question

TonyStrother-2074 avatar image
0 Votes"
TonyStrother-2074 asked TonyStrother-2074 commented

SCOM 2019 UR3 - Replace existing Windows Server 2016 Mgmt Servers with Windows Server 2019 Mgmt Servers

Afternoon,
Current environment: SCOM 2019 UR3
3 Windows Sever 2016 Mgmt Servers, 1 Windows Server 2016/SQL 2016 server

Need to get to: SCOM 2019 UR3
3 Windows Server 2019 Mgmt Servers, 1 Windows Server 2019/SQL 2019

My DBA's are going to standup a new Windows Server 2019/SQL 2019 Server and restore/upgrade a backup of the current SQL 2016, so that we do not lose collected data.

My thoughts:
Create 3 new Windows Server 2019 Server Mgmt Servers, name them NEW-SCOMXXX
Rename existing Windows Server 2016 Mgmt Servers to OLD-SCOMXXX
Use existing OLD IPs on NEW Windows Server 2019 Mgmt Servers-?? - Cannot rename a Mgmt Server once it is in SCOM, correct??
Bring up new Mgmt Servers, connect to upgraded SQL database, existing SCOM Mgmt Group XXX

However, this would mean I would need to reinstall all the SCOM pieces as well as Mgmt Packs, config and ....? Correct?

I have not attempted this before, only side by side migrations.

Another question: Shortly afterwards, once things are stable again, I need to transition to gMSA's. Can the Data Warehouse Report Deployment Account and SSRS use gMSA's?

Thank you in advance for your time and assistance.
Anthony


msc-operations-manager
· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

TonyStrother-2074 avatar image TonyStrother-2074 ·

Afternoon,
Thank you again!
I am at this point: Move the DBs to your new SQL 2019 Instances as per the guide
I want to change over to GMSAs as part of this whole thing. Would it be wise/easier to do this before moving the databases of after?
I am using the links to the info you provided, thank you again!
Would I use these as the guide to doing the changes?
https://docs.microsoft.com/en-us/system-center/scom/service-level-changes?view=sc-om-2019#change-the-service-account-for-sql-server-reporting-services-to-gmsa
https://docs.microsoft.com/en-us/system-center/scom/console-level-changes?view=sc-om-2019
https://docs.microsoft.com/en-us/system-center/scom/service-level-changes?view=sc-om-2019#change-the-service-account-for-sql-server-reporting-services-to-gmsa
Tony


0 Votes 0 ·

3 Answers

StoyanChalakov avatar image
0 Votes"
StoyanChalakov answered StoyanChalakov edited

Hi Anthony,

I understand the struggle now.

You cannot have SCOM 2016 with SQL 2019, it is not supported unfortunately.

The way I see this, you have this option:

  • Patch your SCOM 2016 with the latest UR

  • Install additional WS 2019 as management servers in your SCOM 2016 MG.

  • Move the RMSe role to one of the new WS 2019 Mgmt Servers

  • Make sure your MG is Healthy

  • Get rid of your WS 2016 Management Servers

  • Patch your SQL 2016 instances to a SCOM 2019 supported version.

  • Do an In-Place Upgrade of SCOM (SCOM 2016 to SCOM 2019) on your new WS 2019 management servers (Keviin Holman's Checklist)

  • Move the DBs to your new SQL 2019 Instances as per the guide

Your original plan is not going to work or it might cause some nasty issues, becasue the confiigurations are scattered on so many different locations - multiple tables in the Operations DB, the Data Warehouse DB, registry, .config files, etc. etc. Also, if you encounter some issues during the process and decide to call Microsoft for help, they will label it als "not supported" and refuse to handle the ticket. So, if you are allowed to do In-Place Upgarde of applcations (SCOM :) ) then this would be the way to go.

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Stoyan Chalakov








· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

TonyStrother-2074 avatar image TonyStrother-2074 ·

Sounds great, and thank you so much! I will let you know if any issues!
Anthony

0 Votes 0 ·
StoyanChalakov avatar image
0 Votes"
StoyanChalakov answered StoyanChalakov edited

Hi Tony,

the action plan with renaming servers and reassigning IPs does not sound like good idea in my humble opinion. Alot can go wrong there, especially when you have already moved your DBs:

How to move the Operational database
https://docs.microsoft.com/en-us/system-center/scom/manage-move-opsdb?view=sc-om-2019

Why not simply doing an In-Place Upgrade of the OS on your management servers? You have only one steps WS 2016 -> WS 2019 and my experience shows that this usually goes fast and smooth.

To the gMSA question of yours: You can use a gMSA for any SCOM service accounts as stated here:

Accounts used for gMSA
https://docs.microsoft.com/en-us/system-center/scom/support-group-managed-service-accounts?view=sc-om-2019#accounts-used-for-gmsa

You can also use a gMSA with your SCOM SQL Reporting Server Instance. this is the official MS Docs guide on that:

Change the service account for SQL Server Reporting Services to gMSA
https://docs.microsoft.com/en-us/system-center/scom/service-level-changes?view=sc-om-2019#change-the-service-account-for-sql-server-reporting-services-to-gmsa

and also another more general blog article:

How to secure Reporting Services with Group Managed Service Accounts (GMSA)
https://www.sqlshack.com/how-to-secure-reporting-services-with-group-managed-service-accounts/

I have tested this already multiple times, works like a charm.

(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

Regards
Stoyan Chalakov




5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

TonyStrother-2074 avatar image
0 Votes"
TonyStrother-2074 answered

Morning and thank you very much for the assistance!
I should have mentioned we are not permitted in our environment to upgrade a servers OS. This part always complicates things.
How about this path?
Get the existing Windows Server 2016 Mgmt Servers to work after the database move
Add new Windows Server 2019 Mgmt servers to that environment.
Move the RMS Emulator role to one of those new 2019 Windows Server mgmt servers
Once all the new 2019 Servers are integrated into the environment, remove the other two Windows Server 2016 Mgmt Servers.

Thank you again!
Anthony

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.