Error, Web.config file has unencrypted sections, this sections contain secrets that must be protected.
Monitors whether the Web.config file of the Windows Azure Pack site is encrypted or not. If it is not encrypted it generates the corresponding alert. The monitoring test is done periodically by running Test-MgmtSvcProtectedConfiguration.
If this monitor is in error, then the Web Site's web.config file is not encrypted and its secrets are at risk.
Run the PowerShell Cmdlet Protect-MgmtSvcConfiguration on the target machine. Find all the information about this command and examples here: http://technet.microsoft.com/en-us/library/dn520965(v=sc.20).aspx.
For this monitor to work correctly, it must be allowed to run the Test-MgmtSvcProtectedConfiguration PowerShell Cmdlet on the target machine. It runs in the local SCOM Agent
Option | Definition | Default |
Alert On State | Health state for the monitor that generates an alert. | The monitor is in a critical health state |
Alert Priority | Priority of the alert generated for this monitor. | High |
Alert Severity | Priority of the alert generated for this monitor. | Critical |
Auto-Resolve Alert | Specifies whether the alert should automatically be resolved when the monitor returns to a healthy state. | True |
Enabled | Specifies whether the monitor should run. | True |
Generates Alert | Specifies whether the monitor should generate an alert when changing to a warning or critical state. | True |
Interval | Number of minutes between times that the monitor is run. | 120 |
Target | WindowsAzurePack.ResourceProvider.SqlServers | ||
Parent Monitor | System.Health.ConfigurationState | ||
Category | ConfigurationHealth | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | WindowsAzurePack.MonitorType.WebConfigEncrypt.WAP | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="WindowsAzurePack.Monitor.WebConfigEncrypt.ResourceProvider.SqlServers" Accessibility="Public" Enabled="true" Target="WindowsAzurePack.ResourceProvider.SqlServers" ParentMonitorID="Health!System.Health.ConfigurationState" Remotable="true" Priority="Normal" TypeID="WindowsAzurePack.MonitorType.WebConfigEncrypt.WAP" ConfirmDelivery="false">
<Category>ConfigurationHealth</Category>
<AlertSettings AlertMessage="WindowsAzurePack.Monitor.WebConfigEncrypt.AlertMessage.WAP">
<AlertOnState>Error</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>Error</AlertSeverity>
</AlertSettings>
<OperationalStates>
<OperationalState ID="Success" MonitorTypeStateID="Success" HealthState="Success"/>
<OperationalState ID="Failure" MonitorTypeStateID="Failure" HealthState="Error"/>
</OperationalStates>
<Configuration>
<IntervalSeconds>7200</IntervalSeconds>
<SyncTime/>
<WAPService>$Target/Property[Type="WindowsAzurePack.ResourceProvider.SqlServers"]/WAPService$</WAPService>
</Configuration>
</UnitMonitor>