Fixing Hybrid – IaaS with Azure Update Management and SCOM

One comment

Azure Update Management (AUM) is a free service that helps to deploy patches on servers running in Azure and On Premises (in your datacenter).  It provides basic capabilities, but enough to control the whole patch process.

AUM and OpsMgr

While evaluating AUM on a Windows Server 2019 hosted on Azure I noticed that either monitoring with SCOM or patching via AUM worked. – The mom agent, which needs to contact AUM and SCOM could only contact one destinations at the same time.

Within the Log Analytics workspace the following error was show:

“VM has reported a failure when processing extension ‘MicrosoftMonitoringAgent’. Error message:” This machine is already connected to another Log Analytics workspace, or managed by System Center Operations Manager. Please set stopOnMultipleConnections to false in public settings or remove this property, so this machine can connect to new workspaces.”

Required steps to fix in brief

To solve this issue for the VM proceed with the following steps.

  1. Gather this information: Workspace ID, Workspace Key, VM Name, Location and Resource Group Name
  2. Connect to Cloud Shell
  3. Run some PowerShell to set the stopOnMultipleConnections flag to false.
  4. Activate AUM or restart the SCOM agent if the management server was already entered.

Note: The Azure portal is using lots of JavaScript, HTML and other web technologies. I suggest using Microsoft’s Edge browser.


Steps in detail

Search for Log Analytics and click on Virtual Machines to find the problematic VM:

Locating correct Log Analytics Workspace

Choose Advanced Settings

Select Advanced Settings

On Connected sources, note the Workspace ID and the Primary Key (Workspace Key)

Note values for WorkSpaceID and WorkspaceKey ( Primary ID )

Start the Cloud shell and get virtual machine details as mentioned above.

Start Azure Cloud Shell and get VM details

Use a text editor (e.g. notepad++) and prepare use following code based on the values collected above.


$PublicSettings = @{"workspaceId" = "c94e5249-e224…";"stopOnMultipleConnections" = $false}
$ProtectedSettings =@{'workspaceKey' = 'FwxRLqbRg9/…'}

Set-AzVMExtension -ResourceGroupName "rsg-wegc-commontest-server" `
 -VMName "vm-WEGCXX0001" `
-Publisher Microsoft.EnterpriseCloud.Monitoring `
-ExtensionType MicrosoftMonitoringAgent  `
-TypeHandlerVersion 1.0 `
-Settings $PublicSettings `
-ProtectedSettings $ProtectedSettings `
-Location "West Europe" `
-Name MicrosoftMonitoringAgent

Copy the code into the clipboard and paste it into the Cloud Shell. Confirm with Return.

Copy the code into the clipboard and paste it into the Cloud Shell. Confirm with Return.

Verify that communication with SCOM and AUM works

Start a RDP session, open the control panel and launch the MoM Agent.

Verify MoM Agent - OperationsManager

Verify MoM Agent - Log Analytics

The configuration on the VM looks healthy now.

Within the SCOM Console the server is shown and as fully monitored
Verify VM in Operations Manager Console

Next steps

To ensure that these steps are performed automatically on server creation it make sense to add those steps to an ARM template.

A good starting point provide this link: by @KasunSJC

1 comments on “Fixing Hybrid – IaaS with Azure Update Management and SCOM”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s