Best Practices: Agent Remediation Tool

This is a proof of concept script consisting of a mix of PowerShell with some .NET for a GUI that can serve as an automated playbook for agent remediation.

Typically I prefer to remediate agents via the SCOM console, but there are instances where an agent is locked down such that remote management is not possible, and the SCOM Team may not have access to remote a server and fix an agent. This script empowers non SCOM sysadmins, DBA’s et cetera to be able to perform basic troubleshooting on their agents without the fear of accidentally deleting the wrong thing.

-The script must be run in PowerShell as an administrator

-This script is compatible with PowerShell 2.0, 3.0 & 4.0

*There are some dependencies on the .NET Framework. It is designed for .NET 3.5, but in testing it does work with .NET 2.0, though it will throw some fun red errors for certain non critical display elements which will not be able to load.

This script is designed for SCOM 2012 R2 Agents



1. Restart SCOM Agent (This restarts the Microsoft Monitoring Agent)

2. Flush SCOM Agent Cache (This stops the SCOM agent, Clears the Health Service State Agent Caches, Starts the agent and rebuilds the Agent Cache)

3. Uninstall SCOM Agent (This queries WMI to determine appropriate GUID that is associated with the SCOM agent installation and then passes this GUID to an automated uninstall.)

4. Install SCOM Agent (This is a placeholder for either manual agent install instructions, or it can be adapted to call a function to kick off a command-line based agent install assuming agent media is on an accessible UNC file share)

*It appears I neglected to include the link to the script, it can be downloaded here: TechNet Gallery *


Leave a Reply

Your email address will not be published. Required fields are marked *

The contents of this site are provided “AS IS” with no warranties, or rights conferred. Example code could harm your environment, and is not intended for production use. Content represents point in time snapshots of information and may no longer be accurate. (I work @ MSFT. Thoughts and opinions are my own.)