Part 1: Custom Monitoring for ConfigMgr - Monitoring ConfigMgr boundaries

  • Article

At Microsoft IT, we have implemented lot of custom monitoring for ConfigMgr service and I am starting this new series to share some of the custom monitoring implemented in production which helps in identifying problems proactively. However our primary means for monitoring ConfigMgr servers is through ConfigMgr Management pack which was discussed in one of the previous blog here - https://blogs.msdn.com/b/shitanshu/archive/2009/11/15/best-practices-for-deploying-configmgr07-management-pack.aspx 

In this post I am covering monitoring scenarios to alert for missing AD site which are not configured as ConfigMgr boundaries and creating event for OpsMgr. In Microsoft IT, we have large environment which makes challenging to keep track of all changes in AD and keeping align ConfigMgr site boundaries with AD site which impact our reach and compliance SLA. This AD site boundary script proactively checks AD site against site boundaries configured in ConfigMgr database and reports any AD site which are not configured as site boundary through OpsMgr alert.

The AD Site Script is designed to be ‘automated’ from a scheduled task. Once invoked, the script will connect to the root of the data directory tree in the AD forest and iterate through all listed AD Sites. For each AD site found, it will then connect to the ConfigMgr central site server’s SQL database (specified within the script as highlighted in yellow) to validate that a matching site is found within the database.

If a match is found in the ConfigMgr SQL DB, then the AD Site Script will log an Information event to the local server’s Application Log. This event is purely for additional information and can be ignored from a SCOM perspective. (An informational event will only be logged if bVerbose is set to true, the default value is false).

If no matching AD site entry is found in the central site’s database, the AD Site Script will log a Warning event to the local machine’s Application Log. This event can be tracked\monitored by SCOM.

Note: The script will need elevated permissions as it will write log entries to the local server’s Application Log in the Event viewer and is configured as scheduled task on our ConfigMgr Central site.

Before we talk about the script I want to mention the original author of this script - Ben Shy who helped us writing this custom monitoring script for fixing gaps in ConfigMgr Boundaries for sites. Special Thanks to him.

' ----------------------------------------------------

' FileName: ADSiteScriot.vbs

Description: Querys Active Directory for all sites created that do not have a match

' in ConfigMgr and writes an event to the Application EventLog of type Warning

' ----------------------------------------------------

 

On Error Resume Next

 

Dim WinDir, objRootDSE, strConfigurationNC, strMsg, bVerbose

Dim strSitesContainer, objSitesContainer, objSite, SiteName

Dim strExcludeSites, strConfigMgrSQL, strConfigMgrDB

Dim arLabSubnets

 

Dim wsh : set wsh = Wscript.CreateObject("Wscript.Shell")

WinDir = Wsh.ExpandEnvironmentStrings("%WinDir%") & "\"

 

' ----------------------------------------------------

'Configurable option(s)

' ----------------------------------------------------

'Will set the verbosity of the script.

bVerbose = False

 

'ConfigMgr Central Site Server name and database name

strConfigMgrSQL = "SMSCentralSite"

strConfigMgrDB = "SMS_CS1"

 

' a semi-colon-deliminited list of lab or datacenter AD sites to exclude from the search (e.g. exclusion list)

strExcludeSites = "US-TST-DC1;US-TST-DC2"

' ----------------------------------------------------

 

' populate array

arLabSubnets = split(strExcludeSites, ";")

 

'Connect to the Sites Container

Set objRootDSE = GetObject("LDAP://RootDSE")

If objRootDSE is nothing Then

    WriteEventLog "Could not connect to AD - Script is quitting with 1000", 1000, "Error"

    Wscript.Quit 1000

End If

 

strConfigurationNC = objRootDSE.Get("configurationNamingContext")

 

strSitesContainer = "LDAP://cn=Sites," & strConfigurationNC

Set objSitesContainer = GetObject(strSitesContainer)

objSitesContainer.Filter = Array("site")

 

'Enumerate through the AD sites container looking for an AD sites that do not have a corresponding match in ConfigMgr DB.

'Log a warning to the local machines Event Viewer if site is found without a match in CM DB

For Each objSite In objSitesContainer

        CheckCMDB()

Next

 

'This function will handle the ConfigMgr database connection, data parsing and exclusion list handling.

Function CheckCMDB()

    Dim objCN, strConnection, strSQLQuery, objRS

 

    Set objCN = CreateObject("ADODB.Connection")

    strConnection = "Provider=SQLOLEDB;Data Source="& strConfigMgrSQL &";Initial Catalog="& strConfigMgrDB &";Integrated Security=SSPI;"

 

    objCN.Open strConnection

 

    strSQLQuery = "select distinct ADSiteName from dbo.v_SiteRoamingBoundary_ADSite"

   

 

    ' tracks if we found the site in the list

    Dim bFoundSite, bMatchesSite

    bMatchesSite = false

    bFoundSite = false

 

    objRS=CreateObject("ADODB.Recordset")

    Set objRS = objCN.Execute(strSQLQuery)

    Do Until objRS.EOF

 

        ' check if its not in the "exclusion list" array.

        ' if its not here, then continue on to find a match

        if CheckExclusionListForSite (objSite.cn) = false Then

   bFoundSite = true

           

            If objRS.Fields("ADSiteName") = objSite.cn Then

                bMatchesSite = true

            End if

       

        End If

 

                    objRS.MoveNext

     Loop

 

       

     ' did we find it?

     If bFoundSite Then

        If bMatchesSite Then

            If bVerbose =True Then

                strMsg = "Found an AD Site --(" & objSite.cn & ")-- with description (" & objSite.description & ")-- is in the ConfigMgr SiteRoamingBoundary_ADSite list"

               'Only un-comment the section directly below if a VERBOSE event’ing is wanted

                WriteEventLog strMsg, 880, "Information"

            End If

         Else

                    strMsg = "Found an AD Site --(" & objSite.cn & ")-- with description (" & objSite.description & ")-- is NOT in the ConfigMgr SiteRoamingBoundary_ADSite list"

            WriteEventLog strMsg, 887, "Warning"

           

        End If

     End If

 

    'Close SQL Connections to ConfigMgr DB

    objRS.Close

    objCN.Close

 

End Function

 

' ---------------------------

' writes to event log

' msg: the message written to eventlog

' eventID: the eventID that is written

' eventType: the type of event ("Information", "Warning", "Error")

' ---------------------------

Sub WriteEventLog( msg, eventID, eventType )

    Wsh.run "cmd.exe /c " & WinDir & "\System32\eventcreate.exe /T " & eventType & " /ID " & eventID & " /L Application /SO ADSiteScript /d """ & msg & "", 0, True

End Sub

 

 

' ---------------------------

' checks if the site name is in the excluded site name array

' strSiteName - the sitename to check if included in array

' :: returns true if the site name is found in array

' :: otherwise returns false

' ---------------------------

Function CheckExclusionListForSite( strSiteName )

 

    CheckExclusionListForSite = false

    dim i ' as int

    for i=0 to UBound(arLabSubnets)

        if ( lcase(arLabSubnets(i)) = lcase(strSiteName) ) Then

            'found it

            CheckExclusionListForSite = true

            exit for

        end if

    next

 

End Function

The following denotes specific events that the script can generate locally in the server that it is executed from Event Viewer through scheduled task which can be monitored and alerted by OpsMgr.

Event when found an AD Site that is in ConfigMgr database (not enabled by default)

If the script finds an AD site that is also in ConfigMgr database, it’ll log the following informational event (only if bVerbose = True)

Event ID = 880

Level = Information

 

Example:

Log Name: Application

Source: ADSiteScript

Date: 10/25/2010 4:28:20 PM

Event ID: 880

Task Category: None

Level: Information

Keywords: Classic

User: SYSTEM

Computer: Testdomain.com

Description: Found an AD Site –(US-WA-SEA)-- with description (US-Washington Seattle)-- is in the ConfigMgr SiteRoamingBoundary_ADSite list

 

Event when found an AD site that is not in ConfigMgr database

If an AD site is found (which isn’t in the exclusion list) that is *not* in ConfigMgr database, the following will be logged to the event viewer.

 

Event ID = 887

Level = Warning

 

Example:

Log Name: Application

Source: ADSiteScript

Date: 10/25/2010 1:04:36 PM

Event ID: 887

Task Category: None

Level: Warning

Keywords: Classic

User: SYSTEM

Computer: Testdomain.com

Description: Found an AD Site –(US-WA-POR)-- with description (US-Washington Portland)-- is NOT in the ConfigMgr SiteRoamingBoundary_ADSite list. Client Count : 100

 

Please share your comments for these custom monitoring task and I would be glad to answer any queries.

What’s next for this custom monitoring series?

Custom monitoring for SUP/WSUS Scan failures

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of any included script samples are subject to the terms specified in the Terms of Use