.\Matthew Long

{An unsorted collection of thoughts}

SCOM 2012: Runbook to get SCOM Group membership in System Center Orchestrator

Posted by Matthew on May 15, 2014

A quick one today sharing a useful runbook that I’ve used a couple of times now – getting the list of SCOM groups that a Monitored SCOM object is a member of.  The runbook is basically a powershell script (isn’t it always!) that recursively parses group membership by navigating the System.Containment Relationships between the given monitored object and anything inheriting from the group class.  This means..

  1. It works on all groups (both from sealed MPs and user created ones).
  2. It works on anything based on a Containment relationship (so anything other than a reference relationship, which meaningfully is all the valid ones for considering group membership)
  3. It supports nested groups and indirect membership (so if a computer is a member of a group, and you query membership for a logical disk in that computer, it is counted as being in the group).

In terms of output, the runbook reports the name of the group, the name of the object that is actually the direct member of the group, and the SCOM class of the object that is the direct member of the group. This is mostly very useful when you are building automated ticketing or notification workflows (if a member of a given group, assign to or alert a specific team), but also useful for automated triage scenarios (i.e. if the computer is a member of the SQL servers group, automated patching should include these extra steps…)

The Script

As is often the case, this script has been written for Orchestrator in mind, so make sure you populate the variables on lines 3,5 and 8.  If your Runbook Server service account already has access to SCOM, you can remove line 3 and take the -Credential $cred off of line 5.

Import-Module "C:\Program Files\System Center 2012\Operations Manager\Powershell\OperationsManager"

$cred = new-object "System.Management.Automation.PSCredential" ("SCOM Username", (ConvertTo-SecureString "SCOM Password" -AsPlainText -Force))

New-SCOMManagementGroupConnection -ComputerName "SCOM Management Server" -Credential $cred

$mg = Get-SCOMManagementGroup
$monitoringObject = Get-ScomClassInstance -Id "Monitoring Object ID"

$groupClass = Get-SCOMClass -Name System.Group
$relationship = $mg.GetmonitoringRelationshipClass([Microsoft.EnterpriseManagement.Configuration.SystemRelationship]::Containment)
$groups = $monitoringObject.GetMonitoringRelationshipObjectsWhereTarget($relationship, [Microsoft.EnterpriseManagement.Configuration.DerivedClassTraversalDepth]::Recursive, [Microsoft.EnterpriseManagement.Common.TraversalDepth]::Recursive) | where {$_.isDeleted -eq $false -and $_.SourceObject.GetLeastDerivedNonAbstractMonitoringClass().IsSubClassOf($groupClass)}
$groupOutput = @()
$groupMember = @()
$memberClass = @()

ForEach ($group in $groups)
$groupOutput += $group.SourceObject.DisplayName
$groupMember += $group.TargetObject
$memberClass += $group.TargetObject.GetLeastDerivedNonAbstractClass().DisplayName

#Set results into Published Variables.
$Output = $groupOutput
$OutputMemberClass = $memberClass
$OutputMember = $groupMember

The Runbook

The runbook below is designed to be a worker/child runbook that returns multi value data – specifically one object for each group that the object is a member of.  If you need to process this as a single activity, I’d recommend enabling the “Flatten” option on the Behaviour tab of either the Invoke runbook activity used to call this runbook, or on the .net script activity directly if you always want it to return a single string that is delimited by a character.


Initialize Data

Init Data

.Net Script Returned Data Tab

Net Script Data

Return Data

Returned Data

Simple but powerful – just what we like around here 🙂  Hope this helps!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s