Reinstalling your SCOM agents with the NOAPM switch
This one comes from collaboration with my colleague Brian Barrington.
Because of the issues with SCOM 2016 and the default APM modules impacting IIS and SharePoint servers….. (Read more about that issueHERE,HERE, andHERE)
Brian was looking for a way to easily remove the APM components from the deployed agents with minimal impact.
Normally, the guidance would be to uninstall the SCOM agent, then reinstall it from a command line installation using the NOAPM=1 command line parameter. That could be a challenging task if you have hundreds or thousands of agents!
You just need to place the MOMAgent.msi file on a share that your domain computer accounts would have access to. The agent will connect to the share as the Local System account, so you need to ensure these domain computer accounts have access at the share permission and NTFS permission. For something simple like this, I generally just grant Everyone/Read, or Authenticated Users/Read.
The below image example is for a repair:
This performs a lightweight repair or upgrade (depending on which command line you choose) of the agent, but only changes the switch “NOAPM=1” which will result in leaving all other settings alone, and only removing the APM service and components!
We have gotten good feedback on the success of this process across hundreds of agents in a short time frame. You can multi-select a lot of agents and run this task on many at a time.
Removing the APM MP’s
On another note – if you have no plans to use the APM feature in SCOM – you should consider removing those MP’s which get imported by default. They discover by default a LOT of instances of sites, services, and instances of classes where APM components are installed on the agents.
All of the above can be deleted. However – in order to delete the Microsoft.SystemCenter.Apm.Infrastructure MP, you will need to remove a RunAs account profile association, then clean up the SecureReference library manually by deleting the reference.
In the Admin pane > Run As Configuration > Profiles, in the Data Warehouse Account. On the RunAs accounts, you will need to remove the Operations Manager APM Data Transfer Service:
Then – manually export the Microsoft.SystemCenter.SecureReferenceOverride MP, and edit it using your favorite XML editor. (Make a Backup copy of this FIRST!!!!!)
Delete the reference to the Microsoft.SystemCenter.Apm.Infrastructure MP.
Save this, then reimport the Microsoft.SystemCenter.SecureReferenceOverride MP.
At this point you can delete the final APM MP – Microsoft.SystemCenter.Apm.Infrastructure (Operations Manager APM Infrastructure)
Deleting that MP with manual edits too scary for you?
At a bare minimum – if you are not using the APM feature – you should disable the discoveries:
Then run Remove-SCOMDisabledClassInstance in your SCOM Command Shell, which will remove all these discovered instances that you don’t use.