SCOM – Create new network discovery rule via PowerShell

I recently had to setup a lot of SCOM management groups with the same network discovery rule. I soon found out there isn't a powershell cmdlet for it. Of course, it's the kind of thing you don't really need that often, as only one discovery rule is allowed per management server. Anyway, I needed one, so I wrote one, and I hope this saves someone some time in the future.

# Name: Udated OM-Create-Network-Discovery-Rule.ps1
# Written by: Rafaela Brownlie
# Date: 20/06/17
# Description: The script programatically builds SNMP run as account, and builds a discovery rule to discover the UPS
# $OMFQDN stores the FQDN for the SCOM server
# $HostIP = Network device ip address
# I wrote it for SCOM 2012 R2. I haven't tested on SCOM 2016, but I believe it should work.
# the functionality requires the the Operations Manager firewal rules for ping back and snmp enabled.

$OMFQDN = ""
$hostIP = ""

Write-Host "enbling firewall rules for $OMFQDN" -ForegroundColor Magenta
$Netrules = @('Operations Manager SNMP Response','Operations Manager SNMP Request', 'Operations Manager SNMP Trap Listener', 'Operations Manager Ping Response (Echo Response - ICMPv4 IN)')
invoke-command -ComputerName $OMFQDN -Args $Netrules -ScriptBlock {
param($rule1, $rule2,$rule3,$rule4)
$rule1, $rule2,$rule3,$rule4 | %{get-netfirewallrule -DisplayName $_ | set-netfirewallrule -enabled true}

#enable scom firewall rules
Get-SCOMManagementGroupConnection | Remove-SCOMManagementGroupConnection

Write-Host "Connecting to SCOM MG $OMFQDN" -ForegroundColor Magenta

New-SCOMManagementGroupConnection -ComputerName $OMFQDN


$mg = Get-SCOMManagementGroup -ComputerName $OMFQDN
$resourcepool = get-scomresourcepool -DisplayName "All Management Servers*"

$discovery = $mg.NetworkDiscovery.GetNetworkDiscoveries()

if ($discovery -ne $null){
Write-Host "there is one network discovery for this MS" -BackgroundColor Magenta


$Account = Get-SCOMrunAsAccount -Name "SNMPv1 Account"

If($Account -eq $null)

Write-Host "Creating account" -ForegroundColor Magenta
# $a = Get-Credential -Message "Enter community string in password field"
Write-Host "Creating account" -ForegroundColor Magenta
Add-SCOMRunAsAccount -Name "UPS SNMPv1" -Descrption "Account used for Eaton UPS monitoring" -CommunityString -String $a.Password
$Account = Get-SCOMrunAsAccount -Name "UPS SNMPv1"
Write-Host "distributing account" -ForegroundColor Magenta
Set-SCOMRunAsDistribution -RunAsAccount $Account -LessSecure

Write-Host "Waitin for account to be created" -backgroundColor Magenta

sleep -Seconds 60

$Profile = Get-SCOMRunAsProfile -DisplayName "SNMP Monitoring Account"
Set-SCOMRunAsProfile -Action "Add" -Profile $Profile -Account $Account

$ms = (Get-SCOMManagementServer)
#set account distribution to more secure.

Write-Host "creating configuration object" -ForegroundColor Magenta
$networkconfiguration = New-Object Microsoft.EnterpriseManagement.NetworkMonitoring.NetworkDiscoveryConfiguration
$networkconfiguration.DefaultRetryCount = 3
$networkconfiguration.DefaultSnmpPort = 161
$networkconfiguration.SnmpDefaultAutoTimeoutMilliseconds = 1500
$networkconfiguration.IcmpDefaultAutoTimeoutMilliseconds = 500
$networkconfigurationtype = New-Object Microsoft.EnterpriseManagement.NetworkMonitoring.NetworkDiscoveryType
$networkconfigurationtype.value__ = 0
$networkconfiguration.Type = $networkconfigurationtype
Write-Host "creating SNMP host object" -ForegroundColor Magenta
$SNMPCommunity =[Microsoft.EnterpriseManagement.NetworkMonitoring.Snmpv1Community]::create($mg, $account
$snmpHost = New-Object Microsoft.EnterpriseManagement.NetworkMonitoring.SnmpHost

#my snmp host IP addresses.
$snmpHost.Host = $hostIP
$snmpHost.Community = $SNMPCommunity
#you could add more than one host here:
Write-Host "creating discovery object" -ForegroundColor Magenta
$networkdiscovery = new-object Microsoft.EnterpriseManagement.NetworkMonitoring.NetworkDiscovery
#Name of the discovery rule:
$networkdiscovery.DisplayName = "NetoworkDiscovery"
$networkdiscovery.Enabled = $true
$networkdiscovery.MonitoringServerPool = $resourcepool
$networkdiscovery.Configuration = $networkconfiguration
$networkdiscovery.NetworkDiscoveryAgent = Get-SCOMClassInstance -Class (Get-SCOMclass -DisplayName "health service") | where displayname -eq $OMFQDN

Write-Host "creating Disccovery rule" -ForegroundColor Magenta
#allow some time for discovery creation
sleep -Seconds 40
#Run the discovery once it's created:
Start-SCOMTask -Task (get-scomtask -name System.NetworkManagement.FullOnDemandDiscovery) -Instance (Get-SCOMMonitoringObject -Class (Get-SCOMClass -DisplayName "Network Discovery Server"))

Comments (2)
  1. Have you tried using the $mg.networkdiscovery.updatenetworkdiscovery for updating a already existing network discovery?

    1. Yes.. I’ll post a new blog soon on it.

Comments are closed.

Skip to main content