Wrox professional MOM 2005 SMS 2003 and WSUS may 2006 ISBN 0764589636

Back Cov erProfessional MOM 2005, SMS 2003 and Microsoft Update provides a single source for IT administrators to understand how these systems and operations management technologies can

Professional MOM 2005, SMS 2003, and Microsoft Update

byRandy Hollowayet al

Wrox Press 2006 (432 pages)

ISBN:0764589636

P ro viding a single so urce fo r IT a dm inistra to rs to unde rsta nd ho w syste m s a nd o pe ra tio ns m a na ge m e nt te chno lo gie s ca n be use d in the ir

e nviro nm e nts, this co m pa ra tive to o l he lps re a de rs unde rsta nd which to o l is right fo r which jo b

Table of Contents

Professional MOM 2005, SMS 2003, and Microsoft Update

Introduction

C hapter 1 - The Basics of Operations Management

C hapter 2 - MOM, SMS, and WSUS—How They Fit Together

C hapter 3 - Installing Microsoft Operations Manager 2005

C hapter 4 - Installation of SMS

C hapter 5 - Installing and C onfiguring Microsoft Update and Windows Server Update Services

C hapter 6 - MOM C onfiguration and Administration

C hapter 7 - MOM and SMS Agents

C hapter 8 - Management Packs and C omponents

C hapter 9 - Management Pack Drilldown for Windows Server

C hapter 10- More on Management Packs

C hapter 11- Third-Party Management Packs and Product C onnectors

C hapter 12- Using SMS and MOM to Manage Security and Patching

C hapter 13- Monitoring

C hapter 14- Securing Your MOM, SMS, WSUS, and WU Installation

C hapter 15- Reporting

C hapter 16- System C enter and the Dynamic Systems Initiative

Appendix A- MOM Management Packs and Utilities

Index

Next Page

Back Cov er

Professional MOM 2005, SMS 2003 and Microsoft Update provides a single source for IT administrators to understand how these systems and operations

management technologies can be used in their environments It also serves as a comparative tool that helps readers understand which tool is right for whichjob

It is designed and written for anyone who is involved with implementing, supporting, or managing a set of tools for systems and operations management,including IT operators, IT administrators, IT infrastructure managers and system architects The readers that have some background in systems and

operations management will probably get the most of this book, however no specific level of skill or knowledge is assumed The writing is aimed at readerswho have a basic understanding of IT infrastructure on the Windows platform and have familiarity with Windows XP (and earlier) client deployments andWindows Server technologies

Some of the topics covered include:

basics of operations management

how the MOM 2005, SMS 2003 and other update technologies fit together

installing and deploying MOM

installing and deploying SMS

installing and deploying MU and WSUS

configuring and administering the MOM environment with MOM and alert tuning

MOM and SMS agents

Deploying and using MOM management packs

Third party management packs

Security and patching with MOM and SMS

Monitoring and security MOM and SMS deployments

MOM and SMS reporting

Microsoft System C enter Solutions

Next Page

Professional MOM 2005, SMS 2003, and Microsoft Update

Wiley Publishing, Inc

Professional MOM 2005, SMS 2003, and WSUS

Library of Congress Cataloging-in-Publication Data

Professional MOM 2005, SMS 2003, and WSUS /Randy Holloway … [et al.]

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or

otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization throughpayment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600 Requests to the Publisher forpermission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at

http://www.wiley.com/go/permissions

LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY ORCOMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR APARTICULAR PURPOSE NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS THE ADVICE AND STRATEGIES CONTAINED HEREIN MAYNOT BE SUITABLE FOR EVERY SITUATION THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OROTHER PROFESSIONAL SERVICES IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT NEITHERTHE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HERE-FROM THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK

AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THEORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORKMAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ

For general information on our other products and services please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317)

572-3993 or fax (317) 572-4002

Trademarks: Wiley, the Wiley logo, Wrox, the Wrox logo, Programmer to Programmer, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc and/or itsaffiliates, in the United States and other countries, and may not be used without written permission All other trademarks are the property of their respective owners Wiley Publishing, Inc., isnot associated with any product or vendor mentioned in this book

Wiley also publishes its books in a variety of electronic formats Some content that appears in print may not be available in electronic books

About the Authors

Note This book is dedicated to both my mothers, Yvette and Graça; my father, Gaspar; my brothers, Daniel and Digo; my wife, Carla, who was very understanding when I had to spendhours in front of the computer working late nights; and my children, Marco, Rafael, and Natalia

Marcus Oh

Marcus Oh, a senior administrator and architect, has been leading initiatives in systems management technologies for a private telecommunications company since 1999 He is a columnistfor http://www.myITforum.com and has had articles published in TechTarget newsletters as well as the book Windows Server Hacks Marcus has been recognized by Microsoft with the MostValuable Professional award in Windows Server Management since 2004 To get a glimpse of Marcus's latest reflections, visit his blog at http://www.marcusoh.blogspot.com

Note I thank all of my family and friends for their support while I wrote my part of this book Further, I thank all of the intelligent and respected minds I've met along the way that havehelped contribute in some form or another to the completion of this book, various projects, and my sanity

Russ Kaufmann

Russ Kaufmann, MCSE+I, MCT, and MVP, is a consultant, speaker, trainer, technical editor, and author He has been working in IT for more than 15 years and has worked with both smallclients and large clients spanning multiple countries He specializes in Microsoft server products with special emphasis placed on Exchange, IIS, SharePoint Portal Server, and, of course,MOM He currently works for Infocrossing, an infrastructure outsourcing company, in their Broomfield, Colorado, office

Note This book was a unique project that taught me a great deal about life and prioritization

I originally saw this project and rejected it It was too open ended and it just didn't "ring" for me Later, this project came around again, and this time I said I would do it My thanks

go to Jim Minatel for keeping me in the loop and giving me another chance to jump on board with this project

I talked to Randy Holloway, who originally came up with the concept, and I bought into his idea In case you, the reader, haven't figured it out, the idea was to put together a book

organizational needs Thanks to Randy for getting the idea and making sure I understood it as I built the outline.

As we started working on the project and the timeline, it became clear that we needed additional people My thanks go to Telmo Sampaio Telmo stepped up and agreed to take

on some work and add his expertise Without him, this project would have died

The next challenges came up with some major health problems on my part and Randy's making the correct decision to place his family first He had an addition to the family right

as we were getting started, and his responsibilities really ate up his time So, the next step was to add another person to help out My thanks go to Marcus Oh for jumping into themiddle of this and using his sheer force of will to keep things moving forward At that time, I really couldn't provide any help or answer his questions, but he figured things out andkept on going

The final challenge was one that I have seen in all projects: the dreaded deadline and exhaustion This kind of project requires huge amounts of work, and it got to everyone Mythanks go to Derek Comingore for taking on a good bit of the load Derek did a great job as the tech editor for many chapters and the author of others

The usual thanks go to the editors and StudioB's Laura Lewin for taking care of the business of it all and for having the patience in trying times to make this project happen.This project was completed by the sheer will of those involved I still am amazed that it is done

Derek Comingore

Derek Comingore is the software development manager for http://www.Hosting.com He holds the MCAD/MCDBA Microsoft certifications, the Carnegie Mellon Personal Software Process(PSP) credential, and an AAS/BS in Computer Information Systems In addition to his role for http://www.Hosting.com, Derek enjoys writing articles for http://www.Hosting.com's newsletter andhas written his first article for MSDN (soon to be published) on leveraging SQL Server 2005 Service Broker to obtain real-time ETL He is also starting up a new SQL Server community,http://www.sqlserver360.org, which promises to deliver a rich and rewarding experience for the SQL Server professional

Note First and foremost I wish to thank my fiancée, Misty Neely, for her everlasting patience with me as I sat in front of the computer until 3 a.m on several occasions I love you verymuch My son, Derek Steven Comingore—there is no better feeling in the world than when you come tackle Daddy when he gets home from work; you are the best gift God couldever have given me My family also deserves much praise as they gave me a good home to grow up in with strong morals and love; their guidance continues to help me achievehigher levels of success in my life

Jim Minatel, thank you, not only for this opportunity but also for mentoring me in the technical writing field Jim slowly exposed me to the technical writing industry by asking me to

be a technical editor for several other Wrox titles, and now a contributing author on this book Ed Connor deserves thanks as he was under a lot of pressure when things got tight, but

he "quarterbacked" the project quite well http://www.Hosting.com, my employer, has been supportive of my technical writing, and I appreciate it Finally, I thank Darren King,http://www.Hosting.com CEO, who continues to challenge and mentor me

Quality Control Technicians

John Greenough Charles Spencer

Proofreading and Indexing

Techbooks

Next Page

Systems and operations management can be complex and expensive A comprehensive approach to this problem requires the use of operations management tools, software deploymenttools, configuration management, and other release management tools and techniques The knowledge of the organization is critical in helping to make sure that everything works well Inaddition, doing the job right involves custom rules or scripts and reports to help ensure that everything is running as expected For many IT professionals, this kind of operations management

is a mix of a number of different tools along with custom scripting and manual effort to monitor logs and other reports While this approach will get the job done, it can often be moreexpensive and time consuming for administrators In addition, the use of too many special-purpose monitoring and management tools in the environment, along with custom scripts andreports, introduces more opportunities for mistakes and can lead to unsatisfied users or customers

Microsoft is taking a comprehensive approach to systems and operations management and is building tools targeted at the small business all the way up to the largest enterprises While there

is more work to do in improving these products, Microsoft's focus to build a well-integrated set of monitoring and systems management solutions is significant and should be a point ofconsideration for any IT administrator who is evaluating or implementing these tools in their environment This book was written to show how the current Microsoft tools for systems andoperations management can work together to provide a comprehensive approach to automating IT operations In addition, this book takes a look at where these tools are going and what ITadministrators can expect from Microsoft in the future to help make operations and systems management tasks easier It is important for IT administrators to consider not only the presentoperational and systems management requirements but their future needs as well when evaluating and implementing the technologies, and this book attempts to address both of these areas

Whom This Book Is For

When the idea for Professional MOM 2005, SMS 2003, and WSUS was first discussed, the goal was to provide a single source for IT administrators to understand how these systems andoperations management technology can be used in their environments Since that time, the book has also evolved into a comparative tool that can help a reader to understand which tool isright for which job The audience for this book includes anyone who is involved with implementing, supporting, or managing a set of tools for systems and operations management, including

IT operators, IT administrators, IT infrastructure managers, and system architects

Readers with some background in systems and operations management will probably get the most out of this book; however, no specific level of skill or knowledge is assumed The writing isaimed at readers who have a basic understanding of IT infrastructure on the Windows platform and have familiarity with Windows XP (and earlier) client deployments and Windows Servertechnologies

For readers who understand the principles behind systems and operations management and who are interested in the installation procedures and configuration for MOM 2005, SMS 2003, orthe Microsoft Update (MU) and Windows Server Update Services tools (WSUS), you may want to jump right into Chapters 3, 4, and 5 For those that are interested in evaluating these toolsand using this book as an aid, start with Chapter 2, which covers the basics of how these products work and how they can be used together Chapter 16 looks beyond the core products thatwe've discussed throughout the book and incorporates other systems management products from Microsoft This is a good chapter for those interested in the product roadmap beyond MOM

2005 and SMS 2003

Next Page

What This Book Covers

This book covers the current shipping systems and operations management products from Microsoft As of this writing, these products include MOM 2005, SMS 2003, MU, and WSUS Whilethere are older versions of MOM and SMS, we have not covered those technologies in this book in any detail In addition, this book does not offer any detailed comparison of the currentversions of these products to the previous versions New features in the current products are not explicitly noted

Next Page

How This Book Is Structured

One of the challenges in writing a book that covers a broad range of products and tools is structure To best address this issue, the book is organized to cover the material in logical sections.This book covers the basics of systems management and the products, followed by installation and configuration procedures In later chapters, topics covered include patching, monitoring,tuning, and reporting of the management tools Finally, the book describes the roadmap for future management products from Microsoft

More specifically, Chapters 1 and 2 cover the basics of operations management and how the MOM 2005, SMS 2003, and other update technologies fit together These chapters should setthe stage for the material to be discussed and provide some insight on what these products can do for IT Chapters 3 through 5 are focused on the installation and deployment of MOM, SMS,

MU, and WSUS These chapters include a review of installation procedures and considerations, along with some discussion of configuration Chapter 6 is a deeper dive into the configurationand administration of the MOM environment with MOM and alert tuning, and should help the reader to understand how to get the most out of the operations monitoring tools Chapter 7 goesinto the agent technologies that make MOM and SMS work in your environment

In Chapters 8 through 11, the book moves into a deeper discussion of MOM management packs, including the deployment of management packs and the use of third-party managementpacks and product connectors Appendix A also provides more detail on the management packs available from Microsoft and other vendors Chapter 12 covers the security and patchingfeatures that can be supported by MOM and SMS Chapters 13 and 14 cover monitoring and the security aspects of deploying MOM, SMS, and the update technologies, helping to ensurethat IT administrators lock down these powerful tools Chapter 15 covers the reporting capabilities of MOM and SMS detail with information on how administrators and operators can retrievecritical information from these tools Chapter 16 covers the Microsoft System Center solutions and considers the future of Microsoft's management tools

Next Page

What You Need to Use This Book

The readers of this book will benefit from having access to a Windows Server domain and software including MOM 2005 and SMS 2003 Some of this software is available to be downloadedfor evaluation purposes For those without access to a lab or test network environment, products such as Virtual Server or Virtual PC can help to build an environment for testing For ITprofessionals that don't have access to these tools, the Virtual Labs available at Microsoft's Tech Net site (http://www.microsoft.com/technet/traincert/virtuallab/default.mspx) can be used toreview much of the functionality described in this book

Next Page

We make every effort to ensure that there are no errors in the text or in the code However, no one is perfect, and mistakes do occur If you find an error in one of our books, like a spellingmistake or faulty piece of code, we would be very grateful for your feedback By sending in errata you may save another reader hours of frustration and at the same time you will be helping usprovide even higher quality information

To find the errata page for this book, go to http://www.wrox.com and locate the title using the Search box or one of the title lists Then, on the book details page, click the Book Errata link Onthis page you can view all errata that has been submitted for this book and posted by Wrox editors A complete book list including links to each book's errata is also available at

http://www.wrox.com/misc-pages/booklist.shtml

If you don't spot "your" error on the Book Errata page, go to http://www.wrox.com/contact/techsupport.shtml and complete the form there to send us the error you have found We'll check theinformation and, if appropriate, post a message to the book's errata page and fix the problem in subsequent editions of the book

Next Page

For author and peer discussion, join the P2P forums at http://www.p2p.wrox.com The forums are a Web-based system for you to post messages relating to Wrox books and related

technologies and interact with other readers and technology users The forums offer a subscription feature to e-mail you topics of interest of your choosing when new posts are made to theforums Wrox authors, editors, other industry experts, and your fellow readers are present on these forums

At http://www.p2p.wrox.com you will find a number of different forums that will help you not only as you read this book, but also as you develop your own applications To join the forums, justfollow these steps:

1 Go to http://www.p2p.wrox.com and click the Register link

2 Read the terms of use and click Agree

3 Complete the required information to join as well as any optional information you wish to provide and click Submit

4 You will receive an e-mail with information describing how to verify your account and complete the joining process

Note You can read messages in the forums without joining P2P but in order to post your own messages, you must join

Once you join, you can post new messages and respond to messages other users post You can read messages at any time on the Web If you would like to have new messages from aparticular forum e-mailed to you, click the Subscribe to this Forum icon by the forum name in the forum listing

For more information about how to use the Wrox P2P, be sure to read the P2P FAQs for answers to questions about how the forum software works as well as many common questions specific

to P2P and Wrox books To read the FAQs, click the FAQ link on any P2P page

Next Page

Chapter 1: The Basics of Operations Management

Overview

One of the key criteria for selecting and deploying enterprise systems is the ability to effectively manage their operations By ensuring that critical business systems are healthy, responsive,and running as expected, information technology managers and executives are able to lower the total cost of ownership for their systems and place more emphasis on the development anddeployment of new capabilities In most organizations, this is the major focal point to help drive efficiency In this chapter, we cover the following topics:

Systems management on the Microsoft platform

Model-based operations management

Dynamic Systems Initiative

With the emphasis on Microsoft's management technologies over the past few years, new releases of SMS and MOM, and the evolution of the Microsoft Update platform, there is a greaterneed for IT to understand how these products can work together to provide a comprehensive systems management solution that enables software deployment, systems monitoring for alertsand exceptions, and access to the data that can help IT to prevent problems in the future Those who use the systems management tools from Microsoft benefit from having Microsoft'sknowledge of its own tools baked into the products, which makes it easier to manage their Windows desktop and server environments and provides the capability to work in a heterogeneoussetting

The goal for this chapter is to provide a basic overview of operations management and describe the problem domain and then focus on the components of the Microsoft platform now and inthe future that will enable system administrators and IT to effectively manage their technology operations By examining the current management tools and understanding Microsoft'sDynamic Systems Initiative, you can better formulate your strategies for deploying management solutions on the Microsoft platform

Next Page

Systems Management on the Microsoft Platform

IT organizations deploy systems management and monitoring technologies in an effort to reduce costs associated with the complexity and effort of deploying and managing large numbers ofworkstations, servers, and server-based applications in their enterprise environment Achieving this goal depends on the technology being used to provide scalability to accommodate largeenvironments and to provide an efficient architecture However, when comparing monitoring and management technologies, the most critical factor to consider is the availability of theoperational assistance they offer to the operators and administrators that rely upon these tools These administrators want to ensure that their systems are highly available and functional fortheir customers

Monitoring technologies are only as valuable as the quality of the best-practices they provide Traditionally monitoring, management, and deployment technologies have been toolsets thatdepend on customization by IT or consultants to determine appropriate components that should be deployed and how to best configure them to monitor the availability and performance ofthe customer's specific application or service Because of this, few organizations have realized the potential value of these technologies In addition, monitoring tools that are not granularenough in detail can fall short in helping administrators to solve problems once they are identified

The core management solutions on the Microsoft platform include products such as Systems Management Server (SMS), Microsoft Operations Manager (MOM), and the Microsoft Updatesolution Through the use of SMS for software deployment, MOM for management alerts and notifications, and Microsoft Update to provide easy access to updated patches for products such

as Microsoft Windows, Microsoft Office, and many others, an enterprise systems administrator has a baseline to enable secure and well-managed systems MOM provides the foundation foroperations management while SMS enables more sophisticated configuration and release management scenarios Together, these tools can effectively support the full lifecycle for systemsmanagement

For many years, IT administrators have been successfully using Microsoft SMS to manage Windows-based desktops and servers within their organizations As the number of Windows PCsdeployed within these organizations has grown dramatically, SMS has helped IT administrators contain the cost of managing such heavily distributed systems, keeping the overall cost ofownership low while allowing the number of deployed PCs and applications to grow

However, the environment in which Windows-based PCs are deployed is constantly changing as new technologies are adopted and as PCs are used in increasingly complex configurations.The most recent release of SMS, Systems Management Server 2003, is designed to track and support these changing trends in PC usage and provide support for emerging usage scenariosand technologies SMS 2003 provides solutions for a number of key issues faced by IT administrators managing Windows-based PC environments today SMS 2003 addresses the followingkey problem areas:

Managing computers and users that roam around the network, often connecting over poor bandwidth links or from different geographic locations on a regular basis

Tracking the deployment and usage of software assets in the organization, and using this to plan licensing and software acquisition across the company

Monitoring the patch state of all deployed Windows PCs and applications in the enterprise, and removing vulnerabilities proactively in a closed loop process with real-timepatch deployment status

Offering managers and users access to the management data aggregated by SMS, including live configuration and operations reports

Managing Windows PCs securely, but with a minimum of administrative overhead, while fending off the ever-increasing number of external security threats

The core features of SMS, including software deployment, inventory tracking, and remote troubleshooting are supported in SMS 2003 The SMS administration console is shown in Figure 1

Because many organizations are deploying Windows Server 2003 Active Directory service within their networks, SMS 2003 is able to take advantage of this technology, further simplifying theprocess of managing clients and users Many Active Directory features map directly to SMS targeting concepts, allowing IT administrators to target software and inventory tasks using ActiveDirectory constructs and containers In summary, SMS provides a strong set of features to enable software deployment and the management of clients and users

When it comes to systems monitoring and alerting functions, the core component of that solution is Microsoft Operations Manager MOM 2005 differs from traditional monitoring technologyand assists customers in reducing the cost of management through the use of management packs These management packs for an application combine the insight of the applicationdevelopers, a knowledge base for organizational learning and common knowledge surrounding the product along with best practices for operations

The difference between MOM management packs and similar management technology lies both in the identities of the management pack developers and the methodology used for theirdevelopment First, MOM 2005 management packs provide built-in, product-specific operational intelligence, encapsulating knowledge from the individual Microsoft product teams

developing the applications, Microsoft Consulting Services, and Microsoft's product support organizations All of this knowledge is made available out of the box for consumption by theproduct users Second, the Design for Operations methodology is used to first analyze and then design the management of Windows applications and services

The Design for Operations methodology of managing applications is a sharp contrast to the typical way application management has been developed in the past As opposed to a subjectmatter expert driving the approach to managing a system, Design for Operations requires developers of Microsoft applications and third-party applications or services to adopt an inside-outapproach based on their personal knowledge of the application or services Instead of simply monitoring processes or services to see if they're running and then generating an alert to aconsole, Design for Operations requires that an application or service be analyzed and broken down into a framework that will describe the application from a management perspective Thismethodology uses three models as the basis for implementing management for a service or application: the Health Model, the Task Model, and the State Model The models are meant toprovide a prescriptive mechanism for ensuring that management is built for every service and application and that the management is aligned with the needs of the administrator who will berunning the service This design point is a requirement of the Windows Server Systems Core Engineering Criteria, which are used to determine whether a Microsoft product can be shippedunder the banner of Windows Server System

The Health Model defines what it means for a system to be healthy or unhealthy, and the model defines how a system transitions in and out of those states Information on a system's health isnecessary for the maintenance and diagnosis of the system The contents of the Health Model become the basis for system events and instrumentation on which monitoring and automatedrecovery is built All too often, system information is supplied in a developer-centric way that does not give the administrator operational visibility of the applications The Health Model seeks

to guide both what kinds of information should be provided and how the system or the administrator should respond to the information If a management technology is monitoring anapplication or service without a deep understanding of Health Modeling, IT operators will be required to invest time and resources analyzing the relevance of an alert to the operations oftheir organization

The Task Model is used by developers to enumerate the activities that are performed in managing the system These may be maintenance tasks performed on a routine basis, such as systembackup; for event-driven tasks, such as adding a user; or for diagnostic tasks performed to correct system failures Defining these tasks guides the development of administration tools andinterfaces, and it becomes the basis for automation Used in conjunction with the Health Model, the Task Model can drive self-correcting systems with the appropriate instrumentation TaskModels are utilized by management pack developers in the creation of product or service-specific management Rules and Administrator Tasks Management packs also leverage the Task

a Task Model, most monitoring applications rely on the IT organization or consultants to write complex scripts and rules to determine how to resolve error situations locally or determine thecorrect diagnostic procedures or tools needed to remedy a problem remotely.

State Modeling will be increasingly leveraged by future Windows platforms and applications to provide administrators with a comprehensive means of managing both the availability andconfiguration of systems and applications State Modeling catalogs the state and settings associated with an application and define the scope and type for each State may be associatedwith the computer or the user, it may be temporary or permanent, and it might be user data or operational parameters Having a strict association of every state entity with a scope andcategory allows the administrator flexibility in deployment and provides a powerful tool for control It means an administrator can separately store user data, migrate a user easily from onecomputer to another, and replicate computer configuration across a data center

In an early adoption of State Modeling, MOM 2005 management packs provide administrators Health and State information from new views within the MOM Operator Console In addition toalert views found in other management applications, the State Monitoring view provides MOM operators with a quick overview of server health Each computer shown in the state monitoringview receives a rating in critical categories The rated categories include memory and operating system as well as specific application categories, such as Active Directory, SQL Server, andExchange Server The operator can expand a particular category to view server status displayed in subcategories, as shown in Figure 1-2

Figure 1-2

MOM 2005 provides users with a variety of topological views that show the automatic discovery of nodes and relationships With topological views, IT administrators can view node status,navigate to other views, and launch context-sensitive actions This can reduce resolution time for complex problems from hours to minutes, significantly reducing cost and improving servicelevels For example, when something happens to an application such as Active Directory, it turns red on the diagram By double-clicking on the red application, a more detailed diagramopens showing one or more trouble spots in red The operator can continue drilling down in detail until he or she uncovers the cause The MOM console tasks and prescriptive guidance arethen available to help resolve the issue Diagram views are shown in Figure 1-3

Figure 1-3

Next Page

Moving Toward the Future: Dynamic Systems Initiative

Knowledge is a key component for systems management This includes knowledge of the deployed systems, knowledge of the environment in which they operate, knowledge of a designer'sintent for those systems, and knowledge of IT policies Specifically, knowledge may include the following:

Developer constraints on settings of a component, including constraints on related systems that the component is hosted on or communicates with

IT policy that further constrains settings or deployments

Installation directives that describe how a system is to be installed

Health models that describe system states and the events or behavioral symptoms that indicate state transitions

Monitoring rules, ranging from polling frequency to event filtering and forwarding to diagnostic or corrective action in response to problems

Schemas for instrumentation, settings, events, and actions

Service-level agreements that define performance and availability

Transaction flows and costs of processing steps for performance analysis

Reports

As IT organizations have become more geographically dispersed and individual roles more specialized, IT professionals tend to operate in silos focused on their area of specialization Thismakes it increasingly difficult to communicate relevant system knowledge across the IT lifecycle As a result, organizations find it very difficult to collaborate across roles, promote continuousimprovement of a system's design and operation, and conduct typical management tasks such as deployment, updating, and patching

The silos that form across IT organizations interact with an application or system at some point during its lifecycle However, each silo possesses its own pocket of system-relevant knowledgethat does not get communicated effectively to the rest of the organization

Software models can be used to capture system-relevant knowledge and facilitate the communication and collaboration around this knowledge that is required to improve the efficiency ofthe entire IT development, deployment, and support lifecycle A software model provides a level of abstraction for administrators similar to what a blueprint provides to an architect or aprototype provides to a product designer But for a dynamic and distributed software environment, a static model or blueprint is insufficient The model must be a living organism and shouldevolve throughout the life of a system Having the right tools for systems management can help to keep these models current and enable users to have dynamic views of the system modelbased on an underlying operational system

When a system is developed, basic rules and configurations are defined As the system is deployed, the details of its configuration, environmental constraints, and requirements are added Asoperational best practices are developed or enhanced, they can be incorporated into the model as well, providing a feedback loop between the operations staff and the model In the end,the model becomes a live, dynamic blueprint that captures knowledge about a complete distributed system in terms of its structure, behavior, and characteristics The following benefits can

be gained as a result of these models:

The system model captures the entire system's composition in terms of all interrelated software and hardware components

The system model captures knowledge as prescriptive configurations and best practices, allowing the effects of changes to the system to be tested before the changes areimplemented

Tools that take advantage of the system model can capture and track the configuration state so that administrators do not need to maintain it in their heads The softwaremaintains the desired state so that humans do not need to

Administrators do not need to operate directly on real-world systems but rather can model changes before committing to them In this way, "what if" scenarios can be triedwithout impact to a business

The system model becomes the point of coordination and consistency across administrators who have separate but interdependent responsibilities

The modeling system becomes the integrated platform for design and development tools that enable the authoring of system models It also becomes the platform for operational

management and policy-driven tools used for capacity planning, deployment, configuration update, inventory control, and so on

In Microsoft's initial implementation of the Dynamic Systems Initiative, the System Definition Model (SDM) is a foundational component of dynamic systems SDM is a model that is used tocreate definitions of distributed systems In this context, a distributed system is a set of related software and hardware resources working together to accomplish a common function Multi-tierapplications, Web Services, Internet web sites supporting e-commerce, and enterprise data centers are examples of systems Using SDM, businesses can create a live blueprint of theirsystems This blueprint can be created and manipulated with various software tools and is used to define system elements and capture data pertinent to development, deployment, andoperations so that the data becomes relevant across the entire IT lifecycle

Today, an SDM can be defined using tools available with Visual Studio 2005 Going forward, SDM will be the basis for design of system models, used to deploy systems based on the modeldefined and will be kept up-to-date by an SDM service that dynamically modifies the SDM to reflect the current state of operations While the SDM will be incorporated into the Microsoftmanagement solutions, third parties will also be able to develop solutions based on the SDM to extend the capabilities of these models and the tools that consume or produce them.Several key capabilities of IT organizations and IT systems become possible when software models are used to capture all relevant system knowledge Through the DSI efforts and SDM,Microsoft aims to enable innovation in its products and from its partners in four areas: Design for Operations, System-Level Management, Policy-Driven Operations, and Hardware Abstraction.Design for Operations

When creating mission-critical software, software architects often find themselves communicating with their counterparts who specify data center and infrastructure architecture In the process

of delivering a solution, an application's logical design is often found to be at odds with the actual capabilities of the deployment environment Typically, this communication breakdownresults in lost productivity as developers and operations managers reconcile an application's capabilities with a data center's realities

With new model-based development tools, such as Visual Studio Team System, these differences are mitigated by offering a logical infrastructure designer that will enable operationsmanagers to specify their deployment environment and architects to verify that their application will work within the specified deployment constraints These tools use software models tocapture the knowledge of a designer's intent, knowledge of an operational environment, and knowledge of IT governing policies to ensure IT systems are designed with operations andmanageability in mind from the start The models described can be built using Visual Studio 2005 and then consumed by Microsoft management tools and any other third-party tools that arebuilt to consume the models, which are based on an open specification

System-Level Management

Models can capture the entire structure of an application, including all the underlying and interrelated software and hardware resources Management tools, such as future versions of MOM,will use those models to provide a system-level view of the health and performance of that application, enabling administrators to understand the impact of changes or errors in the systemand to manage the application more effectively

This system-wide view will enable future versions of management tools, such as MOM, to perform robust health monitoring and problem solving, as well as end-to-end performance andservice-level management

Management Strategies

Microsoft's strategy for delivering the Dynamic Systems Initiative is to leverage and extend existing management solutions to take advantage of the model-based approach to systemsmanagement Visual Studio 2005 Team System and MOM 2005 with management packs are great examples of products that deliver on the DSI vision today With these investments andthose planned for the future in products such as SMS and other System Center products, the Dynamic Systems Initiative clearly signals Microsoft's long-term commitment to reducing

complexity across the IT lifecycle and making it possible for IT professionals to deliver greater value to their businesses

Looking toward the future, Microsoft is working to develop products and enable solutions that will unleash the potential of SDM to simplify and automate information technology Microsoftwill both deliver and enable a new breed of application development tools that make it easier for companies to leverage the Design for Operations methodology Windows and supportingapplications and services will evolve to manage distributed resources across a data center, provide users with dynamic system-level views of their environments, and offer new core servicestargeted at simplifying the deployment and operations of distributed systems Windows Server System applications, including SQL Server, Exchange Server, and BizTalk Server, will supportSDM to deliver a greater set of management capabilities for IT professionals and their customers Coupled with Microsoft's commitment to management packs shipping with new softwarereleases, IT administrators will be able to deploy new solutions and have confidence in their ability to be supported in demanding environments much more quickly than before

Next Page

In this chapter, we covered the following:

Systems management on the Microsoft platform

Operations, configuration, and release management

Dynamic Systems Initiative

By combining health and state with alert information, IT operators no longer have to perform research to understand the organizational impact of alerts By maintaining awareness of systemand service availability, IT staff is better able to identify, address, and resolve IT reliability and performance issues before they become serious problems and negatively affect businessapplications Through the use of State Modeling and directly monitoring the event, health, and performance information of Windows Server System, MOM 2005 highlights relevant andimportant information that can be captured, evaluated, and presented to operators, helping prevent issues from going unseen Tools such as SMS and Microsoft Update expand the solutionsthrough configuration management capabilities that help administrators to deploy solutions and drive toward desired configuration through automated reporting, software deploymentfeatures, and other management capabilities

Going forward, Microsoft plans to deliver and enable a new category of closed-loop, system-level management solutions that provide new levels of automation in the data center and tiebusiness policies directly to IT systems By adopting solutions from Microsoft and its partners today, IT professionals can realize reduced costs and gain more time to proactively focus on what

is most important to support their organizations For information technology organizations that are looking to get started with systems management or to become more mature in the approach

to managing their systems, products such as MOM 2005, SMS 2003, and Microsoft Update are key components of a well-managed technology environment In Chapter 2, we take an in-depthlook at the features of these products and learn more about how they work together to support systems management

Next Page

Chapter 2: MOM, SMS, and WSUS—How They Fit Together

Overview

A major challenge for IT administrators faced with managing their technology infrastructure is figuring out which tool is best for which job With MOM, SMS, and WSUS and Microsoft Update,

it is important for the administrator to understand the features of each tool and to understand how the tools work together In addition, where there is some overlap in functionality betweenthe tools the administrator needs to understand the benefits of using one tool over another In this chapter, we cover the following:

MOM: A solution for operations management

SMS: A software deployment and management solution

WSUS: Update services for decentralized environments

MOM, SMS, and WSUS

You get a functional overview of MOM, SMS, and WSUS and the Microsoft Update components You compare the products, understand how they fit together, and review criteria to help youdecide when to use which of the products

To get started, let's describe what each product is designed to do MOM 2005 is a solution to enable operations management that provides event and performance management, proactivemonitoring and alerting, reporting and trend analysis, and system-specific knowledge and tasks to improve the manageability of your servers and applications While MOM 2005 is primarilyfocused on managing Windows-based servers, there are third-party solutions that enable you to manage server applications and services running on other platforms as well SMS 2003enables you to manage client computers and servers within your organization, including tasks such as troubleshooting, software asset management, software distribution, software updates,reporting, and many others WSUS enables IT administrators to deploy the latest product updates to Windows Server 2000, Windows Server 2003, and Windows XP operating systems Byusing WSUS, administrators can fully manage the distribution of updates that are released through Microsoft Update to computers in their network When you look at the descriptions for eachproduct, there is some overlap conceptually As we drill into the details, the distinction will be much more clear We'll start with MOM 2005 and how it supports operations managementfunctions

Next Page

MOM: A Solution for Operations Management

MOM 2005 includes a variety of features designed to make it easier for administrators to deploy and use the management tools, improved support for management packs and reporting, andfeatures to ensure that the management infrastructure is secure and reliable We break down the features based on how they're used to support operations management and point outdifferent features including administration, operations, and reporting that are essential to the overall management solution

The deployment of MOM starts out with the administration and configuration of the management environment A number of important features enable the administrator to more effectivelyconfigure the operations management tools to simplify the operations and monitoring processes One such feature is Computer Groups MOM enables you to create groupings for computers

by common elements, including geographical location, function of the servers, or other application dependencies Groups of computers are shown in the view of the MOM AdministratorConsole in Figure 2-1 From this view you can see all of the settings available to the administrator and gain a quick view of the computers available to manage

Figure 2-1

The actual mechanics of the operations management process in MOM are driven by setting up tasks in the operations management console A task is an action that is executed on theOperator Console against an alert, event, or computer This type of task is useful to automate user activities that would otherwise be performed by a user The action that is executed as part ofthe task is specified in terms of a command line for execution When a task gets launched, the properties are passed to the command line to ensure the proper execution

Several tasks can be configured in MOM For instance, a user might want to use the terminal server client to connect to the computer that raised an alert; the user can create a console taskthat runs against an alert item For example, the user could set up a monitor for a given directory to ensure that log files are being updated as expected As you would expect, the events inthose logs that are relevant can be captured in other ways, but a task to ensure that logs are being updated can ensure that issues that may arise in a system will be appropriately logged fordiagnostics and root cause analysis

A number of setup and configuration tasks are supported in the MOM administration console After your initial installation of MOM, a detail pane in the administration console displaysseveral startup tasks that can be performed rapidly The first option, Install/Uninstall Agents Wizard, enables you to specify computers or use discovery parameters to add computers to yourManagement Group

The Install/Uninstall Agents Wizard can also be launched from several other places in the MOM Administrator Console, including the root Microsoft Operations Manager node in the

Navigation pane, the Administration node, and the Computers subnode and all of its children Through the use of these agents, much of the MOM monitoring activities can be performed.While agents are core to the architecture of MOM and enabling management, agentless monitoring is also supported Agentless monitoring is the ability to monitor remote resources in amanner that is similar to how local resources are monitored through providers and responses If providers that support remote access to resources are used and the responses can execute itslogic remotely, then those sets of rules work the same way on both agentless and agent-managed computers Once identified, MOM starts monitoring the agentless computer as though therewere an agent installed on the computer To enable this kind of access, the MOM account used for this action must have administrative rights on the computers being managed withoutagents The console view for adding agentless managed computers is shown in Figure 2-2

Figure 2-2

A significant number of functions can be performed through agentless monitoring Some of the important functions include the following:

State monitoring

Heartbeat: A MOM Management Server pings the agentless computer at intervals specified by the user to ensure that it is available

Service discovery and status

Performance counters

Internal service monitoring events

Event collection: These include timed, Event Log, WMI, internally generated, and script-generated

There are some limitations to agentless monitoring This type of monitoring does not support application log providers, and descriptions of event log entries on the agentless machine are notdisplayed on the MOM Management Server unless it has the same EventLogmessages.dll file as the agentless computer A workaround is to install the software for which you'd like toreceive event log entries on the MOM Server Here are some considerations for agentless monitoring:

Agentless monitoring does not work through a firewall in typical configurations because agentless network traffic contains remote procedure call (RPC) and Distributed

Component Object Model (DCOM) calls

Not all management packs work in agentless mode Therefore, it might not make operational sense for your management pack to work without an agent if the bulk of themonitoring scenarios leverage providers that are not supported without an agent This is especially important when considering third-party management packs

Another important administration feature in MOM is the use of console scopes You can use console scopes to define the set of computer groups that appear in the MOM Operator Console forindividual MOM 2005 users The Console Scopes view in the MOM Administrator Console is shown in Figure 2-3 A console scope consists of a set of computer groups and a list of MOM 2005users that can access those computer groups Because users can be associated with only one console scope at a time, they can be granted access to only one set of computer groups in the

settings also apply to other SDK-based tools associated with the same account.

Figure 2-3

The Administrator Console features described previously are important, but most of the action with MOM occurs in the operations console This is where the day to day monitoring and uses ofMOM tools will likely occur MOM 2005 provides a set of view types for the operations console that are backward compatible to MOM 2000 but provide better usability for MOM users,including administrators and operators All the views can be authored, imported, and exported The console makes it simple to switch between views, drill down to details, and launch context-sensitive tasks The views included are Alters, State, Events, Performance, Computers, and Diagrams Let's look at each one of these views and how they support the operations managementprocess

The Alerts view enables the user to view alerts globally, based on filters or by system component where the alert originated As you can see in Figure 2-4, the alerts can be sorted by a variety

of criteria There are tabs related to the alert and the user can drill down for detailed information The State view in the Operator Console enables the user to view the state of a particularcomputer and view areas of problem by installed components The Event view is similar to the Alerts view, incorporating items from the event log and enabling you to view the alertsassociated with particular system events The Performance view enables you to view the performance counters associated with a particular computer, and then to select the items you wish tosee, as shown in Figure 2-5 The results can then be graphed for further analysis The Computer and Groups view enables you to view alerts by machine and monitored components TheDiagram view provides a view of the servers in your environment and the ability to customize those views based on different criteria

Figure 2-4

Figure 2-5

In addition to the administration and operations tools, MOM provides a data analysis and reporting solution MOM's data and reporting tools contain some of the following features:

Web-based reporting

Dynamic reports with drill down, charting, and sorting

Long-term offline storage and data analysis capabilities

Customization of reports through Visual Studio

Support for exporting data to other formats including Excel, PDF, CSV, and others

Folder-and report-based security

Support for interactive and published reports

Scheduled publishing and delivery based on report type or content changes

Several predefined reports are provided with the MOM 2005 management pack These reports are organized by three categories, including Microsoft Operations Manager reports,Operational Data Reporting, and Operational Health Analysis A view of the MOM reporting tool deployed through SQL Server Reporting Services is shown in Figure 2-6 These reportsenable operators to view a wide range of data, from details about the configuration of agents and the performance of the MOM servers all the way to metrics on specific alerts and detail data

Figure 2-6

Through the support for the configuration of tasks and rules for alerts in the operations management environment combined with an operations console and extensive reporting capabilities,the MOM environment provides a fully featured solution for managing computers and applications in an IT environment While these capabilities are important, they need to be coupled with

a strategy for desktop computer management, software deployment, and other capabilities such as configuration and release management that help IT administrators to deal with the issues

in their environment on a reactive and proactive basis The solution for these issues requires support for automated software deployment and systems management to enable remediation ofissues on a per-computer basis or across a broad set of computers defined by different groupings

Next Page

SMS: A Software Deployment and Management Solution

Systems administrators have relied on tools to enable automated software distribution and deployment and to perform other management functions since the early days of network

computing As PCs have proliferated, the problem of managing individual computers has become more important to the health of the overall technology infrastructure SMS is designed tohelp IT administrators contain the cost of managing distributed systems by allowing the number of deployed computers and installed applications to increase without requiring substantialinvestment in additional manpower for technical support Managing client computers within an IT organization includes tasks such as troubleshooting computers, managing software assets,and analyzing network problems These tasks can be complex and time consuming, preventing IT staff from focusing on new deployments and upgrades to existing systems SMS helps tosolve this challenge in IT

SMS 2003 addresses the following key issues that IT administrators face in managing distributed computing environments:

Managing computers that roam among locations and connect to the network from different geographical locations

Tracking deployment and use of software assets, and using this information to plan software procurement and licensing

Providing IT administrators and management access to data accumulated by SMS

Managing security on computers running Windows operating systems in a scalable manner

To help solve these issues, SMS 2003 provides a number of key features These include support for collections and queries, hardware and software inventory, software distribution, softwareupdate management, software metering, reporting, product compliance, security, and many others

SMS manages resources such as client computers and software Logical groups of SMS resources having common attributes are called collections Collections are defined by queries that arerefreshed at intervals specified by an administrator A resource that no longer meets the collection criteria is removed from the collection and a resource that meets the collection criteria isadded to the collection SMS features can operate on clients only if they are members of a collection By default, all SMS clients are members of the All Systems collection (shown in Figure2-7) These collections form the basis for how SMS manages systems in your environment

Figure 2-7

Another major feature is that hardware and software inventories on client computers can be performed by SMS You can run a wide variety of reports against the resulting data, which canhelp you plan upgrades, track hardware and software assets, or compare the report output to software licensing data Before you deploy a new software package, you can build a report thatshows how many destination computers have the required memory and disk space to support the software package that is planned for distribution This allows you to upgrade non-compliantsystems before the deployment begins, ensuring a higher overall project success rate You can customize the hundreds of types of data that can be recorded when you gather informationduring hardware and software inventory collection This helps you to attain the appropriate balance between performance and inventory depth for your organization SMS 2003 providescontrol over which software files should be scanned Software inventory can scan specific directories and drives, using environment variables to optimize the data-gathering process SMS hasbeen designed to use Windows Management Instrumentation (WMI) SMS has access to data from many sources, including the Win32 API and Simple Network Management Protocol(SNMP), which provides administrators with a broad base of inventory and configuration data

In addition to the useful hardware inventory features, there is extensive support for software inventory as well A granular file inventory search is available in SMS 2003 and can be configured

to retrieve only the necessary assets during discovery This is done with wildcards, environment variables, and file properties to control software inventory searches more effectively Otheroptions allow for compressed and encrypted files to be skipped In addition, the Add/Remove Programs list and other software installed by Windows Installer technology can be queried tovalidate against file inventory data in the case of corrupt or incomplete installations This provides a check against pure file-based inventory data

SMS also significantly reduces the time and complexity of maintaining and upgrading software for organizations with distributed networks You can upgrade and configure each computerfrom a central location or from multiple locations You can schedule individual software files or software programs for distribution to specific computers You can also initiate unattendedsoftware installations to selected computers Software installation packages can come ready for installation from Windows Installer using *.msi files or can be created with the SMS Installer.Software distribution can be directed to computers based on collected information, including network and hardware configuration, group membership, and software installation status If anSMS client computer is added to a group, software is automatically sent to the client according to predefined administrative settings for that group Likewise, new computers matching apredefined destination, such as by IP subnet or installed peripheral, automatically receive specified packages or driver updates Also there is a Courier Sender feature that allows software to

be sent between SMS sites by CD or other media, rather than across the network This is particularly useful in situations where the available network bandwidth is low or too expensive to usefor the delivery of large update packages

SMS can also be used to remove deployed software and applications from particular computers or groups Software distribution uses Background Intelligent Transfer Service (BITS)

technology, which can transfer files from distribution points that are BITS-enabled And if a file download is interrupted in progress, a checkpoint is set You can resume the file download andthen proceed from the checkpoint rather than restarting the download from the beginning On reconnection, any partial downloads to clients continue where they left off There is no need torestart transmissions because of a disconnected session

One of the more important features of SMS that drives many administrators to use it is the support for software updates Software update management in SMS is the process of keepingcomputers and servers that are running Windows operating systems updated with security updates or patches, and includes the following functions:

Performing an inventory of the installed and applicable updates on managed computers

Evaluating and testing available updates

Authorizing and distributing the updates

Tracking software update compliance

You can use these tools to take advantage of the critical software updates that Microsoft provides for Windows operating systems, Microsoft Office, SQL Server, Exchange, and other systemsoftware Several software update management tools are installed by default on the SMS site server These include the Distribute Software Updates Wizard and the Software UpdatesInstallation Agent, along with a collection of predefined reports for software updates Let's take a look at those tools in greater depth to understand their function

The Distribute Software Updates Wizard performs the following tasks:

Uses inventory information to analyze the applicable software update status for client computers

Provides a method of reviewing and authorizing suggested software updates

Downloads authorized software updates and installation information

Builds packages and advertisements tailored to specifications for each software update or set of updates

Distributes software update advertisements to client computers by using SMS software distribution

The Software Updates Installation Agent performs a number of functions as well This tool evaluates advertised software updates against missing or previously installed updates on an SMSclient computer and installs the applicable updates The Software Update Reports Predefined reports help you to view information that is gathered by the update inventory tools With these

and other software.

In addition to software update management tools that are described in the previous section, SMS 2003 includes some other enhancements over the previous versions of SMS One example

is the persistent notification for software updates This is an icon that appears in the system tray whenever a user is logged on and there are pending, but uninstalled, software updates Whenthe computer is in compliance, the notification area icon does not appear The notification area icon can be used to support user needs as well For instance, the program associated with theicon can schedule installations and reboots to occur at convenient times of the day or facilitate the install of software updates immediately The Unattended software update installationprovides a method to deploy mandatory updates to client computers silently No notification icon appears in the notification area, and users with insufficient rights cannot terminate theprocess in Task Manager

Efficiently managing the software products, services, and applications deployed to an organization is important to IT SMS 2003 does this with its software inventory and software meteringfeatures The focus of software metering in SMS 2003 is collecting and reporting software program usage data You can use SMS 2003 software metering data to identify which applicationsare being used and which users are running them along with the number of concurrent application usages, software license requirements, redundant software installations, and unusedsoftware applications that can be reallocated

Software metering is fully integrated with all other SMS components and is accessed through the SMS Administrator Console In addition, SMS 2003 software metering data is now stored inthe SMS site database with other SMS data SMS 2003 software metering includes software usage history, and enables trend analysis and audit reporting You can use this information totrack software license usage and produce license compliance reports An SMS site administrator can configure this process to suit your needs They can also configure SMS 2003 to tracksoftware usage on managed SMS client computers on and off the network SMS clients record software usage even when they are disconnected from the network by uploading usage reportseither on a schedule or the next time a connection is available to the SMS site

Summary and detail reports can be generated describing which applications were used by which users, for how long, and on which computers Usage can be tracked by user or computer andthe reports can be created comparing concurrent usage data to current license ownership, helping organizations to ensure compliance and track usage for budgeting and planning purposes

as well

Beyond the software update and metering features, there are some useful performance monitoring features in SMS 2003 The system provides a wide range of performance monitor countersthat are accessed using the Windows System Monitor These counters are helpful for maintaining SMS, identifying problem areas, tuning SMS systems, and troubleshooting System Monitorgathers information about growth patterns that you can use to plan for future hardware growth SMS 2003 also provides a comprehensive set of predefined, secure reports with informationabout the client computers across the SMS hierarchy and the current state of managed systems across an organization You can provide management and other SMS users with reports thatcan be viewed using Internet Explorer Reports include hardware and software inventory data, computer configuration details, and software deployment, deployment errors, and usage status.SMS reports are extensible, enabling you to generate custom views and reports You can use the SMS Administrator Console to create and manage reports All reports are based on SQL, andadministrators and other users who do not have access to the SMS Administrator Console can run reports by using the Report Viewer in Internet Explorer You can export and import reports byusing the Export Object Wizard and Import Object Wizard in the SMS Administrator Console, as shown in Figure 2-8 Use exported report files to share reports with other SMS administrators or

to import reports obtained from another SMS administrator Using Report Viewer, you can also create dashboards, which are sets of reports displayed in a grid, in a single window to monitorinformation about a variety of SMS objects or systems All of these capabilities enable you to provide the right data to the right people, regardless of their status within SMS or knowledge ofthe system

WSUS: Update Services for Decentralized Environments

WSUS provides the features that administrators need to manage and distribute updates through a Web-based tool, which can be accessed from Internet Explorer on any Windows computer on

a corporate network While similar to SMS, WSUS has fewer features and doesn't support updates for all Windows applications WSUS is a tool that can be used to manage certain types ofupdates or segments of computers where a simpler solution can work This might include managing a sandbox network that for security reasons isn't connected to your main SMS instance anddoesn't require the level of management that SMS provides It could also include the management of a smaller remote site that isn't covered under your organization's SMS licensing WhileWSUS doesn't support the software and hardware inventory features and is a much simpler tool, it can be a useful tool in your environment if deployed correctly

When it comes to SMS and WSUS, some organizations may be able to choose between one or the other While WSUS mirrors many of the capabilities in SMS, it is generally less functionaland flexible in comparison See the following table for a comparison of features and capabilities

Update Serv ices

SMS 2003Supported Software and Content

Supported software for Content Win2K, WS2003, WinXP Pro,

Office 2003, Office XP,Exchange 2000, SQLServer

2000, MSDE

Same as WSUS and Win98and can update any otherWindows-based softwareSupported content types for

supported software

All software updates, criticaldriver updates, Service Packs,and Feature Packs

All updates, Service Packs,and Feature Packs, andsupports update and appinstalls for any Windows-basedsoftware

Update Management Capabilities

Patch installation and scheduling

WSUS provides a central point of update for servers, clients, or other WSUS servers in your environment The WSUS server that acts as an update source is called an upstream server In aWSUS implementation, at least one WSUS server in the network must connect to Microsoft Update to get available update information The administrator can determine, based on networksecurity and configuration, how many other servers connect directly to Microsoft Update

A client computer component for Automatic Updates is built into Windows 2000 with SP3, Windows XP, and Windows Server 2003 operating systems Automatic Updates enables both serverand client computers to receive updates from Microsoft Update or from a server running WSUS WSUS is the successor to Software Update Services (SUS) It builds on the features that SUSprovided and extends it by providing the following features:

More extensive updates for Microsoft products

The ability to automatically download updates from Microsoft Update by product and type

Ability to target updates to specific computers and computer groups

Ability to verify that updates are suitable for each computer before installation

Reporting capabilities

Data migration and import/export capabilities

Extensibility through an API

Additional language support for international customers

Better bandwidth utilization through BITS

WSUS is flexible enough to meet the update management needs of a wide range of organizations Whether you're a small IT shop that relies on dial-up connectivity or a large business withthousands of users distributed across multiple sites, the solution can function in your environment Depending on the size of the organization, its location, and its connectivity infrastructure,administrators can determine the most efficient way to scale out their WSUS servers to provide system update services Let's look at some of the common scenarios for deploying WSUScomponents in small, medium, and more restricted networks

In a single WSUS server scenario, administrators can set up a server running WSUS inside their corporate firewall, which synchronizes content directly with Microsoft Update, and distributesupdates to client computers In this case, a single WSUS server supporting many clients provides the interface to updates via Microsoft Update

A number of configurations are possible for WSUS that incorporate many servers to help scale the solution in larger organizations or those with more sophisticated network environments.WSUS servers can be partitioned logically to support different groups of client computers and servers In this case, the individual WSUS server communications to Microsoft Update are insupport of a group of clients Each WSUS server operates independently and is aware of only its own clients An example of this configuration is shown in Figure 2-9

Figure 2-9

Administrators can deploy multiple servers running WSUS that synchronize all content within their organization's intranet In this scenario, only one WSUS server is exposed to the Internet.This is the only server that downloads updates from Microsoft Update This server is set up as the upstream server, and serves as the source to which the downstream server synchronizes Whenapplicable, servers can be located throughout a geographically dispersed network to provide the best connectivity to all client computers Communications across the network are limited tothe main upstream server and its downstream WSUS servers If corporate policy or other conditions limit computer access to the Internet, administrators can set up an internal server runningWSUS In this case, a server is created that is connected to the Internet but is isolated from the main corporate network After downloading, testing, and approving the updates on this server,the WSUS administrator can then export the update metadata and content to a CD, and then import the update metadata and content to servers running WSUS within the intranet via thatsame CD

As you can tell, WSUS provides an important set of features to enable you to update the software on your clients and servers in your IT environment But more important than managingsoftware updates and system patching is having a complete story for management, monitoring, and remediation of issues whether they exist on your clients or servers That is where MOM,SMS, and WSUS working together deliver value to the IT administrator

Next Page

MOM, SMS, and WSUS: Better Together

MOM 2005, SMS 2003, and WSUS provide a comprehensive set of server monitoring, software deployment and management, and system update solutions that help IT administratorsmanage the availability, performance, and security of Windows-based networks and applications MOM provides central monitoring and automatic problem resolution for computer networkswhose volume scales-up to thousands of computers on the network MOM can also continuously monitor user actions, application software, servers, and desktop computers running Windows

2000 Server or later

Together with SMS, these tools can monitor, manage, and secure a wide range of resources, including computers, applications, and server farms MOM provides proactive real-time systemmonitoring for Windows-based servers and computers throughout the extended enterprise, and SMS can deliver the software update and systems inventory capabilities to provide a full set ofknowledge about the status of your information systems The solution also delivers comprehensive event monitoring, alert management, reporting, and trend analysis for system incidents andsoftware usage patterns While MOM can consolidate events and automatically determine which events are of critical importance to an administrator, SMS can help to determine what clientshave software installed on them, which are active, and what the usage patterns are

Next Page

By deploying solutions to manage your IT environment based on MOM and SMS, and incorporating WSUS and Microsoft Update where appropriate, you can have a better managed ITinfrastructure that can be proactively managed for systems performance and response, security, and incident management in hardware and software In this chapter, we covered the followingtopics:

MOM: A solution for operations management

SMS: A software deployment and management solution

WSUS: Update services for decentralized environments

MOM, SMS, and WSUS

In order to understand this better, we'll go into depth on these products and features in the book and show how these tools can be used to manage and monitor your environment In Chapter

3, we dive into a review of the installation procedures for MOM 2005

Next Page

Chapter 3: Installing Microsoft Operations Manager 2005

Overview

One of the biggest mistakes made in the IT industry is not reading the manual Everyone hates to read installation instructions and documentation Failure to understand a product properlybefore installation often leads to ripping it out and starting all over again Having to start over often leads to standing up in meetings and explaining why the project is behind schedule andover budget, too The analogy of carpenters measuring twice and cutting once applies here Cutting without properly measuring results in improper fits and waste In this chapter, we cover thefollowing aspects of installing MOM 2005:

Planning concerns and requirements

Hardware and software prerequisites for each installed component

Security concerns and issues

Installation steps and things to note during the installation and configuration

The goal of this chapter is to help you understand the requirements for installing MOM and how to install it right the first time For those that choose not to read this chapter, it should provehelpful with the second installation

Next Page

Planning is important to the proper installation of your MOM environment Planning for the installation of MOM includes knowing or finding out:

Infrastructure prerequisites

Users of MOM and their needs

Operating systems need to be monitored

Applications need to be monitored

Service Level Agreements (SLAs)

Network structure

Redundancy requirements

Disaster recovery needs

The MOM 2005 Deployment Planning Guide is a great resource provided by Microsoft at http://www.microsoft.com/mom/techinfo/planning/default.mspx along with many other planningdocuments for MOM 2005

In simple terms, planning is centered on determining the capacity and redundancy requirements of the organization

Infrastructure Prerequisites

As with many applications, there are certain prerequisites for installation of MOM 2005 Not only are there certain server requirements, but there are network infrastructure requirements aswell MOM 2005 does have a process in which it checks for all prerequisites, but it is better to meet them all before running the installation and having to abort the installation to fix theseproblems

Security

Installation requires creating two different service accounts for MOM 2005

Management Serv er Action Account: This service account has several special requirements based on the tasks that it performs For example, this service account is used to:

Install agents on monitored computersRun tasks on agentless monitored computersRetrieve and gather data from agentless monitored computersAccess event logs on monitored computers

Retrieve and gather data from the Management Server

Data Access Serv er (DAS) Account: This service account is used to access the MOM 2005 Database In order to provide proper database access, it needs:

SQL server db_owner role for the MOM 2005 DatabasePermit server access login authority for the SQL serverWith these requirements in mind, many organizations will create a domain admin equivalent service account for the Management Server Action Account and will create a specific domainaccount with the proper SQL permissions for the DAS account

Another account of note is the Agent Action Account which is used to collect data from agent-managed computers and to run actions on agent-managed computers This account, however, isnot needed during installation of the MOM 2005 Database or the MOM 2005 Management Server

Windows Server

MOM 2005 should be installed on Windows Server 2003 whenever possible However, MOM 2005 does provide support for previous versions of Windows as follows:

installed on each managed computer MOM 2005 reports can also be viewed from Windows NT 4.0 computers using browsers that support HTML 3.2 and HTML 4.0

Windows 2000 Serv er, Adv anced Serv er, and Datacenter Serv er with Serv ice Pack 4 or abov e:

Can be used for the Management Server, MOM database, MOM Administrator Console and Operator Console, and MOM Reporting Server roles Windows 2000 Service Pack 4clients can be managed as either agent-managed or agentless computers Windows 2000 Service Pack 4 clients can also be used to view MOM reports

computers can be managed as using agents or as agentless clients All Windows Server 2003 computers can be used to view reports

Windows Serv er 2003 64-bit editions: Cannot be used for any of the MOM 2005 roles except to host the MOM database The 64-bit edition of SQL Server is required and theMOMCreateDB.exe tool from the Support Tools folder is required to install the database The Support Tools folder contains the MOMCreateDB.exe for both the 32-bit and 64-bit database versions The Windows Server 2003 64-bit Editions can be managed using 64-bit versions of the MOM agent or they can be managed as agentless computers.Windows Server 2003 64-bit Edition servers can also be used to view MOM reports

While it is possible to install MOM 2005 components on a domain controller, it is not recommended because of the following restrictions:

Product Connectors have not been fully tested on domain controllers and might not function properly

There can be only one Management Server in a Management Group if the Management Server is installed on a domain controller

Both the MOM database and the MOM reporting database have to be on the same server

In general, it is a bad idea to install any application on a domain controller The limitations caused by having MOM 2005 installed on a domain controller really underscore the potentialproblems beyond the security concerns Many security experts will strongly discourage installing applications on a domain controller because additional applications increase the attackprofile of the server and it is hard enough to properly secure a domain controller

SQL Server

MOM 2005 needs a place to store all of the data that it receives from the agent-managed and agentless computers on the network The data can be stored using either SQL Server 2000 withService Pack 3a and higher or Microsoft Data Engine (MSDE) Using MSDE is not recommended because it has a limit of only 2GB of data, it includes a query governor that can hinderperformance, and it also is unable to support the System Center Data Warehouse As of this writing, MOM 2005 is not officially supported on SQL Server 2005

One of the most important requirements for a successful implementation of MOM 2005 is the ability to store the data required by the organization In some cases, a smaller amount of data isneeded than in other situations With MSDE's limitations, it is vital to have SQL 2000 SP3a or higher to store all of the data that will be collected by MOM 2005 and to provide the platformfor MOM 2005 reporting

The MOM 2005 Database is extremely active as it is constantly adding new performance and event information and is using queries to check for potential triggers SQL Server 2000 bestpractices dictate putting multiple spindles in the server for performance and database protection According to best practices, the database and the transaction logs should be on separatedrives Because transaction logs are a potential bottleneck for SQL performance, it is important that transaction logs be placed on fast drives With the transaction logs separated, it is possible

to restore a SQL database to its most current state The topic of SQL Server 2000 performance tuning is best left to a complete chapter or two in a SQL Server 2000 book, so it will not becovered in depth here Administrators should follow SQL best practices and involve a SQL database administrator to provide recommendations

A potential configuration, used to improve throughput to the database, is to have a separate and dedicated network connection directly attached from the MOM 2005 server to the SQLServer 2000 server

Figure 3-1 shows a separate network connection between the MOM 2005 server and the SQL 2000 server Using this configuration, which will take some manipulation on the side of the MOM

2005 server so that is uses just the dedicated network, will increase the bandwidth that is available between the MOM 2005 and SQL 2000 servers This kind of configuration can improve

poor network connectivity between the MOM 2005 server and the MOM database hosted on the SQL 2000 server.

Figure 3-1

Microsoft recommends a dedicated SQL server for the MOM 2005 Database installation Depending on the size of the organization and the number of managed computers, a dedicated SQLserver will be required to meet performance needs Many organizations, however, have invested a great deal into clustered SQL servers with multiple processors and large amounts ofmemory that are attached to very fast storage area networks In many cases, a dedicated SQL server is not necessary to meet performance requirements

There are a few other requirements for the SQL Server 2000 server that is hosting the MOM 2005 database The following are needed:

The SQLSERVERAGENT must be set to Automatic

SQL Reporting Service is needed for Reporting Reporting is not a requirement for a MOM 2005 installation; however, if Reporting is required by the business, then SQLReporting Services is required

IIS must be installed for SQL Reporting Service if MOM 2005 Reporting is going to be on the same server

ASP.NET and COM+ are required to support the reporting content

MOM Users

Users often affect how an application is installed MOM has several types of users and the location of these individuals can affect the design and deployment of MOM 2005 The morecommon MOM 2005 users include:

Network Operations Center (NOC) users that use MOM 2005 to monitor the environment and will receive alerts

Application administrators such as Exchange and SQL administrators who need to be notified when drives are filling up or when applications are consuming too many resources.SLA administrators who will need to generate reports to verify that all SLAs are being met and who will work with MOM 2005 administrators to modify current management packsand tune settings to avoid false positive results in monitoring

Managers who need to generate reports for budgeting reasons and to identify current resources in use on a daily basis and for peak times

MOM administrators who may use the MOM Web Console may affect the need for an additional MOM server in the environment

Other monitoring administrators who use third-party tools may require the implementation of the MOM Management Connector Framework

There are many others users of MOM services; however, these are some of the key ones that can affect the location of different components of the MOM infrastructure In particular, if all users

of reporting functionality reside in one physical location, it might make sense to deploy the MOM 2005 reporting components in that physical location Depending on the number andcomplexity of reports, it may take a server with significant resources

Business units and the users within the different units can affect the design of the MOM 2005 environment In organizations with decentralized information technology teams and

decentralized authority, it is possible to have completely independent MOM 2005 implementations

Monitored Operating Systems

The way that MOM is deployed is affected by the operating systems that will be monitored and managed There is no agent for Windows NT 4.0 servers, as previously noted, so agentlessmonitoring is required for these older legacy systems If MOM 2005 is going to be used to monitor and manage individual workstations, it will require more storage and possibly additionalMOM servers Agentless monitoring requires more resources on the MOM 2005 Management Server because it has to do more work than it would for an agent-managed computer.There are significant limitations when it comes to agentless managed computers Per the MOM 2005 Deployment Planning Guide, you can have only:

Ten agentless managed computers per MOM Management Server

Sixty agentless managed computers per Management Group

Limiting the scope of management to only critical systems that are running Windows 2000 Server or Windows Server 2003 will allow for a smaller MOM 2005 deployment and will limitperformance concerns for most organizations The larger and more complex the environment, the more it will cost to implement and to maintain over time

Service Level Agreements

Some organizations depend heavily on timely reporting of service levels for a variety of different applications and resources in the organization In many cases, internal and externalpayments of penalties and bonuses are dependent on meeting these service levels The Service Level Agreements (SLAs) may require that you maintain information for long periods, whichwill require your maintaining database information over a greater length of time and maintaining a wider breadth of information than other computers The amount of data, the type of data,and the reporting requirements can all affect the number of servers and the performance and capacity of the MOM 2005 and SQL servers used in the environment

If there are large pipes between physical locations, it might make sense to have a single Management Server or at least a smaller number of Management Servers If the bandwidth islimited, however, it would probably make more sense to have multiple Management Servers with one located in each network within the organization Remote Management Servers can be

Many organizations have firewalls between their different locations Firewalls will most likely not limit the ability to install a Management Server or other MOM 2005 components becauseMOM 2005 communication ports can be opened The main issue with firewalls is for Remote Procedure Calls (RPCs) used by a Management Server to communicate with agentlesscomputers RPCs will generally not work through firewalls and this means that any agentless managed computers will require that their Management Server be located on the same network.

In almost all situations, the largest concern is placement and number of back-end SQL servers to support the planned deployment of Management Servers Connectivity between theManagement Servers and the SQL servers is very important

Redundancy Requirements

MOM 2005 can be implemented with redundancy in mind In particular, the SQL Server instance can be clustered to provide high availability for the MOM 2005 Database role TheManagement Server role can be made redundant by installing two ore more Management Servers in the same Management Group and deploying agents so they can report to allManagement Servers in the group Redundancy can also be built into the MOM 2005 environment in that agents on managed computers can be configured to use a secondary ManagementServer in the event of a failure of a single Management Server While this environment is more complex, it is important for many organizations that monitoring be available despite thefailure of a MOM 2005 component

Between SQL clustering, having multiple Management Servers in the same Management Group, and configuring agent-managed computers to failover to a secondary Management Server

in the event the primary Management Server fails, MOM 2005 can be configured with redundancy in mind even though it does not support server clustering using Microsoft clusteringtechnologies

MOM Installation Steps

Now that we've reviewed the basics of planning, it is time to actually install MOM 2005 In this example, KOSH is the name of the SQL Server 2000 server and Bester is the name of theWindows Server 2003 server where MOM 2005 is going to be installed The example installation in this chapter covers deploying MOM 2005 across multiple servers It is possible to install all

of the components of MOM 2005 on a single server According to the MOM 2005 Deployment Guide, a single server implementation is intended for less than 200 managed computers.Microsoft recommends that deployment across multiple servers follow a phased approach as follows:

1 Install the MOM 2005 Database

2 Install the first MOM 2005 Management Server

3 Install any additional MOM 2005 Management Servers

4 Discover all computers and deploy agents for the first Management Server

5 Discover all computers and deploy agents for any additional Management Servers

6 Install System Center Reporting (this is entirely optional, and is not covered in this chapter)

7 Import management packs one at a time (work on settings for each management pack until it is configured properly before installing another management pack)

Inserting the CD will automatically bring up the Setup screen for MOM 2005 One of the extremely helpful utilities that come in the setup is a tool to check and verify that all prerequisiteshave been met before attempting an installation, as shown in Figure 3-2

Figure 3-2

Selecting the Check Prerequisites link brings up a window to select the components that should be checked It makes sense to verify that the MOM 2005 Database prerequisites are met firstsince the Management Server must be able to communicate with the Database for MOM 2005 to be functional Insert the MOM 2005 CD in the SQL server or run the setup utility from theSQL server remotely to verify that it is properly configured Select the Microsoft Operations Manager 2005 components radio button and then select the MOM 2005 Database check box andclick the Check button, as in Figure 3-3 If the SQL server is properly installed and available, there will not be any failures or warnings in the results page and all requirements will be properlychecked with green checkmarks If MOM 2005 Reporting is also going to be installed in the MOM 2005 environment, the proper prerequisites can also be checked by selecting the MOM 2005Reporting radio button, checking the Remote SQL Server Reporting Services Server check box, entering the Server Name, and clicking Check

Figure 3-3

Important There is a known issue with the Check Prerequisites tool If the SQL Server 2000 server is currently running Service Pack 4, the tool reports a failure A current

workaround is to modify the registry on the SQL server to make the tool believe that Service Pack 3a is installed Service Pack 4 is supposed to be supported with MOM

2005 SP1; however, many organizations have already upgraded their SQL environments to Service Pack 4 The workaround is to modify the CSDVersion registry entry

back after MOM 2005 is properly installed.

The setup utility should also be run on the potential Management Server In this case, the Microsoft Operations Manager 2005 components radio button should be enabled and the MOM

2005 Management Server check box should be checked along with any of the additional subcomponents that will be installed such as the MOM 2005 Web Console

The Check Prerequisites option should be run on all servers that will be a part of the MOM 2005 environment It is important, however, that the prerequisites be checked only for the optionsthat will be installed on the server where it is run For example, checking for the MOM 2005 Database prerequisites on a Management Server will cause a failure because the tool will bechecking for the installation of SQL Server 2000

Installation of the MOM 2005 Database

Once you've checked the potential MOM 2005 Management Server and Database components, you can perform the installation MOM 2005 Database best practices include:

Use the MOM 2005 Performance and Sizing guide to help determine the database size

Use a dedicated SQL server for the MOM 2005 Database

Put the database and log files on separate physical drives

Place the paging file on a separate physical drive away from the operating system, the database, and the log files

Follow these steps to perform the installation:

1 In the initial setup window, click the Install Microsoft Operations Manager 2005 link

2 Click Next on the Welcome to the Microsoft Operations Manager 2005 Setup Wizard

3 Accept the license agreement and click Next

4 Enter the User Name, Organization Name, and the CD Key, and click Next

5 Select the Custom radio button and click Next

Note The Typical installation option installs the Database, Management Server, and both consoles The Custom installation option is needed if the MOM ConnectorFramework or the MOM Product Connector is needed and also if the Database and Management Server roles are to be separated and installed on different servers

6 Unselect the MOM 2005 Management Server and the MOM 2005 User Interfaces components (see Figure 3-4 for the resulting view) and click Next

Figure 3-4

7 Click Next on the Prerequisite Check Passed window

8 Select the SQL Server database instance using the drop-down box and click Next

9 Select the Advanced button on the Database and Log File Options window, as in Figure 3-5

Figure 3-5

10 In the Database Files Location window, use the two Change buttons to move the database and log files to the best locations for performance and redundancy and then clickOK

Note Microsoft does not recommend configuring the database (once it is installed) to Automatically grow file because the maximum OnePoint database size supported

is 30GB The optimum size for performance is 15GB

11 Select the Database size per planning or select the default and grow the database as needed in the future and click Next

12 Assign the Management Group Name (this name cannot be changed without performing a complete reinstallation of MOM 2005) and click Next

Note We suggest that you establish a naming convention prior to installation For example, the names may be based on geographic areas or business divisions

13 Enter the Data Access Server Account information, which includes the User Account, Password, and Domain or local computer information, and click Next

14 Check the Enable error reporting check box or leave it unchecked and click Next

Note If enabling error reporting, it can be sent automatically or it can be queued up for approval before sending the information In both cases the error reports areencrypted and do not contain any potentially sensitive organization information

this window means that multiple security credentials will be required to deploy, update, and manage deployed agents and MOM 2005 Management Servers;however, it does allow flexibility in highly secure environments where multiple non-trusting domains are in use and where standalone servers are deployed.

16 Click Install to install the MOM 2005 Database to the SQL Server 2000 server

17 Click Finish to complete the installation of the MOM 2005 Database

18 Using Enterprise Manager on the SQL Server 2000 server, set the database authentication to Windows only if possible

19 Using Enterprise Manager, set the SQL Server service account to run as Local System and verify that SQL Server is configured to use TCP/IP for client connections.Note Involve the Database Administration team, if possible, in the configuration and tuning of the database It may not be possible to set the authentication to Windowsonly because in many environments the SQL server will support other databases, which may have other requirements including the need for SQL Serverauthentication It is also possible that SQL cannot be run under Local System if other databases have different needs

Installation of the MOM 2005 Management Server

Follow these steps to install the MOM 2005 Management Server:

1 Log on to the server using an account with administrative credentials that also has the db_owner permission to the OnePoint database created earlier and "DBO" access toboth the master and the msdb databases on the SQL server

2 After starting the setup program, check the prerequisites on the server that will host the MOM 2005 Management Server role After all the requirements have been checked, it

is time to start the installation

3 In the initial setup window, click the Install Microsoft Operations Manager 2005 link

4 Click Next on the Welcome to the Microsoft Operations Manager 2005 Setup Wizard

5 Accept the license agreement and click Next

6 Enter the User Name, Organization Name, the CD Key, and click Next

7 Select the Custom radio button and click Next

Note The Typical installation option installs the Database, Management Server, and both consoles The Custom installation option is needed if the MOM ConnectorFramework or the MOM Product Connector is needed and also if the Database and Management Server roles are to be separated and installed on different servers

In this case, the Database has already been installed, and this process will install the Management Server component on a different server Microsoft recommendsinstalling the Web Console on a separate server; however, it can be installed on the Management Server at this time

8 Unselect the MOM 2005 Database and verify that the MOM 2005 Management Server option is selected, as in Figure 3-6, and click Next

Figure 3-6

9 Click Next on the Prerequisite Check Passed window

10 Select the MOM Database Server Instance and the port number and click Next

Note Alternative port numbers are often used as security measures Many virus attacks are focused on known ports, such as the default SQL port of 1433 The portnumber can be changed on the SQL server using Enterprise Manager

11 Enter the Management Server Action Account information and click Next

Note If the account is a domain administrator equivalent account, a warning will be provided

12 Enter the Data Access Server Account information and click Next

13 Click Install to copy all of the files and to allow the MOM 2005 installation process to configure the server

14 Click Finish to complete the installation of the MOM 2005 Management Server

Installation of additional Management Servers can be done using these same steps All MOM 2005 Management Servers that are in the same Management Group can be administered usingthe MOM Administrator Console on any of the Management Servers in the Management Group

Note Knowledge Base article 889187 reports a problem where MOM 2005 does not function properly if the domain NetBIOS name contains a period in it, as in HQ.CORP Thisknowledge base article states that a hot fix is available

Installation of the MOM 2005 Administrator and Operator Consoles

The MOM 2005 Administrator and Operator Consoles were installed on the Management Server in the previous section The problem with installing the consoles on the Management Server

is that administrators have to use the Management Server for day-to-day administration It is not a good idea to use tools directly on a server Most systems administrators are not going towant to let MOM administrators have the ability to use Terminal Services to directly connect to the MOM 2005 Management Server for administration, so it is important to have the ability toinstall the consoles on MOM 2005 administrators' desktops Installation of the consoles requires NET Framework v1.1 To install the MOM 2005 Administrator and Operator Consoles:

1 Log onto the server using an account with local administrative credentials

2 After starting the setup program, check the prerequisites on the server that will host the MOM 2005 Management Server role After all the requirements have been checked, it

is time to start the installation

3 In the initial setup window, click the Install Microsoft Operations Manager 2005 link

4 Click Next on the Welcome to the Microsoft Operations Manager 2005 Setup Wizard

5 Accept the license agreement and click Next

6 Enter the User Name, Organization Name, and the CD Key, and click Next

7 Select the Custom radio button and click Next

8 Clear the MOM 2005 Database and the MOM 2005 Management Server options and verify that the MOM 2005 User Interfaces option is enabled, as in Figure 3-7, and click

Figure 3-7

9 After the prerequisites have been verified, click Next

10 Enter the name of the Management Server (or the one that you want to initially connect to if there are multiple Management Servers) and click Next

11 Click Install to copy all of the files and to allow the MOM 2005 installation process to configure the consoles on the computer

12 Click Finish to complete the installation of the MOM 2005 Management Server

Discovering Computers and Deploying Agents

Up to this point, the MOM 2005 Database has been installed along with the MOM 2005 Management Server and the consoles With the basic infrastructure installed, the next step is to installagents on all computers that should be managed Keep in mind that in most organizations, not every single computer is monitored and managed by MOM 2005 because of resourceconstraints The resource constraints can be the MOM 2005 environment capacity, network limitations, and administrator limitations

MOM 2005 has a wonderful built-in capability to search the network and find all computers that are available Administrators can then identify those that should be monitored and managed

by MOM 2005, and then administrators can have MOM 2005 deploy the agents

One of the features that has been discussed already is the ability to have agent-managed computers configured so that they report to specific Management Servers and have the ability tofailover to a secondary Management Server in the event their primary Management Server is unavailable, as displayed in Figure 3-8 For example, if an organization has two ManagementServers, half of the managed computers can be configured to use one Management Server as their primary server and the other half can be configured to use the other Management Server

as their primary server Each managed computer can then use the other Management Server as a secondary server See the section "Configuring Multihomed Agents" later in this chapter formore information

Figure 3-8

Note Prior to deploying agents to computers, we recommend that all event logs are configured to overwrite events as needed and that the logs be increased to 25MB If event loggingstops, MOM 2005 cannot pick up the latest events If security logs fill up, the managed server can lock up and fail

Discov ering Computers

Once the Management Servers are installed, the next step is to configure discovery rules so MOM 2005 can find the computers to be managed Computer Discovery rules can be as simple asspecifying a computer name or creating search criteria Using custom search information allows for greater flexibility and for separation of computers among multiple Management Servers

It is very important that similar rules are not created on multiple Management Servers in the same Management Group If a computer can be discovered by multiple Management Servers, itwill automatically change primary servers each time a Management Server does its scheduled discovery For example, if two Management Servers both had discovery rules configured to finddomain controllers, the first Management Server to run its automatic discovery would deploy its agent, and then the second Management Server would deploy its agent as well when it runsits scheduled discovery

To create a Computer Discovery Rule, use the following steps:

1 On a computer with the MOM 2005 Administrator Console, open the Administrator Console, expand the Administration folder, and expand the Computers folder, as shown inFigure 3-9

3 Use the drop-down box to select the Management Server where this rule will be used.

4 Use the drop-down box to select the Rule type of Include or Exclude

5 Manually type in the Domain name information either using the NetBIOS domain name or using the fully qualified domain name

6 In the Computer name, select the matching option and the characters of the match

Note Using the Computer name part of the rule allows organizations with naming standards to implement those standards as part of the search criteria For example, ifall web servers are named with the same prefix, that prefix string can be used to discover those particular computers only MOM 2005 supports only the use ofEnglish characters for computer names

7 Use the drop-down box to select the Computer type from Servers, Clients, or Servers and Clients

Note Specifying Servers or Clients causes discovery to take longer as the Management Server has to contact each individual computer and check its operating systemand its role

8 Use the drop-down box to set the Initial Management Mode from the options of Agent-managed, Agentless managed, and Unmanaged

9 Use the Apply query criteria to domain controllers option

Figure 3-11 is an example of the discovery of all servers in the domain and configuring them to use the Management Server named Bester Using wildcards generates a warning that the rulemay discover all computers or a very large number of computers In smaller organizations, it would not be a problem Larger organizations may put an extremely heavy load on theManagement Server, especially if it is set to automatically deploy agents for all discovered computers set to become Agent-managed

1 Open the MOM 2005 Administrator Console, expand the Administration folder, and expand the Computers folder.

2 Right-click Management Servers and select Run Computer Discovery Now

A manual discovery should be run during off hours to identify all new computers for management

Deploying Agents

After discovery of all computers to be managed, it is time to deploy agents to those computers unless they are set to be automatically installed By default, all discovered computers are putinto the Pending Actions folder, as in Figure 3-12

Figure 3-12

Manually Deploy Agents on Newly Discov ered Computers

To manually deploy the agents, use the following steps:

1 Open the MOM 2005 Administrator Console, expand the Administration folder, expand the Computers folder, and select the Pending Actions folder

2 In the Pending Actions folder, select the individual computer or multiple computers

3 Right-click the computer(s), select All Tasks, and then select Install Agent Now

Note For a large number of computers, this can take a considerable amount of bandwidth and can also affect the performance of these computers during theinstallation Manual installation should be done during off-peak hours whenever possible

4 Click Next in the Welcome to the Install Agent Wizard window

5 Verify the Management Server Action Account radio button is selected in the Agent Installation Permissions window and click Next

Note An alternate account can be provided by using the Other radio button and entering the account information in this window

6 Verify the Local System radio button is selected in the Agent Action Account window and click Next

Note Again, an alternate account can be provided by using the Other radio button and entering the account information in this window

7 Verify the correct path is used for the Agent Installation Directory and click Next

8 Click Finish to complete the agent installation

If the Show task progress check box is enabled, installation progress can be monitored and completion verified

The need to manually fire off the deployment of agents to managed computers can be avoided by setting either the Management Server or all Management Servers to automatically deployagents Setting MOM 2005 for automatic agent installation does not cause the Install Agent Wizard to be used For automatic installation, the Management Server Action Account is alwaysused to install the agent, and the Local System account is always used for the Agent Action Account

Manually Deploy Agents on Unmanaged Computers

Previously discovered computers that were not installed with agents can be installed at a later date The management mode selected at discovery can be changed using this process Thisprocess can also be used for computers that failed during the initial agent installation process Computers that were previously discovered but not installed with agents are contained in theUnmanaged Computers folder To install MOM 2005 agents on unmanaged computers, use the following steps:

1 Open the MOM 2005 Administrator Console, expand the Administration folder, expand the Computers folder, and select the Unmanaged Computers folder

2 Select one or multiple computers from the right-hand pane and right-click to bring up the context menu

3 Select Install Agent from the context menu

4 Click Next in the Welcome to the Install Agent Wizard window

5 Verify the Management Server Action Account radio button is selected in the Agent Installation Permissions window and click Next

Note An alternate account can be provided by using the Other radio button and entering the account information in this window

6 Verify the Local System radio button is selected in the Agent Action Account window and click Next

Note Again, an alternate account can be provided by using the Other radio button and entering the account information in this window

7 Verify the correct path is used for the Agent Installation Directory and click Next

8 Click Finish to complete the agent installation

Administrators do not have to run a discovery for MOM 2005 to install agents in this case If the Show task progress check box is enabled, installation progress can be monitored andcompletion verified

Manually Installing Agents on Remote Computers

In some cases, MOM 2005 cannot be used to deploy agents or administrators have chosen to not let MOM 2005 deploy the agents because of bandwidth issues or because the computer isbehind a firewall and is highly secured In these cases, it is still possible to install agents on the computer In order to perform a manual agent install using the MOM 2005 media, thecomputer should not be in the Unmanaged Computers folder If the computer is in the Unmanaged Computers folder, it can be deleted by right-clicking it and selecting Delete from thecontext menu After the computer is deleted from the Unmanaged Computers folder, right-click the Management Packs folder and select Commit Configuration Change To install the MOM

2005 agents from media, load or connect the media to the computer and follow these steps:

1 Run setup.exe and select the Manual Agent Install tab, as shown in Figure 3-13

2 Click the Install Microsoft Operations Manager 2005 Agent link.

3 Click Next in the Welcome to the Microsoft Operations Manager 2004 setup wizard

4 Click Next to verify the installation folder in the Destination Folder window

5 Enter the Management Group Name, Management Server, and Management Server Port information; select the radio button for Agent Control Level; and click Next.Note The default value for the Agent Control Level is set to None, which indicates that the MOM Management Servers do not have access to configure, uninstall, orupdate the agent Typically, if an administrator is performing this type of installation it is because the Management Server is not able to install the agent so it willalso be unable to configure it, uninstall it, or upgrade it

6 Select the MOM 2005 Agent Action Account for this computer or use the default Local System option and click Next

7 Select the Active Directory Configuration option radio button and click Next

8 Verify the default value of Yes, I have Active Director and my Management Server is in a trusted domain (Recommended), and click Next

Note The default value should be selected if the computer is a member of the domain or a trusted domain of the Management Server

9 Verify the options selected and click Install in the Ready to Install window

10 Click Finish to complete the installation

MOM 2005, by default, rejects manually installed agents, as described in the preceding process, as a security measure If manually installed agents are allowed to be installed and used, it ispossible to put a computer into the MOM 2005 environment and send bad data to the Management Servers in the environment A manually installed agent can be approved using thesesteps:

1 Open the MOM 2005 Administrator Console, expand the Administration folder, expand the Computers folder, and click on the Pending Actions folder

2 Right-click the computer name that you want to approve and select the Approve Manual Agent Installation Now and click Yes

Configuring Automatic Agent Installation Options

MOM 2005, by default, is configured to not install, uninstall, or upgrade agents on discovered computers In the default mode, all discovered computers are put into the Pending Actionsfolder and must be manually approved For large organizations, it can become a very tedious and time-consuming task to keep manually approving the deployment of agents To change thedefault behavior on all Management Servers, follow these steps:

1 On a computer with the MOM 2005 Administrator Console, open the Administrator Console, expand the Administration folder, and then click Global Settings

2 In the right-hand pane, double-click Management Servers

3 Click the Automatic Management tab

4 Select the radio button for Automatically install, uninstall, and upgrade agents and automatically start and stop agentless management Click OK or Apply to set thechanges

Leaving the default setting is appropriate if the organization wants to better control the deployment of agents In some situations, however, configuring a single server to override the defaultbehavior is the best thing to do For example, if a Management Server is used to monitor and manage a web server farm, an organization might decide that it is best to deploy the agentsright away for those web servers as it discovers them To override the default behavior for a single server without affecting the default behavior of others, follow these steps:

1 On a computer with the MOM 2005 Administrator Console, open the Administrator Console, expand the Administration folder, expand the Computers folder, and then click

on Management Servers

2 In the right-hand pane, double-click the Management Server to override

3 Click the Automatic Management tab

4 Clear the Use global settings check box

5 Select the radio button for Automatically install, uninstall, and upgrade agents and automatically start and stop agentless management Click OK or Apply to set thechanges

Determining which automatic agent deployment setting to use should be part of the planning process for the MOM 2005 deployment for an organization

Use the Install/Uninstall Agent Wizard

As with almost all Microsoft operating systems and applications, there are multiple ways to achieve the same result Another quick and easy method of installing agents on computers on thenetwork is to use the Install/Uninstall Agents Wizard In order to access this wizard and install agents, follow these steps:

1 On a computer with the MOM 2005 Administrator Console, open the Administrator Console, expand the Administration folder, and expand the Computers folder

2 Click the Action menu item on the top menu and select Install/Uninstall Agents Wizard

3 In the Install/Uninstall Agents Wizard welcome screen, click Next

4 In the Install or Uninstall Agents window, select the Install Agents radio button and click Next

5 In the Method for Discovering Computers and Installing Agents window, select the Browse for or type in specific computer names radio button

Important The other option is to select the Search criteria radio button Many cases call for using the Search criteria option because it is more flexible and

powerful for identifying the appropriate computers for the agent installation process when there are a large number of computers In order to use theSearch criteria option, you must create new Computer Discovery Rules All rules using this wizard are Include rules, and all rules will install themanagement mode as Agent-managed

6 In the Computer Names window, click the Browse button and type in the computer name, which can be either its NetBIOS name or its DNS name, and click OK

Note Multiple Computer Names can be entered either by entering them all in the screen at the same time or by using the Browse button multiple times

7 Verify the Computer Names list is accurate and click Next

8 In the Agent Installation Permissions window, select the Management Server Action Account radio button, and click Next

9 In the Agent Action Account window, select the Local System radio button and click Next

10 In the Agent Installation Directory window, verify the installation path and click Next

11 In the Completing the Install/Uninstall Agents Wizard window, review all of the choices and then click Finish

Important In order to push MOM 2005 agents and have them report properly to the Management Server, the following ports must be available If these ports are

not available, it is likely that an RPC error will be generated In order to properly push agents to MOM 2005 client computers, the following ports need

to be open between the MOM 2005 Management Server and the individual clients:

— RPC Endmapper Port: 135

— Server Messenger Block Port: 455

— MOM Port: 1270 (both UDP and TCP)These ports are important when considering firewall issues and, in particular, Windows Server 2003 Service Pack 1 and Windows XP ProfessionalService Pack 2, which both come with the Microsoft firewall turned on and automatically blocking these ports See Knowledge Base article 885726 formore information

Configuring Agentless Managed Computers

Because not all computers can be managed using agents, MOM 2005 supports agentless managed computers Computers discovered by the Management Server that cannot be installed

Figure 3-14

To configure an unmanaged computer to be an agentless managed computer, follow these steps:

1 Open the MOM 2005 Administrator Console, expand the Administration folder, expand the Computers folder, and click Unmanaged Computers

2 Right-click on the computer in the right-hand pane and select the Start Agentless Management option, as shown in Figure 3-15

Figure 3-15

3 Click on the Pending Actions folder

4 Right-click on the computer and select the Start Agentless Management Now option

Agentless management takes significantly more resources than using agents because the Management Server has to remotely connect to the computer and collect and retrieve informationthat would normally be handled by the locally installed agent on an agent-managed computer Agentless management should be used only when it isn't feasible to install an agent, such as

on an NT 4.0 computer

Configuring Agent Failover

Agent-managed computers can be configured to point to failover to a secondary Management Server in case its primary Management Server is not available In order to build thisconfiguration, an administrator needs to deploy agents to all of its primary managed computers from the primary Management Servers

Setup automatically installs and configures each Management Server in a Management Group as a redundant Management Server for the other Management Servers in the ManagementGroup If an agent is unable to connect to its primary Management Server, it will automatically failover to another Management Server within the same Management Group It is possible,however, to control which Management Server will be used for the failover server If only two Management Servers are in the Management Group, configuring agent failover is not needed.Use the following steps to configure redundant Management Servers for failover:

1 Open the MOM 2005 Administrator Console, expand Administration, expand Computers, and then click Management Servers

2 Select the Management Server from the right-hand pane

3 Right-click the Management Server and select Properties from the context menu

4 Click the Failover tab

5 Enable or disable the check boxes to specify which Management Server(s) should be used for redundancy

Controlling the failover of agents allows for better control of resources in the event of a Management Server failure versus letting agents failover without control and possibly overloading aparticular Management Server

Configuring Multihomed Agents

While an agent-managed computer can automatically failover to any Management Server in the same Management Group, the same cannot be said for Management Servers in otherManagement Groups A multihomed agent configuration is not designed for failover

There are times when two or more Management Groups, up to a maximum of four Management Groups, need to manage and monitor the same computer For example, in someorganizations, one team handles the hardware and operating systems while another team handles the applications, such as Exchange Server 2003, and is responsible for the applicationitself In these situations, a computer can be configured to report to multiple Management Groups In order to configure multihomed agents, the agents must first be installed for use by thefirst Management Group using any of the methods shown earlier in this chapter

Once the MOM 2005 agents have been deployed to managed computers for the first Management Server, use any of the processes to install the agents, again, from other ManagementServers in any other Management Groups that will be used to manage and monitor the computers If a manual installation process is used, the installation steps include a few differentoptions because the agents are already installed The installation software detects that the agents have already been installed on the target computers so the Modify option is required tocomplete the additional installation

When MOM 2005 agents are installed on agent-managed computers, the Management Server installs all of the software on the agent-managed computer and configures the settings with theManagement Server's name for the first Management Server When Management Servers from other Management Groups install agents, they do not add additional software to the agent-managed computer; they just update the information regarding the Management Servers where the agent reports its information

Installing MOM 2005 Web Console

The MOM 2005 setup program provides the capability to install the Web Console on a separate computer It is possible to use the MOM 2005 setup program to manually install and uninstallagents from a managed computer Manually installed agents can be a security concern in that it isn't possible to tell whether they are valid computers Typically, mutual authentication isused

1 Log onto the server using an account with administrative credentials

2 After starting the setup program, check the prerequisites on the server that will host the MOM 2005 Web Console by clicking the Check Prerequisites link

3 After you have checked all the prerequisites, click the Install Microsoft Operations Manager 2005 link

4 Click Next on the Welcome to the Microsoft Operations Manager 2005 Setup Wizard

7 Select the Custom radio button and click Next.

Note The Typical installation option installs the Database, Management Server, and both consoles The Custom installation option is needed in this situation to installjust the Web Console

8 Clear the MOM 2005 Database, the MOM 2005 Management Server, and the MOM 2005 User Interfaces options Go back and enable the MOM 2005 Web Console optionand verify that the Custom Setup is configured as in Figure 3-16 and click Next

Figure 3-16

9 Click Next in the Prerequisite Check Passed window

10 Select the MOM Database Server Instance and the port number, and click Next

Note Alternative port numbers are often used as security measures Many virus attacks are focused on known ports, such as the default SQL port of 1433 The portnumber can be changed on the SQL server using Enterprise Manager

11 Enter the Management Server Action Account information and click Next

12 Enter the Data Access Server Account information, which includes the User Account, Password, and Domain or local computer information and click Next

13 Click Install to install the MOM 2005 Web Console

14 Click Finish to complete the installation of the MOM 2005 Web Console

Once the Web Console is installed, it can be accessed through the http://www.servername:1272 to confirm its connectivity and functionality The Web Console should have good connectivitywith the SQL server because it directly accesses the MOM 2005 Database The Web Console, does not connect to a Management Server; it connects to the MOM 2005 Database to providecontent

Installing MOM 2005 Reporting

The MOM 2005 Reporting component is an optional component for MOM 2005 Although it is not required, many organizations use its built-in reports and the capability to create customreports from the data stored in the MOM 2005 Reporting database

MOM 2005 Reporting requires:

SQL Server 2000, SP3a or higher

Database Authentication set to Windows only is preferred; however it will work with SQL Server and Windows authentication

SQL service account configured to use Local System for security context; however it will run under an account with the proper permissions

TCP/IP must be an enabled protocol

SQL Server 2000 Reporting Services, SP2 or higher

MSSQLSERVER and SQLSERVERAGENT set to start automatically when the computer starts

Schedule Task Account

Note The Schedule Task Account is used to provide the proper permissions to run the task that transfers data from the MOM 2005 Database to the MOM 2005 Reportingdatabase This account needs to be a domain account if the MOM 2005 Reporting database is on a different server than the MOM 2005 Database The setup routinewill configure the proper permissions for this account

Data Transfer Task Account

Note The Data Transfer Task Account is used to provide the security context for transferring the data from the MOM 2005 Database to the MOM 2005 Reporting database.This account needs to have the permissions required to access and copy the data from one SQL database to the other

Reporting User Account

Note The Reporting User Account is used to provide the security context for the MOM 2005 Reporting server to connect to the MOM 2005 Reporting database and accessthe information needed to generate reports This account must have database permissions to the Reporting database

Visual Studio NET 2003 to create new reports

Note Visual Studio NET 2003 is not required to view standard reports, but it is required in order to modify and customize existing reports, and it is also required to developnew reports

Once SQL 2000 and SQL 2000 Reporting Services have been installed and are properly service packed and patched according to the latest standards, SQL needs to be configured to meetthe requirements of MOM 2005 Reporting

MOM 2005 Reporting should be installed before importing and configuring management packs Management packs contain rules for collecting performance data and event monitoring data.The information collected by the management pack can be used in reports MOM 2005 management packs contain additional reports that can be used by the MOM 2005 Reportingenvironment If MOM 2005 Reporting is installed after management packs have been imported into the MOM 2005 Management Server, then the reports will have to be installed separately.Note The MOM 2005 Deployment Guide discusses how to manually install reports in Chapter 6

Installing MOM 2005 Reporting creates a scheduled task that transfers the data in the MOM 2005 Database to the MOM 2005 Reporting database This data is transferred before the MOM

2005 grooming process removes older data Because this database is meant to contain long-term data, it is not limited to 30GB as the MOM 2005 Database is

Selecting the Serv er for MOM 2005 Reporting

As with all servers, some of the choices are dependent on organizational requirements having to do with performance and security requirements Proper planning and testing should be done

to verify that performance and security requirements can be met with the proposed environment

MOM 2005 Reporting can be installed on the same SQL Server 2000 server as the MOM 2005 Database Performance may be a problem with both databases on the same SQL serverdepending on when reports are run, when backups are run, and whether the MOM 2005 Database is just too busy with its processes If performance of the SQL server is not an issue, it would

be a large cost savings to have both databases on the same server

MOM 2005 Reporting can also be installed on the same server as the Management Server If the environment is small enough or if the server is scaled to handle the load, MOM 2005

sure the same folder is not used for the installation as was used for the Management Server If the same folder is used, it will corrupt the installation of the Management Server and removethe proper permissions from the folder.

Follow the steps here to install MOM 2005 Reporting:

1 Log onto the computer where MOM 2005 Reporting will be installed and run the setup program from the MOM 2005 installation media

Note Make sure the account that is used for installation has administrative privileges for the local server as well as the server hosting the MOM 2005 Database

2 After starting the setup program, check the prerequisites on the server that will host the MOM 2005 Reporting component by clicking on the Check Prerequisites link andselecting the MOM 2005 Reporting radio button

Note Select the Remove SQL Server Reporting Services Server check box and enter the Server Name if SQL 2000 Reporting Services is installed on a remote

computer

3 After all the prerequisites have been checked, click the Install Microsoft Operations Manager 2005 Reporting link

4 Click Next on the Welcome to the Microsoft Operations Manager 2005 Reporting Setup Wizard

5 Accept the license agreement and click Next

6 Enter the User Name and Organization Name and click Next

7 Verify the Destination Folder is correct and click Next

8 Enter the name of the SQL Server Reporting Services Server Name if it is different than the name automatically entered and click Next

9 Click Next on the Prerequisite Check Passed window

10 Select the MOM Database Server Instance and the port number, and click Next

Note Alternative port numbers are often used as security measures Many virus attacks are focused on known ports, such as the default SQL port of 1433 The portnumber can be changed on the SQL server using Enterprise Manager

11 Enter the MOM 2005 Database Server information and click Next

12 Use the drop-down box in the SQL Server Database Instance window to select the proper SQL instance and click Next

13 In the Database and Log Files Information window, enter the database size for the Reporting database; then use the Advanced button and the two Change buttons in theAdvanced window to move the database and log files to the best locations for performance and redundancy Click OK, and then click Next

Note This database can be configured to Automatically grow file (once it is installed), unlike the MOM 2005 Database, because the maximum size of the Reportingdatabase is not constrained to 30GB in size

14 Enter the Data Transfer Task Account information and click Next

15 Enter the Reporting User Account information and click Next

16 Select the Yes, I want to send operational reports (Recommended) radio button and click Next

Note The option is to select the No, I do not want to send operation reports radio button The operational reports are XML files with non-proprietary information abouthow effective MOM 2005 is in the organization This information includes statistics such as the number of alerts and counters processed A sample can be found athttp://www.go.microsoft.com/fwlink?linkid-21241

17 Click Install to install MOM 2005 Reporting

18 Click Finish to complete the installation of MOM 2005 Reporting Once installed, the reporting console should appear as shown in Figure 3-17

Figure 3-17

Next Page

This chapter covered the installation of MOM 2005 and details on various MOM features and installation options For each component of MOM 2005, we discussed the following:

Planning concerns and requirements

Hardware and software prerequisites for each installed component

Security concerns and issues

Installation steps and things to note during the installation and configuration

This information provided should be all that is needed to build a basic MOM 2005 environment to prepare for the next chapters in this book The steps and procedures here will provide afoundation for the rest of the book as well as repeatable steps and processes that can be used to deploy a MOM 2005 implementation into a production environment In the next chapter,we'll look at the installation and configuration procedures for Systems Management Server 2003

Next Page