When a server owner opens the full Operations Manager console for the first time, the number of management packs and options available within the console can seem overwhelming. There’s a way to alleviate this – you can use customized groups to carve-up the OpsMgr console so that individual groups that own servers can see only the information relevant to their portion of the entire OpsMgr environment.
This four part series discusses the process to create custom groups and leverage them to create views, subscriptions, and to secure views. The end result is an environment where the OpsMgr console is targeted to only provide a view of only those servers relevant to the particular group This process is also followed to provide a target set of critical alerts specific to those groups that are created, and will provide notification of critical alerts to each group.
This article is the first of the four part series on using custom groups, and describes how to create custom groups to scope the Operations console. This series will create a customized group, views, subscription and restricted access to the Operations Manager console for a company named Odyssey. The groups created here will be used through the rest of this series:
- Part 1: Creating Custom Groups
- Part 2: Using Custom Groups to create Views
- Part 3: Using Custom Groups with Subscriptions & using one-off notifications
- Part 4: Using Custom Groups to secure Views
First, let’s create a customized group for monitoring. Perform the following steps:
Define the function of the group: As an example – this could be Security, Great Plains, Custom Application #1, and so on. The function name needs to be a single word describing the function for the group, and will be used throughout the entire process.
Open the Operations Manager Console -> Administration node and create a management pack for the new group using the following naming convention: <CompanyName> <Function> <Servers>, as shown here using the example of Odyssey Security Servers. This management pack will store the entire configuration created with this four part series.
Now within the Operations Manager Console –> Authoring node, create a group with the server members and store it in the new management pack using the following naming convention: <CompanyName> <Function> <Servers> as shown in the next two screenshots, using the example of Odyssey Security Servers.
You can either explicitly defined the servers that belong in the group (shown below) or you can create a dynamic membership for the group. For our particular case, it was more efficient to explicitly define the servers for each group – as there was not a common way to define which servers a particular group was responsible for.
However, dynamic membership can be extremely powerful. There are many different options available for creating the group as shown in the next two screenshots. There are several blog write-ups available for how to create groups:
- Based upon AD site (http://cameronfuller.spaces.live.com/blog/cns!A231E4EB0417CB76!950.entry)
- By OU (http://blogs.technet.com/kevinholman/archive/2008/02/05/creating-a-group-based-on-ou-organizational-unit-in-active-directory.aspx)
This completes the process of creating a group within the OpsMgr console. You can use this group within the console to scope what information is shown by choosing the Scope button, highlighted in the next screenshot. Scoping does not decrease the number of folders and options available, but it does restrict what information is shown – meaning the user sees only the information related to systems within their particular groups. The next part of this series takes the concept of using this group to restrict the console further, creating views based upon the security group created here.