Connector to OMS in ConfigMgr 1606 Release
What is Operations Management Suite (OMS)?
OMS for those that might not be aware is a collection of online management tools from Microsoft and one of these (that the connector is for) is Log Analytics.
Log Analytics is a ingestion point for logs (event, syslog, IIS, custom) and performance metrics from Windows and Linux devices, no matter where they live (on-premises or cloud hosted) that can then be used for analysis of that data or to provide insights through different solutions.
One of the newer features of OMS is Groups, which not only helps with filtering of log queries, but has the potential moving forward to open up lots of other scenarios.
What is Configuration Manager (ConfigMgr or SCCM)?
Configuration Manager is Microsoft’s Configuration Management and Deployment tool with everything from Application Deployment, Operating System Deployment, Mobile Device Management through to Patching (plus a gazillion other capabilities!).
Configuration Manager (ConfigMgr) has a feature known as collections that allow you to group devices together (Starting the see the link here?) either manually or dynamically based on the Inventory discovery information it has about those devices.
The 1606 release for ConfigMgr brings a new connector in that allows for collections that you specify and their membership to be pushed across into OMS, allowing for work that you may already have done in terms of grouping via collections for things like patch management not to be re-hashed again from scratch in OMS.
How is the OMS Connector Setup?
Configuring the Cloud side first
Before you create the connector inside ConfigMgr, there’s a few steps that have to be performed first in the Cloud.
Login first to the “Classic” portal
- Scroll down the resource providers to find Azure Active Directory
- Select your subscription.
- Click Applications from the selections at the top
- Click Add at the bottom
- Choose “Add an application my organisation is developing”
On the first screen, give a descriptive name for this application (ConfigMgr OMS Connector or similar), select the type as “Web Application and/or Web API” and proceed to the second screen.
On the second screen, some dummy information needs to be entered. We’re not going to establish a connection back into the environment so these URL’s & URI’s are irrelevant.
After adding the application, if not already in that application, select it from your list of applications and click on the Configure option at the top.
Then scroll down and select a duration for the key that we will use inside ConfigMgr. Make a note of this expiration date so you can remember to renew it!
N.B. The key will be made visible after you click save. Grab it and note it securely somewhere as this will only be shown the once!
You should also take a copy of the Client ID shown as you require this when creating the connector inside ConfigMgr.
Once you’ve add the app and made a note of the keys, we need to grant access to the app to OMS. This isn’t done in the classic portal, you do this via the new Azure Resource Manager (ARM) portal.
Head over to: https://portal.azure.com
- Find the Resource Group housing your OMS Log Analytics workspace
- Open the Resource Group settings
- Navigate to Users
- Click Add
- Select the “Contributor” role (N.B. I have not yet confirmed the exact level of rights required)
- Search for the Azure AD App you just created
- Select that app
- Click ok to add the access to the Resource Group
Setting up the OMS Connector in Configuration Manager
That’s the Cloudy side setup done, next we can add the connector inside Configuration Manager.
In the ConfigMgr console:
- Navigate to Administration
- Expand Cloud Services
- Click on OMS Connector
- Click on “Create connection to Operations Management Suite”
- Review the General page and click Next
Now you’ll need to enter the details of your Azure AD tenant (The name) and the Client ID and Key from the Azure AD Application created previously then click Verify to ensure the details are correct and finally click Next.
If everything is setup correctly (and most importantly the permissions on the Resource Group holding your OMS workspace) then the details should be populated with your Azure subscription and OMS workspace details.
Click Add and select the ConfigMgr collections you want to push into OMS and then click Next.
The final couple of screens just allow you to review the settings before creation and the results after creation. Click Next then Close.
Once the OMS Connector has been created, you will need to wait some time for the data to be ingested into OMS.
Once the data has been ingested, you should see a new category of “SCCM” under the Groups section of the OMS Settings.
Ticking the option for “Import Configuration Manager collection memberships” will then pull across those collections specified in the connector.
Running the following query will show you the collections and their membership count.
Type=ComputerGroup (GroupSource=”SCCM”) | measure count() by Group
Enjoy exploring this new feature and expect another post to follow up on this post with areas that can be utilised with this data.
PowerON Director & MVP