Jeff Wouters's Blog

Set domain runas account for SQL Server Management Pack in SCOM

by on Dec.23, 2013, under DuPSUG, PowerShell, SCOM

Last week the SCOM admin from my customer asked me to help out with a PowerShell command he was trying.
A little background information:
We introduced the SQL Server Management Pack in SCOM and chose to run it under domain credentials instead of local system.

First we’ll need to create a variable which stores the runas account:

$RunAs = Get-SCOMRunAsAccount "sql action account"

Second we’ll want to get a list of names from the servers we want the Management Pack to monitor:

$distlist = Get-SCOMGroup -DisplayName "sql computers" | Get-SCOMClassInstance | Select-Object -Property DisplayName

But SCOM doesn’t work with server names, it works with SCOM agents.
So to get a list of SCOM agents on those SQL Servers:

$distribution = $distlist | foreach {Get-SCOMAgent -Name $_.DisplayName}

Next up will be to actually configure the runas account on those servers:

Set-SCOMRunAsDistribution (Get-SCOMRunAccount "sql action account") -MoreSecure -SecureDistribution $distribution

And last we’ll actually want to see if our actions had any effect:

Get-SCOMRunAsDistribution (Get-SCOMRunAsAccount "sql action account")

Or when you want to see the actual list of servers the runas account has been distributed to, expand the SecureDistribution property:

Get-SCOMRunAsDistribution (Get-SCOMRunAsAccount "sql action account") | Select-Object -Property securedistribution

Leave a Reply