SCOM Powershell Monitor for Fileshare Location

BTeal · December 5, 2023, 6:50pm

I’ve created a powershell script to monitor for the existence of files at several fileshare locations. The script works from Powershell ISE using my elevated credentials.

The 2-state monitor I created isn’t working, and I’m worried it’s due to credentials. I’ve enabled the monitor for a server with an agent installed, but our action account is local system, which wouldn’t have access to the share.

How would I call a SCOM action account from the script itself, which would have access to the share?

pchip · December 11, 2023, 3:12pm

I had something similar, in which I needed to ensure the share was accessible remotely and not simply locally. You have 2 solutions here:

You can have the script run as a user that has access to the file share (using SCOM Profiles)
If you can’t, and your agent is running as System, then give rights to the computer account (which is what I ended up doing) on which the agent running the flow is running.

pchip · December 11, 2023, 4:44pm

If you want to use a custom account (instead of System) then you’d first need to create a secure reference

<TypeDefinitions>
	<SecureReferences>
			<SecureReference ID="MyUniqueSecureReferenceID" Accessibility="Public" Context="System!System.Entity" />
	</SecureReferences>
</TypeDefinitions>

Then in your probe action (or DataSource) you would either have it RunAS

<DataSourceModuleType ID="MyUniqueDataSourceID" Accessibility="Internal" RunAs="MyUniqueSecureReferenceID">

Or you can send the credential info down the PoSH script, which is done in 2 parts. First in the XML definition

                <Parameters>
                  <Parameter>
                    <Name>Username</Name>
                    <Value>$RunAs[Name="MyUniqueSecureReferenceID"]/UserName$</Value>
                  </Parameter>
                  <Parameter>
                    <Name>Password</Name>
                    <Value>$RunAs[Name="MyUniqueSecureReferenceID"]/Password$</Value>
                  </Parameter>
                </Parameters>

and second inside the script

param($UserName, $Password)
$Credential = New-Object System.Management.Automation.PSCredential ($UserName, $(ConvertTo-SecureString $Password-AsPlainText -Force))
#...
New-PSDrive -Name Drive -PSProvider FileSystem -Root \\Server\Share -Credential $Credential
#...
Get-ChildItems Drive:\

HTH