Using the Service Manager Self-Service Portal to Manage Operations Manager Agents

This post is the 8th in a series of posts focused on making common administrative tasks in System Center and Azure available via the Service Manager Self-Service Portal. The Configuration Manager and Operations Manager Connectors pull a lot of information into Service Manager but not everything necessary to manage clients, agents, and other settings. This solution allows for the managing of Operations Manager agents including installing, repairing, and uninstalling.

Series

Using the Service Manager Self-Service Portal for Common Tasks in Configuration Manager, Operations Manager, and Azure

Prerequisites

The scenarios were designed using the following

  • System Center Service Manager 2012 R2
    • Self-Service Portal configured and working
    • Active Directory Connector configured and working
    • Configuration Manager Connector configured and working
    • Orchestrator Connector configured and working
  • System Center Configuration Manager 2012 R2
    • Discovery configured and working
  • System Center Orchestrator 2012 R2
    • SC 2012 Configuration Manager Integration Pack configured and working
    • SC 2012 Service Manager Integration Pack configured and working
    • Configuration Manager Console installed on runbook servers (open the console, make sure you can connect to your site server)
    • Operations Manager Console installed on runbook servers
    • Service Manager Console installed on runbook servers
    • Runbook servers configured to allow PowerShell scripts to run
  • Previous Blogs
    • Sync Configuration Manager Client and Operations Manager Agent State in Service Manager

Create a service account or use the one created in the previous blog post

  1. Give the account admin rights to Service Manager
  2. Give the account admin rights to Configuration Manager
  3. Give the account admin rights to Operations Manager

Create a share to store scripts and logs or use the one created in the previous blog post

  1. Create a share that the service account you created and authenticated users will have access to on the Runbook Servers that will be used for this scenario.
  2. In the share, create a folder called "Automation" and give the service account access to it.
  3. Copy ManageOMAgents.ps1 into the Automation Folder
  4. In the share, create a sub-folder called "Logs" in the Automation Folder and give the applicable administrators access to it. Orchestrator will write logs to this folder and admins can use these logs for troubleshooting.
  5. In the Logs folder, create a sub-folder called "SRLogs" and give authenticated users access to it. Users of the Service Manager Portal will use these to see the status of the Collection Sync task so they will need rights to this folder.
 param
(
  [Parameter(Mandatory=$true)]
  $OMManagementServer,
  [Parameter(Mandatory=$true)]
  $Agents,
  [Parameter(Mandatory=$true)]
  $Action,
  [Parameter(Mandatory=$true)]
  $VerboseLogging,
  [Parameter(Mandatory=$true)]
  $ServiceRequest
)

#Functions
function LogIt
{
  param (
  [Parameter(Mandatory=$true)]
  $message,
  [Parameter(Mandatory=$true)]
  $component,
  [Parameter(Mandatory=$true)]
  $type )

  switch ($type)
  {
    1 { $type = "Info" }
    2 { $type = "Warning" }
    3 { $type = "Error" }
    4 { $type = "Verbose" }
  }

  if (($type -eq "Verbose") -and ($Global:Verbose))
  {
    $toLog = "{0} `$$<{1}><{2} {3}><thread={4}>" -f ($type + ":" + $message), ($Global:ScriptName + ":" + $component), (Get-Date -Format "MM-dd-yyyy"), (Get-Date -Format "HH:mm:ss.ffffff"), $pid
    $toLog | Out-File -Append -Encoding UTF8 -FilePath $Global:LogFile
    $Global:LogBuffer = $Global:LogBuffer + $toLog + "`r`n"
    Write-Host $message
  }
  elseif ($type -ne "Verbose")
  {
    $toLog = "{0} `$$<{1}><{2} {3}><thread={4}>" -f ($type + ":" + $message), ($Global:ScriptName + ":" + $component), (Get-Date -Format "MM-dd-yyyy"), (Get-Date -Format "HH:mm:ss.ffffff"), $pid
    $toLog | Out-File -Append -Encoding UTF8 -FilePath $Global:LogFile
    $Global:LogBuffer = $Global:LogBuffer + $toLog + "`r`n"
    Write-Host $message
  }
  if (($type -eq 'Warning') -and ($Global:ScriptStatus -ne 'Error')) { $Global:ScriptStatus = $type }
  if ($type -eq 'Error') { $Global:ScriptStatus = $type }
}

function CreateServiceRequestLog
{
  param($serviceRequest, $srLogPath)

  LogIt -message ("Full Log File Path:" + $Global:LogFile) -component "Main()" -type 1
  if ($serviceRequest)
  {
    $srLog = Join-Path $srLogPath ("Logs\SRLogs\" + $serviceRequest + ".log")
    LogIt -message ("Service Request Log File Path:" + $srLog) -component "Main()" -type 1
    $Global:LogBuffer | Out-File -Append -Encoding UTF8 -FilePath $srLog
  }
}

function GetScriptDirectory
{
  $invocation = (Get-Variable MyInvocation -Scope 1).Value
  Split-Path $invocation.MyCommand.Path
}

function GetOMManagementGroupConnection
{
 param ($computerName)
  Import-Module OperationsManager
  try { $OM = New-SCManagementGroupConnection -computerName $computerName -ErrorAction Stop }
  catch
  {
    LogIt -message ("Cannot connect to OM management group: " + $computerName + " Error: " + $_.Exception.Message) -component "GetOMManagementGroupConnection()" -type 3
    exit
  }
  LogIt -message ("Connected to OM management group: " + $computerName) -component "GetOMManagementGroupConnection()" -type 1
  return $OM
}

#Main
$Version = "1.0"
[bool]$Global:Verbose = [System.Convert]::ToBoolean($VerboseLogging) 
$Global:LogFile = Join-Path (GetScriptDirectory) 'Logs\ManageOMAgents.log'
$Global:ScriptName = 'ManageOMAgents.ps1'
$Global:LogBuffer = ''
$Global:ScriptStatus = 'Success'
LogIt -message ("Manage OM Agents Script v{0}" -f $Version) -type 1 -component "Main()"

#Connect to OM
$OM = GetOMManagementGroupConnection -computerName $OMManagementServer
$MS = Get-SCOMManagementServer -Name $OMManagementServer

$Agents = $Agents.Split(",")
if ($Action -eq 'Install')
{
  foreach ($Agent in $Agents) 
  { 
    LogIt -message ("Installing Agent on {0}" -f $Agent) -type 1 -component "Main()"
    Install-SCOMAgent -Name $Agent -PrimaryManagementServer $MS 
  }
}
elseif ($Action -eq 'Uninstall')
{
  foreach ($Agent in $Agents) 
  {
    $oAgent = Get-SCOMAgent -DNSHostName ($Agent + "*")
    LogIt -message ("Uninstalling Agent on {0}" -f $Agent) -type 1 -component "Main()"
    Uninstall-SCOMAgent -Agent $oAgent
  }
}
elseif ($Action -eq 'Repair')
{
  foreach ($Agent in $Agents) 
  {
    $oAgent = Get-SCOMAgent -DNSHostName ($Agent + "*")
    LogIt -message ("Repairing Agent on {0}" -f $Agent) -type 1 -component "Main()"
    Repair-SCOMAgent -Agent $oAgent
  }
}

#Log Result
$Ret = $Global:ScriptStatus
LogIt -message ("Script Complete, Result: {0}" -f $Ret) -component "Main()" -type 1

#Create SR Log if needed
CreateServiceRequestLog -serviceRequest $ServiceRequest -srLogPath (GetScriptDirectory)

Create Manage Agents Runbook

This Runbook will manage the agents in Operations Manager, trigger the Windows Computer Extended Runbook created previously, and finally update the Description in the Service Request with the result of the Windows Computer Extended Runbook.

  • Open the Orchestrator Runbook Designer
  • Create a new runbook
  • Drag the "Runbook Control\Initialize Data" activity into the new runbook
  • Rename it to "Get Runbook GUID"
  • Create a new string parameter under "Details" called RunbookID, and click "Finish"
  • Drag the "SC 2012 Service Manager\Get Object" activity into the new runbook
  • Rename it to "Get Runbook Object"
  • Link "Get Runbook GUID" to "Get Runbook Object"
  • Fill out the following properties under "Details"
    • Connection: <Your Service Manager Connection>
    • Class: Runbook Automation Activity
    • Filters: SC Object Guid Equals {RunbookID from "Get Runbook GUID"

clip_image001

  • Click "Finish"
  • Drag the "SC 2012 Service Manager\Get Relationship" activity into the new runbook
  • Rename it to "Get SR GUID"
  • Link "Get Runbook Object" to "Get SR GUID"
  • Fill out the following properties under "Details"
    • Connection: <Your Service Manager Connection>
    • Object Class: Runbook Automation Activity
    • Object Guid: {SC Object Guid from "Get Runbook Object"}
    • Related Class: Service Request

clip_image002

  • Click "Finish"
  • Drag the "SC 2012 Service Manager\Get Object" activity into the new runbook
  • Rename it to "Get Service Request"
  • Link "Get SR GUID" to "Get Service Request"
  • Fill out the following properties under "Details"
    • Connection: <Your Service Manager Connection>
    • Class: Service Request
    • Filters: SC Object GUID Equals {Related Object Guid from "Get SR GUID"}

clip_image003

  • Click "Finish"
  • Drag the "Utilities\Query XML" activity into the new runbook
  • Rename it to "Get Action"
  • Link "Get Service Request" to "Get Action"
  • Fill out the following properties under "Details"
    • XML Text: {User Input from "Get Service Request"}
    • Xpath Query: /UserInputs/UserInput[@Question='Action']/@Answer

clip_image004

  • Click "Finish"
  • Drag the "Utilities\Query XML" activity into the new runbook
  • Rename it to "Get Devices"
  • Link "Get Action" to "Get Devices"
  • Fill out the following properties under "Details"
    • XML Text: {User Input from "Get Service Request"}
    • Xpath Query: /UserInputs/UserInput[@Question='Devices']/@Answer

clip_image005

  • Click "Finish"
  • Drag the "Utilities\Query XML" activity into the new runbook
  • Rename it to "Get Device Display Names"
  • Link "Get Devices" to "Get Device Display Names"
  • Fill out the following properties under "Details"
    • XML Text: {Query result from "Get Devices"}
    • Xpath Query: //@DisplayName

clip_image006

  • Under "Run Behavior" select "Flatten" and use a comma as the separator
  • Click "Finish"
  • Drag the "System\Run Program" activity into the new runbook
  • Rename it to "Manage Agents"
  • Link "Get Device Display Names" to "Manage Agents"
  • Under "Details" fill in the following properties:
    • Program path: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
    • Parameters: -File c:\portal\automation\manageomagents.ps1 -OMManagementServer 'scom2012r2.contoso.com' -Agents "{Query result from "Get Device Display Names"}" -Action {Query result from "Get Action"} -VerboseLogging false -ServiceRequest {ID from "Get Service Request"}
    • Working folder: c:\portal\automation

clip_image007

  • Under "Security" enter the credentials for the service account
  • Drag the "Runbook Control\Invoke Runbook" activity into the new runbook
  • Rename it to "Sync CI's in SM"
  • Link "Manage Agents" with "Sync CI's in SM"
  • Under "Details" choose the Windows Computer Extended runbook created in the previous blog and ensure that "Wait for completion" is checked
  • Configure the ServiceRequest parameter: {ID from "Get Service Request"}
  • Click "Finish"
  • Drag the "Text File Management\Find Text" activity into the new runbook
  • Rename it to "Get Script Result"
  • Link "Sync CI's in SM" to "Get Script Result"
  • Fill out the following properties under "Details"
    • File: <local sharepath>\Automation\Logs\SRLogs\{ID from "Get Service Request"}.log
    • File encoding: Auto
    • Search text: Info:Script Complete, Result:

clip_image008

  • Click "Finish"
  • Drag the "SC 2012 Service Manager\Update Object" activity into the new runbook
  • Rename it to "Update Description of Service Request"
  • Fill out the following properties under "Details"
    • Connection: <Your Service Manager Connection>
    • Class: Service Request
    • Object Guid: {SC Object Guid from "Get Service Request"}
    • Fields: Description {Original line from "Get Script Result"} CMTrace Log File: {File path from "Get Script Result"}

clip_image009

  • Click "Finish" and link "Get Script Result" to "Update Description of Service Request"
  • Check in the Runbook, it should look similar to this:

clip_image010

Create the Runbook Automation Activity Template for the Manage Agents Runbook

The Runbook Automation Activity Template will be link the Runbook we just created to a Service Request that we will be created later.

  1. Open the Service Manager Console
  2. Go to Administration\Connectors and Synchronize your Orchestrator Runbook Connector
  3. Go to Library\Templates and click "Create Template"
    • Name: Manage Agents RAA Template

    • Description: Manage OM Agents RAA Template

    • Class: Runbook Automation Activity

    • Management Pack: Click "New"

      • Name: DataCenter Automation: Operations Manager Agents UI
      • Description: Operations Manager Agents Templates and Offerings
    • Click OK, the Runbook Activity Form should appear. Check "Is Ready For Automation"

      • Title: Manage Agents RA
      • Description: Manage OM Agents RA
      • Click the "Runbook" Tab
      • Click "Select" and choose the Runbook created earlier
      • Click "Edit Mapping" and choose "Object\Id"
      • Click "OK"

Create the Service Request Template for the Manage Agents Runbook

The Service Request Template is needed to create a Request Offering using the Runbook Activity Template created previously

  1. Open the Service Manager Console
  2. Go to Library\Templates and click "Create Template"
    • Name: Manage Agents SR Template
    • Description: Manage OM Agents SR Template
    • Class: Service Request
    • Management Pack: DataCenter Automation: Operations Manager Agents UI
    • Click OK, the Service Request Form should appear.
      • Title: Manage Agents SR
      • Description: Manage OM Agents SR
      • Click the "Activities" Tab
      • Click the Plus sign and select the Runbook Activity Template created earlier
      • Click OK when the form is launched

Create Request Offering for Manage Agents

The Manage Agents request offering will be used to configure the user interface displayed via the self-service portal

  • Open the Service Manager Console

  • Go to Library\Service Catalog\Request Offerings and Click "Create Request Offering"

    • Title: Manage Agents
    • Description: Manage OM Agents
    • Template name: Manage Agents SR Template
    • Management Pack: DataCenter Automation: Operations Manager Agents UI
  • User Prompts

    • Action | Required | Simple List
    • Devices | Required | Query Results

clip_image011

  • Configure Prompts
    • Action
      • Install, Uninstall, and Repair

clip_image012

  • Select Devices

    • Select Class: Windows Computer
    • Display Columns: DisplayName, PrincipalName, OMAgent
    • Options: Check Allow the user to select multiple objects and Add user-select objects to template object as related items (Manage Agents SR - (Service Request))
  • Map Prompts: Notes = Action: ListValue

  • Publish: Published

Create Service Offering for Agent Management

The Agent Management service offering will be used to display the Operations Manager agent related requests via the self-service portal

  • Open the Service Manager Console
  • Go to Library\Service Catalog\Service Offerings and Click "Create Service Offering"
    • Title: Agent Management
    • Overview: OM Agent Management
    • Description: Manage OM Agent Management
    • Management Pack: DataCenter Automation: Operations Manager Agents UI
    • Request Offerings: Manage Agents
    • Publish: Published
    • Click "Create"

Request Form

clip_image013

CMTrace Log

clip_image014

Summary

This solution allows for Operations Manager agents to be installed, repaired, and uninstalled using the Service Manager self-service portal. Also, after an agent state is modified via the portal it should synchronize back into the Service Manager CMDB.

 

Continue to the 9th post in this series: Enabling the Act as Proxy setting for Operations Manager Agents using the Service Manager Self-Service Portal

ManageOMAgents.zip