I do failed logon attempts, lockouts, and unlocked alerting in SCOM from DCs and these alerts have to get generated.  However, I don’t really want to have to bulk close them all the time.   Does anyone know how I should trackle these in an automated fashion?

I have Tao’s self maintenance MP installed in my 2016 enviornment but when I edit any of the rules and save I get an error similar to below:

“The ‘Alias’ attribute is invalid – The value ‘2012’ is invalid according to its datatype ‘ManagementPackUniqueIdentifier’ and “XSD Verification failed for the management pack”.

Right now my daily routine is to mass close these via a custom view I put together.   It is rather annoying though 🙂



Pascal Verdieu answered