Lucidus IT

Orchestrator – Integration Pack Wizard Installation

sabe75 — Wed, 14 Oct 2020 07:54:39 +0000

In order to create integration packs, you need to install the ‘Orchestrator Integration Pack Wizard’.

The requirements for the toolkit, can be found here: https://docs.microsoft.com/en-us/system-center/orchestrator/orch-integration-toolkit/installation?view=sc-orch-2019

I have the following files, in order to complete the installation:

The installation has a requirement of the WIX (Windows Installer XML) toolset; if you try to install without this, you will receive the following message:

Install .Net Framework:

Command:

Dism /online /enable-feature /featurename:NetFx3 /All /LimitAccess /Source:\\sccmstore\SCCMDS\OSD\images\Source\Win101909Source

If you do not install the .net framework, you will receive this error:

Download the WIX toolset: https://wixtoolset.org/releases/

Install the WIX toolset:

Merge the registry entry, without completing, you
will still receive the error:

Use the file:

Which has the following content:

Install the ‘Orchestrator Integration Pack Wizard’:

Accept the license:

Enter user information:

Install:

Complete:

Advanced Group Policy Management (AGPM) Archive – Error 80070035

sabe75 — Fri, 26 Oct 2018 16:41:21 +0000

If you are receiving the error: System.IO.IOException (80070035)

This is due to the reason that the AGPM archive cannot be found, I found that this had not been altered after I had completed a migration.

After googling with various links telling me to goto add remove programs to re-point the AGPM archive:

Found each time I ended up with different errors…

This can be completed easily within the registry, at location: HKLM\Software\Microsoft\Agpm and changing the ArchivePath value:

Then, simply refresh the ‘Change Control’ and the archive will connect, no service restart required:

SCORCH PowerShell Version

sabe75 — Tue, 19 Jun 2018 10:45:32 +0000

PowerShell Version utilised by System Centre Orchestrator

By default, System Centre Orchestrator uses PowerShell version 2; of course this is slightly annoying, when you wish your code to make use of PowerShell version 3+ features, not mentioning the fact:

‘but this PowerShell works on the server ….’

Yes, indeed; a single registry change will allow Orchestrator to unleash later PowerShell;

It is a simple reg fragment to tell 32Bit to use the latest version as follows:

Open regedit edit and goto location: [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework]
Create a new DWORD with the name: OnlyUseLatestCLR with a decimal value of 1

Voila! That is it…. No reboot, just give it a whirl. I try the same runbook test, without even coming out of it:

Thanks’ go to the following post: https://scsmmercenary.blogspot.co.uk/2015/09/execute-native-powershell-version-4-in.html

Azure Hybrid Infrastructure

sabe75 — Tue, 19 Jun 2018 09:34:32 +0000

Infrastructure as a Service (IaaS) – Azure Hybrid Infrastructure

Introduction

As one of my first steps into the world of ‘Azure’, I wanted to take a look at the idea of transition. This tutorial is taking the approach from an ‘Azure’ starter and scoped to the technical implementation.

During the same time, I am looking to also write the business ‘why’ case; why would I as a business do this and what are the benefits and flaws… lets be straight; I work with technology and am not a salesman, there are two sides to the coin, no matter whom tries to hide the fact.

Scenario

I want to keep my onsite services, but extend into Azure as a seamless hybrid approach, looking at how the various service opportunities can communicate and the how to ‘best plan for the future’ from a varying point of view. So, first topic to cover is connecting the world of Azure to my onsite infrastructure with the use of a Site-to-Site VPN.

As an overview, the following components are required:
Azure: Microsoft’s could offering
A subscription in Azure: allowing yourself to use the service
A virtual Network: created in Azure, think of it like your physical network infrastructure in the cloud
Subnet: Network segments
On-site Premise: your onsite infrastructure
On-site VPN device: a device that will be the termination point at the edge of your onsite and also the access point into your infrastructure.

Now, the saying ‘a picture can paint a thousand words’ is my approach in most of my personal learning; I also think this seems to work with most people and therefore let’s start with a picture:

Not quite the correct hair colour (also a little too much). But this is my mindset in approaching Azure, with the amount of terminology and abbreviations; saying that, I think this is the same with any new technology, so rather than focus on a list of terms at the start, I will summarise at the end of the tutorial, rather than the start.

Key Data Technical Required

Do not worry if you do not understand each element or term, as you proceed through the tutorial.

Example data has been used in the table and will be used throughout the tutorial, however the hope is by the end, that you will understand exactly what the particular data is used for.

Virtual Network
Item	Setting	Description
Virtual Network Name	VNet01	This is our segment of the pie in the virtual azure world; a piece we are cutting out for ourselves
Address Space	10.10.0.0/16
Subnets
VSubnet01	10.10.1.0/24
VSubnet01	10.10.2.0/24
Resource Group	VNetwork
Location	West Europe
Custom DNS
DNS Server	8.8.8.8
Gateway Subnet
GatewaySubnet	10.10.0.0/28
Virtual Network Gateway
Gateway Name	VNetGW
Public IP	VNetGWIP
Gateway Type	VPN
Connection Type
VPN Type	Policy-based
Location	West Europe
Local Network gateway
Local Network Gateway Name	VNetGWSite
On Site VPN Public IP	81.174.152.37
Address Space	192.168.2.0/24
Location	West Europe
VNetGW01 Connection
Connection Name	cnnSite
Connection Type	Site-to-site (IPsec)
Virtual Network Gateway	VNetGW
Gateway Type	VPN
Local Network Gateway	VNetGWSite
Shared Key	GR0C413M3
Resource Group	Vnetwork
Location	West Europe
SOPHOS UTM: IPSec Remote Gateway
Name	MSAzureVPN
On Site VPN Public IP	52.174.148.52
Shared Key	GR0C413M3
Remote Network Name	MSAzureNetwork
Remote Network Name	10.10.0.0./16
SOPHOS UTM: IPSec Policy
Name	MSAzurePolicy
IKE Encryption algorythm	AES 256
IKE Authentication algorythm	SHA1
IKE SA lifetime	28800
IKE DH group	Group 2: MODP 1024
IPsec encryption algorythm	AES 256
IPsec Authentication algorythm	SHA1
IPSec SA lifetime	3600
IPsec PFS group	None
Strict policy	unchecked
Compression	unchecked
SOPHOS UTM: IPSec Connection
Name	MSAzureConnection
Remote Gateway	MSAzureVPN
Local Interface	External (WAN)
Policy	MSAzurePolicy
Local Networks	Internal (my local)
Automatic firewall rules	Checked
Strict routing	unchecked
Bind tunnel to local interface	unchecked

Setup

My setup is a little different than most, but in the simplest form:

[Example Visio Placeholder]

Process

Create the Virtual network, think of it like your physical network infrastructure, initially without the logical part…. A bit like you have just made yourself a little box inside the cloud…. Has to be somewhere. Whilst create e.g. VNetwork01:

Change subnet, by selecting network and then custom DNS:

Add any subnets you want on the Azure side:

Add a gateway subnet:

Here is where it will change, add a virtual network gateway:

So now I have my Virtual Network Gateway, the edge of my box….

….so now I have to effectively create the virtual customer premise side…your remote part but in Azure

this could be thought of as the edge device on your site network.

Now, I need to create the connection between the gateways, so I select my previously created virtual network gateway (not local):

Some link references, Sophos UTM & Azure:

http://techbast.com/2015/02/step-by-step-site-to-site-vpn-microsoft-azure-and-sophos-utm-configuration.html

https://azure.microsoft.com/en-gb/documentation/articles/vpn-gateway-howto-site-to-site-resource-manager-portal/

SCSM Automation with SMLets and Orchestrator

sabe75 — Wed, 05 Jul 2017 11:00:00 +0000

For integration into SCSM, SMLets is great and can be downloaded from the following location: https://smlets.codeplex.com/

Using in System Center Orchestrator really enhances the automation ability of SCSM, mixed with the integration pack.

There are some really good guides on getting this working:

However, once you think all the configuration is complete and you are working in PowerShell:

So, you then repeat the same in a Runbook:

And…… arrggghhhh:

The detail being:

Cannot load Windows PowerShell snap-in C:\Program files\Common Files\SMLets\SMLets.Module.dll because of the following error: Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.

Loader Exceptions:

Could not load file or assembly ‘Microsoft.EnterpriseManagement.Core, Version=7.0.5000.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’ or one of its dependencies. The system cannot find the file specified.

So, the issue is my case; is that the version of the DLLs copied into the c:\windows\assembly folder and then registered are actually the SDK files from the SCORCH 2016 installation, which can only use PowerShell V3:

The ones from a 2012 r2 version, which support PowerShell V2 aka default to Orchestrator; are as follows:

Solution

So, there are two options:

Copy the old files into Assembly and register
Make a registry change to allow Orchestrator play with later PowerShell versions

Option 1 – Replace the files:

Okay I know you want the registry…. but wait:

Unregister the 2016 R2 DLLs
Copy the new (or old as the case may be) files into the c:\windows\assembly
Register the new / old files

Completed by PowerShell:

.‘C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\gacutil.exe’
-u
Microsoft.EnterpriseManagement.Core

.‘C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\gacutil.exe’
-u
Microsoft.EnterpriseManagement.ServiceManager

copy
D:\nobackup\2012R2\*
C:\Windows\assembly

.‘C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\gacutil.exe’
-i
C:\Windows\assembly\Microsoft.EnterpriseManagement.Core.dll

.‘C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\gacutil.exe’
-i
C:\Windows\assembly\Microsoft.EnterpriseManagement.ServiceManager.dll

Option 2 – Registry change

Yes, indeed; a single registry change will allow Orchestrator to unleash later PowerShell; thanks’ go to the following post:

https://scsmmercenary.blogspot.co.uk/2015/09/execute-native-powershell-version-4-in.html

It is a simple reg fragment to tell 32Bit to use the latest version as follows:

Open regedit edit and goto location: [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\.NETFramework]
Create a new DWORD with the name: OnlyUseLatestCLR with a decimal value of 1

Voila! That is it…. No reboot, just give it a whirl. I try the same runbook test, without even coming out of it:

Word Press Email integration

sabe75 — Mon, 17 Apr 2017 19:44:23 +0000

So the adventures start for WordPress….
As with any technology, the faster we can ‘get something to press’ would more than likely dictate our future use. Therefore, being able to send an email and with the result of an instantly published post seemed far to good to miss.
Therefore, I will follow this page with a full article on how to complete such configurations…

This is the version of me producing many blog articles!