.\Matthew Long

{An unsorted collection of thoughts}

SCOM 2012 – Update Run As Account distribution via Powershell

Posted by Matthew on January 25, 2013

If you’ve ever had to use a Run as Profile with a Run As Account set to “Most Secure” that is used on a large number of agents, you’re probably used to seeing a lot of “System Center Management Health Service Credentials Not Found Alert Message” alerts.

Individually this isn’t too much work to manage, but when you get 120 of these come in at once (new MP imported in a large environment) it’s pretty painful to add them all manually via the console.  So below is a quick script to do this via powershell.

warningWarning: This only works with SCOM 2012.  If you want to do this for SCOM 2007, you can follow Andreas Zuckerhut’s post here –  but be warned, you don’t have the utility class used below so you need to be comfortable with your powershell!

In my example below I only had alerts open for one particular Run As account.  If you have multiple different accounts that you need to add systems to, please make sure you use some additional filtering on the Get-ScomAlerts cmdlet.

And yes I know this could be one horrible one-liner, but that wouldn’t be very nice to read 🙂

$alerts = Get-SCOMAlert -ResolutionState 0 -Name "System Center Management Health Service Credentials Not Found Alert Message"
$runas = Get-SCOMRunAsAccount  -Name "RunasAccountNameGoeshere"
$monitoringObjects = $alerts | % {get-ScomMonitoringObject -id $_.MonitoringObjectId}
$monitoringObjects += (Get-SCOMRunAsDistribution $runas).securedistribution
$managementGroup = Get-ScomManagementGroup
[Microsoft.SystemCenter.OperationsManagerV10.Commands.OMV10Utility]::ApproveRunasAccountForDistribution($managementGroup, $runas, $monitoringObjects)

After that, you can check the results by running (Get-SCOMRunAsDistribution $runas).securedistribution or checking in the SCOM Console under the Run As Account’s distribution tab.

Hope that helps!


One Response to “SCOM 2012 – Update Run As Account distribution via Powershell”

  1. […] with that.  Now there are other solutions out there like Kevin Holman's example and Matthew Long's example but I thought I would show how to use in SCORCH.  In working with my customer the need was to […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s