[OpsMgr] xPlat/Interop proactive certificate expiration check

Posted: October 25, 2011 in SCOM, SCOM 2007

Does SCOM have any built-in monitor for Interop Provider /xPlat agent certificate expiration check?

Interop Provider certificate expired..

It is not a secret that “Interop Core” is pure xPlat agent and “Interop Provider” is just additional xPlat provider.
So I poked around xPlat monitors if we have some for certification expiration check.

As I do remember there is PROACTIVE monitoring for Windows agents certificate expiration for those agents which communicate using certificates. I was really surprised there is no PROACTIVE monitoring for xPlat agents certificate expiration.
All we have is REACTIVE monitor targeted to “Unix Computers” named “WS-Management Certificate is valid”.
Monitor alerts if certificate has already expired (error code 0x80072f8f). Surprise.

One may try to create WebApplication monitor for each InteropCore computer / xPlat agent.
Unbelievable, but it DOES work if you configure it as follows:
SCOM Console>Authoring>Templates>Add WebApplication

then optionally you may configure alerting on Custom unit monitor adding DaysToExpiry into alert body as

$Data/Context/DataItem/RequestResults/RequestResult[@id=’1′]/BasePageData/DaysToExpiry$
To test if monitor works set Value=10000

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s