SCOM 2012 and Powershell 3.0 support for Server 2008 R2 agent managed...

SCOM 2012 and Powershell 3.0 support for Server 2008 R2 agent managed systems

Scenario: You already have Powershell 3.0 or newer installed on your Windows Server 2008 R2 box, but SCOM agent will only run the Powershell 2.0 no matter what you do. I guess it is hard coded somewhere to only support the 2.0 version (probably the current major version at that time). 

Anyway, I was struggeling with a check for Symantec’s AV solution – it would run successfully on a Server 2012 agent managed system, but not on Server 2008 R2. So I turned to the search engines, and found an interesting post from Stefan Roth about the same issue in SC Orchestrator: http://stefanroth.net/2013/02/04/orchestrator-2012-sp1-powershell-3-0-run-net-activity-and-get-scxagent/.
I gave it a try, and found that this will work for the SCOM agent as well, but you have to run all your code in the new session. I used this method to get theĀ Invoke-WebRequest CMDLet working. What I actually do is spawn a new powershell.exe process on the local system that will run my script. Like this:


#This script sends a HTTP request to the Symantec Endpoint Protection Manager web service and checks for a healthy response. This script requires Powershell 3.0 or newer.

#Spawn a new PS session to ensure that we use the correct PS version (fixes problems with Windows Server 2008 R2).
PowerShell {

function GetHTTPStatus {
Try {
$HTTPResponse = Invoke-WebRequest -UseBasicParsing -Uri “http://localhost:8014/secars/secars.dll?hello,secars” -ErrorAction Stop
$HTTPContent = $HTTPResponse.Content
#$HTTPContent | Out-File C:Tempdebug.txt -Append
} Catch [Exception] {
$HTTPException = $_.Exception.Message
$HTTPException += “`n”
$HTTPException += “Powershell version: ” + ($PSVersionTable).PSVersion.Major.toString()
#Write exception and Powershell version to the Operaions Manager event log
$API.LogScriptEvent(“NRK SEPM Availability Script”,8000,1,”$HTTPException”)
$HTTPContent = $null
}#End try-catch

Write-Output $HTTPContent
}#End function

#Initialize Operations Manger API
$API = new-object -comObject “MOM.ScriptAPI”
$PropertyBag = $API.CreatePropertyBag()

$HTTPStatusMsg = GetHTTPStatus
if ($HTTPStatusMsg -ne $null) {

If ($HTTPStatusMsg.Contains(“OK.”) -eq “True”) {
$PropertyBag.AddValue(“State”,”OK”)
$PropertyBag.AddValue(“Description”,”Normal”)
}#end if

} Else {
$PropertyBag.AddValue(“State”,”ERROR”)
$PropertyBag.AddValue(“Description”,”Availability check on SEPM server failed. Ensure that all services are running. Look event ID 8000 in the Operations Manager event log on the affected server for debug information”)
}#end if

$PropertyBag

}#End Powershell session

Per Riis is Chief Technical Architect at Crayon Norway. With 20 years of experience on Microsoft and 3.party software and solutions, he loves to take on new possibilities and technologies that makes us work smarter and better. A passion for Microsoft Office 365, Azure services and everything else... Preferable with a GUI :-)

1 COMMENT

  1. I guess that this has changed. Not sure when exactly – but for sure after applying RollPack update 9 for SCOM 2012 R2 the scripts started via SCOM Agent run on highest version of PowerShell available on the target Windows server.

Leave a Reply