Menu Close

Extending Windows Computer class from Registry Keys in SCOM

Years ago – I wrote a post on this, showing how to use registry keys to add properties to the “Windows Computer” class, to make creating custom groups much simpler.  You can read about the details of how and why here:


This post is a simple updated example of that Management Pack, but written more “properly”.  You can use this example ad add/change your own registry keys for additional class properties.


In this example – we create a new class, “DemoReg.Windows.Computer.Extended.Class”

We use Microsoft.Windows.Computer as the base class, and we will add three example properties:  TIER, GROUPID, and OWNER.


<TypeDefinitions> <EntityTypes> <ClassTypes> <ClassType ID="DemoReg.Windows.Computer.Extended.Class" Accessibility="Public" Abstract="false" Base="Windows!Microsoft.Windows.Computer" Hosted="false" Singleton="false" Extension="false"> <Property ID="TIER" Type="string" AutoIncrement="false" Key="false" CaseSensitive="false" MaxLength="256" MinLength="0" Required="false" Scale="0" /> <Property ID="GROUPID" Type="string" AutoIncrement="false" Key="false" CaseSensitive="false" MaxLength="256" MinLength="0" Required="false" Scale="0" /> <Property ID="OWNER" Type="string" AutoIncrement="false" Key="false" CaseSensitive="false" MaxLength="256" MinLength="0" Required="false" Scale="0" /> </ClassType> </ClassTypes> </EntityTypes> </TypeDefinitions>


We will use a filtered registry discovery provider, where we filter the discovery based on finding the existence of “HKLM\SOFTWARE\Contoso” which would relate to your custom company RegKey.

In addition – this discovery will discover each custom class property you want, using the three examples above.  My registry looks like the following:




The discovery targets “Windows Server Operating System” this keeps it from creating duplicate discoveries based on clusters.  However, if you WANT to include cluster Windows Computer objects, you will need to change the target class to Microsoft.Windows.Computer (and remove the HOST from $Target/Host references in the discovery)

Here is the sample discovery:

<Monitoring> <Discoveries> <Discovery ID="DemoReg.Windows.Computer.Extended.Class.Discovery" Target="Windows!Microsoft.Windows.Server.OperatingSystem" Enabled="true" ConfirmDelivery="false" Remotable="false" Priority="Normal"> <Category>Discovery</Category> <DiscoveryTypes> <DiscoveryClass TypeID="DemoReg.Windows.Computer.Extended.Class"> <Property TypeID="DemoReg.Windows.Computer.Extended.Class" PropertyID="TIER" /> <Property TypeID="DemoReg.Windows.Computer.Extended.Class" PropertyID="GROUPID" /> <Property TypeID="DemoReg.Windows.Computer.Extended.Class" PropertyID="OWNER" /> </DiscoveryClass> </DiscoveryTypes> <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.FilteredRegistryDiscoveryProvider"> <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <RegistryAttributeDefinitions> <RegistryAttributeDefinition> <AttributeName>ContosoExists</AttributeName> <Path>SOFTWARE\Contoso</Path> <PathType>0</PathType> <AttributeType>0</AttributeType> </RegistryAttributeDefinition> <RegistryAttributeDefinition> <AttributeName>TIER</AttributeName> <Path>SOFTWARE\Contoso\TIER</Path> <PathType>1</PathType> <AttributeType>1</AttributeType> </RegistryAttributeDefinition> <RegistryAttributeDefinition> <AttributeName>GROUPID</AttributeName> <Path>SOFTWARE\Contoso\GROUPID</Path> <PathType>1</PathType> <AttributeType>1</AttributeType> </RegistryAttributeDefinition> <RegistryAttributeDefinition> <AttributeName>OWNER</AttributeName> <Path>SOFTWARE\Contoso\OWNER</Path> <PathType>1</PathType> <AttributeType>1</AttributeType> </RegistryAttributeDefinition> </RegistryAttributeDefinitions> <Frequency>86400</Frequency> <ClassId>$MPElement[Name="DemoReg.Windows.Computer.Extended.Class"]$</ClassId> <InstanceSettings> <Settings> <Setting> <Name>$MPElement[Name="Windows!Microsoft.Windows.Computer"]/PrincipalName$</Name> <Value>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/PrincipalName$</Value> </Setting> <Setting> <Name>$MPElement[Name="DemoReg.Windows.Computer.Extended.Class"]/TIER$</Name> <Value>$Data/Values/TIER$</Value> </Setting> <Setting> <Name>$MPElement[Name="DemoReg.Windows.Computer.Extended.Class"]/GROUPID$</Name> <Value>$Data/Values/GROUPID$</Value> </Setting> <Setting> <Name>$MPElement[Name="DemoReg.Windows.Computer.Extended.Class"]/OWNER$</Name> <Value>$Data/Values/OWNER$</Value> </Setting> </Settings> </InstanceSettings> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery Type="Boolean">Values/ContosoExists</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value Type="Boolean">true</Value> </ValueExpression> </SimpleExpression> </Expression> </DataSource> </Discovery> </Discoveries> </Monitoring>


When I review Discovered Inventory in the console for this class, I can see the properties:




I am attaching the sample MP file, along with the registry file, at the following location:


      • Mohamed Sybulla

        We have to disable “Default Web Site” unavailable alert alone from IIS Management Pack for set of Windows servers where the registry Entry Created like HKLM\SOFTWARE\Computer\DisableDefaultWebsite. So planning to add this registry entry in IIS Web Site Class. If this method is not working, kindly provide some other ideas or code.

        • Kevin Holman

          That’s probably a pretty good reason. You should be able to do this, and just change the base class in my code from windows computer to IIS web site.

          • Mohamed Sybulla

            We already changed the base class to IIS Web Site “MWIC!Microsoft.Windows.InternetInformationServices.WebSite”, but it is not working, It is only working for “Windows!Microsoft.Windows.Computer”. I may try with IIS 7 Web Site, IIS 8 Web Site, IIS 10 Web Site individually. If you have any suggestion please provide on this.

          • Mohamed Sybulla

            Hi Kevin,

            Even it is not working for base class “Microsoft.Windows.InternetInformationServices.10.0.WebSite” IIS 10 Web Site. Kindly suggest.

Leave a Reply

Your email address will not be published. Required fields are marked *