Sign in
 
Home2012Previous VersionsLibraryForumsGallery
System Center TechCenter >
Overrides not applying

Вопрос Overrides not applying

  • Thursday, February 14, 2013 8:13 PM
     
     
    Sign In to Vote
    0

    Hi,

    I’m using scom 2007 r2 cu6. I’ve set an override on AD Trust object, changing the status from critical to warning. Currently computers in our domain with an expired pword display as a critical error in the main page of the alert monitor.

    I’ve created an override by right clicking on the alert, going to monitor, properties, override and then setting the override to apply to all domain controllers of class Server 2008. I’ve set the alert to enabled, changed the override value from critical to warning and made sure the effective value is set to warning.

    I’ve then cleared the current alerts and reset the health of the current monitor. All looks fine in the monitoring console, but after 20 minutes or so, I still get critical alerts for computers with expired account passwords.

    What am I missing?

    Thanks in advance

     

All Replies

  • Thursday, February 14, 2013 10:44 PM
     
     
    Sign In to Vote
    0

    Hi

    Please send a screenshot of your override window. It is easier to debug...

    Thanks,

    Stefan

    Blog: http://blog.scomfaq.ch

     
  • Friday, February 15, 2013 1:50 PM
     
     
    Sign In to Vote
    1

    right click the alert --> overrides --> override the monitor --> For the object XXX(first item in the list) --> view the effective value

    What is the effective override of Alert sverity?

    Roger

     
  • Monday, February 18, 2013 8:57 AM
    Moderator
     
     
    Sign In to Vote
    0

    Hi,

    I would like to suggest you check the targeting of the override:

    OpsMgr 2007: Monitor or rule targeted at computer group does not generate alerts

    http://blogs.technet.com/b/smsandmom/archive/2007/11/29/opsmgr-2007-monitor-or-rule-targeted-at-computer-group-does-not-generate-alerts.aspx

    Using Classes and Groups for Overrides in Operations Manager

    http://technet.microsoft.com/en-us/library/hh212771.aspx

    Thanks.

    Nicholas Li
    TechNet Community Support

     
  • Wednesday, February 20, 2013 7:08 PM
     
     
    Sign In to Vote
    0

    I have exactly the same problem

    Here's a pic of the override set I'm using, not sure where I'm going wrong, but AD trust monitor keeps on coming back....

    Please advise

    Thanks

    IT Support/Everything

     
  • Thursday, February 21, 2013 11:21 AM
     
     
    Sign In to Vote
    0

    It could be that another override is also setting this value. What do you see when you right-click the monitor and select Overrides -> Summary -> For all objects of class...". There is probably more than one override and both overrides configure the same setting. Make sure only one override configures this setting. If you don't want to do this you can also enforce an override (not recommended though). Just scroll a bit to the right in the override window and select the checkbox. This should force your override.

    On a side note. I see that you have selected the "Default Management Pack" as the override placement location. You are aware this is a worst-practise methode? Make a new Management pack instead and place the override in this new MP.

     
  • Thursday, February 21, 2013 2:11 PM
     
     
    Sign In to Vote
    0

    Hi Vincent,

    I've checked the summary and there are actuallty 6 overrides set, all of which have the override value and effective value set to "warning". I'm aware of using the default management pack and did change the destination after using the snipping tool.

    The reason why I have so many monitors is because I'm not sure where to target the rule. I basically want to stop Windows clients from registering critical errors in the domain if they have an expired computer pword. I tried "for all objects of class: Server 2008 DC role", "for objects of a specific class:MydomainControllerName", "for all objects of class:Windows Client Operating Systems" and even "for objects of a specific class: NameOfScomRMS" - all to no avail.

    Admittedly I haven't seen any new alerts in the last few hours, but there are old alerts which come back and bubble up. To effectively close the alert so I'm not alerted again, should I just close the resolution state or do I need to use health explorer to expand the alert, dig down to the specific alert, reset the health of the monitor and then reset the overrall health in health explorer?

    Thanks

    IT Support/Everything

     
  • Thursday, February 21, 2013 2:32 PM
     
     
    Sign In to Vote
    0

    I myself never use any override selection other then "For a group ..." and "For all objects of class: <default name>". Reason for this is removing complexity. If I want to only target a few computers instead of everything I create a group of the correct objects (same class as the targeted class) and use this for an override.

    I would suggest the same procedure in this case. Remove all current overrides and create either a global override (this should work), or create a group and target the override to this. Just make sure that the group is filled with objects of the same class the rule is targeted to namely "Active Directory Domain Controller Server 2008 Computer Role"

    If you want to close an (monitor) alert the correct way you can use the following procedure;

    1. Open the health explorer
    2. reset the health of the unhealthy components
    3. close the alert

    If you don't do this and the monitor itself isn't capable of resetting the health state then you will never be alerted again.

     
  • Thursday, February 21, 2013 2:44 PM
     
     
    Sign In to Vote
    0

    Thanks Vince,

    I guess the question is "what am I actually targetting?" The alert is generated by Windows XP and 7 clients, but registered on all DCs. Therefore would choosing a class of "Active Directory Domain Controller Server 2008 Computer Role" be the right target choice?

    IT Support/Everything