Tuesday, May 18, 2021

Python script get vm and errors azure.core.exceptions.ServiceRequestError: [SSL: CERTIFICATE_VERIFY_FAILED]

 

 Script is pretty simple:

from azure.identity import ClientSecretCredential
from azure.mgmt.compute import ComputeManagementClient


print("Starting script")
SUBSCRIPTION_ID = "mysubscriptionid"
credential = ClientSecretCredential(
    tenant_id='mytenantid,
    client_id='myapplicationid,
    client_secret='myapplicationsecret'
)

compute_client = ComputeManagementClient(
    credential=credential,
    subscription_id=SUBSCRIPTION_ID,
    
)

print("Getting vms")
# List all Virtual Machines in the specified subscription
def list_virtual_machines():
    for vm in compute_client.virtual_machines.list_all():
        print(vm.name)

list_virtual_machines()
 
Errors encountered and fixes.
 
  •  Packages not found 
   Solution :    
                   Install the packages using 
                   pip install packagename
  • pip error while installing packages.
        pip install azure-storage
        Defaulting to user installation because normal site-packages is not writeable
        WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None,    
        status=None))            after connection broken by 'SSLError(SSLCertVerificationError(1,   
        '[SSL:                                                CERTIFICATE_VERIFY_FAILED] certificate verify   
        failed: self signed certificate in certificate             chain (_ssl.c:1091)'))': /simple/azure-
        storage/
 

    Solution :   

                    Use the following command to install packages

                    pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org --upgrade pip

                    pip install --trusted-host pypi.org --trusted-host files.pythonhosted.org Django==3.2

 
  • azure.core.exceptions.ServiceRequestError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain
   Solution :    Link to solution is below. Same solution can be used for the above problem

                        https://stackoverflow.com/questions/27835619/urllib-and-ssl-certificate-verify-                           failed-error.
Credit to user : Bruno Gabuzomeu
 

        On Windows, Python does not look at the system certificate, it uses its own located at                 ?\lib\site-packages\certifi\cacert.pem.

  1. download the certificate chain from portal.azure.com as *.crt or *pem file
  2. open the file in editor and copy it's content to clipboard. contents will be like below. Copy all of it.
      -----BEGIN CERTIFICATE-----
     bunch of gibbereshin between.
      -----END CERTIFICATE-----
  1. Find your cacert.pem location: from requests.utils import DEFAULT_CA_BUNDLE_PATH; print(DEFAULT_CA_BUNDLE_PATH)
  2. edit the cacert.pem file and paste your domain validation certificate at the end of the file.
  3. Save the file.

Posted by at No comments:
Labels: , , , ,

Thursday, March 11, 2021

Putting SCOM agents in maintenance mode using notification channel.

This is another way of putting SCOM Agents in maintenance mode.

I faced a problem with the earlier management pack wherein there was a rule running against the management servers. You can take a look at this approach in my earlier posts.

Whenever the rule failed to load, the agents failed to get in maintenance mode. This approach also takes into consideration the SCOM servers not being put in maintenance mode.

In the current approach I use the command notification channel together with the management pack rule for alerting on sccm reboot events and putting the agents in maintenance mode.

  1. Create an alert in SCOM when a computer is rebooted by SCCM
  2. Run a powershell script using command notifications channel to put the computer in maintenance mode.

Create a new Command notification channel in SCOM

 The text in the screenshot is below.

Path for command file:

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Command line parameters:

"c:\ScomScripts\StartMaintenanceMode.ps1" "-computer" "$Data/Context/DataItem/ManagedEntityDisplayName$"

Startup folder:

C:\Windows\System32\WindowsPowerShell\v1.0

Script:

Create a folder in your SCOM server and name it SCOMScripts.

Add the following script in that folder. Be sure to add your SCOM server names in the script.

param([string] $Computer)
Function Out($data)
{
 Out-File -FilePath C:\SCOMScripts\MaintenanceModeOutput.txt -InputObject $data -Append
}

$data = "Starting maintenance mode Script" +  "`t" + $(get-date).ToString()
Out $data
$data = $Computer + " was rebooted"
Out $data

## Start Maintenance mode on Computers which are rebooted by ConfigMgr
Function WriteEvent ($Messages,$ID) { $Messages = $Messages + "`t" + $(get-date).ToString()
Write-EventLog -LogName Application -Source PatchingSuppress -EventId $ID -Message $Messages }

if($Computer -notmatch "yourscomservername")
{
try {
WriteEvent "Starting MaintenanceMode script for $Computer" "1237"
Import-Module OperationsManager
$Instance = Get-SCOMClassInstance -Name $Computer
$Time = ((Get-Date).AddMinutes(15))
Start-SCOMMaintenanceMode -Instance $Instance -EndTime $Time -Reason "PlannedApplicationMaintenance" -Comment "Applying software update."
WriteEvent "Ending MaintenanceMode script" "1238"
}

catch
{
  $_.exception
  Out $_.exception.message
}
}

else
{
 Out "This was a management server $computer"
}



The management pack for creating the event is below.

 <?xml version="1.0" encoding="utf-8"?>
<ManagementPack SchemaVersion="2.0" ContentReadable="true" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <Manifest>
    <Identity>
      <ID>YourCompany.Patching.Maintenance</ID>
      <Version>1.0.0.7</Version>
    </Identity>
    <Name>YourCompany.Patching.Maintenance</Name>
    <References>
      <Reference Alias="SystemCenter">
        <ID>Microsoft.SystemCenter.Library</ID>
        <Version>7.0.8448.6</Version>
        <PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
      </Reference>
      <Reference Alias="MicrosoftWindowsLibrary7585010">
        <ID>Microsoft.Windows.Library</ID>
        <Version>7.5.8501.0</Version>
        <PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
      </Reference>
      <Reference Alias="Health">
        <ID>System.Health.Library</ID>
        <Version>7.0.8443.6</Version>
        <PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
      </Reference>
      <Reference Alias="SystemLibrary7585010">
        <ID>System.Library</ID>
        <Version>7.5.8501.0</Version>
        <PublicKeyToken>31bf3856ad364e35</PublicKeyToken>
      </Reference>
    </References>
  </Manifest>
  <Monitoring>
    <Rules>
      <Rule ID="YourCompany.ConfigmgrInitiated.Reboot.Alert.Rule" Enabled="true" Target="MicrosoftWindowsLibrary7585010!Microsoft.Windows.Computer" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
        <Category>Alert</Category>
        <DataSources>
          <DataSource ID="DS" TypeID="MicrosoftWindowsLibrary7585010!Microsoft.Windows.EventProvider">
            <ComputerName>$Target/Property[Type="MicrosoftWindowsLibrary7585010!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
            <LogName>System</LogName>
            <Expression>
              <And>
                <Expression>
                  <SimpleExpression>
                    <ValueExpression>
                      <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
                    </ValueExpression>
                    <Operator>Equal</Operator>
                    <ValueExpression>
                      <Value Type="UnsignedInteger">1074</Value>
                    </ValueExpression>
                  </SimpleExpression>
                </Expression>
                <Expression>
                  <SimpleExpression>
                    <ValueExpression>
                      <XPathQuery Type="String">PublisherName</XPathQuery>
                    </ValueExpression>
                    <Operator>Equal</Operator>
                    <ValueExpression>
                      <Value Type="String">User32</Value>
                    </ValueExpression>
                  </SimpleExpression>
                </Expression>
                <Expression>
                  <RegExExpression>
                    <ValueExpression>
                      <XPathQuery Type="String">EventDescription</XPathQuery>
                    </ValueExpression>
                    <Operator>ContainsSubstring</Operator>
                    <Pattern>The process C:\Windows\CCM\Ccmexec.exe</Pattern>
                  </RegExExpression>
                </Expression>
                <Expression>
                  <RegExExpression>
                    <ValueExpression>
                      <XPathQuery Type="String">EventDescription</XPathQuery>
                    </ValueExpression>
                    <Operator>ContainsSubstring</Operator>
                    <Pattern>has initiated the restart of computer</Pattern>
                  </RegExExpression>
                </Expression>
              </And>
            </Expression>
          </DataSource>
        </DataSources>
        <WriteActions>
          <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">
            <Priority>1</Priority>
            <Severity>0</Severity>
            <AlertOwner />
            <AlertMessageId>$MPElement[Name="YourCompany.ConfigmgrInitiated.Reboot.Alert.Rule.AlertMessage"]$</AlertMessageId>
            <AlertParameters>
              <AlertParameter1>$Data/LoggingComputer$</AlertParameter1>
              <AlertParameter2>$Data/EventSourceName$</AlertParameter2>
              <AlertParameter3>$Data/EventNumber$</AlertParameter3>
              <AlertParameter4>$Data[Default='']/EventDescription$</AlertParameter4>
            </AlertParameters>
            <Suppression />
            <Custom1 />
            <Custom2 />
            <Custom3 />
            <Custom4 />
            <Custom5 />
            <Custom6 />
            <Custom7 />
            <Custom8 />
            <Custom9 />
            <Custom10 />
          </WriteAction>
        </WriteActions>
      </Rule>
      <Rule ID="YourCompany.Server.UserInitiated.Reboot.Alert.Rule" Enabled="true" Target="MicrosoftWindowsLibrary7585010!Microsoft.Windows.Computer" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
        <Category>Alert</Category>
        <DataSources>
          <DataSource ID="DS" TypeID="MicrosoftWindowsLibrary7585010!Microsoft.Windows.EventProvider">
            <ComputerName>$Target/Property[Type="MicrosoftWindowsLibrary7585010!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
            <LogName>System</LogName>
            <Expression>
              <And>
                <Expression>
                  <SimpleExpression>
                    <ValueExpression>
                      <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
                    </ValueExpression>
                    <Operator>Equal</Operator>
                    <ValueExpression>
                      <Value Type="UnsignedInteger">1074</Value>
                    </ValueExpression>
                  </SimpleExpression>
                </Expression>
                <Expression>
                  <SimpleExpression>
                    <ValueExpression>
                      <XPathQuery Type="String">PublisherName</XPathQuery>
                    </ValueExpression>
                    <Operator>Equal</Operator>
                    <ValueExpression>
                      <Value Type="String">User32</Value>
                    </ValueExpression>
                  </SimpleExpression>
                </Expression>
                <Expression>
                  <RegExExpression>
                    <ValueExpression>
                      <XPathQuery Type="String">EventDescription</XPathQuery>
                    </ValueExpression>
                    <Operator>DoesNotContainSubstring</Operator>
                    <Pattern>ccmexec</Pattern>
                  </RegExExpression>
                </Expression>
              </And>
            </Expression>
          </DataSource>
        </DataSources>
        <WriteActions>
          <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">
            <Priority>1</Priority>
            <Severity>0</Severity>
            <AlertOwner />
            <AlertMessageId>$MPElement[Name="YourCompany.Server.UserInitiated.Reboot.Alert.Rule.AlertMessage"]$</AlertMessageId>
            <AlertParameters>
              <AlertParameter1>$$</AlertParameter1>
              <AlertParameter2>$Data[Default='']/EventDescription$</AlertParameter2>
            </AlertParameters>
            <Suppression />
            <Custom1 />
            <Custom2 />
            <Custom3 />
            <Custom4 />
            <Custom5 />
            <Custom6 />
            <Custom7 />
            <Custom8 />
            <Custom9 />
            <Custom10 />
          </WriteAction>
        </WriteActions>
      </Rule>
    </Rules>
  </Monitoring>
  <Presentation>
    <Folders>
      <Folder ID="Folder_5e3e9391b6394ab288bd1c95f83e90cd" Accessibility="Public" ParentFolder="SystemCenter!Microsoft.SystemCenter.Monitoring.ViewFolder.Root" />
    </Folders>
    <StringResources>
      <StringResource ID="YourCompany.ConfigmgrInitiated.Reboot.Alert.Rule.AlertMessage" />
      <StringResource ID="YourCompany.Server.UserInitiated.Reboot.Alert.Rule.AlertMessage" />
    </StringResources>
  </Presentation>
  <LanguagePacks>
    <LanguagePack ID="ENU" IsDefault="false">
      <DisplayStrings>
        <DisplayString ElementID="YourCompany.Patching.Maintenance">
          <Name>YourCompany Patching Maintenance</Name>
          <Description>Author: Parag Waghmare
Reason: Created to suppress the servers during reboots initiated by patching</Description>
        </DisplayString>
        <DisplayString ElementID="Folder_5e3e9391b6394ab288bd1c95f83e90cd">
          <Name>YourCompany Patching Maintenance</Name>
        </DisplayString>
        <DisplayString ElementID="YourCompany.ConfigmgrInitiated.Reboot.Alert.Rule">
          <Name>YourCompany Configmr Initiated Reboot Alert</Name>
        </DisplayString>
        <DisplayString ElementID="YourCompany.ConfigmgrInitiated.Reboot.Alert.Rule.AlertMessage">
          <Name>YourCompany Configmr Initiated Reboot Alert</Name>
          <Description>Computer:{0}
EventSource:{1}
EventID:{2}
Event Description: {3}</Description>
        </DisplayString>
        <DisplayString ElementID="YourCompany.ConfigmgrInitiated.Reboot.Alert.Rule" SubElementID="DS">
          <Name>DS</Name>
        </DisplayString>
        <DisplayString ElementID="YourCompany.ConfigmgrInitiated.Reboot.Alert.Rule" SubElementID="Alert">
          <Name>Alert</Name>
        </DisplayString>
        <DisplayString ElementID="YourCompany.Server.UserInitiated.Reboot.Alert.Rule">
          <Name>YourCompany Server User Initiated Reboot Alert</Name>
        </DisplayString>
        <DisplayString ElementID="YourCompany.Server.UserInitiated.Reboot.Alert.Rule.AlertMessage">
          <Name>YourCompany Server User initiated Reboot Alert</Name>
          <Description>Computer Name:{0}Target/Property[Type="MicrosoftWindowsLibrary7585010!Microsoft.Windows.Computer"]/PrincipalName$
Event Description: {1}</Description>
        </DisplayString>
        <DisplayString ElementID="YourCompany.Server.UserInitiated.Reboot.Alert.Rule" SubElementID="Alert">
          <Name>Alert</Name>
        </DisplayString>
        <DisplayString ElementID="YourCompany.Server.UserInitiated.Reboot.Alert.Rule" SubElementID="DS">
          <Name>DS</Name>
        </DisplayString>
      </DisplayStrings>
      <KnowledgeArticles></KnowledgeArticles>
    </LanguagePack>
  </LanguagePacks>
</ManagementPack>


Posted by at No comments:
Labels: , , ,

Friday, January 29, 2021

Change Log analytics workspace from commercial to AzureGov in SCOM

 The Advisor packs have commercial url's encoded by default. To point them to Azure Gov or any other Azure installation you will have to use overrides in SCOM.

The advisor rules are targetting the healthservice for the most part. The easiest way is to override all rules to point to your desired Azure. The achieve this open authoring and change the scope to select healthservice.

 

 

 I prefer targetting the "Microsoft System Center Advisor Monitoring Server Group" because this gives more control on the agents that you want connected to your Azure via the Log analytics management pack.


.


 


 

 

Posted by at No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)