Menu Close

SCOM Gateway Upgrades and Update Rollups made easy

I was recently working with a customer who had 40 Gateway servers in SCOM.

They also recently upgraded their SCOM version.  Upgrading each of these gateways is a big pain for them, as they are in firewalled environments, and they have to request temporary administrative access just to do maintenance.

After upgrading each Gateway they also had to then apply an Update Rollup.

In this article – we will show how to use a Management Pack to distribute the Gateway Upgrade files and the Gateway Update Rollup files, then use a task to initiate the upgrade/updates.  This greatly reduces the impact of keeping these servers updated, and there is no need to even log on to the Gateway nor have administrative access to the VM.

 

The Management Packs:

Upgrade SCOM 2012R2 Gateway to SCOM 2016

Upgrade SCOM 2016 Gateway to SCOM 2019

Upgrade SCOM 2019 Gateway to SCOM 2022

Apply UR10 to SCOM 2016 Gateway

Apply UR3 to SCOM 2019 Gateway

Apply UR4 to SCOM 2019 Gateway

 

Here is an example of a SCOM 2012R2 to SCOM 2016 Gateway upgrade in place:

If you have upgraded to SCOM 2016 from SCOM 2012R2 – and still have SCOM 2012R2 Gateways, you can import the SCOM.GatewayUpgrade.2012R2to2016.mpb Management Pack.

image

This MP will create a new folder on all Gateway servers and copy the SCOM 2016 Gateway upgrade files locally:

image

This MP will display a new Folder/View in the console – called “Gateway Upgrade”

image

Select the Gateway(s) you wish to upgrade, and run the upgrade task:

image

Look at the output of the task:

image

You can check the version in the console after about 10 minutes, or you can use my SCOM Management MP to verify the upgrade worked.  You must allow sufficient time for the discoveries to run and update the views:

image

image

 

Next, we can use a Management Pack to apply the update rollup. 

Import the SCOM.GatewayUpdate.2016UR10.mpb Management Pack.

image

This MP will create a new folder on all Gateway servers and copy the SCOM 2016 Gateway Update Rollup files locally:

image

This MP will display a new Folder/View in the console – called “Gateway Update”

image

Select the Gateway(s) you wish to upgrade, and run the update task:

image

Look at the output of the task:

image

You can check the version in the console after about 10 minutes using my SCOM Management MP to verify the upgrade worked.  You must allow sufficient time for the discoveries to run and update the views:

image

 

If you’d like to see how to create management packs that can contain files and distribute them to SCOM agents using the SCOM communication channel – watch my video here where I build one from scratch:

Advanced MP Authoring -MPU Nov 2019 – Kevin Holman’s Blog

 

Let me know in the comments if you have other ideas where a MP like this can help you administer and maintain your SCOM infrastructures!

14 Comments

  1. Michiel Rens

    Great post! So much easier then visiting each GW.
    I’m using the same mechanism to also upgrade and/or update the SCOM Agents on Windows servers.

    • Kevin Holman

      I’d love to hear how that works for you. My only reservation about doing this for agents, is that the INSTANT you import an Agent targeted MP, you will distribute the binary agent upgrade files inside the MP (either Agent or Update Rollup) immediately to ALL agents.

      Agent version upgrade file is around 30mb.
      Agent update rollup can vary, but lately around 7MB.

      My concern was if I had 5000 agents, SCOM would immediately distribute 5000 x 30mb = 150GB across the network, all at once. This might saturate slow, remote links or cause some network congestion. We do not have a throttling mechanism. And we do not have very many MP’s that are this large to compare to.

      I do think performing in-place agent upgrades inside a MP is a super easy way to ensure your agents are all up to date, but it sure makes me nervous on the network side.

      • Raoul Sellink

        I am using the same MP as Michiel does (he once shared it with me and I am maintaining it myself since then). It works great for me. No issues regarding to the network performance with distributing the agents UR and it so much easier for agents that are not remotely manageable for example.

          • Raoul Sellink

            I work with two totally separate SCOM environments. (Also different networks)

            One Management Group has 800 Windows agents. The other Management Group has almost 700 Windows agents.

      • Michiel Rens

        Obviously your concern regarding network saturation/congestion is completely valid!

        So it is advised to carefully plan the import of the Agent targeted MP (.mpb) that includes the Agent and/or Update Rollup binary. As we do not have slow links we did not find any problems distributing a 40 MB .mpb file to about 250 Agents at once.

  2. DImitri

    Hi Kevin, after UR4 update to my gateway, I have a warning:

    Obsolete aliases found in unsealed management packs.
    Total nunber of obsolete aliases: 1
    Details:
    MP: “SCOM.GatewayUpdate.2019UR4”, Alias: ()

    Nothing to be worried of, I think but, any idea of the reason ?

    Thanks 🙂

    • Kevin Holman

      Where does this alert come from? Something custom that looks for bad references?

      There are some unused references – like Health and Performance aliases – but this should not be cause for any alarm.

    • Kevin Holman

      This package is for Gateways. Consoles would not apply. You can apply UR4 console update directly, along with the Post-UR4 console update. I’m not sure why you would want a management pack to help with this?

  3. hussein

    hello kevin,
    I’m new with SCOM and trying to build a lab but im having some troubles with
    Web application – Transaction Monitoring:
    SCOM2016

    Windows server 2016

    IE 11

    when I click capture it runs IE put without web recorder pane

    I tried :

    https://docs.microsoft.com/en-us/previous-versions/system-center/system-center-2012-R2/hh457546(v=sc.12)?redirectedfrom=MSDN

    and

    change the registry value for

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPaths\IEXPLORE.EXE

    but still not open.

    any advice.

    thank you for your time.

    update:

    I tried Windows Server 2012r2 still negative status.

    I tried Windows Server 2016 still negative status.

    I tried Windows 10×64 still negative status.

Leave a Reply

Your email address will not be published.