Manage very remote services with SCOM

Manage very remote services with SCOM

We're delighted to welcome Lior Armiev. Lior is a cloud monitoring and automation specialist, who works as a Technical Manager at Cloud Valley. Cloud Valley are a Managed Service Provider in Israel and they're a Cloud Partner of Microsoft Israel. Through his work with monitoring solutions, Lior has written a helpful blog on managing very remote services with SCOM. Read on to find out more. As always, we encourage you to check out his blog and original post

 

Manage very remote services with SCOM

Lior Armiev

 

We all know that SCOM agents are installed on almost all the servers in the organization, right?

And if you need to restart a service on a remote server what do you do? And if its behind a Firewall in a DMZ?

In old days you used to open VMM/vSphere and connect to the server console or use MSTSC to the remote server to restart/start a service.

Connect no more!

If you have SCOM we can use the fact that SCOM can run remote tasks without any network constraints.

My solution:

I created a website API that can be used in Squared Up (A must if you have SCOM) or as a standalone website in order to admin your services.

 

 

What does it do?

  • Using a simple link, you will get a list of all the services on a machine
  • Any Server is accessible – if you have an Agent on it you can control it
  • Start/Stop any services without any RDP/Remote commands/MSTSC
  • You can filter the output to your needs
  • Permission-based; All of the tasks run under Windows logged in user permission so if you are not configured – you won’t do any damage.

 

 

What do you need to do in order to get it:

Download from Squaredup the PowerShell community management pack – it’s a must anyway.

Go to my Dropbox link and download the zip file.

It holds one XML file – it’s the management pack holding 3 tasks

  1. Gets the services as a list
  2. Stop/Start service tasks – as the name suggests

The other is a folder, it’s the website,  – extract it and add to your IIS, use separate application pool set to classic and ApplicationPoolIdentity

in the configure your IIS website to use Windows Authentication and check that in the webconfig the impersonate is set to true and voila it’s done

one more thing to configure is the User Roles, the API is checking if the user logged in is having the permission to run Tasks in SCOM. so you will need to add the user to an existing Role or to create one and add the tasks you want the user to be able to run.

 

SCOM User Role

 

A little bit about the syntax:

the web API must have the ID= or DisplayName= as an input of the Server/Computer you want to get.

http://<ServerName>/<Website>/Services.aspx?Id=<ObjectIdinSCOM>
http://<ServerName>/<Website>/Services.aspx?DisplayName=<ObjectDisplayNameinSCOM>

You can also add filters like by Start type and Running Status to filter unwanted data.

  •  &Include=   as regex to get only the StartType you want
  • &Status= as regex to get only the services with particular status
  • &Sort= as regex in order to sort the output by any column

Examples:

http://<ServerName>/<Website>/Services.aspx?Id=<ObjectIdinSCOM>&Include=automation&Status=Stopped – will get you all of the services in StartType Automatic that are Stopped

 

For Squared Up users:

object Id is coming as an input when you use Web Content Tile like this:

https://armiev.com/ManageRemoteServices/Services.aspx?Id={{id}}

 

 

Under the hood in the IIS you can make changes to the WebConfig file and change some parameters:

  1. Management server location in the under SCOMMSSERVER – default is localhost.
  2. GetServices – The name of the task in SCOM that gets all the services list.
  3. StartService – Name of the task that Starts the service selected in the grid view.
  4. StopService – Name of the task that Stops the service selected in the grid view.

Have fun and enjoy my addon – many more are about to come.

 

 

Related Content

© Squared Up Ltd. 2018

Squared Up is a registered trademark of Squared Up Ltd. All other trademarks are the property of their respective owners. Privacy policy | Terms and Conditions