Blog Post

System Center Blog
6 MIN READ

SCOM - It's Time to Migrate

HiteshSharma's avatar
HiteshSharma
Brass Contributor
Sep 17, 2019

This blog post has been originally authored by Scott Mathemeier, Premier Field Engineer, Microsoft

 

So, it’s *that* time…

You’ve used SCOM since it was MOM. Maybe you even know of its SeNTry ELM roots 😉

Maybe you are brand new to SCOM…But you’re still running SCOM 2012 R2. Did you know that its mainstream support ended in July 2017 (yes, *two* years ago); and its https://support.microsoft.com/en-us/lifecycle/search?alpha=System%20Center%202012%20R2%20Operations%20Manager. Your management is probably thinking, “I’ll use SCOM 2012 R2 for all it’s worth and ride it into the ground!”. If that’s the conventional wisdom where you are, remind them of the following:

  • Extended support isn’t cheap, and it only gets you security patches, i.e. no feature improvements, no bug fixes. So, if something breaks, well, you’re on your own…
  • If you’re running SCOM 2012 R2, it’s possible your software underpinnings are also running out of support:
    • Support for the most recent version of Windows Server 2008 R2 https://support.microsoft.com/en-us/lifecycle/search?alpha=Windows%20Server%202008%20R2%20Service%20Pack%201.
    • Mainstream support for the most recent version of Windows Server 2012 and 2012 R2 ran out last year and extended support for both will https://support.microsoft.com/en-us/lifecycle/search?alpha=Windows%20Server%202012.
    • Support for the most recent version of SQL 2008 https://support.microsoft.com/en-us/lifecycle/search?alpha=SQL%20Server%202008%20R2%20Service%20Pack%203
    • Mainstream support for the most recent version of SQL 2012 ran out two years ago and extended support for both will https://support.microsoft.com/en-us/lifecycle/search?alpha=SQL%20Server%202012%20Service%20Pack%204.
  • Are you running more recent versions of SCOM? Two things to consider:
    • If you’re running SCOM 1801, it ran out of support https://support.microsoft.com/en-us/lifecycle/search?alpha=System%20Center%20Operations%20Manager%20version%201801.
    • If you’re running SCOM 1807, it runs out of support https://support.microsoft.com/en-us/lifecycle/search?alpha=System%20Center%20Operations%20Manager%20version%201807.
  • And that’s just the software, what if you’re running it on actual physical hardware?

Repeat this mantra to your management: Time is of the essence.

A blog post that covers a migration from end-to-end would be long and laborious with way too many if/then hops. It’s also impossible to cover all situations: from a home lab, to a mom-n-pop AIO server, to a globally-distributed SCOM infrastructure, I’ve seen all of those and everything in-between. You know your SCOM infrastructure better than anyone; you know best how to create your own checklist and plan a migration. Instead what I aim to do here is provide you with resources and tools to get your digital ducks in a row so you can put together a plan – and migrate to SCOM 2019!

Each of these tools and resources will have their own pre-reqs, limitations and documentation. Make sure to review the documentation for each prior to testing them in a lab environment (and then in production).

SCOM has had pre-reqs since the dawn of time…well, maybe not that long, but long enough that you know about them, are tired of them, and would like to automate them. If you want to automate your SCOM pre-reqs, go https://gallery.technet.microsoft.com/System-Center-2019-818de28f.

Want to script the creation of your SCOM service accounts and the SCOM Admins security group? Go https://gallery.technet.microsoft.com/SCOM-Service-Accounts-31af7781.

 

 

Did you know in SCOM 2019 that RunAs accounts now require Log On As a Service instead of Log On Locally? While this is more secure, it’s also something you need to plan for and understand.

  • Microsoft Docs https://docs.microsoft.com/en-us/system-center/scom/enable-service-logon?view=sc-om-2019
  • Kevin Holman’s https://kevinholman.com/2019/03/14/security-changes-in-scom-2019-log-on-as-a-service/
  • Kevin Holman’s https://kevinholman.com/2019/04/07/scom-2019-log-on-as-a-service-management-pack-helper/

If you want to export your SCOM Security User Roles, use the following PowerShell one-liner:

Get-SCOMUserRole | select-object name,displayname,description,profile,profiledisplayname,@{Name=’users’;Expression={[string]::join(“;”, ($_.users))}}| Export-Csv -Path c:\.csv

  • This will create a CSV of SCOM User Role Names along with their DisplayName, Description, the Profile that the role is based on, the ProfileDisplayName and (probably most importantly) the users/groups that are members of the SCOM User Role.

Want to export your subscriptions and their corresponding subscribers and channels? Go https://gallery.technet.microsoft.com/Export-all-subscriptions-bd6fb0d7.

Want to export your SCOM RunAs Accounts along with the RunAs Profiles that they’re tied to? Go https://gallery.technet.microsoft.com/Listing-SCOM-2012-R2-24be56b1.

Did you know that there are some highly recommended registry tweaks for your SCOM 2019 management servers? Find them https://kevinholman.com/2017/03/08/recommended-registry-tweaks-for-scom-2016-management-servers/.

Firewall exceptions for SCOM? Yeah, we got those for you right https://docs.microsoft.com/en-us/system-center/scom/plan-security-config-firewall?view=sc-om-2019.

Antivirus exclusions for SCOM directories and files? Get those https://docs.microsoft.com/en-us/system-center/scom/plan-security-antivirus?view=sc-om-2019.

On the maintenance side of things, if you want to shrink your SCOM DB and DW of unnecessary event collection, https://gallery.technet.microsoft.com/Stop-collecting-all-the-3479ecb5#content will retain events that trigger alerts but deprecate those alerts that don’t (and are taking up valuable space while causing performance issues for your SCOM infrastructure).

Want to show your management that you’re ready for a management server failure? https://markmanty.com/2019/02/19/scom-agent-primary-failover-management-server-configuration-tool/ will allow you to set the failover management server for your agents.

Migrating SQL monitoring? Well https://kevinholman.com, has https://kevinholman.com/2019/06/12/how-to-transition-to-the-sql-version-agnostic-mp/ you need to review since the switchover to agnostic version SQL monitoring occurred over two months ago. Note: the earlier version-specific releases will no longer be updated, and, more importantly, are no longer supported. Get with your SQL team and get this reviewed/discussed/planned/implemented ASAP.

Speaking of SQL monitoring, skip the headache of RunAs accounts and use https://kevinholman.com/2016/08/25/sql-mp-run-as-accounts-no-longer-required/.

Ready to make your life as a SCOM admin easier? Use https://kevinholman.com/2017/05/09/scom-management-mp-making-a-scom-admins-life-a-little-easier/ Kevin Holman MP that combines many useful tools/tasks/scripts into a single MP.

Tired of using VBscript since, well, forever? Install https://squaredup.com/blog/free-powershell-monitoring-management-pack-download-now/ community MP and start using PowerShell instead - right from the GUI! Can also download the source files from GitHub https://github.com/squaredup/Community.PowerShellMonitoring.MP.

If you’ve inherited a SCOM environment with out-of-date MPs or have one where the management packs are updated as often as a Leap Year, https://social.technet.microsoft.com/wiki/contents/articles/16174.microsoft-management-packs.aspx is a link for Microsoft-related technology management packs so you can get the latest and greatest MPs for your infrastructure monitoring.

Here’s a collection of useful SCOM Admin Tools in a https://kevinholman.com/2018/12/30/scom-tools/.

Do you want to do more with SCOM reporting as the next SCOM admin? Look into using https://powerbi.microsoft.com/en-us/ as an option for your https://blogs.technet.microsoft.com/askpfeplat/2018/08/27/a-new-tool-for-your-toolbox-scom-dashboard-report-template-in-powerbi/ and https://gallery.technet.microsoft.com/SCOM-Overview-Dashboard-fd37a6f3. You’ll never look back…Note: Power BI and data analytics is a very specific skillset apart from SCOM (and SCOM reporting). If you need additional assistance with it, don’t hesitate to contact your Microsoft Technical Account Manager for further help and possibly getting a Microsoft Power BI engineer to engage and assist. Resources for Power BI: https://docs.microsoft.com/en-us/power-bi/desktop-what-is-desktop, https://docs.microsoft.com/en-us/power-bi/report-server/get-started and https://docs.microsoft.com/en-us/power-bi/power-bi-overview. Comparing the different versions: https://docs.microsoft.com/en-us/power-bi/service-service-vs-desktop; https://docs.microsoft.com/en-us/power-bi/report-server/compare-report-server-service.

Speaking of Power BI, if you want to monitor it, make sure you get the correct management pack for it – and it’s not readily noticeable by its name. Use the SSRS 2017 MP; get it https://www.microsoft.com/en-us/download/details.aspx?id=57381.

Ready to show your management (as well as the C/ISO) that you’re serious about securing your SCOM infrastructure and its communications? Use https://kevinholman.com/2018/05/06/implementing-tls-1-2-enforcement-with-scom/ from Kevin Holman to get up-to-speed and implement TLS 1.2. (More info can be found https://docs.microsoft.com/en-us/system-center/scom/plan-security-tls12-config?view=sc-om-2019.)

If you want to review your data warehouse settings as well as change them easily, https://www.scom2k7.com/scom-datawarehouse-grooming-settings-super-easy-with-new-gui-tool/ is an eye opener! It will provide you with details including the current retention time, current size as well as tell you what percent of your DWH is being consumed by a particular dataset (performance, state, config, etc) - and then you can change the settings from within the tool itself 😊

As you prepare for your migration and start your checklist, review https://docs.microsoft.com/en-us/system-center/scom/deploy-overview?view=sc-om-2019 and use it for planning out your strategy. If you’d like a little more assistance in an easy-to-follow, not-so-white-paper-technical jargon, of course our SCOM Rock Star https://kevinholman.com/2019/03/14/scom-2019-quickstart-deployment-guide/.

When you’re done with your SCOM installation, don’t forget to https://thesystemcenterblog.com/2019/03/15/upgrading-to-scom-2019-step-by-step/#ConfigureLicense!

And finally…if you’re still in need of assistance, I worked with a team recently to update a Microsoft offering that helps lead you through the migration to the latest version of SCOM. It’s been updated for SCOM 2019 and is ready for you! Contact your Microsoft Technical Account Manager Premier Field Engineer and ask them about how you can get information on or discuss the Onboard Accelerator for System Center Operations Manager.

If you have an issue or concern about any of the above tools, please feel free to post a question or comment to the post by the original blog’s author. Most of these are sourced from Microsoft engineers, and we can be a real responsive/chatty bunch 😉

Do you have some real-world tips? Found some gotchas when you migrated? Please feel free to chime in below. A strong community makes for a stronger SCOM.

Good luck, Live Long and Prosper, and May the Schwartz be With You!

 

--

Hitesh Sharma

Senior Program Manager, Microsoft

 

Updated Sep 17, 2019
Version 2.0
System Center Operations Manager

1 Comment

  • Techiedude .'s avatar
    Techiedude .
    Copper Contributor
    Sep 26, 2019

    There's a mgmt pack originally written by Tao Yang and now maintained by Cookdown that helps automate SCOM mgmt and maintenance. It's been updated to support SCOM 1801/1807 and 2016/2019. It offers an abundance of tasks, views, rules and monitors to assist in automating your SCOM maintenance. It can be found here: https://cookdown.com/scom-essentials/self-maintenance/