SCOM: Get Subscriber in Subscription

This little thing will search through, and get all subscribers containing your searchword in any subscription you may have set up in SCOM.

param(
    [String]$searchword
    )

$sub = Get-SCOMNotificationSubscription | select displayname,torecipients

write-host "Searchword: ""$searchword"" exists in the following subscriptions:"
foreach ($s in $sub){
    $recipient = $s.torecipients.name
    if ($recipient -like "$searchword"){
    write-host ""$s.displayname""
        }
    }

– F

SCOM: Command Channel Script

This little script is what I use in cooperation with the SCOM Command Channel to parse and send SCOM alerts to a logfile.
The script will take the SCOM alert parameters and put them neatly in a .log file, one file for each alert I want. This, of course, is customizable – I just like to see the amount of files being generated.

The Channel:

Selection_001

The above channel parameters:

Path: C:\windows\system32\WindowsPowershell\v1.0\powershell.exe
Cmd: -file “C\:Script\AlertExport.ps1” “$Data[Default=’Not Present’]/Context/DataItem/AlertId$##$Data[Default=’Not Present’]/Context/DataItem/AlertName$##$Data[Default=’Not Present’]/Context/DataItem/AlertDescription$##$Data[Default=’Not Present’]/Context/DataItem/EntityPath$##$Data[Default=’Not Present’]/Context/DataItem/EntityDisplayName$”
Startdir: c:\

This will get you the following (of MANY) Alert details: AlertID, Alert Name, Alert Description, Path and Displayname.

The Script:

# Alert Params
param(
$parameters 
)
$params = $parameters.split('##') | ? {$_ -ne ''}

# Build params (added commented blocks of Alert parameter data for your convenience)
$AlertID = $params[0] # $Data/Context/DataItem/AlertID$
$AlertName = $params[1] # $Data/Context/DataItem/AlertName$
$AlertDesc = $params[2]# $Data/Context/DataItem/AlertDescription$
$Path = $params[3] # $Data/Context/DataItem/ManagedEntityPath$
$DisplayName = $params[4] # $Data/Context/DataItem/ManagedEntityDisplayName$


# Sharestuff
$share = "<YOUR SHARE AND STUFF>"
$date = get-date
$Alertfile = "SCOM Alert - $(get-date -Format "dd.MM.yyyy HH.mm.ss").log"

# Format AlertMessage
$AlertMessage = @()

$AlertMessage += "ID: $AlertID"
$AlertMessage += "Date: $date"
$AlertMessage += "DisplayName: $DisplayName"
$AlertMessage += "AlertName: $AlertName"
$alertMessage += "Path: $Path"
$AlertMessage += "Description: $AlertDesc"

# Output alert to textfile
$AlertMessage >> $share$alertfile

Put the script on all your Management Servers, in this case in the C:\script folder, and suddenly, if all goes well, your selected Alerts will start pumping out to this share.

alerts

– F

Request Template Certificates using CertReq and Powershell

Installing SCOM agents on non-domain servers can be a real time-consuming affair, especially the Create template-request-export-import-certificates procedure.
I decided to use my basic certificate and CertReq knowlegde to create this little script that helps me automate the whole thing.

NOTE: This is meant for inspiration only. If will for the most part not work in your environment unless you heavily modify it.

Basically it requests a new certificate from your CA server, based on a predefined Template.
It then works some magic, and you are left with the *.pfx certificate file with private key, necessary for the SCOM agent on the non-domain server to communicate with the rest of the SCOM environment.

In the end, the certificate can be copied to the non-domain server, and import it using MOMCertImport found in the SCOM Agent Support Tools folder.

#$password = Read-Host -Prompt "Enter Password" -AsSecureString
$server = read-host -Prompt "Enter FQDN for DMZ Server"

$CERTPATH = "Location you want to save Certificate to"
$CAFQDN = "CAserver.domain.net"
$CASERVER = "CAserver.domaint.netIssuing CA1 example"

write-host "Variables set. Continue to create .inf"  -foregroundcolor green

write-host "Generating Certificate INF File..."
$certinf = @"
;---------------CertificateRequestTemplate.inf--------------
[NewRequest]                                                 
Subject="CN=$server"                                       
Exportable=TRUE                                             
KeySpec=1                                                    
KeyUsage=0xf0                                              
MachineKeySet=TRUE                                           
ProviderName="Your Provider"
[RequestAttributes]
CertificateTemplate=CA Template Name
"@

$certinf >> "$CERTPATH$server.inf"


write-host ".inf created. Continue to create .req file"  -foregroundcolor green

CertReq.exe -new "$CERTPATH$server.inf" "$CERTPATH$server.req"

write-host ".req created. Checking to see of files exist"  -foregroundcolor green

$testinf = Test-Path "$CERTPATH$server.inf"
$testreq = Test-Path "$CERTPATH$server.req"

if ($testinf -eq $true){
write-host "$CERTPATH$server.inf successfully generated." -foregroundcolor green
}
else {
write-host "$CERTPATH$server.inf could not be found. Check for errors." -ForegroundColor Red
break
}
if ($testreq -eq $true){
write-host "$CERTPATH$server.req successfully generated." -foregroundcolor green
}
else {
write-host "$CERTPATH$server.req could not be found. Check for errors." -ForegroundColor Red
break
}

write-host "Submitting new Certificate for $server"

CertReq -Submit -config "CAserver.domaint.netIssuing CA1 example" "$CERTPATH$server.req" "$CERTPATH$server.cer"

write-host "Importing .cer"

certreq -accept "$CERTPATH$server.cer"
write-host "All OK. Continue"  -foregroundcolor green


#Exporting certificate with Private Key
write-host "exporting shit with private key"
certutil -exportpfx -p "YOUR CERTIFICATE PASSWORD" my "$server" "$certpath$server.pfx" "nochain" 

#Cleaning
Move-Item -Path "$CERTPATH*cer","$CERTPATH*inf","$CERTPATH*req" -Destination "$CERTPATHold"

And there you have it. The task that normally was done in 10-20 minutes is now done in 10-20 seconds.
I also have a script that copies SCOM agent files to the non-domain server, installs the SCOM agent based on bit-architechture, imports the certificate using MOMCertImport.exe and restarts the Microsoft Monitoring Agent, but this was not written by me, and I don’t remember where I found it (or who to credit) – so if you want it, hit me up in the comment section, and I’ll send it to you.

– F

Output displayname and IP address for SCOMagents

Got bored – wrote this little thing to output FQDN and IPaddress for all Windows and UnixLinux agents in my lab environment.

Could be useful for some people maybe.
 

ipmo operationsmanager
$nixservers = get-scomclass -name "Microsoft.Unix.Computer" | Get-SCOMMonitoringObject
$winservers = Get-SCOMClass -name "Microsoft.Windows.Computer" | Get-SCOMMonitoringObject

   
    Write-host "-----------------------------------------------------------------"
    write-host "-------------------- Unix Computers and IPs ---------------------"
    Write-host "-----------------------------------------------------------------"
foreach ($nix in $nixservers) 

    {
        write-host ([System.Net.Dns]::GetHostAddresses($nix) | foreach {echo $nix - $_.IpAddressToString})
    }


    Write-host "-----------------------------------------------------------------"
    write-host "------------------- Windooze Computers and IPs ------------------"
    Write-host "-----------------------------------------------------------------"
foreach ($win in $winservers) 

    {
        write-host ([System.Net.Dns]::GetHostAddresses($win) | foreach {echo $win - $_.IpAddressToString})
    }

 
Thank god it’s Friday…

-F