An ordinary guy trying to make a difference
I came across this post on Steve Rachui's Manageability blog - ConfigMgr/OpsMgr:
“A while back I wrote up a blog post on how grooming works for the OpsMgr DB and the warehouse http://blogs.msdn.com/steverac/archive/2007/12/13/scom-2007-operational-and-datawarehouse-grooming.aspx
Recently I put the detailed grooming steps for the OpsMgr DB into a graphical form that I share here. Please note – even though there are specific tables shown here don’t consider this posting sanction to modify these tables. Doing so is unsupported and the tables are included here as information only and to show the total snapshot of the grooming process. Further, the diagram below shows the detail around grooming the OpsMgr DB for partition objects (event/perf) but leaves detail about grooming other data types, such as self-tuning threshold data, alerts, state changes, job status, etc. Information about ACS grooming, discovery data grooming, data warehoulse grooming, etc., is also absent. All that to say, grooming is a multi-step process and, while many of the moving parts are shown below, many are also not detailed.
”
http://blogs.msdn.com/steverac/archive/2009/05/31/opsmgr-db-grooming-how-it-works.aspx
Wondering what’s new? Check out this blog post on the System Center Operations Manager blog:
http://blogs.technet.com/momteam/archive/2009/05/29/what-s-new-in-r2-deployment-and-upgrade.aspx
Security Advisories Released Today * Microsoft Security Advisory (971778) - Title: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution - http://www.microsoft.com/technet/security/advisory/971778.mspx - Revision Note: Advisory published.
Posted on The Operations Manager Support Team Blog:
“The Service Level Dashboard Management Pack 2.0 for System Center Operations Manager 2007 R2 was delivered late last week by the Microsoft Solution Accelerators team, and is available for you to download today from the System Center Catalog.
Assisting you in tracking, managing, and reporting on your line-of-business (LOB) application service levels, the Service Level Dashboard displays a list of applications and their performance and availability against service level goals.
Download the SLD 2.0 here: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=1d9d709f-9628-46a8-952b-a78f5dd2bdd9
For more information on the Service Level Dashboard Management Pack 2.0 see http://blogs.technet.com/systemcenter/archive/2009/05/27/service-level-dashboard-2-0-for-operations-manager-2007-r2-now-available.aspx.
J.C. Hornbeck | Manageability Knowledge Engineer”
http://blogs.technet.com/operationsmgr/archive/2009/05/28/service-level-dashboard-2-0-for-operations-manager-2007-r2-now-available.aspx
From the System Center Virtual Machine Manager blog:
“When you perform a physical to virtual (P2V) conversion using System Center Virtual Machine Manager 2008, the P2V job may fail with the following error:
Error (3154)
An internal error has occurred trying to contact an agent on the servername server.
(Internal error code: 0x8099319E)
Cause
This issue can occur if the port used by BITS to perform the P2V on the source computer is in use by another application or service. The default port used for P2V in SCVMM 2008 is 443.
Note: Beginning with VMM 2008 R2 we will use port 40443 by default to avoid this type of issue.
Resolution
To resolve this issue, perform one of the following methods:
Method 1
Stop the service or application which is currently using port 443 by performing the following steps:
1. On the source computer, run the following command to determine which process is listening on port 443:
NETSTAT -ANB
2. Stop the service or process listening on port 443.
3. Retry the P2V job.
Method 2
Change the default port used by Virtual Machine Manager for P2V by performing the following steps:
1. Open Regedit.exe.
2. Navigate to the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft System Center Virtual Machine Manager Server\Settings
3. Create a new DWORD value with a name of P2VBITSTcpPort and set the decimal value to a port number less than 32768.
Note: You will need to choose a TCP port that’s not already in use.
4. Restart the Virtual Machine Manager Service.
5. Retry the P2V job.
More Information
For additional information on troubleshooting P2V issues, please refer to the following web site: http://technet.microsoft.com/en-us/library/cc764326.aspx
For additional information on System Center Virtual Machine Manager 2008, please refer to the following web site: http://technet.microsoft.com/en-us/scvmm/default.aspx”
Doesn’t seem like 5 years since this was setup but it’s produced some great solutions and long may it continue:
PLANO, Texas, May 28, 2009
EDS, an HP company, today announced the five-year anniversary of the EDS Agility Alliance, a coalition of technology and business service providers that work with EDS to develop and provide dynamic technology services and business solutions.
Additionally, Symantec Corp., the maker of security, storage and systems management solutions, has joined the alliance to provide EDS clients with industry-leading capabilities and innovative approaches to the challenges customers are facing in today’s environment. The joint solutions EDS and Symantec offer will help clients secure and manage their information.
Customers around the world have distinct needs and are faced with unique challenges – from safeguarding their interactions, information and infrastructure to implementing processes and policies to protect their organizations and identify threats. Through this alliance, EDS and Symantec joint customers will experience benefits including:
Symantec and EDS also plan to combine technical and marketing resources to identify and address industry trends, solution innovation and process improvements.
“At a time of increasing data breaches and security threats, safeguarding important business information and protecting IT infrastructures have become mission critical to businesses around the world,” said Greg Robins, director of Global Alliances at EDS, an HP company. “By adding Symantec to the EDS Agility Alliance, we are responding to our clients’ need for more innovative security products and solutions that help them better secure their mission-critical business data and address specific enterprise security issues.”
EDS and Symantec have been working together for nearly a decade, implementing Internet security, compliance, storage and risk management solutions for clients. The elevation of Symantec to EDS Agility Alliance partner will enable greater innovation and integration of technologies to better align solutions to the needs of clients.
“Symantec’s addition to the EDS Agility Alliance marks our commitment to providing an even more powerful set of solutions to our clients, helping them prepare for future security threats and ensuring that their critical business data is protected,” said Bill Robbins, executive vice president of worldwide sales at Symantec.
In addition to Symantec, EDS Agility Alliance members include Cisco, EMC, Microsoft, Oracle, SAP, Sun Microsystems and Xerox.
About EDS EDS, an HP company, is a leading global technology services provider, delivering business solutions to its clients. EDS founded the information technology outsourcing industry nearly 50 years ago. Today, EDS delivers a broad portfolio of information technology, applications and business process outsourcing services to clients in the manufacturing, financial services, healthcare, communications, energy, transportation, and consumer and retail industries, and to governments around the world.
About HP HP, the world’s largest technology company, simplifies the technology experience for consumers and businesses with a portfolio that spans printing, personal computing, software, services and IT infrastructure. More information about HP (NYSE: HPQ) is available at http://www.hp.com/.
http://www.hp.com/hpinfo/newsroom/press/2009/090528xb.html
PALO ALTO, Calif., May 28, 2009
HP today expanded its Total Care initiative for small and midsize businesses (SMBs) with several new products, solutions and services that reduce costs, improve productivity and enhance efficiency.(1)
To help SMB customers keep their businesses up and running with less capital and fewer employees and technology resources, HP has introduced infrastructure offerings including storage, virtualization, remote access and consolidation solutions.
“In today’s economic climate, SMBs need technology solutions that take out costs while helping drive even greater competitive advantage so they can survive and thrive,” said Kathy Chou, vice president, Worldwide Small and Medium Business Strategy, HP. “Through our Total Care initiative, HP is helping customers achieve their business goals.”
Customers can better manage data growth while reducing the complexity and costs of storage through:
“AMI has surveyed thousands of SMBs over the past 10 months and the results show that to survive in this economy, taking costs out of their business and improving data management are high on their agendas,” said Anil Miglani, senior vice president of strategy consulting firm AMI Partners. “SMBs need products and solutions designed from the ground up to help them meet these goals while also focusing on growing their business. HP is well-positioned to help SMB customers thrive in this economy because of its comprehensive Total Care portfolio.”
To further help customers protect and grow their businesses, HP unveiled:
HP solutions deliver cost, energy and time savings To help customers reduce costs, improve productivity and more efficiently manage data and operations, HP announced:
New printing solutions deliver professional-quality output at significant cost and energy savings versus competing laser printers:
As part of the HP Eco Solutions program, the three new printers are ENERGY STAR® qualified and use significantly less energy than competitive laser printers(7) based on several key environmental attributes listed on the HP Eco Highlights label.
HP also announced the new HP Scanjet N6350 Networked Flatbed Document Scanner ($899),(8) a simple-to-use, versatile page scanner with integrated networking expected to be available for purchase worldwide in June.
New collaborations and solutions drive growth HP is providing value-added resellers (VARs) and channel partners with new revenue-generating opportunities by expanding its cloud computing services through agreements with Cobweb and Cast Iron.
Special financing To help SMBs deploy their technology solutions while also conserving capital, HP Financial Services is offering flexible leasing and financing options. Recommendations from HP Financial Services on how SMBs can make the most of their technology budget are available in the white paper “Leasing helps small, midsized companies s-t-r-e-t-c-h their IT investment dollars.”
Additional information about HP’s new offerings to help SMBs thrive in challenging times is available in an online press kit at www.hp.com/go/smallbusiness2009.
http://www.hp.com/hpinfo/newsroom/press/2009/090528xa.html
This post by Brent on the The Configuration Manager Support Team Blog is worth sharing:
“Hello System Center,
In this post I'd like to share information gleaned from recent support incidents regarding the Configuration Manager 2007 Software Updates Client Agent. The goal for this post is to help by providing details on common problems driving calls to support.
To lay some groundwork, the Software Updates Client Agent is heavily dependent upon the default software update components on the client system. Thus the Software Updates Client Agent often faces similar challenges as seen by Windows Software Updates Services deployments.
Online Content:
The online TechNet library for Configuration Manager has a cornucopia of data covering Software Update Client Agents and their configurations and so please explore relevant links at need.
Before beginning, ensure you’re familiar with the topic: About the Software Updates Client Agent http://technet.microsoft.com/en-us/library/bb694104.aspx
Some of the common problems related to the Software Update Client Agent:
Windows Update Agent is Misdirected
This is an all too common scenario which has a consistent trigger resulting in settings on the client regarding its Active SUP being incorrect.
The Symptom: With regards to patching, your client goes AWOL. In other words, yesterday your client was reporting for duty and downloading updates just fine, but today, while it may still report inventory and execute software deployments, it's no longer taking software update related actions. At least not from your Site.
Note: This is observed both when clients attempt the scan action as well as after a successful scan when trying to pull down updates.
The Trigger: If this sounds like your situation then take a look at the client’s effective Policy. The one common driver we've seen is application of a Group Policy which overwrites the clients current policy, such as it’s assigned and active SUP. We also see incorrect ports, server names, and related settings passed to Configuration Manager clients by policy. Where do these come from? Good question! They're not from the Group Policy fairy. Investigate any domain or related policies that may have been configured or orphaned and are being applied to the clients. It's also possible that the client has local Group Policy disabled or an error was fat fingered into the expected Policy when configured. Find more here: Troubleshooting Group Policy Configuration for Software Updates
Windows Update Agent connection to the SUP blocked on the network
Another common scenario is a configuration that blocks the client from communicating across the network. This problem is seen elsewhere in Configuration Manager but receives significant attention here as the goal of keeping clients patched is very visible.
Note: Like the first issue of policy delivered settings, network connectivity blocks are observed both when clients attempt the scan action as well as after a successful scan when trying to pull down updates.
Two key flavors are noted:
1. Proxy Servers - Blocking traffic in a variety of ways.
2. Ports blocked - On client firewalls, on the SUP server, and at points in-between on the network.
Also keep in mind the traffic involved in Patch Management can quickly run afoul of settings intended to mitigate floods. The following link is a Forums post regarding SUP to MU Sync's but the issue is also relevant for this topic:
http://social.technet.microsoft.com/Forums/en-US/configmgrsum/thread/d63bfbce-35cc-4e60-81d2-554f7527a72b/
Find more here: Ports Used in Software Updates
Assorted Functional Problems on the Client
1. Registry Settings related to WUA Options. Commonly known as AUOptions, these are often delivered via a Group Policy, or set on clients by other means. These are worth noting as they could drive unexpected client behaviors. These are usually set when WSUS has been directly managing a client and not usually found when managed by Configuration Manager.
Find more here: WSUS Client-side Configuration Options: http://technet.microsoft.com/en-us/library/cc526860.aspx
2. Anti-Virus Software. As in other areas of the product, we can see operational collisions with legitimate patching actions. This can block or slow down the process.
3. BITS on the client. Often impacted by our friend Group Policy, these may not be directly associated with patch configurations. And sometimes BITS just isn't functional.
Assorted Patch Installation Experience Issues
Many support issues are opened which are not due to direct failures but due to unanticipated behavior or experiences on the client - usually related to a configurable option. These include:
1. Failed Patch Installations - Sometimes a client doesn't have software that qualifies to be patched despite Administrative expectations. This can happen when a vulnerable file is no longer present or has been updated by another process. This has also been seen where there is confusion over the vulnerable product or product version involved. This can be complex to puzzle out and is further muddled by competing scan solutions which can evaluate compliance using different criteria with different results.
2. Unexpected Patch Installations - It happens: A deployment targets the wrong collection full of systems not intended to be patched or patched with the configured settings. When a patch installs on a system you didn't expect, check the targeted collections and related details. Let’s avoid the uncomfortable silence on the support phone when the incorrectly targeted collection action is identified. Awkward!
3. Pop-up’s and Notifications - Finally, several issues are opened which are tied to the Pop-up behaviors as seen on clients:
a) Requests to enable Software Updates on clients - triggered by the Windows Security Center. This is external to Configuration Manager but if your users are reporting this you may wish to ensure policy is not disabling Automatic Updates.
b) Enforcement of Mandatory Deployments (Deadlines). Patch installation times, and what behavior can be expected, is a matter of configuration. Enforced deadlines along with the problem noted below make for very unhappy end users.
c) Deployments Hidden from end users. Misconfigurations of deployments, tied with the deadlines mentioned above, often result in the 'patched and rebooted without warning' situation. Good times.
Find more here:
About the Software Updates End User Experience
Computer Client Agent Properties
Software Updates Client Agent Properties: Update Installation Tab
How to Hide Deployments on Client Computers
General Information:
The following are links you may find useful when approaching Software Update Client Configuration issues and strategies regarding WSUS specific details for the Update Agent:
Configure Automatic Updates in a Non–Active Directory Environment: http://technet.microsoft.com/en-us/library/cc708449.aspx
Brent Dunsire Product Quality Program Manager System Center Configuration Manager 2007”
Full Title: Perimeter Host communication fails after successful connection with a System Center Virtual Machine Manager 2008 server
Symptoms A Host on a Perimeter Network that was previously able to communicate with the System Center Virtual Machine Manager 2008 server no longer can. A manual refresh of the host will result in a job failure as shown here:
Error (2910)
VMM does not have appropriate permissions to access the resource C:\Windows\system32\qmgr.dll on the %computername% server.
(Access is denied (0x80070005))
Recommended Action
Ensure that Virtual Machine Manager has the appropriate rights to perform this action.
http://support.microsoft.com/?kbid=971825
Full Title: Error message when you apply a software update or a security patch to a SQL server 2005 instance: "Error:29565. SQL Server Setup cannot upgrade the specified instance because the previous upgrade did not complete"
Symptoms When you try to install a Microsoft SQL Server 2005 service pack or a SQL Server 2005 hotfix, the installation may fail with the following error message in the Summary log file for the hotfix: Product: Database Services (MSSQLSERVER) Product Version (Previous): 1399 Product Version (Final) : Status : Failure Log File : C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB921896_sqlrun_sql.msp.log Error Number : 29565 Error Description : MSP Error: 29565 SQL Server Setup cannot upgrade the specified instance because the previous upgrade did not complete. Start the Remote Registry service and go to Add/Remove Programs, select the Change button for Microsoft SQL Server 2005, and then select SQL instance MSSQLSERVER and complete the setup.
Note When applying a SQL update through Microsoft Update, the same error code is reported as 737D (hexadecimal value for 29565.) Additionally the msp.log file for the patch will have the following information: MSI (s) (40!E0) [21:44:55:632]: Product: Microsoft SQL Server 2005 -- Error 29565. SQL Server Setup cannot upgrade the specified instance because the previous upgrade did not complete. Start the Remote Registry service and go to Add/Remove Programs, select the Change button for Microsoft SQL Server 2005, and then select SQL instance MSSQLSERVER and complete the setup.
Note The summary log file and msp.log file for the patch is located in %ProgramFiles%\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix folder.
http://support.microsoft.com/default.aspx?scid=kb;en-us;971818
Congratulations to my colleagues and everyone else involved in this.
PLANO, Texas, May 27, 2009
EDS, an HP company, today announced it has worked with Kraft Foods to become the first IT provider working in the consumer packaged goods industry to achieve the internationally recognized ISO/IEC 20000 certification.
Working with EDS, Kraft Foods is now uniquely positioned to rely on clearly documented, high-quality IT services and processes that will support its targets of growth, innovation and cost reduction.
“Kraft Foods understood the value of ITIL and ISO/IEC 20000 when it began the implementation of ITIL in 2005,” explains Lee Coulter, senior vice president of Shared Services at Kraft Foods. “The company worked to create a set of requirements and projects that supported the continued implementation for high quality IT services.”
EDS and Kraft Foods collaborated on the internationally recognized standards and requirements necessary to attain ISO/IEC 20000 certification from the British Standards Institute for the EDS Infrastructure Technology Service Management System.
“EDS will work to ensure Kraft Foods’ technology infrastructure positions them for global growth,” said Kevin Torgerson, senior vice president of Service Delivery Operations at EDS, an HP company. “EDS and Kraft Foods worked diligently over the last 18 months to implement an IT Infrastructure Library framework and technology foundation aligned with the goals of ISO/IEC 20000 certification.”
“We are thrilled with the results of the ISO/IEC 20000 certification assessment and consider this certification a milestone in our IT service industry as well as for Kraft and HP,” adds Lee Coulter. “Our work with EDS has put us at the forefront of our industry in this capacity and we look forward to capitalizing on the unique advantages of a fully integrated process approach.”
About Kraft Foods, Inc. Kraft Foods makes today delicious in 150 countries around the globe. Our 100,000 employees work tirelessly to make delicious foods consumers can feel good about. From American brand icons like Kraft cheeses, dinners and dressings, Maxwell House coffees and Oscar Mayer meats, to global powerhouse brands like Oreo and LU biscuits, Philadelphia cream cheeses, Jacobs and Carte Noire coffees, Tang powdered beverages and Milka, Cote d'Or, Lacta and Toblerone chocolates, our brands inspire millions of delicious moments every day. Kraft Foods is the world's second largest food company with annual revenues of $42 billion. The company is a member of the Dow Jones Industrial Average, Standard & Poor's 500, the Dow Jones Sustainability Index and Ethibel Sustainability Index.
http://www.hp.com/hpinfo/newsroom/press/2009/090527d.html
This article lists the issues that are fixed in Microsoft System Center Operations Manager 2007 R2:
http://support.microsoft.com/?kbid=971410
Summary The following bulletins have undergone a major revision increment. Please see the appropriate bulletin for more details. * MS09-003 - Critical
Bulletin Information: * MS09-003 - Critical - http://www.microsoft.com/technet/security/bulletin/ms09-003.mspx - Reason for Revision: V3.0 (May 26, 2009): Added an entry in the section, Frequently Asked Questions (FAQ) Related to This Security Update, to announce a detection change to the update for Microsoft Exchange Server 2003 Service Pack 2 (KB959897). This is a detection change only. There were no changes to the security update files in this bulletin. Customers who have already installed the KB959897 update successfully do not need to reinstall. - Originally posted: February 10, 2009 - Updated: May 26, 2009 - Bulletin Severity Rating: Critical - Version: 3.0
Summary The following bulletins have undergone a minor revision increment. Please see the appropriate bulletin for more details. * MS07-026
Bulletin Information: * MS07-026 - http://www.microsoft.com/technet/security/bulletin/ms07-026.mspx - Reason for Revision: V1.1 (May 26, 2009): Added an entry in the section, Frequently Asked Questions (FAQ) Related to This Security Update, to announce a detection change. The detection no longer offers the MS06-019 and MS06-029 updates, but instead will only offer MS07-026. There were no changes to the binaries. Customers who have already successfully installed the MS07-026 update do not need to reinstall. - Originally posted: May 8, 2007 - Updated: May 26, 2009 - Bulletin Severity Rating: Critical - Version: 1.1
In his latest Screencast Jason Lewis looks at how to revise an update in SCUP:
http://blogs.technet.com/jasonlewis/archive/2009/05/26/screencast-system-center-updates-publisher-revising-an-update.aspx