Posted on

Monitoring and managing an Ubuntu Linux server in System Center Operations Manager 2012 R2

First we need to make sure we have a “run-as” account setup in SCOM for Linux machines.  You can find this in Administration>UNIX/Linux account and “Create Run As Account”  This account does not need to be the same as the account you use to discover and install the agent however in a lab or simple environment you might choose to make it the same account.

Next we need to create a local account for SCOM to install deploy the agent and manage the Ubuntu machine.  This might be the same username and password you used for your “run-as” account but doesn’t have to be.  Log on to your Ubuntu server and run the following command and follow the on screen prompts to create a password.

sudo adduser scomaccount

Now we need to let this account use sudo with no password.  So do this run:

visudo

add this line to the very bottom of the file and then save and exit.

scomacc ALL=(ALL) NOPASSWD:ALL

Before running the discovery wizard in SCOM check both forward and reverse DNS lookups for your ubuntu server work correctly, for example the following commands run on your SCOM server should return the name and IP address.  You will get an error if these addresses are wrong.

nslookup linux server

nslookup 10.0.4.56

When running the discovery wizard enter the account details you setup above, but make sure to select the account is not privileged and that it needs sudo elevation but leave the password blank in the elevation section.

scom account 1

scom account 2

You should now be ready to click on discover tick the server and then click on manage.  If your Linux machine has only a single name host name you will likely see a certificate error.  To fix this either change the host name on your Linux box to be the correct FQDN or manually create a new certificate with the command below on your Ubuntu server:

/opt/microsoft/scx/bin/tools/scxsslconfig –h linuxserver01 –d yourdomain.com -f –v

where linusserver01 is your hostname and yourdomain.com is the fully qualified domain name that your Linux server resolves to in DNS.  Once this has been run you should be able to click back and then on manage again and it will retry.  If all is well you should see the below.

scom success

Posted on

Office 365 Lync / Skype for business users wont provision when you come from an on premises setup

Usually when adding a new 365 user to lync it is as simple as assigning the license and before long they automatically deploy.  In some situations when you are running an on premises install of lync and have setup dirsync users never provision.  This is true even when you have disabled them in the lync console.

It appears that the cloud based lync will not provision users if they are still setup on premises or have some lync related attributes set.  This makes sense as if you have setup users in the portal and licensed them you might not want them to all end up in lync 365 right away.

To get these users objects provisioning simply disable Lync for user on the in premises lync server control panel then clear/not set these attributes:

> msRTCSIP-DeploymentLocator
> msRTCSIP-FederationEnabled
> msRTCSIP-InternetAccessEnabled
> msRTCSIP-Line
> msRTCSIP-OptionFlags
> msRTCSIP-PrimaryHomeServer
> msRTCSIP-PrimaryUserAddress
> msRTCSIP-UserEnabled
> msRTCSIP-UserPolicies

Double check the user is licensed for Lync option 2.  Soon they should appear on the lync portal and be able to sign in.  (Assuming you have setup your DNS/Auto discover.