Let’s use the SCCM Server Infrastructure monitoring script without SCOM. We have a post about SCOM monitoring of SCCM infrastructure.
Hopefully, this automation script from Karthikeyan can help ConfigMgr admins automate some of the monitoring tasks.
“Have you ever wished you could peer inside the mind of one of the greatest SCCM bloggers in the world and find out exactly what makes them tick?” Yeah! Right. I have updated the script on 29th July 2021.
In this blog, we will discuss various SCCM components troubleshooting methods already used and documented by our experts to make our day-to-day operations much easier. You all have done the unthinkable.
Table of Contents
SCCM Server Infrastructure Monitoring Script Without SCOM
Now, you will think you have already spent plenty of time reading those articles/blogs, so why should you waste more time on the same things again? Hey, Hear me out; we will not discuss those error codes, resolutions, root causes, and workarounds again.
Still, we will try to pick a few and find a method to automate them. So, let’s find out more details about SCCM Server Infrastructure Monitoring without SCOM OpsMgr below.
Note: The brain behind this scrip is Author: A. Karthikeyan
So, without any further delay, let’s see what we have.
Note: These instructions are intended for the ConfigMgr Team in the normal execution of infrastructure management.
- Top 50+ Latest SCCM Interview Questions and Answers
- SCCM 2403 New Key Features and Improvements
- SCCM Automation using Azure Runbook Hybrid Worker
Core Infrastructure Check – All in One
The main reason to pick the “all in one” check at the very beginning is that we all try to complete this check before entering the change request freeze window, and at that moment, all we can think of is that we should not leave any stone untouched.
So this script is essential for all those SCCM Administrators who always think, “What if I missed any component, and it’s going to create chaos?” Don’t worry. Be happy.
Copy the script from the bottom of this post and execute it on your CAS or Primary site, whichever you have the highest in your hierarchy. The script generates the output in HTML format with the status in different colours, making it easy to spot. Once execution is completed, the output will look like the below:
The output will be saved to the same directory where you saved this script during execution. In the above screenshot, you can see how detailed a check is performing. There is no untouched part we need to worry about.
To verify whether the script works, we purposefully broke the backup and executed it. The script highlighted that the backup failed. Screenshot below:
Status in red and with the type if it’s Site Backup or DB backup which failed. Hold on. We are not done yet. You can schedule a task to execute it and forget about it. There is more. You don’t have to jump to your server to check the status constantly. It can send the HTML file to your e-mail so you can read the current status.
Below are a few points we need to remember before setting up our SCCM Infrastructure.
ConfigMgr Administration Best Practices
Let’s check the list of best practices for administration. I hope you have all the information on SCCM server Infrastructure Monitoring without SCOM OpsMgr.
- Use AD Sites to define ConfigMgr boundaries to avoid overlapping.
- Automate maintenance tasks and create custom maintenance tasks.
- Create OUs for ConfigMgr Servers.
- Use AD Groups and Accounts to manage the ConfigMgr environment.
- Keep administrative rights to a minimum level of Access.
- Create a plan for role-based administration and apply only the rights necessary to perform job functions.
- Use NTFS on all client and server partitions.
- Assign the least permissions possible.
- Do not install site servers on Domain Controllers.
- Do not install other services that use the local system account.
- Use GPO and ConfigMgr Client Push Method to install client agents on computers.
- Add only required users to the ConfigMgr admins group, or create alternate groups and use role-based access control for permissions.
- Create ConfigMgr AD OU containers for service IDs, Application Management IDs, Management groups and Servers.
- Lock down the ConfigMgr Infrastructure using Domain Groups and Accounts.
- Configure SUP on every primary and secondary site server.
- Enable SMTP access on the Top ConfigMgr server to send custom SSRS Reports.
- Only deploy the ConfigMgr client to trusted computers.
- Do not use a domain admin account as the client push installation account.
- SQL Server must be configured to use Windows Authentication.
- Remove or Disable the Guest account from the ConfigMgr SQL Database.
Disclaimer – The information provided on site is for general informational purposes only. All information on the site is provided in good faith. However, we make no representation or warranty of any kind, express or implied, regarding the accuracy, adequacy, validity, reliability, availability, or completeness of any information on the website.
Script
Below is the script produced by Karthikeyan. Please review it and make the necessary changes before trying it out. Update 28th July 2021: How to use the script.
- Copy the Script and execute. (If there are any errors at the initial level of execution, then let me know)
- It will create a default config file for you on the same path as where you saved this script.
- Modify the config.xml to match your server names, etc. Look for SCCMCentralDBName, SCCMCentralDBServerName.
- More details are in the comments below.
Note: As soon as you execute the script it will ask to create a default configuration file to the same location where you have saved this script. Screenshot below:
Now you have a ConfigXML file. Open the ConfigXML file with Notepad, and please modify the values according to your infrastructure. A script required Admin rights on all SCCM Servers and read access required on the database to fetch the component error details. Screenshot below:
Download the Script from GitHub – https://github.com/AnoopCNair/ConfigMgr-Infra-Monitoring
Resources
Author
Deepak Rai is a Technical Lead with over 14 years of experience in IT. He specializes in SCCM (AKA ConfigMgr, CB, MECM, etc.), Intune, and Azure (Runbooks). Throughout his career, he has worked on various platforms such as Active Directory, Exchange, Veritas NETBACKUP, Symantec Backup Exec, NDMP devices like Netapp, EMC Data Domain, Quantum using Backup Exec 2010 and 2012, and HP StorageWorks 4048 MSL G3. He also has experience in data deduplication-related troubleshooting. Ultimately, he returned to his roots as an IT Engineer focusing on SCCM technology.
It looks like there is a little bit of trouble between lines 228 and 238. We have 2 close brackets and no open brackets causing problems.
Hi,
Script is not fully posted in website. I have requested admin to post the script in public GitHub repository.
Thanks
Karthikeyan
The error is actually right at the top line 19, its missing a end quotation before the foregroundcolor
Write-Host “Author : A, Karthikeyan | [email protected] -foregroundcolor “Green”
Thank you, fixed it now.
Thank you Anoop Sir for fixing it. And Drew TcGarn for highlighting it.
Is there more to this script? Where does the script actually do the checking? I looked this over and it seems like it is just saving a config file and setting lots of variables.
Agreed – What lines in the script actually check the services? I only see a bunch of variables being assigned. Definitely seems like the code block is missing the part of the script that actually does the health check
Are running the script from the Primary server or CAS?
I have run script multiple times with now output. I have made the above adjustments with no results. does this work?
We are checking on it with the owner of the script. Pls give us some more time.
Thank you for highlighting Jam Max. Please refresh the page. I just updated the blog with few more steps and it should work for you. Let us know the result post testing.
Hi Deepak
I dont know why I am not getting output… I have followed after you have updated blog.
1. copied and run script
2. ConfigFile.XML created and made changes as per environment
3. Then I run the script again but no output except below.
*******************************************************************************
File Name : ConfigMgr_Daily_Servers_Health_Check_Reports
Purpose : ConfigMgr_Daily_Servers_Health_Check_Reports to sent an email
Version : 01.00
Date : 27/01/2021
Author : Project Test | [email protected]
*******************************************************************************
I didnt find any output file at ConfigMgr_Daily_Servers_Health_Check_Reports or any sub folder
Did I miss anything or am I doing something wrong. Please guide what next I have to do
Thanks in advance: A new Learner in PS
Try asking more questions in htmdforum.com
Reach us directly — https://forum.howtomanagedevices.com/
Sorry about all the confusion. I could have explained it a little bit.
Now i have included everything to the blog itself.
Post your questions to our forum—– https://forum.howtomanagedevices.com/ — We can work together and short things out if you are stuck anywhere on the way.
Might be preferable to remain here, since we’re responding to Anoop’s post. Having the information spread across various sites is unhelpful.
As per Josh’s comment above, is there some content missing from the script? I can’t see it doing anything like examining components etc. Just variables and basic output.
Thanks a lot for the response Sir. I updated the blog with few more pieces and it should be good now. Sorry about earlier.
Hello Anoop sir any update on this script i am not getting any output as HTML or CSV
I think Deepak updated the post. Can you check again?
Agree with other commentors on this post, the script appears to be missing any functions to actually output the results file.
We hope everything is fixed now.
Thanks a lot Sir for the modification and mentioning the GITHUB link. WordPress was causing all these things.
Hello Team,
After scheduling the script not receiving any email. All the required things are configured in the XML file.
Thank you
Hello Team,
When i run the report it always shows that almost all servers are having the DNS issues. But when we manually check the DNS on the servers everything is fine and the resolution happens properly. Not quite sure what else is the issue.
Could you please help me in fixing the issue.
Thank you
We might have to dig deeper because the script performs a very basic level of check like A Records etc. One should try checking the FQDN and NETBIOS Name are same. IPCONFIG /FLUSHDNS can be tried and see if the issue goes away. For more prompt response and ideas please use our forum “http://forum.howtomanagedevices.com/” where you will get a lot more directions to find the root cause of your issue.
Hi, would be nice to understand, if there is some documentation included to tell what it really does, how to configure and so on.
ie. I don’t understand what to Server1,Server2 means. All servers in organization? All SCCM realted servers, ….?
But still, thanks!
This is to monitor SCCM Servers. Isn’t it? Server 1 = CAS, Server 2 = Primary Server 3 = Secondary …just an example. Does that make sense?
Could someone show a sample config file? I always get the following message:
Error: MECM Central DB ServerName or Central MECM DB Name is not properly mentioned in Config XML File or Your Account d
oes not have sufficient Access
The files are on the Primary Site Server and “MECM_Servers_Health_Check_Reports_V2.0.ps1” is always run as administrator.
Could someone show a sample config file? I always get the following message:
Error: MECM Central DB ServerName or Central MECM DB Name is not properly mentioned in Config XML File or Your Account d
oes not have sufficient Access
The files are on the Primary Site Server and “MECM_Servers_Health_Check_Reports_V2.0.ps1” is always run as administrator.
Error: SMS Provider ServerName or Sitecode is not properly mentioned in Config XML File or Your Account does not have sufficient Access