SCOM: Get started the right way (overrides, groups, roles and subscriptions)

  • Always create an “overrides management pack” when you import a sealed MP from a vendor. Decide on a naming convention and follow it. I like to name it mp.name(overrides) or mp.name overrides to match the default names in SCOM for monitoring and discovery. 

SCOM_BP_1

  • Create Universal AD Groups for security delegation. Universal groups can be mail enabled, meaning that you can use them for subscriptions also. In this way you can easily manage access to roles in SCOM and with the same mechanisms manage notifications. All by populating users in AD Groups.

SCOM_BP_2

Got this tip from “Alex De Jong”, attending one of his classes, credit goes to him (AlexdeJong.com)

  • Create user roles for each management pack or service in your datacenter. Connect these roles to your ad groups created in the previous step. When you create the role, make sure you limit “Dashboards and Views” to what’s only related to the role.

SCOM_BP_3

SCOM_BP_4

SCOM_BP_5

Create subscriptions related to your roles. Then add your mail enabled groups as subscribers.

       SCOM_BP_6

For conditions, select all related classes for your role in the subscription. And select “High”   priority, Default nothing in SCOM is high priority, so by doing this you can choose what is critical to you by creating priority overrides.

 SCOM_BP_7

  • Create a group for each management pack, then disable the management pack for all computers but those who are members of your group. By doing this you can easily manage which computers you want to monitor “in dept”.

SCOM_BP_8

Go to the Authoring Pane > Management Pack Objects > Discoveries. Set your scope to your related management pack. Look for a discovery that targets a default class. Usually the Windows Server class is used. This is the initial discovery, to identify computers running a product, in this example Hyper-V, this discovery will trigger later discoveries so SCOM can learn more about the servers.

         SCOM_BP_9

Override and disable the initial discovery for all objects off the class.

SCOM_BP_10

Then create a new override targeting your group, and select the “Enforced option” to make this override a priority.

SCOM_BP_11

By doing this you will make sure that you only have in dept monitoring of the servers you populate in your groups. Then you can delegate the task of maintaining these groups to each operator.

Leave a Reply

Your email address will not be published.

* Copy This Password *

* Type Or Paste Password Here *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>