none
elevated powershell command RRS feed

  • Question

  • In SCOM 2019 I am trying to create a command channel in notifications to run a powershell script that restarts a service when an alert is generated. The script runs locally on the targeted server however only in an elevated powershell shell.  It does not work via the command channel so I am wondering if this is because it may be attempting to run the script in  non-elevated mode.  If this is the case then how would I run an elevated command from the command channel?

    Thanks,

    Rene


    • Edited by rene_paq Wednesday, October 9, 2019 2:50 PM
    Wednesday, October 9, 2019 1:55 PM

Answers

All replies

  • Hi Rene,

    just a blind guess: Can you extend your script with a simple logging in order to verifiy if the script execution fails, because of the elevation?

    It is just that I habe never considered that elevation could be a factor here. I was never forced to consider this when executing PoSh over a command channel. 

    Regards,


    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer" where applicable. This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!) Blog: https://blog.pohn.ch/ Twitter: @StoyanChalakov

    Wednesday, October 9, 2019 5:29 PM
    Moderator
  • I am wondering if I set his up properly. This is my command channel

    I added Start-Transcript -path "C:\temp\logging.log" -Force  on the script on the target server but there is no logging done at all.  I have setup a command channel subscriber and using that subscriber in the subscription.  The email notifications ae working.  Not the command.  I must be missing something.

    Wednesday, October 9, 2019 7:09 PM
  • Hi Rene,

     

    For our issue, to clarify our issue, we can try the following steps:

    1. Change the Command parameter to run a simple PowerShell command to see if it is working. An example as below:

     


     

    2. Change to test a PowerShell command which need evaluation permission to see if it is working.

    3. Change the command line Parameters format to the one in the following link to see if it is working:

    https://blogs.msdn.microsoft.com/steverac/2010/08/16/updating-custom-alert-fields-using-subscriptions-and-powershell/

    https://blog.tyang.org/2012/01/29/command-line-parameters-for-scom-command-notification-channel/

    Note: Third party, just for your reference:

     

    Hope it can help.

     

    Best regards.

    Crystal


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, October 10, 2019 5:26 AM
  • Hi Rene,

    agree with Crystal here - you need to test with a very basic script first, ensuring that the command channel works as it should be and if this is the case, then continue with your particular script.

    Just take a simple PowerShell cmdlet, put it in a .ps1 file and try to run it. Without parameters, withou any complex configs. If this works then I would suggest to post here your PowerShell code, so that we can check on it. I had cases where the PowerShell scripts didn't get executed, because there is no connection to the mnagement group, defined in the script.

    Also a nice suggestions from this thread: 

    SCOM Command Channel using Powershell

    Although i haven't exprienced that, it seems that copying and pasting can also have conequences. 

    Let me know how it goes. I would also like to have a look on your script. 

    Cheers,


    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer" where applicable. This helps the community, keeps the forums tidy, and recognizes useful contributions. Thanks!) Blog: https://blog.pohn.ch/ Twitter: @StoyanChalakov

    Thursday, October 10, 2019 7:14 AM
    Moderator
  • Maybe I need to take a step back here.  My expertise with PowerShell is very limited at this time and I am trying to learn.  Are there any detailed tutorials that you know of such as a dummies guide to using powershell scripts through the scom command channel?  Most of what I find is vague.  Both of you are helpful but I have to admit I am lost at this point.

    Thanks,

    Rene

    Thursday, October 10, 2019 3:39 PM
  •  Hi Rene,

     

    For the detailed tutorials for PowerShell , after researching,  I didn’t find one like that. For our issue, you can use a simple script to create a file like what you said in previous post as a test.

     

    Hope it can help.

     

    Best regards.

    Crystal


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, October 11, 2019 9:55 AM
  • It would be very helpful to myself and I am sure many others if someone were able to create a detailed tutorial on this and other features.  I will muddle through this somehow. 

    Thanks,

    Rene

    Friday, October 11, 2019 12:22 PM
  • The notification script runs on the Management Server, not the agent, so unless the MS has admin rights on the agent it won't be able to restart the service on the affected computer.  Contrary to popular belief, the bulk of monitoring is done at the agent, not on the "SCOM Server".

    If you want something that auto restarts a service when a monitor goes unhealthy, then you should create a recovery task that restarts the service.

    As for training, although somewhat advanced, you may want to look into the authoring training on channel9: https://channel9.msdn.com/Series/System-Center-2012-R2-Operations-Manager-Management-Packs

    HTH

    • Marked as answer by rene_paq Tuesday, October 15, 2019 2:11 PM
    Friday, October 11, 2019 12:59 PM
  • Hi Rene,

     

    For the request of the detailed tutorials that guide to using PowerShell scripts through the SCOM command channel, I will feedback to our related team. Hope it can have one in the future.

     

    For our original issue, agree with PChip,  Recovery task can be a good suggestion, you can create a recovery task to restart the service when the health state is critical. You can refer to the Recovery task parts in the following articles:

     

    Using a recovery in OpsMgr – Basic

    https://kevinholman.com/2008/03/26/using-a-recovery-in-opsmgr-basic/

     

    SCOM 2012 – Recovery Task Script for Restarting a Windows Service and Depending Services

    https://www.stefanroth.net/2012/11/14/scom-2012-recovery-task-script-for-restarting-a-windows-service-and-depending-services/

    Note: Third-party article, just for your reference.

     

    Hope it can help.

     

    Best regards.

    Crystal


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by rene_paq Tuesday, October 15, 2019 2:11 PM
    Monday, October 14, 2019 7:13 AM
  • Thank you all for the help and advice.  You gave me a lot to work with and I was able to setup a successful recovery service.  I wonder if at some point if Microsoft or other 3rd party trainer will ever come up with advanced training.  Its a great product its just very complicated with a steep learning curve.

    Rene

    Tuesday, October 15, 2019 2:21 PM