Invoke External Programs and Scripts in SCOM Tasks

In this series I will talk about invoking external programs or scripts from within SCOM. This post will be focused on Tasks and shows how to deal with some advanced scenarios. Here’s the list of topics covered in this part:

1. Invoke a command as console task
2. Invoke a script script as console task
3. Invoke a command as agent task
4. Invoke any command as agent task
5. Invoke a PowerShell script script as agent task

All this will be done in the OpsConsole – without the need of the Authoring Console!

Let’s start simple. Navigate to the Authoring space and go to the AuthoringManagement Pack ObjectsTasks section. (Since Windows Computer is our target class in these examples, adjust your scope to show only stuff related to Windows Computer) :

1. Invoke a command as console tasks

This will be a very simple console task. It will open a file explorer pointing to the C: drive of the selected machine. This is a console task and will be executed on the machine where the Operations Console is running with your user context. So for this example, you need to have permissions to access the admin shares of a remote machine.

Right-click on Tasks in the Authoring space and click: Create a new task.
Choose Console Tasks Command line and select a destination management pack of your choice.
What’s the difference between alert command line, command line and event command line?
Alert command line: the task appears in all alert views. You can pass dynamic values from the selected alert to your command.
Event command line: the task appears in all event views. You can pass dynamic values from the selected event to your command.
Command line: the task appears in all views where the displayed object or source of the displayed object is the same as the selected target. In other words, a task targeted to Windows Computer appears in a state view showing Windows Computers or in an alert view when an alert raised by a Windows Computer is selected; a task targeted to Logical Disk appears in a state view showing logical disks or in an alert view when an alert raised by a logical disk is selected.

You can pass dynamic values from the targeted class to your command (like NetbiosComputerName from the Windows Computer class)

Enter a meaningful task name, optionally a description and select as Task target: Windows ComputerTargeting the task to Windows Computer.
As discussed above, you can also select other targets if you want to create commands for specific classes. These tasks will then show up if the appropriate class instance or alert raised by the proper class instance is selected.

Now let’s specify the application we want to run:
Application: explorer.exe
Parameters:$Target/Property[Type=”MicrosoftWindowsLibrary6172210!Microsoft.Windows.Computer”]/NetbiosComputerName$c$
Note that the fly-out button next to the Parameters text box offers you to quickly select different target class properties like NetbiosComputerName which we use to pass on to our application.
Uncheck “Display output when this task is run” 

Click on “Create”.To test the task, switch to the Monitoring space, open the state view “Windows Computers”, select a computer, start the task “Explore C:” from the actions panel.

Another useful example of simple console task is Open iLO
Application: iexplore.exe
Parameters:http://$Target/Property[Type=”MicrosoftWindowsLibrary6172210!Microsoft.Windows.Computer”]/NetbiosComputerName$:17988
Of course, you do not have to pass on dynamic values from your target class. You can also use tasks for static but often used shortcuts to applications and web sites.

2. Invoke a script script as console task

This will be a more advanced example. In this example we will invoke a PowerShell CmdLet “Get-Alert” to display the raw data of an alert directly from the console.

Right-click on Tasks in the Authoring space and click: Create a new task.
Choose Console Tasks Alert command line and select a destination management pack of your choice.

Enter a meaningful task nameNote: As discussed above, there’s no need for a target class here. Because we’ve chosen “Alert command line”, the task will only be available in alert views and will only offer dynamic values from the selected alert. Such as, ID, Name, Custom Fields, etc.

This time the configuration is a bit more complex:
Application: %windir%system32\windowspowershellv1.0\powershell.exe
Parameters: -PSConsoleFile Microsoft.EnterpriseManagement.OperationsManager.ClientShell.Console.psc1 -NoExit .Microsoft.EnterpriseManagement.OperationsManager.ClientShell.Startup.ps1;Get-Alert -Id $ID$Working Directory: C:\Program Files\System Center Operations Manager 2007
Uncheck “Display output when this task is run”

Oh my god, what’s with the huge Parameters line?
Passing on the psc1 and the startup shell script takes care of loading all necessary snap-ins to invoke an OpsMgr Powershell CmdLet. The –NoExit parameter causes the window to stay open, so that we can actually have a look at the output.
Note that the fly-out button next to the Parameters text box now offers you alert values. In our case we need to pass the alert ID
Click on “Create”.
To test the task, switch to the Monitoring space, open an alert view, select an alert, start the task “Get-Alert (PS)” from the actions panel.

How about executing a script instead of a CmdLet? Let’s assume we have a script at c:test.ps1
Application: %windir%system32\windowspowershellv1.0\powershell.exe
Parameters:c:\test.ps1

3. Invoke a command as agent task

This is an example to execute a simple command on a remote agent. Caution, the sample provided here is dangerous but still useful if you need to reboot a couple of machines at once.

Right-click on Tasks in the Authoring space and click: Create a new task.
Choose Agent Tasks Command line and select a destination management pack of your choice.

Enter a meaningful task name

Full path to file:%windir%system32\shutdown.exe
Parameters: /r /t 00 /f
Working directory: %windir%system32
That’s it. Select one or more items in the Windows Computer state view and you can reboot them easily using this task.

4. Invoke any command as agent task

In this example we will create very generic agent task. You can use this task to execute any command on any windows computer. Be careful with the distribution of this task as it is very dangerous but also very powerful! To achieve this, we need an agent task as script with the following snippet:

' Parameter: "dir c:"
Option Explicit
Dim oArgs, WshShell, Exec
Set oArgs = WScript.Arguments
Set WshShell = CreateObject("Wscript.Shell")
Set Exec = WshShell.Exec("%comspec% /c """ & oArgs(0) & """")
WScript.Echo Exec.StdOut.ReadAll
Set Exec = Nothing
Set WshShell = Nothing
Set oArgs = Nothing

Right-click on Tasks in the Authoring space and click: Create a new task.Choose Agent Tasks Run a script and select a destination management pack of your choice.

Enter a meaningful task name, optionally a description and select as Task target: Windows ComputerAgain, we want to see the task for windows computers.

Now, take the above script snippet and paste it into the script text box.
Don’t forget to specify a script name, like ExecuteCommand.vbsThen click on the Parameters button at the bottom.

In the Parameters window, insert “dir c:” or something harmless, in case the task is triggered by accident. Also include the double-quotes!

To test the command, open the Windows Computer state view in the monitoring space and select one or more computers.Now, when you execute the task, you can specify any command using the Override button.

Enter your command in double-quotes, like “ipconfig /flushdns”

5. Invoke a PowerShell script script as agent task

In this example we will create an agent task which will execute a powershell command or script on the agent. As before, you should be careful with the distribution of this task as it is as dangerous as the previous task! To achieve this, we need a slightly different script:

' Parameter for single CmdLet: "get-executionpolicy"
' Parameter for script: "c:test.ps1"
Option Explicit
Const FOR_READING = 1
Const FOR_WRITING = 2
Const TEMP_FOLDER = 2
Dim oArgs, WshShell, oFS, TempFolder, TempFile
Dim Exec, Output, TempFileName
Set oArgs = WScript.Arguments
Set WshShell = CreateObject("Wscript.Shell")
Set oFS = CreateObject ("Scripting.FileSystemObject")
Set TempFolder = oFS.GetSpecialFolder(TEMP_FOLDER)
TempFileName = TempFolder.Path & "" & oFS.GetTempName
Set TempFolder = Nothing
Exec = "%comspec% /c ""%windir%system32windowspowershellv1.0powershell.exe -noninteractive -command """ & oArgs(0) & """"" > " & TempFileName
WScript.Echo Exec
WshShell.Run Exec, 0, True
Set WshShell = Nothing
Set TempFile = oFS.OpenTextFile(TempFileName, FOR_READING)
While Not TempFile.AtEndOfStream
    Output = Output & TempFile.ReadLine & vbCrLf
Wend
WScript.Echo Output
TempFile.Close
Set TempFile = Nothing
oFS.DeleteFile TempFileName
Set oArgs = Nothing

Right-click on Tasks in the Authoring space and click: Create a new task.Choose Agent Tasks Run a script and select a destination management pack of your choice.

Enter a meaningful task name, optionally a description and select as Task target: Windows ComputerAgain, we want to see the task for windows computers.

Now, take the above script snippet and paste it into the script text box.
Don’t forget to specify a script name, like ExecutePowerShell.vbsThen click on the Parameters button at the bottom.

In the Parameters window, insert “get-executionpolicy” or something harmless, in case the task is triggered by accident. Also include the double-quotes!

To test the command, open the Windows Computer state view in the monitoring space and select one or more computers.Now, when you execute the task, you can specify any command using the Override button.

Enter your command or script in double-quotes, like “c:\test.ps1” – a powershell script I placed there for testing purpose.

The script dumps the line it will execute and right below the output of the script.
That’s it for now. If I find time, I will do another post about invoking external commands for rules and monitors and another one about command notification channel.
The code4ward.tasks file contains all scripts and MPs.