Mastering System Center 2012 R2 Configuration Manager (2014)
Chapter 7. Client Health
Maintaining healthy Configuration Manager clients is critical for delivering Configuration Manager services and meeting required service-level agreements. When clients in the environment are not healthy, the accuracy and dependability of Configuration Manager services are degraded, resulting in systems that are either completely or partially unmanaged.
Client health has been a challenge historically with Configuration Manager, and many tools or processes have been developed to help identify and repair broken clients. The most recent offering from Microsoft was the Client Status Reporting tool, which arrived in Configuration Manager 2007 R2. While good, many of these tools fall short in that client health problems must be managed manually, and automatic remediation is not generally part of the process. Configuration Manager 2012 R2 changes the game in a dramatic way by not only detecting health problems through a thorough set of diagnostics but automatically remediating the problems as well. Before continuing, we must point out that no solution is 100 percent effective, and there will be problems that can’t be resolved automatically. However, the majority of client problems that happen now are anticipated to be those that happen because of external issues not related to Configuration Manager specifically. The inclusion of client health evaluation/remediation by default in Configuration Manager 2012 R2 will significantly enhance the stability of deployments. While this solution won’t address every potential issue, it goes a long way to reducing administrator workload in keeping systems active and healthy.
This chapter details the client health mechanism in Configuration Manager 2012 R2.
In this chapter, you will learn to
· Detail client health evaluations in Configuration Manager 2012 R2
· Review client health results in the Configuration Manager console
Understanding the Client Health Mechanism
Managing client health issues involves detecting potential issues and fixing problems as they arise. Configuration Manager clients can become unhealthy for any number of reasons, often because of external issues such as WMI failure, DCOM permissions, service failures, and more. Configuration Manager 2012 introduces an automated mechanism to detect the most common client health issues and automates the process of fixing the problem. While this mechanism will go a long way toward helping maintain healthy clients, there will likely still be situations where manual intervention is required, but those situations should be greatly minimized.
Any tool to effectively validate and potentially repair client health issues, by definition, must be able to execute independently without relying on a healthy client to operate. Further, such a tool must execute locally to mitigate any potential network issues. The client health tool in Configuration Manager 2012 addresses this requirement nicely by running as a scheduled task—set apart from the client itself. The next section reviews the elements of this scheduled task for implementing the client health scanning.
Scheduled Task
The client health tool in Configuration Manager 2012 operates as a scheduled task. The required scheduled task is automatically created when the Configuration Manager 2012 client is installed and set to run daily or a bit past midnight. Figure 7.1 shows the scheduled task created on a client system.
Figure 7.1 Scheduled task created by a client installation
Differences between Platforms
All platforms supported for use with the Configuration Manager client also support the client health scheduled task, but there are differences in the way various configurations may appear between platforms. The example discussion focuses on a Windows 7 workstation.
The overview of the scheduled task shown in Figure 7.1 provides helpful information, including the last run time and next run time for the task and whether the task was successful.
Client Health vs. Problem-Free Execution
A successful task doesn’t necessarily mean that the Configuration Manager client is healthy; it simply means that the client evaluation tool was able to execute without encountering a problem.
Notice that this view also provides various tabs that allow you to view the underlying configuration for the scheduled task. In order to make any changes to the task, you must select the properties for the task, which will present the same information but in an editable format, as shown in Figure 7.2 and described in the following sections.
Figure 7.2 Properties window for the scheduled task
Triggers Tab
The Triggers tab of the scheduled task, shown in Figure 7.3, is the place where you might adjust the run schedule for the scheduled task.
Figure 7.3 Triggers tab for the scheduled task
Actions Tab
The Actions tab of the scheduled task, shown in Figure 7.4, shows the command line that is to be executed when the scheduled task runs. As you can see from the figure, the task executes CCMEval.exe, which is in the %WINDIR%\CCM directory. We’ll discuss CCMEval in more detail shortly. No command-line parameters are needed for this executable.
Figure 7.4 Actions tab for the scheduled task
Conditions Tab
The Conditions tab, shown in Figure 7.5, allows administrators to specify specific conditions that must be met before starting the task. There are no conditions set on this tab by default.
Figure 7.5 Conditions tab for the scheduled task
Settings Tab
The Settings tab, shown in Figure 7.6, specifies various settings for the task. The default values configured are as follows:
Figure 7.6 Settings tab for the scheduled task
1. Allow Task To Be Run On Demand This setting specifies that the task can be started by administrators as needed, such as in troubleshooting scenarios, outside the scheduled start time.
2. Run Task As Soon As Possible After A Scheduled Start Is Missed This setting specifies the run behavior for the task if the system isn’t able to run it on the defined schedule. As an example, if the system is powered off overnight and cannot run the task at the assigned time, then the task will be initiated the next time the system is started. The CCMEval process is lightweight but in this scenario is just one more thing for a system to do during startup, a process already loaded with significant activity. To avoid additional system load during startup caused by running this task, it may be worth considering rescheduling the start time for the task so that it takes place when the system is anticipated to be available.
3. Stop The Task If It Runs Longer Than This setting ensures that a hung task doesn’t continue to run long term. The default setting for this is 3 days, and it’s unlikely that the CCMEval task will run into issues causing the process to hang. Having this set as a failsafe, though, is a good idea.
4. If The Running Task Does Not End When Requested, Force It To Stop This setting works with the previous setting and will force the CCMEval thread to terminate if it remains in a hung state even after termination is requested.
The last setting, Do Not Start A New Instance, prevents multiple instances of CCMEval from spinning up.
History Tab
The History tab, shown in Figure 7.7, allows administrators to review the execution history for the task. There are no configurable settings on this tab.
Figure 7.7 History tab for the scheduled task
CCMEval Process
The task to execute CCMEval runs on a daily schedule by default. It is fully possible to change this schedule, but it’s not recommended. If needed, the task can be run manually for troubleshooting or other purposes, as previously alluded to.
With the understanding that client health checking and remediation for Configuration Manager 2012 clients is handled by CCMEval, it’s natural to wonder what this process actually does. That’s the next part of the discussion.
CCMEval is an executable that exists in the %WINDIR%\CCM folder on all Configuration Manager 2012 clients, as shown in Figure 7.8.
Figure 7.8 CCMEval executable in the %WINDIR%\CCM folder
Note that in addition to CCMEval.exe there are also CCMEval.xml, CCMEval.xsd, CCMEvalReports.xml, and CCMEval.log. These are support files for the CCMEval process and are used as follows:
1. CCMEval.exe This is the executable file used to drive the health evaluation and remediation process on Configuration Manager 2012 clients.
2. CCMEval.xml This is the control file that defines the tests and remediation actions that will be taken as a result of test conditions. This file will be discussed in some detail shortly.
3. CCMEval.xsd This file defines the schema used to validate client health evaluation and report data.
4. CCMEvalReports.xml This is a header file used for building reporting information forwarded to Configuration Manager 2012 servers.
5. CCMEval.dll This is a library file for use with CCMEval.exe.
6. CCMEval.log This file records the progress of health check and remediation activities and is located in the Windows\CCM\logs folder.
Understanding the health check and remediation mechanism provided by CCMEval requires reviewing the work that is done during a CCMEval cycle along with the various checks that are performed. You can mine this information by reviewing CCMEval.xml along with CCMEval.log, and it will help you understand what is happening behind the scenes. Table 7.1 lists the checks and potential remediation outcomes that take place when problems are found during evaluation.
Table 7.1: CCMEval evaluation tasks and potential remediation actions
|
Evaluation Task |
Potential Remediation Action |
|
Verify WMI service exists. |
No remediation. |
|
Verify/remediate WMI service startup type. |
Sets the Windows Management Instrumentation service’s startup type to automatic. |
|
Verify/remediate WMI service status. |
Sets the Windows Management Instrumentation service to a running state. |
|
WMI repository read/write test. |
Remediation of this client check is performed only on computers that run Windows Server 2003, Windows XP (X64), or an earlier version. |
|
Verify/remediate client WMI provider. |
Restart the Windows Management Instrumentation service. This remediation is performed only on computers that run Windows Server 2003, Windows XP (64 bit), or earlier versions. |
|
WMI repository integrity test. |
Checks that ConfigMgr client entries are present in WMI; if not, it will reinstall the ConfigMgr client. |
|
Verify BITS exists. |
No remediation. |
|
Verify/remediate BITS startup type. |
Sets the BITS service to the expected startup type. |
|
Verify/remediate client prerequisites. |
Checks that client prerequisites are installed. Reads the file ccmsetup.xml in the client installation folder to discover the prerequisites. Then it installs the client prerequisites. |
|
Verify/remediate client installation. |
Reinstalls the client. |
|
Verify SMS Agent Host service exists. |
No remediation. |
|
Verify/remediate SMS Agent Host service startup type. |
Sets the client (SMS Agent Host) service startup type to automatic. |
|
Verify/Remediate SMS Agent Host service status. |
Starts the SMS Agent Host service. |
|
WMI Event Sink Test. |
Checks whether the ConfigMgr-related WMI event sink is lost and then restarts the client service. |
|
Microsoft policy platform WMI integrity test. |
Checks the integrity of policy platform WMI data structures. |
|
Verify/remediate Microsoft Policy Platform service existence. |
Installs Microsoft Policy Platform. |
|
Verify/remediate Microsoft Policy Platform service startup type. |
Resets the service startup type to manual. |
|
Verify/remediate antimalware service startup type. |
Resets the services startup type to automatic. |
|
Verify/remediate antimalware service status. |
Starts the antimalware service. |
|
Verify/remediate Network Inspection Service start type. |
Resets the service startup type to manual. |
|
Verify/remediate Windows Update service startup type. |
Resets the startup type to automatic or manual. |
|
Verify/remediate Windows Update service startup type on Windows 8. |
Resets the service startup type to manual or automatic (trigger). |
|
Verify/remediate Configuration Manager Remote Control service startup type. |
Resets the service startup type to automatic. |
|
Verify/remediate Configuration Manager Remote Control service status. |
Starts the Remote Control service. |
|
Verify/remediate Configuration Manager Proxy service startup type. |
Resets the ConfigMgr Wakeup Proxy service startup type to automatic; this remediation is performed only if the Power Management: Enable Wakeup Proxy client setting is set to Yes on supported operating systems. |
|
Verify/remediate Configuration Manager Proxy service status. |
Starts the ConfigMgr Wakeup Proxy service; this client check is made only if the Power Management: Enable Wakeup Proxy client setting is set to Yes on supported client operating systems. |
|
Verify that the Microsoft SQL CE database is healthy. |
Reinstalls the ConfigMgr client. |
Figure 7.9 shows a portion of the CCMEval.xml file that contains the rules that are used during the client health/remediation evaluation cycle.
Figure 7.9 CCMEval.xml example
Figure 7.10 is an example of the CCMEval.log file after an evaluation cycle is complete. Experienced administrators may notice that after the health-checking cycle is complete, the report is sent back to the site in the form of a state message. We mentioned earlier that an effective client health tool must function independently and not rely on a client function for any of its operation. State messages are commonly sent by the Configuration Manager client, so you might question whether the health evaluation tools simply offload the resulting state report to the client or handle it independently. The latter is true; client health forwards the state message directly to the client’s management point using its own mechanism. This is also noted in the log snippet in the figure.
Figure 7.10 CCMEval.log sample
CCMEval–Customizable? Portable?
Contoso has around 25,000 clients who they monitor on a daily basis to ensure they are healthy. In the past, Contoso used to spend 10 hours a week troubleshooting the clients that were not reporting to the site. Now, with ConfigMgr 2012 R2 and client health, Contoso only spends about two hours reviewing the reports, alerts, and client statuses. When there is a problem, most clients automatically remediate by themselves using the CCMEval and CCMrepair task. If this doesn’t fix the problem, Contoso should focus their efforts only on those clients that are failing. This is a good example of how client statuses save hours of works by implementing ConfigMgr 2012 R2.
After taking a peek at the CCMEval.xml and CCMEval.log files, a common question to ask is whether customers are able to customize or add to these checks. Unfortunately, changes to these files are not supported, so if any modifications are attempted, they are solely at the risk of the administrator and may cause problems. Remember, the content of this file impacts every Configuration Manager client in the organization.
Another question that commonly follows is whether it’s possible to port the CCMEval process to work on earlier versions of Configuration Manager clients. The answer is no. CCMEval is solely for use on Configuration Manager 2012 client systems.
Client Health Evaluation: Results
Client health evaluation results are accessible in the Configuration Manager console in several areas. First, client health is reported on a device level by reviewing collection membership. Any collection in which the device is a member will provide the same health information. To view health results for a device, simply select it in the console, and the bottom of the screen will reveal five tabs: Summary, Client Check Detail, Malware Detail, Antimalware Policies, and Client Settings. All of these tabs contain useful health information, but for client health evaluation, the first three are the main ones to review.
1. Summary The Summary tab, shown in Figure 7.11, reports the latest client health information as Pass or Fail and also reports whether the last remediation attempt was successful.
Figure 7.11 Summary tab for specific device
2. Client Activity The Client Activity tab, shown in Figure 7.12, reports the last time the client requested policy, sent a heartbeat, reported hardware or software inventory, and sent a status message. The Days Since Last Communication field reflects how long the site has gone without hearing from the client. All of this information taken together gives a good idea about client health, but it’s important to also factor in systems that may be powered off for extended periods or are offline because of network or other issues. The Management Point field documents the management point in use by the client. This information can help identify potential issues with boundaries, roaming, and the like.
Figure 7.12 Client Activity Detail tab for specific device
3. Client Check Detail The Client Check Detail tab, shown in Figure 7.13, provides summary information about the device’s last health evaluation scan. The specific evaluation rules and remediation status are reflected in the summary.
Figure 7.13 Client Check Detail tab for specific device
Configuring Client Health
Now that you understand the main functions of the client health mechanism and what can be remediated with CCMEval, it’s time to configure client health. Before you can monitor the client status and remediate problems that are found in your hierarchy, you must configure your site to specify the parameters that are used to mark clients as inactive and configure options to alert you if client activity falls below a specified threshold. You can also disable computers from automatically remediating any problems that client status finds.
1. In the Configuration Manager console, choose Monitoring.
2. In the Monitoring workspace, select Client Status, and then right-click it and choose Client Status Settings.
3. In the Client Status Settings Properties, shown in Figure 7.14, configure the following settings:
Figure 7.14 Client Status Settings Properties
· Client Policy Requests During The Following Days: Specify the number of days a client has requested policy. The default value is 7 days.
· Heartbeat Discovery During The Following Days: Specify the number of days the client computer has sent a heartbeat discovery record to the site database. The default value is 7 days.
· Hardware Inventory During The Following Days: Specify the number of days the client. computer has sent a hardware inventory record to the site database. The default value is 7 days.
· Software Inventory During The Following Days: Specify the number of days the client computer. has sent a software inventory record to the site database. The default value is 7 days.
· Status Messages During The Following Days: Specify the number of days the client computer has sent status messages to the site database. The default value is 7 days.
· Retain Client Status History For The Following Number Of Days: Specify how long you want the client status history to remain in the site database. The default value is 31 days.
4. Once you finish configuring each item, click OK.
Monitoring: Client Status
The Monitoring workspace of the Configuration Manager console is the place to view Client Check and Client Activity information summarized for all clients in the hierarchy. This information is located under the Client Status node.
The Client Check node shown in Figure 7.15 shows a collective view of client health in the hierarchy. The number of devices that have passed or failed or are in an unknown status for health evaluation are reflected in a pie chart, and the accompanying legend details issues that have been found for those systems failing health evaluation. There is also a line graph showing trending information for client health. For more detail simply click the section of interest from the pie chart, the pie chart legend, or the line graph, which will open a view of all devices in the selected category.
Figure 7.15 Client Check node in the Monitoring workspace of the Configuration Manager console
1. Monitoring: Client Activity The Client Activity node shown in Figure 7.16 shows a collective view of client activity in the hierarchy. Devices are represented in a pie chart as either active or inactive. In the example, all clients are active. Having 100 percent active clients would be a great result in a production environment but likely will not often be achieved because of environmental issues, systems being powered off for extended periods, network issues, and the like. This view also provides a line graph for trend analysis. To view specific systems that are in an active or inactive state, simply click the area of the pie chart or pie chart legend of interest to drill down for additional detail.
Figure 7.16 Client Activity node in the Monitoring workspace of the Configuration Manager console
2. Reporting: Client Status Configuration Manager 2012 provides a wealth of information through the reports available in the console. Reports are grouped by category and, as shown in Figure 7.17, there are seven reports specifically geared to client status information. Combining the reports with the ability to create report subscriptions, as detailed in Chapter 13, “Reporting,” gives administrators significant flexibility to pick reports that best serve their needs and render or deliver automatically.
Figure 7.17 Client Status reports
Alert: Client Health
Part of being a ConfigMgr administrator is that you don’t have enough time to perform all of your daily task, weekly, and monthly tasks. The monitoring aspects of client health are a very good method of keeping you informed about what is going on with your clients. With ConfigMgr 2012 R2 you have the ability to configure alerts for each collection. If you use this method to find out what is going on with your clients, then you can focus on those critical systems. To configure the alerts that will be displayed on the Monitoring workspace, perform the following steps on those critical collections:
1. In the ConfigMgr console, select Assets And Compliance.
2. In the Assets And Compliance workspace, choose Device Collections.
3. In the Device Collections node, select the collection for those critical systems and right-click Properties.
4. In the Properties dialog box, click the Alerts tab, as shown in Figure 7.18, and then click Add.
Figure 7.18 Client health collection alerts
5. In the Add New Collection Alerts dialog box, choose the alerts that you want generated when the client status thresholds fall below a specific value. Then click OK.
6. In the Conditions list, select each client status alert and then specify the following information:
· Alert Name: Accept the default name or enter a new name for the alert.
· Alert Severity: From the drop-down list, choose the alert level that will be displayed in the Configuration Manager console.
· Raise Alert If Client Check Pass Or No Results Percentage For Active Clients Is Below: Specify the threshold percentage for the alert.
7. Click OK.
The Bottom Line
1. Detail client health evaluations in Configuration Manager 2012 R2. Health evaluations and remediations take place daily on every Configuration Manager 2012 client in the hierarchy. This information is updated at the site and is available for review on every client and also summarized for every client across the hierarchy.
1. Master It List the health evaluations and remediations that take place on Configuration Manager clients.
2. Review client health results in the Configuration Manager console. Client health data is available in several locations of the console to allow access to health for individual devices and summarized data for all clients in the hierarchy.
1. Master It List the locations in the console where individual client health and summarized client health data are accessible.