System Center Operations Manager Overview

Batuhan CetinCIO
In this article. I will discuss the roles and components included in Microsoft System Center Operations Manager 2007 R2 product.

The roles in SCOM can be discussed in two main categories. The first category is the mandatory roles which must be setup and configured for a SCOM environment to operate successfully. The second category consists of optional roles and components that are specific to each structure. A full blown environment including all roles is visualized in the diagrams at the end of the article. Thanks to TechNet for the images.

1) Mandatory Roles and Components:

To have a working SCOM server, these components are necessary without discussion.

a) Database: First of all, an SQL Server at least 2005 version must be installed and working state to setup the SCOM. The database is the most important component because SCOM is running on it. All the process, setttings, reports, inventory data...etc is stored in the database and queried from there to show up on your screen. Database planning must be the most time consuming phase in your development plan. SCOM has a number of databases. When all roles are installed, one will have 5 databases including the Report Server:

OperationsManagerAC (Audit Collection)
OperationsManagerDW (DataWarehouse)

These databases may be kept in the same server as well as different instances and may be clustered. It is recommended for some databases to be on dedicated servers for performance issues. This will be discussed in another article.

b) Management Group (MG): A management group can be described as a set of SCOM servers which are connected together to monitor a specific boundary. Each management group can include one root management server, additional management servers, gateway servers, reporting servers and agents. Several management groups can be connected together and form Connected Management Groups.

c) Root Management Server (RMS): A root management server is the first management server installed in the management group. A management group can only have one of this type of server. RMS can be clustered. The RMS can be managed locally or from another server with Operations Console or Web Console. From the RMS, all management group components as management servers, gateway servers, agents... etc can be configured and monitored. The OpsMgr Configuration and OpsMgr SDK services only run on the RMS. The SDK service provides a communication layer between the management group and the databases while Configuration service writes the monitoring data that the agents send and the agent configuration data to the appropriate database.

d) Agents: An agent is a service that is installed to the computers to monitor them with SCOM. It can be seen as HealthService.exe in task manager and System Center Management in Services MMC snap-in. Agent gets the configuration data from the management group which it reports to. They can be deployed centrally from a management server or can be installed manually to the clients. Agents generate alerts according to the configuration they get. They contact the management group periodically to check if there is a new configuration and to report the state of the machine they are monitoring. If Active Directory Integration is enabled, they can query the Active Directory to decide which management server they will report to in case of a failure. They can also be used to monitor another agentless computer partially. This agent is called a proxy agent, but will be discussed in another article. Also Unix\Linux machines can be monitored with agents.

e) Operations Console: This is where all of the features of SCOM is configured. One can create views, discover computers, deploy agents, monitor agents and management servers, define rules and alerts, administer management packs, user rights assignments... etc. My Workspace is a great section that you can store your favorite views and searches to access them quickly.

f) Management Packs (MP): Management Packs include the state definitions of the software which they are designed for. Agents use these definitions to know what they will monitor and create alert on which situation. Management packs are designed by the application's developers. There are default management packs which are imported while SCOM setup. Also there are many management packs to import in SCOM media. Many manufacturers like Dell, HP provides their management packs for SCOM to monitor their specific applications or servers. You may find them in the manufacturer's web site. A management pack can be sealed or unsealed. Sealed packs cannot be modified. You must first duplicate the sealed management pack and modify the duplicate. Unsealed management packs can be modified. This link has lots of management packs ready to download and use:

2) Optional Roles and Components

Now let's have a quick look at optional components;

a) Management Server: Management servers are all the other servers installed in the management group after RMS. These servers have the same configuration as the RMS. Having multiple management servers in a management group serves as a failover to agents. Also some management servers can be dedicated to performance intensive SCOM roles like Reporting Server or Audit Collection Services (ACS).

b) Gateway Server: Agents can only contact to management servers if they are in a trusted domain. When monitoring an untrusted domain, one will need to configure certificates. If you are monitoring about 100 computers in an untrusted domain, installing and configuring certificates for each computer will be an issue. Gateway servers solve this problem as they act like a proxy between untrusted environments. A gateway server installed in the untrusted environment which is setup with proper certificates can be used to deploy agents centrally and monitor them with your RMS or management servers. See the deployment at the end of the article.

c) Web Console: This is an optional web based version of the Operations Console.

d) Reporting Server: As you can understand from its name, this server is used to query the database and create reports for monitoring. Reports can be created with pre-defined templates in the SCOM console or you can define your own queries to create custom reports. This component is performance intensive, so it's recommended to setup on a dedicated server with its own database.

e) Audit Collection Server (ACS): This is one of the most useful roles of SCOM. ACS is used to collect audit event logs from the monitored computers. It consists of two services: Audit Collection Service and Audit Forwarding Service. The collection service is running on the management server hosting this role and the forwarding service is running on the machine which has the ACS enabled agent. The agent uses this service to forward audit events to the collector server. Forwarder service can be enabled on any installed agent and no reinstall or push of the agent is necessary. ACS is extremely performance intensive and recommended to setup on a dedicated server with its own database.

f) Power Shell: Power Shell can be installed on SCOM optionally to automate many features on SCOM or do anything you can do from the Operations Console from the command line. SCOM includes more than 200 cmdlets you can use exclusively for SCOM administration.

Please view the below diagrams to better understand the roles in a Management Group. These are taken from SCOM TechNet library.

See you in another article.

  Large Deployment Multiple Server Single MG Scenario
Batuhan CetinCIO

Comments (1)

thank you so much

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.