length of 248 character is exceeded

    When AEM client monitoring is turned on, sometimes the Windows error reporting file is created in a large file hierarchy. In scenarios in which the path is longer than 248 characters, AEM monitoring was causing the Health Service to crash. This issue is fixed.

  • After you update management packs, the newly added default (visible) columns to view are not visible automatically

    The first time that a view is opened on the console, registry keys are written in the HKEY_Current_User hive. The customization settings for the user are written in the registry. If the default view changes, the customization settings in the registry are not updated to reflect the new defaults. This update adds the newly added default column in the view.

  • Branding update

    Updates the “Operational Insights” name to “Operations Management Suite” in the System Center Operations Management console.

 

UNIX and Linux Management Pack

  • In some cases, Unix and Linux agents report incorrect CPU Processor Time

    The Unix and Linux agents use Percent IO Wait Time when calculating the Percent Processor Time for a CPU object. The agents no longer include the IO Wait Time in the calculation when they return Percent Processor Time.

Updates that are included in this update rollup

The following files are updated to support the following manageable operating systems.

Operating system Management pack
Debian 8 (x64) Microsoft.Linux.UniversalD.1.mpb
Debian 8 (x86) Microsoft.Linux.UniversalD.1.mpb

SCOM: Update Rollup 8 for SCOM 2012

Microsoft has announced the release of a security update for System Center 2012 Operations Manager UR8 it is available for download here or through the catalog:

Issues that are fixed in this update rollup:

Operations Manager

  • The home page link on the Web Console noscript.aspx file is vulnerable to cross-site scripting (XSS)A security vulnerability exists in the Web Console for System Center 2012 Operations Manager that could allow elevation of privilege if a user visits an affected website by way of a specially crafted URL. This fix resolves that vulnerability. For more information, see Microsoft Security Bulletin MS15-086.

SCOM: Update Rollup for Microsoft Monitoring Agent

Microsoft has released a new Update Rollup for the Microsoft Monitoring Agent it is available through windows update or via the catalog link in the KB article here.

Issues that are fixed in this update rollup

  • Support for Windows Server 2008 and Windows Vista. Add support for Windows Server 2008 and Windows Vista on-boarding to the Microsoft Operations Management Suite.
  • Maintain original identification after Operations Management Suite is disabled and then re-enabled or after agent is reinstalled. Preserve the identification of the system during upgrades or when enabling and disabling the Operations Management Suite. Previously, disabling and then re-enabling a connection to the Operations Management Suite caused a new agent identification to be generated.
  • Always use the Microsoft .NET Framework 4.0 for loading managed modules if it is available. Set a preference for the .NET Framework 4.0 when managed code is loaded in management packs. The .NET Framework 2.0 is used if the .NET Framework 4.0 is not available. Previously, the .NET Framework 4.0 would be used on Windows Server 2012, Windows 8, or later versions of Windows operating systems while the .NET Framework 2.0 was loaded on earlier versions of Windows.
  • Fix the Apply button that is not working in the Microsoft Monitoring Agent control panel.
  • Remove a dialog box that is displayed during a silent installation when a restart was required.

SCOM 2012 R2: Update Rollup 6

Update Rollup 6 for SCOM 2012 R2 has just been released. As usual the update can be done through windows update or downloaded through the MS catalogue here. As always give this update a thorough test before deploying to your live environments.

Fixes in this update:

Operations Manager

  • The “Remove-DisabledClassInstance” Windows PowerShell command times out without completingThe cmdlet takes lots of time to complete in large SCOM installations and sometimes times out without completing its work. This is fixed by optimizing the query that is used for deletion.
  • Duplicate closed alertsThe Find option in a message view sometimes gives results of the current search together with the results from previous searches. This occurs because of an update issue in the grid and is fixed so that values are displayed that correspond only to the current search.
  • Topology widget objects lose location when they are opened in a console that has a different locale and decimal formatTopology widgets that are created in one locale but are viewed from another locale display an incorrect location because of the widget’s inability to interpret locale-specific formatting. This issue is fixed, and users can now create and view topology widgets from different locales.
  • WebConsole Details widget does not display anythingWhen you click a message in the Alert widget, the details of the message are not displayed in the details widget on WebConsole. This issue is fixed by fixing the XAML page of the details widget. The XAML page was preventing the data from being displayed on the page.
  • Top 10 Performance widgets (WebConsole) are sometimes emptyThe Top 10 Performance widgets (WebConsole) are sometimes empty because of a performance issue. This issue was fixed in Update Rollup 3 through an MPB file that requires a manual import. Because many users missed importing the MPB, a fix is included in this update rollup as an SQL query update.
  • Problem with decoding SCOM trace log filesSometimes Operations Manager trace logs do not decode but generate the error “Unknown(X ): GUID=XXX (No Format Information found).” This occurs because the latest TMF files that contain formatting information for the related traces are missing. All TMF files are updated to make sure that traces are formatted correctly.

Unix/Linux Management Pack

  • JEE: WebLogic 12.1.3 servers on Linux or Solaris are not discoveredWebLogic 12cR1 Rel3 Java Application Servers that are installed on Linux and Solaris are not discovered.

    Note The UNIX or Linux agent must be updated after you install the Management Pack update to resolve this issue.

    Relevant log messages:

    /var/opt/microsoft/scx/scx.log

    2015-02-04T15:28:18,797Z
    Trace [scx.core.common.pal.system.appserver.appserverenumeration:379:15739:139715041470400] Weblogic process does not contain the ‘platform.home’ or ‘weblogic.system.BootIdentityFile’ commandline argument.2015-02-04T15:28:18,797Z
    Trace [scx.core.common.pal.system.appserver.appserverenumeration:462:15739:139715041470400] Merging previously known instances with current running processes

  • In rare cases, lots of omiagent processes may be observed on a UNIX or Linux computerIf a single instance of data that is returned by an OMI provider is larger than 64 kilobytes (KB), the omiagent process becomes unresponsive, and additional omiagent processes are created. This issue can occur on a managed UNIX- or Linux-based computer if a rule or monitor returns an instance of data larger than 64 KB. This is most likely to be seen when a custom shell command or script rules return lots of data in StdOut.

    Note After you upgrade the Operations Manager UNIX/Linux agent to the version that is contained in this Management Pack update, an instance that exceeds 64 KB will be truncated and will generate the following message in the scx.log file. You can use the log message to identify and change the workflow that is returning too much data.

    ExecuteCommand: Exceeded maximum output size for provider (64k), output truncated. Monitoring will not be reliable! Command executed: “
  • The SSLv3 protocol cannot be disabled in OpenSSL as used by the UNIX and Linux agentsWith this update, you can now disable the SSLv3 protocol for the Operations Manager UNIX and Linux agents. You can do this by adding a property to omiserver.conf (/etc/opt/microsoft/scx/conf). If SSLv3 is disabled, the UNIX and Linux agent will reject connections that cannot be negotiated by using TLS encryption. If SSLv3 is enabled (this is the default configuration), SSLv3 will be used only if TLS encryption cannot be negotiated.

    omiserver.conf options for configuration SSLv3

    Collapse this tableExpand this table
    Property Description
    NoSSLv3=true|false Enable/Disables use of SSLv3