SCOM 2012 Maintenance Mode Scheduler Data Access Account Local Admin Rights Monitor - SCOM2012.Maintenance.Mode.Scheduler.Monitoring.DAS.Account.LocalAdmin.Rights.Monitor (UnitMonitor)

SCOM2012.Maintenance.Mode.Scheduler.Monitoring.DAS.Account.LocalAdmin.Rights.Monitor (UnitMonitor)

This monitor runs on a schedule and alert if the Data Access account configured for the Maintenance Mode Scheduler does not have local admin rights.

Knowledge Base article:

Summary

This monitor runs on a schedule and checks if the Data Access account configured in the Maintenance Mode Scheduler has local administrator priviledge on the server where the scheduler is hosted.

Configuration

This rule can be customized using overrides:

IntervalSeconds:How often (in seconds) does this rule run.

TimeoutSeconds:Timeout in seconds for the PowerShell script inside the rule.

Causes

If the Data Access account does not have local administrator priviledge, this unit monitor will be changed to Critical state and a critical alert will be raised.

Resolutions

Make sure the Data Access Account has local administrator priviledge.

Element properties:

Target

SCOM2012.Maintenance.Mode.Scheduler.Monitoring.ComputerRole

Parent Monitor

System.Health.ConfigurationState

Category

AvailabilityHealth

Enabled

True

Alert Generate

True

Alert Severity

MatchMonitorHealth

Alert Priority

Normal

Alert Auto Resolve

True

Monitor Type

SCOM2012.Maintenance.Mode.Scheduler.Monitoring.DASAccount.IsLocalAdmin.Monitor.Type

Remotable

False

Accessibility

Internal

Alert Message

The Data Access Account does not have local admin access on the SCOM 2012 Maintenance Mode Scheduler server

The SCOM Data Access Account configured on the SCOM 2012 Maintenance Mode Scheduler server does not have local administrator rights.
Maintenance Mode Scheduler Server: {0}
Data Access account: {1}

RunAs

Default

Source Code:

<UnitMonitor ID="SCOM2012.Maintenance.Mode.Scheduler.Monitoring.DAS.Account.LocalAdmin.Rights.Monitor" Accessibility="Internal" Enabled="true" Target="SCOM2012.Maintenance.Mode.Scheduler.Monitoring.ComputerRole" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="false" Priority="Normal" TypeID="SCOM2012.Maintenance.Mode.Scheduler.Monitoring.DASAccount.IsLocalAdmin.Monitor.Type" ConfirmDelivery="false"> <Category>AvailabilityHealth</Category> <AlertSettings AlertMessage="SCOM2012.Maintenance.Mode.Scheduler.Monitoring.DAS.Account.LocalAdmin.Rights.Monitor.AlertMessage"> <AlertOnState>Error</AlertOnState> <AutoResolve>true</AutoResolve> <AlertPriority>Normal</AlertPriority> <AlertSeverity>MatchMonitorHealth</AlertSeverity> <AlertParameters> <AlertParameter1>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/PrincipalName$</AlertParameter1> <AlertParameter2>$Data/Property[@Name='DASUserName']$</AlertParameter2> </AlertParameters> </AlertSettings> <OperationalStates> <OperationalState ID="IsLocalAdmin" MonitorTypeStateID="IsLocalAdmin" HealthState="Success"/> <OperationalState ID="NotLocalAdmin" MonitorTypeStateID="NotLocalAdmin" HealthState="Error"/> </OperationalStates> <Configuration> <IntervalSeconds>14400</IntervalSeconds> <TimeoutSeconds>120</TimeoutSeconds> </Configuration> </UnitMonitor>