Menu Close

Reinstalling your SCOM agents with the NOAPM switch

This one comes from collaboration with my colleague Brian Barrington.

Because of the issues with SCOM 2016 and the default APM modules impacting IIS and SharePoint servers…..  (Read more about that issue HERE, HERE, and HERE)

 

Brian was looking for a way to easily remove the APM components from the deployed agents with minimal impact.

Normally, the guidance would be to uninstall the SCOM agent, then reinstall it from a command line installation using the NOAPM=1 command line parameter.  That could be a challenging task if you have hundreds or thousands of agents!

 

His idea?  Use my SCOM Agent Tasks MP here:  https://kevinholman.com/2017/05/09/scom-management-mp-making-a-scom-admins-life-a-little-easier/

 

It has a class property in the state view called “APM Installed” to help you see which agents still have the APM components installed (which are installed by default)

image

 

It has a task called “Execute any PowerShell” 

In the task – Override to provide the command you want to run – such as:

To repair an existing SCOM 2016 agent, but remove the APM components:

msiexec.exe /fvomus “\\server\share\agents\scom2016\x64\MOMagent.msi” NOAPM=1

To upgrade an agent, such as upgrading the agent from SCOM 2012 to SCOM 2016:

msiexec.exe /i “\\server\share\agents\scom2016\x64\MOMagent.msi” NOAPM=1 AcceptEndUserLicenseAgreement=1

 

You just need to place the MOMAgent.msi file on a share that your domain computer accounts would have access to.  The agent will connect to the share as the Local System account, so you need to ensure these domain computer accounts have access at the share permission and NTFS permission.  For something simple like this, I generally just grant Everyone/Read, or Authenticated Users/Read.

The below image example is for a repair:

image

 

This performs a lightweight repair or upgrade (depending on which command line you choose) of the agent, but only changes the switch “NOAPM=1” which will result in leaving all other settings alone, and only removing the APM service and components!

We have gotten good feedback on the success of this process across hundreds of agents in a short time frame.  You can multi-select a lot of agents and run this task on many at a time.

 

Removing the APM MP’s

On another note – if you have no plans to use the APM feature in SCOM – you should consider removing those MP’s which get imported by default.  They discover by default a LOT of instances of sites, services, and instances of classes where APM components are installed on the agents.

MP’s to remove in SCOM 2016:

  • Microsoft.SystemCenter.DataWarehouse.ApmReports.Library (Operations Manager APM Reports Library)
  • Microsoft.SystemCenter.Apm.Web  (Operations Manager APM Web)
  • Microsoft.SystemCenter.Apm.Wcf  (Operations Manager APM WCF Library)
  • Microsoft.SystemCenter.Apm.NTServices  (Operations Manager APM Windows Services)
  • Microsoft.SystemCenter.Apm.Infrastructure.Monitoring  (Operations Manager APM Infrastructure Monitoring)
  • Microsoft.SystemCenter.Apm.Library (Operations Manager APM Library)
  • Microsoft.SystemCenter.Apm.Infrastructure (Operations Manager APM Infrastructure)

All of the above can be deleted.  However – in order to delete the Microsoft.SystemCenter.Apm.Infrastructure MP, you will need to remove a RunAs account profile association, then clean up the SecureReference library manually by deleting the reference.

In the Admin pane > Run As Configuration > Profiles, in the Data Warehouse Account.  On the RunAs accounts, you will need to remove the Operations Manager APM Data Transfer Service:

image

Then – manually export the Microsoft.SystemCenter.SecureReferenceOverride MP, and edit it using your favorite XML editor.  (Make a Backup copy of this FIRST!!!!!)

Delete the reference to the Microsoft.SystemCenter.Apm.Infrastructure MP.

image

 

Save this, then reimport the Microsoft.SystemCenter.SecureReferenceOverride MP.

At this point you can delete the final APM MP – Microsoft.SystemCenter.Apm.Infrastructure (Operations Manager APM Infrastructure)

 

Deleting that MP with manual edits too scary for you?

At a bare minimum – if you are not using the APM feature – you should disable the discoveries:

image

 

Then run Remove-SCOMDisabledClassInstance in your SCOM Command Shell, which will remove all these discovered instances that you don’t use.


Leave a Reply

Your email address will not be published. Required fields are marked *