Menu Close

Reinstalling your SCOM agents with the NOAPM switch

This one comes from collaboration with my colleague Brian Barrington.

Because of the issues with SCOM 2016 and the default APM modules impacting IIS and SharePoint servers…..  (Read more about that issue HERE, HERE, and HERE)


Brian was looking for a way to easily remove the APM components from the deployed agents with minimal impact.

Normally, the guidance would be to uninstall the SCOM agent, then reinstall it from a command line installation using the NOAPM=1 command line parameter.  That could be a challenging task if you have hundreds or thousands of agents!


His idea?  Use my SCOM Agent Tasks MP here:


It has a class property in the state view called “APM Installed” to help you see which agents still have the APM components installed (which are installed by default)



It has a task called “Execute any PowerShell” 

In the task – Override to provide the command you want to run – such as:

To repair an existing SCOM 2016 agent, but remove the APM components:

msiexec.exe /fvomus “\\server\share\agents\scom2016\x64\MOMagent.msi” NOAPM=1

To upgrade an agent, such as upgrading the agent from SCOM 2012 to SCOM 2016:

msiexec.exe /i “\\server\share\agents\scom2016\x64\MOMagent.msi” NOAPM=1 AcceptEndUserLicenseAgreement=1


You just need to place the MOMAgent.msi file on a share that your domain computer accounts would have access to.  The agent will connect to the share as the Local System account, so you need to ensure these domain computer accounts have access at the share permission and NTFS permission.  For something simple like this, I generally just grant Everyone/Read, or Authenticated Users/Read.

The below image example is for a repair:



This performs a lightweight repair or upgrade (depending on which command line you choose) of the agent, but only changes the switch “NOAPM=1” which will result in leaving all other settings alone, and only removing the APM service and components!

We have gotten good feedback on the success of this process across hundreds of agents in a short time frame.  You can multi-select a lot of agents and run this task on many at a time.


Removing the APM MP’s

On another note – if you have no plans to use the APM feature in SCOM – you should consider removing those MP’s which get imported by default.  They discover by default a LOT of instances of sites, services, and instances of classes where APM components are installed on the agents.

MP’s to remove in SCOM 2016:

  • Microsoft.SystemCenter.DataWarehouse.ApmReports.Library (Operations Manager APM Reports Library)
  • Microsoft.SystemCenter.Apm.Web  (Operations Manager APM Web)
  • Microsoft.SystemCenter.Apm.Wcf  (Operations Manager APM WCF Library)
  • Microsoft.SystemCenter.Apm.NTServices  (Operations Manager APM Windows Services)
  • Microsoft.SystemCenter.Apm.Infrastructure.Monitoring  (Operations Manager APM Infrastructure Monitoring)
  • Microsoft.SystemCenter.Apm.Library (Operations Manager APM Library)
  • Microsoft.SystemCenter.Apm.Infrastructure (Operations Manager APM Infrastructure)

All of the above can be deleted.  However – in order to delete the Microsoft.SystemCenter.Apm.Infrastructure MP, you will need to remove a RunAs account profile association, then clean up the SecureReference library manually by deleting the reference.

In the Admin pane > Run As Configuration > Profiles, in the Data Warehouse Account.  On the RunAs accounts, you will need to remove the Operations Manager APM Data Transfer Service:


Then – manually export the Microsoft.SystemCenter.SecureReferenceOverride MP, and edit it using your favorite XML editor.  (Make a Backup copy of this FIRST!!!!!)

Delete the reference to the Microsoft.SystemCenter.Apm.Infrastructure MP.



Save this, then reimport the Microsoft.SystemCenter.SecureReferenceOverride MP.

At this point you can delete the final APM MP – Microsoft.SystemCenter.Apm.Infrastructure (Operations Manager APM Infrastructure)


Deleting that MP with manual edits too scary for you?

At a bare minimum – if you are not using the APM feature – you should disable the discoveries:



Then run Remove-SCOMDisabledClassInstance in your SCOM Command Shell, which will remove all these discovered instances that you don’t use.


    • Kevin Holman

      No, they don’t. However, to remove the profiler from IIS, if you want that to happen immediately, you’d need to issue an IISreset at the least.

  1. Lee

    Thanks Kevin, this post was very helpful to me when I deployed SCOM 1807 recently. I deployed all of the agents without APM, and removed the APM management packs.

    BUT – I’m still seeing Events 4009 and 4151 on my SCOM management servers, and the Microsoft Monitoring Agent APM service is installed but disabled on the SCOM MS. Is there a way to safely remove APM from the management servers completely?

  2. Clark


    Is the APM issue resolved in UR9 for SCOM 2016?

    We use APM and are migrating to a side by side to 2016. Any recommendations?

Leave a Reply

Your email address will not be published. Required fields are marked *