Prepare Orchestrator for PowerShell activities

Maybe you hit already various problems with .NET activity in Orchestrator for calling PowerShell scripts. The problem is that this activity is using only PowerShell version 2.


This is very limiting in your automation scenarios. I sow many workarounds by using PowerShell Remoting but those scripts were very complex and not so easy to use.


Fortunately there exists better and simpler way how to avoid this limitation. It is registry hack on Orchestrator server. Simply edit your registry path HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework. Add hier a new DWORD entry and value for OnlyUseLatestCLR = 1.


That is all. Now you can without any limitation use latest available PowerShell version on your Orchestrator server.


Second very often limitation in your automation effort can be calling web request with Invoke-WebRequest command-let. The problem is that it is using IE engine for actual request and if your automation script is running under service account, very often this account never used IE before. When you open IE for the first time you can see this dialog:

It is the classical First Run customization wizard. Many organization are disabling this wizard by GPO but very often this GPO is not linked to OU with service accounts.

So if you see in your PowerShell runbooks this error:

Invoke-WebRequest : The response content cannot be parsed because the Internet Explorer engine is not available, or Internet Explorer’s first-launch configuration is not complete. Specify the UseBasicParsing parameter and try again.

it is because your account never went through IE First Run Customization Wizard and Invoke-WebRequest cannot make it's job.

To avoid this error, simply run gpedit on your Orchestrator server and open this setting:

Computer Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer. Set the policy Prevent running First Run Wizard to Enabled.

With this settings you should be able to accomplish majority of your automation without bigger issue :)



Combine arrays with hash tables in PowerShell

Very often when I'm scripting something more complex in PowerShell, I found very powerful to combine arrays with hash tables.
I like hash tables because of the relationship between key and their values, but what if you need to have more values bound to one key? No problem! Insert your array directly to hash table. Lets see how:


1) Declare your empty hash table:
$Hash = @{}


2) Prepare your array variables:
$Group1 = "a", "b", "c"


$Group2 = "d", "e", "f"


3) Add array variables directly to hash table:
$Hash.Add("Group1", $Group1)


$Hash.Add("Group2", $Group2)


Of course my recommendation is to at first check if key does not exists in hash and only then add it, or if it already exists, you need to set existing key-value pair inside hash table. You can use this approach:
If($Hash.ContainsKey($key))
{
 $Hash.Set_Item($Key, $Value)
}
Else
{
  $Hash.Add($Key, $Value)
}


4) See the result:
$Hash

You should see this output:

Now you can use your array values in any way you need:
$Values = $Hash.Get_Item("Group1")
$Value1 = $Values[0]
$Value2 = $Values[1]
$Value3 = $Values[2]


Hope this short tutorial was helpful at least for me when I will need combine arrays with hash next time :)

Monitoring VMware with SCOM

Are you using SCOM for monitoring your Windows servers? Are you heavily virtualizing your servers with VMware? If yes, it will be nice to have one big picture of your whole Windows infrastructure together with virtualization platform.


In my last SCOM projects, customers where seeking some free solution how to get health status of their VMWare infrastructure into SCOM. Fortunately on Internet you can find free community VMWare management pack for SCOM: https://github.com/Mitch-Luedy/Community.VMware


It is very simply solution, but for visualizing health state of your VMware world is sufficient.


Lets look how to implement it:


1) Install SCOM agent on your VMware vCenter server. If you have more vCenter servers in your environment, no problem, install it on all.


2) Install VMWare vSphere PowerCLI on SCOM management server. You can download it directly from VMWare web site. Do not install latest version because it is not using PowerShell modules any more and they are required by MP workflows.
In my last project I used successfully version VMware-PowerCLI-6.3.0-3737840. You can install it on one SCOM management server or on more. You are controlling which management server will be used by Community - VMware Monitoring Resource Pool after importing MPs.


3) Now you need to grant rights to VMware infrastructure. You can use SCOM Default Action Account and delegate read only access in VMware or you can use dedicated domain service account. This service account you need to specify in Community - VMware Monitoring Profile after importing MPs.


From network perspective, you need open TCP port 443 from your SCOM management servers to VMware vCenter server/s. Of course, SCOM agent needs TCP port 5723 from vCenter servers to SCOM management server.


4) Import MPs Community.VMware.mpb and Community.VMware.Unsealed.xml

And that's it. Wait until your VMware vCenter servers will be discovered. Then PowerShell workflows will run automatically on them and populate SCOM object classes for VMware Datacenters, Clusters, Hosts, Networks, Data stores and Virtual Machines.

I will show you in upcoming posts how you can use those classes for visualizing health data in nice Visio based dashboards.

Thanks Community for this wonderful MP!