I was recently tasked with integrating OpsMgr and OMS, in addition to configuring the Automation solution and POC a OpsMgr automation task for a customer. During my adventures locating documentation on the various configuration steps to get everything integrated and working properly, I found that there really is not much “how to” documentation available out there in regards to utilizing the Hybrid Runbook Worker to execute automation against OpsMgr on-premises. SO…sounds like a good opportunity for a blog!
For the purpose of this post, I will be focusing on the configuration of an existing Azure Automation integration module and utilizing the Hybrid Runbook Worker to execute OpsMgr workflows against an on-premises management group. In part 2 of this series, I will cover OMS automation utilizing the native OpsMgr PowerShell module and a custom Azure Automation workflow.
First things first, let’s configure the Hybrid Runbook Worker.
- Configure the Hybrid Runbook Worker
- Log into OMS at https://www.mms.microsoft.com/ and create a OMS workspace (if not already created).
- Deploy the OMS Automation Solution Pack
- Download and install the Microsoft Monitoring Agent (instructions here) on the server which will be configured as the Hybrid Runbook Worker. For high availability, you can create a Hybrid Runbook Worker group containing multiple servers, but for this demo I will be using 1 server. To configure the Hybrid Runbook Worker, we need to manually install the Microsoft Monitoring Agent on a server or servers in your on premise data center. I have not found a way to run the installation on an agent that is already installed and managed in OpsMgr. NOTE: I can only speak to my testing, but I was able to get the agent to report to OpsMgr. The one abnormality I did notice was when viewing the agent in the Agents Managed view, all properties were reporting Unknown. That said, when digging a bit deeper and opening health explorer, I was able to verify that the agent was fully monitored and healthy.
- Install and configure the Microsoft Monitoring Agent on the Hybrid Runbook Worker. Brian Wren has an excellent step by step reference here showing how to complete this process.
- Once the agent is installed, import the HybridRegistration PowerShell module on the server by executing the following in PowerShell session running in Administrator mode:
- Note: This command failed for me and the module did not show up when running Import-Module –ListAvailable. If you get an error importing the Hybrid Registration module, run the following: Import-Module “C:\Program Files\Microsoft Monitoring Agent\Agent\AzureAutomationFiles\HybridRegistration\HybridRegistration.psd1
- Acquire the Endpoint URL and Primary Access Key from Azure Automation.
- Install the runbook environment on the computer and register it with Azure Automation (Use the URL and key copied in the last step): Add-HybridRunbookWorker –Name -EndPoint -Token NOTE: You will need to manually install any integration modules that you have imported into Azure Automation manually on the Hybrid Runbook Worker server. Unfortunately, these modules are not pushed to the Hybrid Runbook Workers automatically. The only module that will be available by default on the Hybrid Runbook Worker after install is the Azure PowerShell module. I will provide an example of this process below.
Import and Configure OpsMgrExtended Integration Module Now that we have the Hybrid Runbook Worker configured, there a few more configuration steps before we can get to the fun stuff. For the purpose of this post, I think it will be helpful to start with demonstrating how to work with and configure an existing Azure Automation integration module to allow more focus on the base configurations. Tao Yang has published an incredibly helpful OpsMgr integration module called the OpsMgrExtended integration module (see his excellent blog series on this here), and I will be referencing this module throughout my post. Additionally, we will be focusing on the Hybrid Runbook Worker and on-premises aspects exclusively.
Our next step is to manually install the OpsMgrExtended integration module on the Hybrid Runbook Worker and import the module into Azure Automation to expose the OpsMgrExtended functions and the Operations Manager SDK connection. This connection will define the connection parameters used to authenticate to the on premise OpsMgr management server.
Let’s get started!
- Manually install the integration module on the Hybrid Runbook Worker:
- Copy the OpsMgrExtended module to the Windows\System 32\Windows PowerShell\v1.0\Modules directory. In my lab testing, this is the only directory where runbooks were able to reference the functions in the OpsMgrExtended and Operations Manager modules (more on that later). Alternatively, you can create a variable Asset in Azure Automation defining the path where the module exists and then call the variable in your runbook. I will demonstrate this example in my next post, but for now we will go with option number 1 as it requires no further configuration.
- Open a PowerShell session and verify that the module is accessible.
- Import the OpsMgrExtended integration module into Azure Automation:
- Log into the new Azure portal at https://portal.azure.com .
- Navigate to Automation Accounts –> Automation Account (OMSTest in my example) –> Modules (2).
- Select the “Import Module” button (3).
- Browse to the OpsMgrExtended folder and select “Open” (4,5,6).
- Once the module has been fully imported, you will see the new OpsMgrExtended functions available under “Activities” when you select the OpsMgrExtended module.
- Create a Connection to OpsMgr: (This is optional, but we will utilize this connection to populate user/password/server data in our workflows)
- Navigate to the Assets blade (Automation Accounts –> Automation Account (OMSTest in my example) –> Assets (1).
- Select “Connections” (2).
- Select “Add New Connection (3)”.
- Choose the Operations Manager SDK connection from the drop-down menu (4). The Operations Manager SDK connection was created upon import of the OpsMgrExtended module. If you break open the OpsMgrExtended module folder you will notice a JSON file named OpsMgrExtended-Automation.json. This JSON file is where the connection we are defining was created.
Now that we have the environment configured, we can utilize the OpsMgrExtended functions to execute tasks against our on premise OpsMgr management group.
- Configure an Azure Automation runbook to execute against OpsMgr on premise:
- Open OMS and navigate to the Runbooks solution.
- Select Runbooks – You will be redirected to the Runbooks blade in the Azure portal.
- On the Runbooks blade in Azure Automation, select the Add a Runbook option (1).
- In the Add Runbook blade select Quick Create (2).
- Fill out the name and description (3,4) and select PowerShell Workflow from the drop down box (5).
- Select the Create button.
- On the Runbooks blade, select the newly created runbook and Edit. This is where you will configure your runbook logic.
- For the purposes of this demo, I simply copied and pasted the New-OpsMgrMP workflow from Tao’s blog post referenced above. The New-OMManagementPack function is defined in the OpsMgrExtended integration module. I will dig into much more detail about the actual Azure Automation workflow configuration and code in my follow-up post, but for now we will keep this simple.
- To test the workflow, select the Test pane above the Edit workspace.
- Enter the parameters defined in the workflow and select Start.
That’s it! Stay tuned for my next post where I will create a custom workflow to delete the management pack that I’ve just created utilizing Azure Automation, the Hybrid Runbook Worker and the native OpsMgr PowerShell cmdlets.