Mananagement Pack Functionality Questions

On more question. Is is still true with the newest version of the MP that you need the SCOM console installed on the Secondary Mgmt server in order to discover/install the F5 devices from it? We would like to avoid installing the console on our Secondary Mgmt servers if possible.

Hello,

 

 

Here are the answers to your questions:

 

 

1) Once a device is discovered on a Management Server, it can only be removed from that Management Server. However, with the 715 build of the Management Pack, you can execute the server task "Remove Device" which should execute remotely on the appropriate Management Server, without requiring you to login to it.

 

Note that removing a device from monitoring by SCOM does not remove the big3d agent from the Big-IP. That must be done manually to ensure the Big-IP availability is minimally affected.

 

 

We'll clarify the documentation to that effect.

 

 

2) Apologies for the confusion between the videos. You can initiate discovery from any Management Server, rather than only the RMS. However, you must initiate discovery on the Management Server, either via the GUI, PowerShell, or command line.

 

 

We'll clarify the documentation to that effect.

 

 

3) The following permission requirements are required for setup:

 

Local System Admin for configuration of the service and software install

 

Member of SQL Admin for creation of necessary tables

 

Member of SCOM Admin for creation and modification of User Roles

 

 

The same permissions are required for the F5 Monitoring Service account, which you can specify during setup.

 

 

4) It is not necessary to install the SCOM console on any machine, except the RMS. You can use PowerShell to start discovery. You can also use the f5mpcmd.exe command on the Management Server. The SCOM Console is only required if you want to use the SCOM UI to initiate discovery.

 

 

We'll make sure this is updated more clearly in the documentation.

 

 

Thank you,

 

Stephen

 

F5 Management Pack

Thank you for the response. I need more clarification the answer to question 3. If I'm not mistaken the installation account's rights needs access to create the F5 MP SQL database correct? Any SQL server with the full version of SQL can be used, it doesn't have to be the SCOM DB server correct? Also, you mentioned that the service account needs the same rights as the installation account. Why would this be? None of the documentation or the webcasts stated as such. The only rights required were SCOM Admin rights. Am I incorrect on this?

 

 

Thank you again,

 

Marc

That is correct, it can be any SQL server. It defaults to the SCOM db server because it knows there is a SQL server there, but it is not required in any way.

 

 

Originally we said that the service user had to be a domain admin, but this is not entirely accurate. The user account actually requires full SQL access to the F5 database (you can manually adjust that later to really lock it down). It is required to be a part of the Ops Manager Admin group, and it also needs to be a local admin on the box because of access issues. And lastly, the user account needs to have general domain access so that it can be validated by operations manager and SQL.

 

 

Thank you for pointing out that the information is not in the docs, I will update those to include the information above.

 

 

Thank you,

 

-Dave