Early chapter preview of ‘Inside OMS’ version 2

There have been many inquiries into if the band would be getting back together for a second version of the very popular “Inside the Microsoft Operations Management Suite“. Version 2 is 16 chapters of the latest and greatest of Microsoft OMS…and it’s coming soon.

  • When? I am happy to report we are well into the authoring process and looking to release version 2 around the end of April 2017.
  • Cost? As with the first release, we will deliver a book well worth paying for…except it will again be free!

While we are only a little over a month from completion, we wanted to take a moment to give you  a sneak peak at a couple of the chapters of what is to come.

The “Inside OMS” Team

I am also happy to introduce that the entire author team are all back for v2:

  • Tao Yang, MVP
  • Stanislav Zhelyazkov, MVP
  • Anders Bengtsson, Principal PFE
  • Pete Zerger, CISSP, MVP

OMS has grown considerably since our first release, and to ensure we meet our quality bar as quickly as possible, we are joined by four technical reviewers and an editor! Joining us in the tech reviewer role are some very talented folks, including:

  • Damian Flynn, MVP
  • Kevin Greene, MVP
  • Lee Berg, MVP
  • Steve Buchannan, MVP

Early Chapter Preview

To hold you over until the final release, we are going to share three chapters early…one at a time. Your first taste is a major update, driven by awesome Aussie, Tao Yang. Below, you will find a draft preview of:

Chapter 6: Extending OMS Using Log Search

This chapter covers key topics within OMS Log Analytics, including:

  • Saved Searches
  • OMS Computer Groups
  • Custom Fields
  • Custom Logs
  • Power BI

I’ve reviewed it myself, and I know you will appreciate the more than 70 pages of in-depth guidance in this chapter alone!

Get the preview. You can download the preview release of chapter 6 HERE.

Two more preview chapters will be coming your way in the next week(ish). Stay tuned!

5 TIPS FOR MODERNIZING YOUR PROCESS AUTOMATION STRATEGY

Don’t get me wrong, I love System Center Orchestrator (as you will see here AND here), but it is important to know when it is time to move on. Well my friends, it’s time. Some months ago now, Microsoft publicly announced that their investment in new features Orchestrator had come to an end, and that a cloud-first strategy would be the norm. The Microsoft Operations Management Suite (OMS), together with Azure Automation, is actually the bridge for organizations wishing to modernize their automation strategy,..even organizations not quite ready to go “all-in” with Microsoft Azure.

In this article, I will share five tips to help optimize your journey in modernizing your process automation strategy.

Tip #1: Don’t make big investments in legacy tools

Since Orchestrator is a legacy component, it is probably best not to rush into costly investments in Orchestrator-based solutions that you will only have to rewrite later. However, I am not saying not to use Orchestrator at all. If you find a runbook for free (or cheap) you can download that solves a problem, go ahead! If the development cycle is fairly short, no problem! However, think twice before spending tens of thousands of dollars on Orchestrator-based development or solutions.

“How would you suggest I move forward” you ask? Read on.

Tip #2: Don’t count on the Orchestrator Migration Toolkit to handle everything

The System Center Orchestrator Orchestrator Migration Toolkit will convert some of your runbooks, as well as your custom activities developed with the Orchestrator Integration Toolkit (OIT) to an Azure Automation / Service Management Automation (SMA) friendly format. It also provides a converted set of (most of) the standard activities from Orchestrator.  However, there are some caveats:

  • Some activities cannot be converted. For example, the Map Published Data activity, used heavily by runbook authors everywhere, cannot be converted for Azure Automation and SMA at present.
  • Activities in integration packs not created with the OIT cannot be converted.

What’s more, you may have created custom logging, checkpointing and other workarounds in your Orchestrator runbooks that are native features of Azure Automation, which you will need to write out of converted runbooks. The bottom line here is that at least some runbook redesign and rework is going to be necessary on the road to a simplified, modern process automation strategy. Embrace this reality and use it as a learning opportunity.

Tip #3: Use hybrid to take your first step…

If your organization is not yet in the cloud, walking in the door and singing the praises of an “all-in cloud strategy” may not be the best approach. Your message may not be well-received by the cloud doubters and cloud fearful in your ranks. Some of these concerns may be well-founded and may take time to overcome. This is where OMS can help, by giving you a fantastic compromise…the Hybrid Runbook Worker. Without rehashing everything explained in the hyperlinked article, the key point here is that linking OMS to an Azure Automation subscription enables you to execute Azure Automation runbooks on a server enabled as a Hybrid Runbook Worker inside your datacenter with no additional outside-in firewall ports required!

This is an olive branch with another bonus. With Hybrid Runbook Workers enabled throughout your data centers, you can Azure Automation as your centralized, simplified, global back-end orchestration infrastructure. An Orchestrator instance per-datacenter, and the headaches that come with keeping them all in sync in terms of patches, runbooks and security, are a thing of the past.

Tip #4: Don’t build what Microsoft is going to build for you

This tip is an easy one to follow. Never spend a lot of time and money building or buying a solution Microsoft promises to build for you. Watch the product roadmap for OMS, which includes a long list of Microsoft’s planned feature releases that may eliminate your need to build certain types of automation. The current public roadmap includes a host of great features, including solutions focusing on

  • Office 365
  • Patch Management
  • Remote OS Management
  • Containers
  • Network Performance and Analytics
  • Configuration Management Database

That is just the tip of the iceberg. Since OMS Is cloud-based platform, features come on a rapid release cycle…at a cloud cadence. Talk to your MS account team and focus on closing the gaps MS is not already working to close for you. This likely means you will be able to focus on more organizationally-specific, high ROI scenarios the business side of your org care about.

Talk to your Microsoft account rep for the latest OMS feature roadmap.

Tip #5: Start with a “quick win”

One important point I used to stress with Orchestrator was the need to “start small”, and the same is true with OMS and Azure Automation. To introduce your organization to hybrid automation with OMS and Azure Automation with the Hybrid Runbook Worker (and to ensure they love it), start with a manageable scenario. Find an automation need that you can develop and demonstrate in a proof-of-concept in a short time (nor more than one or two days) to get your colleagues and management stakeholders acquainted…and on board.

Before you start, look at what is already available from the community. There are lots of runbook samples out there demonstrating common scenarios like group maintenance mode in System Center Operations Manager, Active Directory user onboarding, as well as adding computers to collections in System Center Configuration Manager (SCCM). Since Azure Automation supports PowerShell, a freely available PowerShell script may help jumpstart your efforts!

Next Steps

Your first step is to get in the game. Sign up for the free tier of OMS, which includes 500 automation minutes per month. Sign up for a free Azure trial, or sign up for the pay-as-you go option to limit your spend. Watch some of OMS and Azure Automation videos on the MS Channel 9 website. Download some of the many sample runbooks shared in those sessions.

Good luck!

Free E-book: Inside the Microsoft Operations Management Suite

Tao (@MrTaoYang), Stan (@StanZhelyazkov), Anders (http://contoso.se)  and I have been working on a project for the last few weeks. We wanted to bring a learning resource for the MS Operations Management Suite to the community that is complete, comprehensive, concise…and free (as in beer). While we finish final editing passes over the next couple of weeks, we wanted to share an early copy of the book so you can start digging in while we finish our work!

Description: This preview release of “Inside the Microsoft Operations Management Suite” is an end-to-end deep dive into the full range of Microsoft OMS features and functionality, complete with downloadable sample scripts (on Github). The chapter list in this edition is shown below:

  • Chapter 1: Introduction and Onboarding
  • Chapter 2: Searching and Presenting OMS Data
  • Chapter 3: Alert Management
  • Chapter 4: Configuration Assessment and Change Tracking
  • Chapter 5: Working with Performance Data
  • Chapter 6: Process Automation and Desired State Configuration
  • Chapter 7: Backup and Disaster Recovery
  • Chapter 8: Security Configuration and Event Analysis
  • Chapter 9: Analyzing Network Data
  • Chapter 10: Accessing OMS Data Programmatically
  • Chapter 11: Custom MP Authoring
  • Chapter 12: Cross Platform Management and Automation

This early edition is being shared with the community while final edits are being completed. Please send questions, comments or errata you find to insidemscloud@outlook.com.

You can download for free from the TechNet Gallery at:
https://gallery.technet.microsoft.com/Inside-the-Operations-2928e342 

 

How to launch an Azure Automation runbook on a Hybrid Worker via PowerShell

With the update in Azure PowerShell 1.0, quite a lot has changed. Working with Azure has been divided into cmdlets for working with Azure 1.0 (Azure Service Management) and Azure 2.0 (Azure Resource Manager). With the GA release of the new Azure portal (https://portal.azure.com) that was called “the preview portal” forever, has arrived. In short, the PowerShell cmdlets for working with Azure Resource Manager include an “Rm” after the “Azure”, such as in New-AzureRmVm, the cmdlet for creating a new VM in Azure IaaS v2…aka Azure Resource Manager.

Azure Automation, when connected to your Operations Management Suite (OMS) subscription, eanbles you to tap into a new Azure Automation feature called a Hybrid Runbook Worker. This allows you to run runbooks on machines located in your data center in order to manage local resources. The runbooks are stored and managed in Azure Automation and then delivered to one or more on-premises machines where they are run.

If you are unfamiliar with any of the above concepts, you can click on the links and read more. If you are familiar and just want to know what the PowerShell is you need to call an Azure Automation runbook and run it on a Hybrid Worker, you will find the script and some explanation below.

Prerequisites

You will need the following in before you get started

  • The latest Azure PowerShell module, which you can install using the Web Platform Installer or the PowerShell Gallery, on the system where you will run the script
  • An Azure AD user with appropriate rights from your Azure subscription. You cannot use a Microsoft (Live) account when authenticating to your Azure subscription.

I am working on a Windows Server 2012 R2 system. I also have the production preview of the Windows Management Framework 5 installed, though this is not required.

Sample Script

In this sample, we will assume you are working with your default Azure subscription. We will build on this example to cover working with multiple Azure subscriptions in a future post.

# Import Azure Modules
Import-Module "C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager\AzureRM.Profile\AzureRM.Profile.psd1"
Import-Module "C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager\AzureRM.Automation\AzureRM.Automation.psd1"

# Authenticate with Azure AD credentials
$MyUserName=’username@yourdomain.onmicrosoft.com’
$MyClearTextPassword=’YourPassword’

$SecurePassword=Convertto-SecureString –String $MyClearTextPassword –AsPlainText –force

$cred=New-object System.Management.Automation.PSCredential $MyUserName,$SecurePassword

Login-AzureRmAccount -Credential $cred

#Runbook parameters
$params = @{"Message"="Hello Azure Community!";}

Start-AzureRmAutomationRunbook –AutomationAccountName "contoso-testrba" –Name "Hello-World" `
-ResourceGroupName 'Default-Networking' –Parameters $params -RunOn 'ConfigMgrPool'

A little explanation…

A couple of key areas of the script that deserve explanation.

Authentication
On lines 5 through 13, you will see how we handle credentials. You will need to replace the user name and password with your Azure AD user. In this case, I have hard-coded the credentials so we can riff on this in some other contexts in my next post. If you intend to call this script right out of PowerShell, you may want to prompt for the password each time. You can do that by replacing the code on line 7 above with the following:

$MyClearTextPassword = Read-host "Enter your password:" -AsSecureString

Runbook Name and Parameters

  • The runbook parameters are presented on line 16 in name / value pairs, separated by semicolons (a hash table). In this case, I am launching a runbook named “Hello-World” that has one parameter called “Message”, which accepts a text string. You can see this pictured in the image below. If you have a runbook with multiple parameters, simply provide additional name / value pairs separated by semicolons.

AA_HybridWorker

  • On line 18, notice the -AutomationAccountName parameter where you specify the name of the Azure Automation account associated with this runbook, as well as the -Name parameter where you specify the name of the runbook.
  • On line 19, you will need to update the -ResourceGroupName parameter with the name of the Azure resource group containing the Azure Automation account.
  • Finally, the name of your Azure Automation Hybrid Worker group is specified in the -RunOn parameter. If you want to know where to find your available Hybrid Worker groups, you can see the GUI version of this in the image above from the Azure portal.

Once you execute the runbook, the output if it runs successfully will be roughly as follows:

AA_HybridWorker2

In the Azure portal, go to the Jobs area of your Azure Automation account where you can see detailed job results:

AA_HybridWorker3

In our next installment, we will do something interesting with this script you can use in your environment…today!