Menu Close

Assigning Gateways and Agents to Management Servers using PowerShell


image

Just publishing some common PowerShell agent and Gateway assignment commands I use on a frequent basis for SCOM:

 

A common issue I find in customer environments, is that they do not set their agents to be able to fail over to multiple Gateways, or they do not set their Gateway servers to be able to fail over to multiple management servers.

When you assign an agent to a gateway – by default it will ONLY talk to that one GW.  If you deploy multiple GW servers for failover – you must configure this failover using the SDK (PowerShell)

When you assign a Gateway to a Management Server – by default that Gateway server will ONLY talk to that one Management Server.  You should always configure Gateway Failover otherwise you will issue hundreds or thousands of Heartbeat failures should you ever take the Management Server down for planned or unplanned maintenance.

 

########### Gateway to Management Server Assignment # Get a specific gateway server object by name $Gateway = Get-SCOMManagementServer | where {$_.Name –eq "dmzscomagw1.dmz.net"} # Show the gateway server assignments for primary and failover $Gateway.GetPrimaryManagementServer().DisplayName $Gateway.GetFailoverManagementServers().DisplayName # Set the gateway server to a specific primary $Primary = Get-SCOMManagementServer | where {$_.Name –eq "scom1.opsmgr.net"} Set-SCOMParentManagementServer -GatewayServer $Gateway -PrimaryServer $Primary # Set the gateway server to a specific failover $Failover = Get-SCOMManagementServer | where {$_.Name –eq "scom2.opsmgr.net"} Set-SCOMParentManagementServer -GatewayServer $Gateway -FailoverServer $Failover # Set the gateway server to a list of management servers for failover $FailoverList = Get-SCOMManagementServer | where {$_.Name –ne "scom1.opsmgr.net" -and $_.IsGateway -eq $false} Set-SCOMParentManagementServer -GatewayServer $Gateway -FailoverServer $FailoverList ########### End

 
########### Agent to MS/GW Assignment # Get Management Server Object Examples $Primary = Get-SCOMManagementServer | where {$_.Name –eq "scom1.opsmgr.net"} $Failover = Get-SCOMManagementServer | where {$_.Name –eq "scom2.opsmgr.net"} $FailoverList = Get-SCOMManagementServer | where {$_.Name –ne "scoma1.opsmgr.net" -and $_.IsGateway -eq $false} # Get a specific agent by name $Agent = Get-SCOMAgent -DNSHostName 'server.opsmgr.net' # Get all agents currently assigned to a Management Server or GW $Agents = Get-SCOMAgent -ManagementServer $Primary # Get parent assignments for an agent $Agent.GetPrimaryManagementServer().DisplayName $Agent.GetFailoverManagementServers().DisplayName # Agent set parent Examples Set-SCOMParentManagementServer -Agent $Agent -PrimaryServer $Primary Set-SCOMParentManagementServer -Agent $Agent -PrimaryServer $Gateway Set-SCOMParentManagementServer -Agent $Agent -FailoverServer $Failover Set-SCOMParentManagementServer -Agent $Agent -FailoverServer $FailoverList # Reassigning all agents in an array of agents FOREACH ($Agent in $Agents) { [string]$AgentName = $Agent.DisplayName Write-Host "`nStarting agent assignment for ($AgentName)" $PriBefore = $Agent.GetPrimaryManagementServer().DisplayName $FailBefore = $Agent.GetFailoverManagementServers().DisplayName Write-Host "Primary before assignment for ($AgentName) is ($PriBefore)" Write-Host "Failover before assignment for ($AgentName) is ($FailBefore)" IF ($FailBefore) { # We need to remove any failover settings for this agent in case we are setting a primary server already in the failover list Write-Host "Removing Failover...." Set-SCOMParentManagementServer -Agent $Agent -FailoverServer $null } Write-Host "Assigning...." Set-SCOMParentManagementServer -Agent $Agent -PrimaryServer $Primary Set-SCOMParentManagementServer -Agent $Agent -FailoverServer $Failover $PriAfter = $Agent.GetPrimaryManagementServer().DisplayName $FailAfter = $Agent.GetFailoverManagementServers().DisplayName Write-Host "Primary after assignment for ($AgentName) is ($PriAfter)" Write-Host "Failover after assignment for ($AgentName) is ($FailAfter)" } ########### End

8 Comments

  1. Stephan

    Hello Kevin.
    We use Active Directory Integration for agent assignment in our Intranet. We have three Gateway Server (the third is observer) in our DMZ. The Gateway Server are AD Members. It’s no Trust between the Intranet AD and DMZ AD.
    Is it possible to use Active Directory Integration for agent assignment for Gateway Server?
    If yes, how?

  2. Brian

    Looks like the last script in the Agents list “Reassigning all agents in an array of agents” is not complete. Could you update it please? Your blogs on SCOM have been very helpful and appreciated!

  3. James

    Hello Kevin

    I want to test this out on a single server. I tried the script below and get no error but when I check the agent on the client server I see no change. Any ideas?

    I also have an issue trying to get a SCOM Gateway server to work in SCOM Manasgement console. I tried the same steps as the other two which worked correctly. I think I wll remove it again and leave it over night and try again. If there is anything I can try to get it working that would be appreciated.

    clear-host
    $Primary = Get-SCOMManagementServer | where {$_.Name –eq “esc-scomgw-01.xxxxx.net”}
    $Failover = Get-SCOMManagementServer | where {$_.Name –eq “pde0scop001.xxxxx.net”}
    # $Primary = “esc-scomgw-01.xxxxx.net”
    # $Failover = “pgb0scop001.ixxxxx.net”

    $MgmtServer = $null
    #$MgmtServer = Get-SCOMManagementServer “esc-scomgw-01.internal.cliffordchance.net”
    # $server = Get-SCOMAgent -ManagementServer $MgmtServer | ? {$_.DisplayName -eq “pde0adm005.ixxxxx.net”}
    $Agent = Get-SCOMAgent -DNSHostName “pde0adm005.xxxxx.net”

    $Agent.GetPrimaryManagementServer().DisplayName
    $Agent.GetFailoverManagementServers().DisplayName

    # Set the agent
    Set-SCOMParentManagementServer -Agent $Agent -PrimaryServer: $Primary
    Set-SCOMParentManagementServer -Agent $Agent -FailOverServer: $FailOver

    • Kevin Holman

      You need to check in SCOM. That’s what matters. The agent assignment on the agent changes over time…. that’s a value taken from the registry. If you want to see the change made on the agent immediately – open the config file in the agent install directory, and find the section, and check which one IsPrimary=True

  4. James

    Thanks Kevin

    I removed the colons from
    Set-SCOMParentManagementServer -Agent $Agent -PrimaryServer: $Primary
    Set-SCOMParentManagementServer -Agent $Agent -FailOverServer: $FailOver

    I think that did the trick

    Many thanks

Leave a Reply

Your email address will not be published. Required fields are marked *