Today I finally got around to attempting to integrate SCCM with OMS. For those that may not be aware, with the release of SCCM 1606, Microsoft has included a new feature; a pre-release of the Microsoft Operations Management Suite (OMS) Connector.
I started to follow the official documentation, found here: Connect Configuration Manager to Log Analytics.
Step 1 says: “In the Azure Management Portal, register Configuration Manager as a Web Application and/or Web API app, and ensure that you have the client ID and client secret key from the registration from Azure Active Directory.” Since I don’t have a lot of experience with Azure Active Directory (AAD), I had to follow the supplemental documentation on how to create an Active Directory application reference.
Important Note: In the Assign application to role section of the documentation, it walks you through assigning permissions at the Azure Subscription level. In a Production environment, you would not assign Applications permissions over your entire subscription. Also, you can safely ignore that step (in the supplemental documentation), since the referenced OMS documentation shows you how to specifically Provide Configuration Manager with permissions to OMS.
That all went fine without issue. Where I ran into trouble/confusion was the second step, namely Provide Configuration Manager with permissions to OMS.
In Step 9 of that sub-section, it says to “Click Add users, select the Configuration Manager user, click Select, and then click OK.”
Where I became confused was the list that was displayed in my tenant.
Firstly, the documentation uses the wording “select the Configuration Manager user” which is incorrect, since this is not a User Account we created, but an Application. Second, I only see my User Accounts listed; where is my registered Application?
As it turns out, there is a little information popup which says: “Select a user or group by entering their name or email. Select an application by entering its name, or application ID. Select a device by entering its name.”
It’s a little confusing that you have to actually enter an Application or Device name just to be able to see it, whereas all the Users and Groups are displayed by default. It would be more intuitive if Microsoft had a drop-down list that would allow you to toggle displaying Users/Groups, Applications, or Devices.
However, it does allow partial name searches as well. This will show all types of accounts (User, Application, Device) to choose from.
Following along with the rest of the documentation, I was able to integrate my SCCM environment with OMS. However, you may notice in SCCM that there are 2 elements of OMS referenced. One for the “OMS Connector” and another called “Upgrade Analytics Connector”.
Both of these are tied to OMS, but are different.
The OMS Connector is what allows OMS to create Computer Groups based on SCCM Collections. You can then use these Computer Groups for things like Update Management.
The Upgrade Analytics connector connects SCCM to OMS’s Upgrade Analytics solution. This solution helps you plan and manage your process to deploy Windows 10 in your environment.
What’s cool is that you can create SCCM Collections based on the OMS Upgrade Analytics evaluations.
I hope this helps you, as I initially found it confusing with the wording, screenshots, etc.