OpsMgr: Enable Agent Proxy via Management Pack

Written by Ingmar Verheij on April 11th, 2012. Posted in Operations Manager

System Center Operations Manager (SCOM) agents are by default allowed to only return data from the same source. If the agent needs to submit data from another source, for instance in a cluster, the security feature ‘Agent Proxy’ needs to be enabled. By default this feature is disabled.

If you create (or import) a management pack that relies on this feature, for example when the management pack submits data from another source, you might want automate this.

Automate setting “Allow this agent to act as a proxy and discover managed object on other computers”

The process of enabling the “Agent Proxy” security feature can be done using a PowerShell script or an executable called SetAgentProxyEnabled. Although this automates the process of enabling the security feature it still requires an admin to execute the script or process manually.

 
Integrate in Management Pack

What if you write a management pack that discovers objects from another source (and therefore require the “Agent Proxy” feature)? You might want to set the feature for the admin on the agents where your management pack is active.

To achieve this we’re going to create a rule that runs on the root management server (RMS),

  • Open the System Center Operations Manager 2007 R2 Authoring Console
  • Open your management pack / create a new management pack
  • Go to Health Model
  • Select Rules
 
In the Rules view
  • Create a new custom rule
  • Choose an ID (for instance Demo.ManagementPack.Rule)
 
On the General tab
  • Give a descriptive name (for “instance Enable Agent Proxy on my agent”)
  • Select the target ‘Microsoft.SystemCenter.RootManagementServer’

 

On the Modules tab
  • Create a new Data Source with type ‘System.Scheduler’ and Module ID ‘Scheduler’
  • Edit the new created data source ‘Scheduler’
    • Click on Configure
    • Set the period to 1 – Hours
  • Create a new Action with type ‘Microsoft.Windows.PowerShellAction’ and Module ID ‘ExecuteScript’
  • Edit the new created Action ‘ExecuteScript’
    • ScriptName : ClassProxyEnabler.ps1
    • ScriptBody (see below)
    • TimeoutSeconds: 60

 

Last step

Now save the management pack and import the management pack into the Management Group.

The PowerShell script (based on the script from Jonathan Almquist, stripped down the logging and  parameters ) to set the “Agent Proxy” security feature.

DO NOT FORGET to change the $ClassName to the class object that target’s your class.

Ingmar Verheij

At the time Ingmar wrote this article he worked for PepperByte as a Senior Consultant (up to May 2014). His work consisted of designing, migrating and troubleshooting Microsoft and Citrix infrastructures. He was working with technologies like Microsoft RDS, user environment management and (performance) monitoring. Ingmar is User Group leader of the Dutch Citrix User Group (DuCUG). RES Software named Ingmar RES Software Valued Professional in 2014.

More Posts - Website

Follow Me:
TwitterLinkedInGoogle Plus

Tags: , , ,

Leave a comment

*

Donate

%d bloggers like this: