Exporting and Importing User Roles and Notifications in SCOM 2007 and SCOM 2012
A customer of mine is migrating from SCOM 2007 to a new SCOM 2012 installation and would like to migrate User Roles and Notifications instead of recreating all of them manually.
Note that both User Roles and Notifications both reference objects that are defined in Management Packs (Groups, Workflows, Views, Tasks, etc.), so you want to be sure to import ALL Management Packs that you will be using in the new Management Group BEFORE migrating Notifications and User Roles.
Notifications are stored in the “Notifications Internal Library” Management Pack, which can be exported from one Management Group and imported into another.
To migrate the notifications, all we need to do is:
- Export the “Notifications Internal Library” Management Pack from the SCOM 2012 Management Group and save a copy of it…this is just so we have a copy of the empty notifications MP in case things don’t work out and we want to restore back to the defaults.
- Export the “Notifications Internal Library” Management Pack from the SCOM 2007 Management Group and import it into the SCOM 2012 Management Group
If any Command Channels are used in your Notifications in SCOM 2007, the settings will have a path to the command file used, which should exist on the RMS:
In SCOM 2012, we use the Notifications Resource Pool for sending notifications. By default, all Management Servers will be included in this Resource Pool, which means that any of the Management Servers could send Notifications. So, you will need to do one of the following:
- Copy the files used by Command Channels to all of the Management Servers (to the same path indicated in the Command Channel settings).
- Copy the files used by Command Channels to a network location accessible by all Management Servers and update the path in the Command Channel settings.
- Change the Notifications Resource Pool to manual and modify membership to include only the Management Server(s) that you copy the files to.
Personally, I like number 2 the best since you won’t have to make any additional changes when you add or remove servers from the Notifications Resource Pool.
I took Russ’ script and modified it to work with SCOM 2012, so we can just use the original script to export User Roles from SCOM 2007, and use the new script to import them into SCOM 2012. Both scripts are attached to this blog.
User Role in SCOM 2007
Copy UserRoleExporter-2007.ps1 to a folder on the RMS (I used c:\UserRoleExporter)
Open OpsMgr PowerShell and run “UserRoleExporter-2007.ps1 <RMS_NAME> export”
If prompted with a security warning, type “r” for “Run Once”
Once completed, verify that a userroles.xml file was created in the c:\UserRoleExporter directory
One the SCOM 2012 Management Server, create a c:\UserRoleExporter directory and copy UserRoleExporter-2012.ps1 and the useroles.xml to it (the file that was created after running the script on the SCOM 2007 server)
Open the OpsMgr Command Shell on the SCOM 2012 server and run “UserRoleExporter-2012.ps1 <MS_NAME> import”. In the screen shot below, you can see that some of the groups in my SCOM 2007 environment do not exist in my SCOM 2012 environment (because I haven’t imported all of the Management Packs yet)….so again, you want to be sure to import all Management Packs that you will be using before doing this.
Refresh the User Role page in the SCOM 2012 console