Microsoft Server Clusters Management Pack

In most environments with Windows infrastructure supporting highly available applications, the use of clustering services is an important part of the solution. In this next section, we'll examine the management pack designed to monitor clustered servers in your Microsoft environment.


The Active Directory management pack consists of the following files:

  • MicrosoftWindowsServerClusters.akm

  • MicrosoftWindowsServerClustersReports.xml

  • Server Clusters MP Guide.doc

As of this writing, the latest version number is 05.0.2803.0000. After downloading the management pack, extract the contents to a common location and follow the steps in Chapter 8 to import the management pack. After importing the management pack, check the version number against the version number stated in the Management Pack and Product Connector Catalog.

More detail can be found in the Server Clusters MP Guide.doc, which comes with the management pack. This document can also be found online at


To properly configure this management pack, two things should be considered. Generally, clusters that are deployed on Windows technology have replication enabled for Event Logs. This is to ensure that events don't get lost if a cluster node happens to go down for some reason. Using the Cluster MP requires that Event Log Replication be disabled. This keeps the events from being picked up twice or more (from each physical node). Monitoring clusters with MOM alleviates the risk of losing event data to a degree because the MOM agent will be picking up the relevant events anyway.


In actuality, this isn't really a requirement. It's a recommendation. The cluster MP will operate just fine with the Event Log Replication enabled. However, you may get a lot of duplicate alerts, and quite possibly have scenarios where one computer is sending the events that actually belong to another computer.

Setting all your servers at once can be done easily using the task in the Operator Console. Once the management pack is loaded (and agents deployed of course), follow these steps to disable replication on all of your cluster nodes.

  1. In the Operator Console, navigate to the Computers and Groups view.

  2. Select the Microsoft Windows Server Clusters node.

  3. Select the Computers node.

  4. In the Computers pane, highlight all of the computers that require disabled replication.

  5. In the Tasks pane, select the Microsoft Windows Server Clusters node, as shown in Figure 9-3.

    image from book
    Figure 9-3

  6. Expand the node and choose Disable Event Log Replication.

  7. Complete the Launch Task Wizard dialog box. This runs a task on each of the computers, disabling the Event Log replication.

The second configuration requires that you modify the Microsoft Windows Server Clusters State Monitoring. To validate this statement, if there are resource types that aren't presented in this list, the script will have to be changed to include them. The script by default contains the following resource types:

  • File Share

  • DHCP Service

  • Distributed Transaction Coordinator

  • Generic Service

  • IIS Server Instance

  • Microsoft Search Service Instance

  • Message Queuing

  • NNTP Server Instance

  • SMTP Server Instance

  • SQL Server. (monitors all resource types that begin with SQL Server)

  • Exchange. (monitors all resource types that begin with Exchange)

  • Time Service

  • WINS Service

This list comes directly from the SERVICE_RESOURCE_TYPES. The items are listed in a regular expression, hence the use of ".∗" in the preceding list. To add any additional services, modify the line that begins with Const SERVICE_RESOURCE_TYPES =. Service names should be separated with a pipe symbol "|." If (hypothetically) you needed to monitor the ClipBook service, the new line would look like this:

     Const SERVICE_RESOURCE_TYPES = "^(File Share|ClipBook|DHCP Service|Distributed Transaction Coordinator|Generic Service|IIS Server Instance|Microsoft Search Service Instance|Message Queuing|NNTP Server Instance|SMTP Server Instance|SQL Server.*|Exchange.*|Time Service|WINS Service)$" 

Notice how ClipBook has been placed between File Share and DHCP Service with a "|" symbol separating them.


The "|" symbol in a regular expression is used to indicate an OR statement.


Computers are added to Computer Groups by formula evaluation. They must hold the attribute "Microsoft Windows Server Clusters." Assuming that they do, the Windows Current Version attribute is checked to determine the OS version and placed in the right Computer Group accordingly.

In order for notifications to work properly, an operator must be assigned to the Network Administrators group. Refer to Chapter 6 for assigning operators to groups.


Microsoft Windows Server Clusters

Computer Groups

Microsoft Windows 2000 Server Clusters


Microsoft Windows Server 2003 Clusters

Notification Groups

Network Administrators


There are no scripts with configurable parameters in this management pack.


If the tasks execute in the context of the agent, LocalSystem will provide all necessary permissions. However, if the agent runs in least privilege configurations, it may require additional permissions to execute some of the tasks. All console tasks are executed under the permission of the user using the Operator Console. If the user doesn't ordinarily have the rights to execute the task, the task may not work as expected.



Disable Event Log Replication


Display Cluster Properties


Enable Event Log Replication


Open Cluster Administrator


Pause Cluster Node


Resume Cluster Node


Start Cluster Service


Stop Cluster Service


Professional MOM 2005, SMS 2003, and WSUS
Professional MOM 2005, SMS 2003, and WSUS
ISBN: 0764589636
EAN: 2147483647
Year: 2006
Pages: 132 © 2008-2017.
If you may any questions please contact us: