Export management pack XML from SquaredUp PowerShell tile

kenneth · July 7, 2023, 9:51am

Have anyone been able to export a management pack from within a PowerShell tile using the Export-SCOMManagementPack?
The purpose of this is to parse the MP XML, to present the dynamic membership rules for the groups in the MP on a dashboard.

When running Export-SCOMManagementPack from the PowerShell tile, I get the error: “The user DOMAIN\SQUAREDUPSERVER$ does not have sufficient permission to perform the operation.”

(Get-SCOMManagementPack has the -Credential parameter, but Export-SCOMManagemnetPack does not)

I tried to use Invoke-Command, and execute the script on a management server:

$resultString=Invoke-Command -Credential $Credentials -ComputerName “MS01”-ScriptBlock {
$ManagementPack = Get-SCOMManagementPack -DisplayName “MPName”
$ManagementPack | Export-SCOMManagementPack -Path “C:\Windows\Temp”
$content = Get-Content -Path “C:\Windows\Temp$($ManagementPack.Identifier.Path).xml”
Remove-Item “C:\Windows\Temp$($ManagementPack.Identifier.Path).xml”
$content #return it
}

This does work - but for some reason the Invoke-Command is extremely slow at returning the content. It takes around 3 minutes to return the XML for a MP that is around 1.3 MB. And the servers are just next to each other.

Right now I’ve settled on a solution where I from a scheduled task export all management packs to the SquaredUp server, and then read the XML file directly instead. But if it I could get the content directly, it would be a better/simpler solution.

I already engaged SquaredUp support on this, and after some great troubleshooting steps (unfortunately without any success), the supporter suggested that I posted my question in here.

an_evil_penguin · July 10, 2023, 8:42am

Hi Kenneth,

Get-Content has some known issues with larger files:

github.com/PowerShell/PowerShell

Get-Content is slow on large text files. Could it have a parameter to speed it up by not adding NoteProperties?

opened 03:58AM - 16 Aug 18 UTC

HumanEquivalentUnit

Issue-Enhancement Up-for-Grabs WG-Cmdlets-Core

Using Get-Content to read an [example 170,000 line wordlist text file](https://g…ithub.com/dolph/dictionary/raw/master/enable1.txt). ``` # Default use, slow. Roughly 6 seconds. Over 100x longer than the alternatives. $lines = Get-Content -Path '/path/to/bigfile.txt' # Fast. Roughly 40ms - 90ms. $lines = [system.io.file]::ReadAllLines('/path/to/bigfile.txt') # Fast. Roughly 50-100ms. NB. the ReadCount has to be larger than the file line count, # otherwise $lines is not a 1-dimensional array. i.e. you need to know the file line # count to be able to do this in one move. $lines = Get-Content -Path '/path/to/bigfile.txt' -ReadCount 200kb # Fastest. Roughly 30ms - 50ms. $lines = Get-Content -Path '/path/to/bigfile.txt' -ReadCount 100 | foreach { $_ } ``` The reason for the slow version is explained [here, apparently by Bruce Payette in 2006](https://www.vistax64.com/threads/much-faster-than-get-content-why.23052/): > This is a known issue with the way Get-Content works. For each object returned from the pipe, it adds a bunch of extra information to that object in the form of NoteProperties. > These properties are being added for *every* object processed in the pipeline. We do this to allow cmdlets to work more effectively together. It's important because things like the Path property may vary across different object types. In effect, we're doing "property name normalization". Unfortunately, while this technique provides significant benefits by making the system more consistent, it isn't free. It adds significant overhead both in terms of processing time and memory space. We're investigating ways to reduce these costs without losing the benefits but in the end, we may need to add a way to suppress adding this extra information. I think it's a shame that the default usage of Get-Content is the slow version, but that's likely not going to change. But, 12 years on from this posting, is it time to add a way to suppress adding this extra information? e.g. a parameter to `Get-Content` which switches off the NoteProperties. I have no good parameter name suggestion - ideally I would want it to communicate "this is faster" to people who see it in written code, or who read the documentation wondering how they can speed up Get-Content on large files.

The TLDR is that it does a bunch of parsing on the input before making it available to you, which is heavier weight than it could/should be.

If you are allowed to dip into .NET (sometimes security policies prevent this) the suggestion on that issue is to use File.ReadAllLines Method (System.IO) | Microsoft Learn
Which will give you an array of strings. But depending on what you want/need there are a variety of solutions/workarounds listed in that issue.

EP

Keithr · July 10, 2023, 10:49am

Hi Kenneth

As you’ve already worked out. This is happening because the application pool account SquaredUp uses doesn’t have permissions to export management packs. You could get around this by creating a new PowerShell profile in SquaredUp and assigning a user with the correct permissions. Export-SCOMManagementPack requires a user that is a member of the ‘Operations Manager Administrators’ role.

This feels like far too much permission to me. It might be better to access the MP elements directly rather than exporting to XML first. You could do something like…

$Group = Get-SCOMGroup -Id '6f7e3306-beeb-2996-3795-7c1eafb925b8' # 'All Windows Computers'
$DiscoveryXML = [XML]($Group.GetMonitoringDiscoveries().createnavigator() | Select -ExpandProperty outerxml)
$DiscoveryXML.Discovery.DataSource.MembershipRules.MembershipRule

To access the membership rules as XML. You should then be able to use the same code to parse the XML as you are already using and the profile user would only need to be a member of ‘Operations Manager Advanced Operators’

Hope that helps

kenneth · July 14, 2023, 6:00am

Thank you Keith!
I was looking for a way to get the discovery XML directly from SCOM, but was not able to do so, which lead me down the path of importing the XML file instead. But with your lines of code, I just what I initially wanted - thanks! It’s also a way better solution than exporting/reading XML files.

kenneth · July 14, 2023, 6:02am

Hi Evil Penguin
Thanks for your answer From what I could see in my tests, it was not the Get-Content that was the issue (the file is only 1.3 mb in size), but when the content should be serialized back to the SquaredUp server initially invoking the script lines.
However, I found another solution, so I’ll stick with that instead. But thanks for your help and time!