Kevin, Thanks - I found this PKI certificate MP this morning and have installed it on our Test platform - seems currently to fit the bill.
Peter Hakesley | Monitoring & Automation Technical Lead Engineer, Data Centre Services t: +44(0)845 155 6556 ext: 4006 e: [email protected] | w: www.scc.com<http://www.scc.com/> a: SCC, CV1, Cole Valley, 20 Westwood Avenue, Tyseley, Birmingham B11 3RZ From: [email protected] [mailto:[email protected]] On Behalf Of Kevin Holman Sent: 29 January 2015 16:53 To: [email protected] Subject: [msmom] RE: M Authoring Help So this isn't really a SCOM question, it is more of a generic powershell scripting question. You just need to put that into a For Each loop, then write a unique event to the OpsMgr event log with the details of each, then generate alerts for them. You might not be aware, but there is a very good cert expiration MP already written in powershell: http://www.systemcentercentral.com/pack-catalog/pki-certificate-verification-mp/ He takes a different approach - he discovers each certificate as an object, then passes the object to the script so we inspect the expiration of each one uniquely. Examples of a For Each loop with event generation: Basic powershell scripting: https://msdn.microsoft.com/en-us/library/bb437630.aspx LogScriptEvent: http://blog.tyang.org/2010/07/07/how-to-write-to-scom-operations-manager-event-log-using-powershell-and-mom-scriptapi/ https://msdn.microsoft.com/en-us/library/bb437630.aspx ForEach powershell examples: https://technet.microsoft.com/en-us/library/hh849731.aspx http://blogs.technet.com/b/heyscriptingguy/archive/2014/04/28/basics-of-powershell-looping-foreach.aspx Yours would be something like: $momapi = New-Object -comObject "MOM.ScriptAPI" $badcerts = get-childitem -Recurse | where .........blah.........blah............blah..................... Foreach ($badcert in $badcerts) $momapi.LogScriptEvent("certmonitor.ps1",9999,2,"$badcert") Here is a sample that does something similar: http://blog.tyang.org/2012/09/06/powershell-script-to-enable-scom-agent-proxy-in-a-more-efficient-way/ From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Pete Hakesley Sent: Thursday, January 29, 2015 3:30 AM To: [email protected]<mailto:[email protected]> Subject: [msmom] RE: M Authoring Help Kevin, Thanks for the reply. I am struggling to pass back the output to generate an alert for each line returned from the powershell script e.g. [cid:[email protected]] An alert generated for The certificate name and the Expiry Date? Thanks in advance. Ps. It is SCOM 2007 R2 Peter Hakesley | Monitoring & Automation Technical Lead Engineer, Data Centre Services t: +44(0)845 155 6556 ext: 4006 e: [email protected]<mailto:[email protected]> | w: www.scc.com<http://www.scc.com/> a: SCC, CV1, Cole Valley, 20 Westwood Avenue, Tyseley, Birmingham B11 3RZ From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Kevin Holman Sent: 27 January 2015 16:23 To: [email protected]<mailto:[email protected]> Subject: [msmom] RE: M Authoring Help Hi Peter - What part are you struggling with? If you just want to run a generic powershell script, you would use a Timed Script rule. However, the timed script rule in the UI/Console under Authoring only supports VBscripts. The "old school" way would be to run a timed command rule, and pass powershell.exe as the command and the script path as a parameter: http://www.systemcentercentral.com/forums-archive/topic/run-powershell-script-as-a-timed-command-rule/ https://social.technet.microsoft.com/Forums/en-US/6693c59d-3e87-46c1-ba6d-ba82c663148e/scom-2012-rule-powershell-script-launch-a-script-on-schedule?forum=operationsmanagerauthoring The "right" way is to use the 2007R2 authoring console, or VSAE, and create a new rule that leverages the scheduler datasource, a filter on the schedule for a condition detection, and a PowerShell write action using Microsoft.Windows.PowerShellWriteAction: https://msdn.microsoft.com/en-us/library/hh367527.aspx I have a REALLY simple example of how to do this here: http://blogs.technet.com/b/kevinholman/archive/2014/01/24/targeting-workflows-to-resource-pools.aspx From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Pete Hakesley Sent: Tuesday, January 27, 2015 1:59 AM To: MSMOM ([email protected]<mailto:[email protected]>) Subject: [msmom] M Authoring Help Hi, I have created a Powershell script to check for all certificates which are to expire within 45 and 90 days on any machine it is run against. It creates application log entries for each certificate about to expire in the specified date ranges I am struggling to put this into a management pack. Powershell script: $strWarningDays = 90 $strErrorDays=45 $strLogSourceExists = Get-Eventlog -logName Application | select-object Source -Unique if (! $strLogSourceExists) { New-Eventlog -LogName Application -Source CertExpiry45Days New-Eventlog -LogName Application -Source CertExpiry90Days } $strCerts45 = @(get-childitem -Path cert:\* -Recurse | where { $_.notafter -le (get-date).AddDays($strErrorDays) -AND $_.notafter -gt (get-date)} | select subject,thumbprint,friendlyname,NotAfter) $strCerts90 = @(get-childitem -Path cert:\* -Recurse | where { $_.notafter -le (get-date).AddDays($StrWarningDays) -AND $_.notafter -gt (get-date)} | select subject,thumbprint,friendlyname,NotAfter) foreach($strCertificate in $strCerts45) { write-Eventlog -LogName Application -Source "CertExpiry45Days" -EntryType Error -EventId 100 -Message $StrCertificate } $str90Days = @(Compare-Object $strCerts45 $strCerts90).InputObject foreach($str90DayCert in $str90Days) { write-Eventlog -LogName Application -Source "CertExpiry90Days" -EntryType Warning -EventId 100 -Message $Str90DayCert } Now I want to put this into a management pack does anyone have some examples so I can distribute this out to one of my hosted customers? thks Peter Hakesley | Monitoring & Automation Technical Lead Engineer, Data Centre Services t: +44(0)845 155 6556 ext: 4006 e: [email protected]<mailto:[email protected]> | w: www.scc.com<http://www.scc.com/> a: SCC, CV1, Cole Valley, 20 Westwood Avenue, Tyseley, Birmingham B11 3RZ
