Archive | April 2015

Unable to start “System Center Data Access Service” on Service Manager Data Warehouse

I was recently faced with an issue for a customer where their Service Manager Data Warehouse Service would start but not stay running in their lab environment.  The following three events were logged in the Operations Manager event log:
14-04-2015 12-33-51 p-m-
Event ID: 26325
An authorization store exception was thrown in the System Center Data Access service. Exception message: Unable to perform the operation because of authorization store errors.

14-04-2015 12-36-04 p-m-
Event ID: 26339
An exception was thrown while initializing the service container.
Exception message: Initialize
Full exception: Feature of type ‘Microsoft.EnterpriseManagement.ServiceDataLayer.IAuthorizationFeature, Microsoft.EnterpriseManagement.DataAccessService.Core, Version=7.0.5000.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ cannot be added to the container.
14-04-2015 12-36-15 p-m-
Event ID: 26380
The System Center Data Access service failed due to an unhandled exception.
The service will attempt to restart.

Exception:
Microsoft.EnterpriseManagement.ConfigurationReaderException: Feature of type ‘Microsoft.EnterpriseManagement.ServiceDataLayer.IAuthorizationFeature, Microsoft.EnterpriseManagement.DataAccessService.Core, Version=7.0.5000.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ cannot be added to the container. —> System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UnknownAuthorizationStoreException]: The creator of this fault did not specify a Reason. (Fault Detail is equal to Microsoft.EnterpriseManagement.Common.UnknownAuthorizationStoreException: Unable to perform the operation because of authorization store errors. —> System.Runtime.InteropServices.COMException (0x80070539): The security ID structure is invalid. (Exception from HRESULT: 0x80070539)
at Microsoft.Interop.Security.AzRoles.AzAuthorizationStoreClass.Initialize(Int32 lFlags, String bstrPolicyURL, Object varReserved)
at Microsoft.EnterpriseManagement.Mom.Sdk.Authorization.AzManHelper.Initialize(String pathToStore, String appName, AzManHelperModes helperMode, String storeDesc, String appDesc)
— End of inner exception stack trace —
).
— End of inner exception stack trace —
at Microsoft.EnterpriseManagement.ConfigurationReaderHelper.ReadFeatures(XPathNavigator navi, IContainer container)
at Microsoft.EnterpriseManagement.ConfigurationReaderHelper.Process()
at Microsoft.EnterpriseManagement.ServiceDataLayer.DispatcherService.Initialize(InProcEnterpriseManagementConnectionSettings configuration)
at Microsoft.EnterpriseManagement.ServiceDataLayer.DispatcherService.InitializeRunner(Object state)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart(Object obj)
Thankfully I came across the following blog post which pointed me in the right direction: http://blogs.technet.com/b/servicemanager/archive/2011/10/04/system-center-data-access-service-start-up-failure-due-to-sql-configuration-change.aspx

I checked the SQL security method and discovered it was set to mix Windows/Sql Auth.  I then found a sqltest user that was set as db_owner for all three of the Service Manager Data Warehouse Databases.  Removed the DB_Owner role from each DB for the sqltest user and restarted the System Center Data Access service with no further issues.

14-04-2015 12-36-31 p-m- 14-04-2015 12-37-33 p-m-

14-04-2015 12-43-17 p-m-

Check for open application and reboot Hyper-V VM

I’ve recently had a requirement for a scheduled reboot of a large group of Hyper-V VDIs. Due to the nature of the line of business application, it was imperative that we checked that several specific apps were not running before the reboot was ran.  Here is an example of the script I wrote for this task.  Simply replace the $process, $process2, etc. with your specific application (name only, no path or .exe, etc. requirement).  The script checks the running process on the VDI, if one of the apps are running it breaks the loop for that VM and continues to the next, otherwise it reboots the VM and notifies the user.  Here’s the script:

$vms2reboot = get-vm | Where-Object Name -like *test-vm001* | Select-Object -Expand Name
$process = “Notepad”
$process2 = “Calc”
$process3 = “Mspaint”
start-transcript “C:\reboot-vms.log”
foreach ($vm2reboot in $vms2reboot){

if(get-process -Computername $vm2reboot | where-object {
$_.ProcessName -contains “$process” -or
$_.ProcessName -contains “$process2”-or
$_.ProcessName -contains “$process3”
})
{
Write-Host “A business app is currently running.  Reboot will not continue on $vm2reboot”
}
Else {write-host “Rebooting VM $vm2reboot”
shutdown -r -f -m \\$vm2reboot -c “Reboot commencing for maintenance”
}
}

stop-transcript

10-04-2015 9-10-51 p-m-new

If one of the apps are open, reboot does not continue:

10-04-2015 9-16-53 p-m-

Otherwise it reboots the VM:

10-04-2015 9-15-12 p-m-

10-04-2015 9-14-37 p-m-

 

Check time source for all Domain Controllers

I was recently working on an issue for a customer who was noticing random time sync issues on various DC’s.  I needed to confirm that all servers were set to point to the PDC for their time source.  I’ve put together this basic script which does just that:
9-04-2015 12-16-18 p-m-
$DomainControllers =  Get-ADDomainController -Filter * | Select-Object -expand name
foreach ($DomainController in $DomainControllers)
{
write-host “———————————————–”
write-host “Domain Controller: $DomainController”
write-host “Time Source:”
w32tm /query /computer:$DomainController /source
write-host “———————————————–”
}