System Center Advisor for Lync

A colleague recently made me aware of System Center Advisor (SCA) – this is a cloud service offered by Microsoft that analyses local servers and workloads, recording configurations and offering useful advice for proactively keeping them working at their best. I wasn’t familiar with it, so decided to take a closer look.

The product was born from a desire to reduce the number of “common issue” support cases that Microsoft see – where they hear the symptoms and know very quickly that a particular patch, or config change, will solve the issue. By feeding information about a customer’s systems to Microsoft, they can then advise on any necessary actions to take, hopefully before it has any impact on a running service.

Lync 2010 support was added to the offering in November 2012, on top of the previously supported Windows Server, SQL Server, SharePoint and Exchange. Lync 2013 support is not yet present at time of writing, but expected soon. A recent development is that Microsoft has made SCA available to all licenced customers, where previously it was a benefit offered only to Software Assurance customers.

There is a Microsoft Virtual Academy course on SCA available, with about an hour of material giving a good overview, although some details have changed since it was published. Some of the info here is taken from that course.

Sign-up and installation

A Microsoft account (aka Live ID, Passport, etc.) is needed to get started. One account can be used for multiple monitored organisations, useful for companies that support more than one customer.

Once logged in, it’s a simple process to download the installer and a certificate.

2013-05-08_173226

At least one “gateway” is needed, which will be a machine that can reach the internet. “Agents” run on each monitored server and report their results up to the gateway. The gateway then passes this on to the SCA service which is hosted on Microsoft’s Azure platform. The installer covers both roles, and has 32 and 64 bit versions included.

Data is only sent once a day, so unless you hurry the process up with some manual intervention, you won’t see much for up to 24 hours.

Interface

A dashboard view gives a summary of alerts.

2013-05-08_172503

The main alerts view. All columns can be immediately sorted and filtered without refreshing, and the lower pane gives more detail about the issue, including a link to the relevant solution or KB article. Microsoft are trying to avoid the need to trawl the internet by taking you straight to the most relevant solution.

2013-05-08_172618

Once SCA detects that the issue has been resolved (for example, by applying a recommended patch), it will automatically close the issue. You can also manually ignore an issue to avoid seeing it.

Going in to the alert rules shows us the various scenarios that will generate an alert – this will include items such as a certificate expiring soon, or a misconfigured network interface.

2013-05-08_172821

Configuration data is viewable within SCA. It is not intended to be an exhaustive list, but the most useful data needed to solve support issues. This is available both as a current snapshot of settings:

2013-05-08_173033

..and as a configuration history. This can be particularly useful as one of the first questions in a support case is “what has changed recently?”. This records the setting, both previous and new values and when the change occurred.

2013-05-08_211104

Finally, we have screens showing lists of monitored servers (this is also where we set up new servers) and user accounts. Any additional users also need to have a Microsoft account to access the service.

2013-05-08_173151

2013-05-08_211822

Under the covers

The agent installed for SCA is the System Center Operations Manager 2007 R2 agent. If an existing agent is found on a monitored server, it will work alongside – effectively the server will go on being monitored by the existing SCOM agent but also send some data to SCA. This will also work side-by-side with the SCOM 2012 agent.

Data sent from the agent to gateway and on to Microsoft is all readable XML files, so it is easy to see what is (and is not) being sent outside the organisation. Uploads are archived locally (for 5 days by default) so that you can read the contents.

The agent needs about 75MB of system memory, and needs about 150KB of network traffic per server per day.

Microsoft go to great lengths to stress security and privacy of the data collected – they do not share any data with third parties, and will not use it for sales or licence validation purposes. They do not have any visibility of servers that do have the agent deployed to them. The SCA account can be closed at any time and removal of data will happen within 90 days.

Communication between agents and the gateway is over port 80 by default. Uploads from the gateway to Microsoft are via HTTPS.

What does it NOT do?

SCA is not intended to be a real-time monitoring service. Data is only uploaded every 24 hours. A proper monitoring solution such as SCOM is recommended if you need to know when workloads are:

  • Unavailable
  • Underperforming
  • Causing business impact or downtime

It also does not cover every possible scenario, or recommend every patch that may be necessary – just what Microsoft CSS commonly see in support cases. It is still a great idea to implement change control, and to review published patches to see if they are applicable to your environment.

Conclusion

Now that SCA is effectively free to all licenced Microsoft customers, it is well worth evaluating.

I think the most benefit comes to smaller organisations, who may not have specialist teams looking after specific products, do not have any formal change control and don’t usually have time to rigorously check for new patches. Being informed of a possible problem and taken straight to the relevant page for the fix could save a lot of time. These orgs will often pay for individual support cases with Microsoft too, so if they can avoid a common issue, it saves them money too.

Where there is no in-house knowledge of products like Lync, SharePoint or Exchange, they may defer to an outside company or consultant for support, and this is a great way to give them an overview of the environment and keep them informed about any recommended work.

Larger organisations will typically be using a monitoring product such as SCOM, and have good processes in place for regularly patching servers and performing health checks. It may still be worth their while to use SCA, as it is easy for some items to be overlooked, such as expiring certificates, and as a reassurance that their systems are being managed properly.

Lync learning resources

I’m doing some studying around Lync topics, with the aim of passing the Lync MCITP. Here’s a quick summary of resources I’ve found, and I’ll update as and when I find more.

Exams

Two exams make up the MCITP: Microsoft Lync Server 2010 Administrator certification. It’s worth visiting the pages for the exams to understand the requirements for each, and reviewing the “Skills Measured” to ensure you have a good grasp of each topic.

Exam 70-664
Exam 70-665

Lync Jump Start training

Some excellent free training from Microsoft – a total of 5 days worth of webcasts, specifically covering what’s expected for the exams, as with the official training courses. Good mix of lecture/slides and practical lab-based demos. All downloadable in a variety of formats so perfect for keeping a laptop or tablet for commutes.

Deploying Lync for the 70-664 exam
Designing Lync for the 70-665 exam

Product Documentation

Lync, like most Microsoft products, is extensively documented on Technet. This is really the definitive place to visit to learn more about a specific feature.

Books

I’ve been reading Mastering Lync Server 2010 by Nathan Winters and Keith Hanna which is proving an excellent guide, especially when a Technet explanation goes over my head. It is available from Amazon UK and Amazon US.

Labs

While building your own virtual lab for Lync is a great learning experience, it can be useful to dive into someone else’s to look at a specific feature. This is also great if you don’t have a computer capable of running several virtual machines.

The Microsoft Virtual Hosted Platform Hands On Labs are excellent, there are 10 scenarios for Lync Server 2010, click to start and a virtual environment is created for you, with clear lab notes to follow.

Blogs

Quite a few other people have blogged useful stuff about the exams, often linking direct to Technet content specific to expected exam topics. These can make for a useful reference for subjects you might have forgotten!

http://kressmark.blogspot.co.uk/2011/03/exam-70-664-ts-microsoft-lync-server.html

http://geekswithblogs.net/enriquelima/archive/2010/12/23/unofficial-prep-guide-for-ts-microsoft-lync-server-2010-configuring.aspx

http://geekswithblogs.net/enriquelima/archive/2011/05/09/unofficial-prep-guide-for-pro-microsoft-lync-server-2010-administrator.aspx

http://geekswithblogs.net/enriquelima/archive/2011/05/09/unofficial-prep-guide-for-pro-microsoft-lync-server-2010-administrator-again.aspx

Video

Microsoft’s Channel 9 site is a fantastic resource – all the content from previous TechEd conferences and similar events is made available there. There are lots of sessions to watch including some deep dives into specific features, often presented by the people who make the product – it can be a nice break from the books if you need more understanding of a particular feature or role. Like the Jump Start series, most are available in a variety of formats to download so ideal to keep handy for when you have some time.

Samsung netbook – brightness control

Came across this on the Samsung N210 Plus I bought for a trip coming up. Did the usual updates, patching, etc and the brightness control stopped working. Came across various articles and forum threads saying that it was the Samsung Easy Display Manager software and to reinstall it.

Well that didn’t help at all. What did help was installing an older version of the Intel graphics drivers. A big thanks to ArdeX of the SammyNetbook forums for posting that info.

DcDiag crashes when running tests

I’d not seen this one before, so figured it was worth noting for the future.

When performing an AD healthcheck, I tend to run the DcDiag tool like so:

dcdiag /e /c /v /f:dcdiag.log

This tests all servers in the enterprise (e), does comprehensive tests (c), produces verbose output (v), and logs to a file.

However, my dcdiag.log was getting cut off before it even got to the DNS tests – they ended up 21k in size where 100k+ is normal. Running it without logging to file showed it was crashing and events were getting logged. Doing a plain “dcdiag” it would run OK. This was on a pretty plain Windows Server 2003 domain controller.

The events logged were fairly generic 1000 ones, along the lines of:

Faulting application dcdiag.exe, version 5.2.3790.1830,
faulting module msvcrt.dll, version 7.0.3790.3959, 
fault address 0x00038efa.

Thankfully I had internet access and with some googling, I came across this blog post from Tim Bolton, which described the issue.

The culprit is a SP1 version of DcDiag, on a server upgraded to SP2. Once the correct version of the Support Tools was downloaded and installed, it ran just fine.