Saturday, May 9, 2009

Ways to Deploy Agents in SCOM

In System Center Operations Manager 2007 there are many different ways to install agents to client machines. These methods include:
  • Discovery Wizard
  • Manual Agent Installation of the SCOM CD
  • msiexec.exe
  • Group Policy
  • Operations Manager Command Shell
  • Scheduled Discoveries
  • AD Integration Auto Assignment
  • SCCM Deployment

Below we will be going through and looking at each method along with its pro's and con's.

Discovery Wizard

The discovery wizard is one of the most popular ways for Administrators to deploy agents to new managed assets in a SCOM 2007 infrastructure. The discovery wizard broadcasts subnets to find out which devices require agents installed, and gives you the option which devices you want to push the SCOM agent out to over RPC.

To kick this discovery wizard off you simply click administration, right click device management and click discovery wizard. There are two types of discoveries:

  • Automatic Computer Discovery
  • Advanced Discovery

Automatic computer discovery does every PC in the domain. Advanced discovery lets you select things like just servers. I always recommend advanced discovery.

For subnets that do not have their own management server, you can setup SCOM agents as proxies to do the broadcast for you. Basically you just select one PC that will always be powered on and mark it as a proxy inside operation manager console - very simple. Here is a little diagram I made to show you how this works.

When you use the discovery wizard agents are automatically approved, and do not enter pending management.

Manual Agent Installation of the SCOM CD

You can insert the SCOM installation disk into a windows client and install the Agent simply using the disk. If you do this, the agent will appear under Pending Management. You will then need to approve it in the operations manager console as a managed client.

msiexec.exe

You can use the msiexec.exe tool to install SCOM agents on workstations. Here is an example on how you would do this:

msiexec.exe /i \\path\Directory\MOMAgent.msi /qn /l*v \logs\MOMAgent_install.log USE_SETTINGS_FROM_AD=0 MANAGEMENT_GROUP=(Management Group) MANAGEMENT_SERVER_DNS=(Management Server FQDN) ACTIONS_USE_COMPUTER_ACCOUNT=0 ACTIONSUSER=(Username) ACTIONSDOMAIN=(Domain) ACTIONSPASSWORD=(Account password)

You can take this futher using admin tools such as psexec to run this command on multiple computers at a given time for mass deployments.

By default all these computers will appear under pending management. If you want them to automatically be approved there is an option under Operations Manager in global settings.

Group Policy

You can push the agent out to PC's using standard software deployment through group policy. When using group policy machines will not automatically be approved and you will have to add them manually unless you Auto-approve new manually installed agents.

Operations Manager Command Shell

You can install the SCOM agent on a single workstation using the Ops Mgr Shell by using a command similar to:

install-agent -ManagementServer servername -AgentManagedComputer agentcomputername

Or you could make a very simple powershell (.ps1) script.

$creds = Get-Credential
#Create an array $Servers for a list of servers
$servers = get-content c:\ServerList.txt
$DiscoCnfg = New-WindowsDiscoveryConfiguration -computername:$servers -performverification: $true -actionaccount:$creds -computertype: "server"
$ms = Get-rootManagementServer
#You have to Discover the computer first
$DiscoResults = Start-Discovery -managementserver $ms -windowsdiscoveryconfiguration:$DiscoCnfg
install-agent -ManagementServer $ms -AgentManagedComputer: $DiscoResults.custommonitoringobjects

This will mass deploy agents out to multiple machines.

Scheduled Discoveries

Scheduled discoveries was the prefered way of deploying agents in MOM 2005. However this feature was lost moving to SCOM 2007. In reality, it was more or less replaced by AD Integration. However an engineer created a powershell script that you can schedule to bring this feature back if you wish to do your deployments this way. Fore more information visit the following site:

http://www.systemcenterforum.org/news/scheduled-discovery-and-agent-deployment-in-large-and-complex-environments/

AD Integration Auto Assignment

This is the most automated way to do the installation of agents on your network. If you wish to use AD Integration you need to prepare your domain using MOMADAdmin.exe which can be found on the SCOM CD in the support folder. This commandline tool creates a OperationsManager container on your domain partition.

Auto Assignment is done using LDAP queries. You can simply use something like AD Users and Computers which has a nice interface to create LDAP queries for you. I recommend creating a query that targets just operating systems with the word "server" in it - as I do not recommend monitoring clients as your monitoring servers will be flooded with logs.

I found this really good article that walks you through a step by step process in setting up Auto Assignment and SCOM AD Integration:

http://www.infrontconsulting.com/AD_OpsMgr2007.pdf

SCCM Deployment

You can also deploy scom agents using SOE management software such as Microsoft System Center Configuration Manager server.

5 comments:

  1. can you please put more inputs on agent deployment using SCCM

    ReplyDelete
  2. Rahul sorry I'm not SCCM certified. I don't like posting in area's I'm unsure about. I'm sure you can dig up some information through google.

    ReplyDelete
  3. Rahul, You need to create package in MSI or EXE form, once your package is ready you can deploy through SCCM on All or Selected systems...

    ReplyDelete
  4. Can u please elaborate a bit on Operation Manager command shell deployment.

    Naren..

    ReplyDelete
  5. hello
    I want to execute commands (such as ipconfig /flushdns ....) on my LAN computers with scom or sccm?
    is it possible?
    thanks

    ReplyDelete