SCOMHelper PowerShell Module – A SCOM Admin’s Best Friend

(installation instructions at bottom)

2021.05.13: v1.35 – Improved New-SCOMClassGraphIndex. Better handling of foreign graphs.
2021.01.06: v1.34 – Improved error handling in RemoveObsoleteMPRefTask.
2020.12.30: v1.33 – Improved GraphViz package detection for New-SCOMClassGraph function.
2020.11.19: v1.31 – Improved Update-SCOMComputerGroup
2020.09.22: v1.28 – Added Get-SCOMRunningWorkflows
2020.08.19: Added Update-SCOMComputerGroup
2020.08.12: Added New-SCOMComputerGroup
2020.05.13: Added Export-SCOMOverrides, Deploy-SCOMAgent

There are a number of cool scripts that I’ve collected, borrowed, and written in my travels as a SCOM field engineer and PowerShell enthusiast. I decided to put them all together into one module for easier maintenance and use. Enjoy.

SCOMHelper Module Functions:



  • Get-SCOMRunningWorkflows – Will return an object that represents detailed task results for agent task: ‘Microsoft.SystemCenter.GetAllRunningWorkflows’
  • Update-SCOMComputerGroup – Will overwrite an existing instance group or computer group containing Windows Computers [Microsoft.Windows.Computer] objects and optionally include related Health Service Watchers [Microsoft.SystemCenter.HealthServiceWatcher] if the original group type is Microsoft.SystemCenter.InstanceGroup.
    2020.11.19: I improved this function. If the existing unsealed MP does not already have the required references, the function will add them.
  • New-SCOMComputerGroup – Will create an instance group containing Windows Computers [Microsoft.Windows.Computer] objects and optionally include related Health Service Watchers [Microsoft.SystemCenter.HealthServiceWatcher].
  • Export-SCOMOverrides – Will export override data to html, csv, xml, json file formats. Includes a generous amount of workflow and parameter information.
  • Deploy-SCOMAgent – This is an alternative to the OperationsManager Install-SCOMAgent. This version will allow you to specify the installation directory, whereas the original will not.
  • Get-SCOMAlertKnowedge – This script will get workflow details for one or more alerts, including the Knowledge Article content (neatly formatted in HTML).


First and foremost my pride and joy is this brilliant work of art. I’m pretty sure I just tweaked my own arm patting myself on the back but you know what, I am really proud of this. This is a first of its kind tool (that I know of) for generating a graphical representation of a SCOM class. It will create a graphical structure (.png) that represents SCOM class taxonomy, all properties, hosting and discovery relationships for a SCOM class.  This function relies on a few other brilliant modules but don’t worry, this function will automate the other module installations for you.  (This is assuming you have connectivity to the interwebs. Yes, interwebs. Otherwise you will have to obtain the dependencies manually.) This tool will prove to be priceless for any SCOM admins, enthusiasts, and most importantly, MP authors, both new and seasoned.
Note: This function requires PowerShell v5 or greater due to some other module dependencies. Tested with SCOM 2019, 2016, 2012 R2.

Feed this function one or more of the following: a class object, class Name, class Display Name, or class ID, and it will do the rest. There are a few neat parameters to control caching of graphics files, include/exclude related class discovery workflows, and displaying the new graph file.


Below is an example of class: Microsoft.SQL.Server.2014.DBEngine. The legend is shown on the top right of the graphic to help you understand the relationships between boxes.

The orange boxes represent classes that are HOSTing those connected below it.
The green boxes are hosted classes, which means they hosted by the orange class box connected above it. (see ‘orange’ definition above).
Orange arrows also help indicate a hosting relationship
The blue boxes represent discoveries which are capable of discovering those classes which are connected (along with the properties listed in blue).
The purple boxes represent ordinary abstract classes. Note: other colored boxes may also be abstract.
The remaining boxes and arrows represent ordinary class lineage (parent –> child) relationships.
Awesome. I know.
( References: Relationships, Understanding Classes and Objects, SCOM Fundamentals )


New-SCOMClassGraph -ClassName 'Microsoft.SQLServer.Windows.Database'

2) This is a much fancier way to accomplish the same thing as Example 1, above, but with the help of GridView to select the class. This command will get all SCOM classes in the management group and select Name, DisplayName, and ManagementPackName to be presented in GridView for easy browsing and selection by the user. Select one or more classes from the Grid View, click OK.  In the example below I’ve filtered on keyword “SQL” and selected a single line item. This selected class name gets piped into the function: New-SCOMClassGraph. The resulting graph (.png file) is shown above in Example 1.

Get-SCOMClass | Select Name,Displayname, @{N='ManagementPackName';E={$_.Identifier.Domain[0]} }| Out-GridView -PassThru | New-SCOMClassGraph

The graph file opens with your default ‘.png’ application. Your default viewer might be Internet Explorer, it might be Picture Viewer. You decide. Just be sure to associate .png file type to a default viewer.
You can optionally use the -ShowGraph:$false  parameter to prevent the opening of the .png file. You might leverage this feature if you simply wanted to cache all of the files on disk without opening them. I did this in my lab and it took 45 minutes to generate 1688 graphs for a total of 276MB.

2) This is an example of piping a class object into the cmdlet:

Get-SCOMClass -Name 'Microsoft.SQLServer.2012.Publication' | New-SCOMClassGraph

You can even display multiple classes on a single graph with the ‘-Combine’ parameter. Shown below are two classes on the same graph:

Get-SCOMClass -Name 'Microsoft.SQLServer.Windows.ResourcePool','Microsoft.SQLServer.Windows.Database' | New-SCOMClassGraph -Combine


This tool is designed to make it easier to manipulate overrides and do a few other admin tasks:

  • Bulk enabled/disable workflows for their target class
  • Bulk delete overrides
  • Bulk move overrides between unsealed management packs
  • Remove all obsolete references in all unsealed packs
  • Backup all unsealed management packs
  • Create a new override management pack

Ideally normal overrides should be stored in a “buddy pack” directly related to the “base” MP of the affected workflow. (see this article: ) Most of the time it seems that overrides are stored randomly in various unsealed packs with no system of organization. This tool can help organize your environment as well as quickly tune workflows in bulk/batches.

This tool can enable or disable a workflow by either deleting an existing override or creating a new override to accomplish the desired effect. (The Enable and Disable actions only affect the workflow Target class.) This tool can also move (or relocate) an existing override to a different unsealed management pack.

This tool doesn’t technically “move” the override. It deletes the original override and creates a new override in the destination MP. Only valid candidates/overrides will be presented for selection. A valid candidate is one that does not reference or depend on any other objects (workflows, targets) contained within the same original unsealed MP.
Example: Overrides that might affect custom groups in the same MP would be ineligible.

For all operations that modify or change any management packs, all activities/actions are written to the logfile and unsealed packs are backed up prior to any changes.

For Enable/Disable operation:
Typically the procedure would be as follows:
1) Select any number of “source” unsealed packs.
Only workflows (Rules/Monitors/Discoveries) from these packs will be presented for selection.
2) Select a “destination” unsealed pack into which to store any *necessary (new) override(s).
3) Select action type: Enable or Disable
4) Select ‘type’ of workflow(s) you wish to enable/disable: Rule, Monitor, or Override
5) Select any quantity of workflows.
6) Confirm to initiate the enable/disable action

*Note: a) In some cases an override might already exist which must be deleted to result in the
desired effect (enable/disable).
b) Enable/Disable actions only affect the workflow Target class.

For a “Move” operation:
Typically the procedure would be as follows:
1) Select any number of “source” unsealed packs from which to select overrides.
2) Select any number of eligible overrides from that set of source packs.
3) Select a “destination” unsealed pack into which to move the override(s).
4) Initiate the move.

You may select one or more ‘source’ MPs to limit the results shown during the override selection process. This is effectively a way to filter the overrides. Otherwise ALL valid overrides from ALL unsealed MPs will be presented in the selection window. See menu details below.
*This tool does not currently move any overrides related to SecureReference, Diagnostic, or Recovery objects.

Example: Bulk select workflows to disable:


This nifty function will neatly display your property bags when testing PowerShell scripts. Ordinarily the property bag output test format would look like this (multiple bag output shown):

With this function, they will output like this.

In addition, you get a structured PowerShell object to do with as you please. 
Note: When testing scripts with this function, your PowerShell script must include the method which ordinarily outputs the dataitem to the standard output. Example below:

# Script: PBTest.ps1
$api = new-object -comObject 'MOM.ScriptAPI'
$bag = $api.CreatePropertyBag()
$DatabaseName = "someDBname"
$bag.AddValue('DatabaseName',$DatabaseName )

An example of how to access the PB data in the resulting hash table object:

# Store property bag(s) in variable as hash table
$var = Show-SCOMPropertyBag -FilePath C:\test\MyTestPB_script.ps1 -Format HashTable

# Display property bags (basic summary table)

# Display value in detail


This one’s pretty obvious. Will clear the agent cache and restart the HealthService (Microsoft Monitoring Agent) on the local machine. However, this PowerShell module is typically installed on your mgmt server(s).


This function has been deprecated.
See Start-SCOMOverrideTool


This function has been deprecated.
See Export-SCOMEffectiveMonitoringConfigurationReport


The primary feature to highlight is that this function includes a parameter to specify installation directory of agent.


Will recursively find contained/hosted instances of one or more monitoring objects and output the effective monitoring configurations to HTML or CSV format (or both).
Note: I recommend that you do not run this report for groups with many members (like “All Windows Computers”). This can become very expensive for your mgmt server and Opsman database. I have a very small lab (8 servers) and it took about 26 minutes to process 363 (related/hosted) objects.

In this fancy example the text “COLLECTION” is used to filter the results.

Note: The “Overrides” column will not display default and modified values for the Enabled property because this info is not easily retrieved with the available SDK method(s). However the “Enabled” column will indicate the correct current status for the workflow.


This is a quick way to dump events from the Operations Manager event log to a CSV file.


Export-SCOMEventsToCSV -Newest 1000 -OutFileCSV 'C:\SCOMEvents.csv'


This is pretty well documented here.

This script will get all rule and monitor knowledge article content (with hyperlinks) and output the information to separate files (Rules.html and Monitors.html) in the output folder path specified.


Will display statistics about the total number of SCOM class instances and the management packs from which they originate.


1) Statistics by class

Get-SCOMClassInfo -Top 10

2) Statistics by management pack

Get-SCOMClassInfo -Top 15 -MPStats -ShowGraph


This will generate an awesome HTML report including many of the popular Health report contents and SQL queries that we all know and love. This was originally written by Tim Culham and then rebooted by MBullwinkle in 2014. It made sense to include it in this module.

Here’s a sample report.


Feed this function a folder path and it will list version and file path information for all management pack files (*.mp, *.mpb, *.xml) in all subdirectories.

If you’re environment is anything like mine, you probably have a spaghetti mess of folders upon folders stuffed with all kinds of management packs that you collected over the years for testing. It’s not always convenient or easy to keep all management packs organized in version-labeled folders. In fact, it’s a huge pain in the neck seeing as how there’s no easy way to determine versioning of MPs based on file properties. This is a friendly tool which will display all of the basic MP info for you.


1) Feed this function the path to the ‘ManagementPacks’ folder from my SCOM installation media:

Get-SCOMMPFileInfo -inDir 'C:\Temp\en_system_center_2012_r2_operations_manager_x86_and_x64_dvd_2920299\ManagementPacks'

Note: -Passthru is already enabled on the GridView to allow the user to select one or more MP items so they can be piped to another cmdlet that accepts management pack Name, DisplayName, or ID as piped input.

2) This is a super simple way to pick from a list of MPs to import.

Get-SCOMMPFileInfo -inDir 'C:\Temp\MyManagementPacks' | Import-SCOMManagementPack –Verbose


Feed this an account SSID and it will return the friendly name of a RunAs account.

When a RunAs account problem occurs the resulting errors will appear in Operations Manager event logs containing the account SSID instead of the friendly ‘Display Name’ which makes it difficult to determine which account is involved. This function will reveal the friendly name of the SSID.


Get-SCOMRunAsAccountName -SSID '0000F61CD9E515695ED4A018518C053E3CD87251D500000000000000000000000000000000000000'


This isn’t really specific to SCOM but I found it useful in the past so I included it in this module. Feed it an ordinary string (or any object) and it will generate a unique hash value.



Get-SCOMClass -name '' | Select-Object -Property Name | Get-StringHash



Get-StringHash "Creepy Cat Guy"



This will ping all hosts in my HOSTS file (normally located at: C:\Windows\System32\drivers\etc\hosts). This also isn’t really specific to SCOM but I found it useful in my own (SCOM) lab environment so I included it in this module. In my lab environment I have to ping my network devices occasionally to refresh the forwarding table on my cheap 1Gb switch so that they can be reached without first establishing a path. (I hope I’m explaining that clearly). Otherwise, my first connection attempt to my lab servers fails and I have to wait for it to timeout. Upon my second connection attempt, I can successfully connect. I will often let this continue to run in the background to keep those paths fresh. Mmmmmm, fresh paths!



This will ping all hosts a total of 999 times while pausing for 3 seconds between attempts.

Ping-AllHosts -DelayMS 3000 -Count 999


This function will remove obsolete aliases from unsealed management pack .xml files, offline. This will not alter the original file but rather will output modified versions to the designated output folder.


This will modify a single .xml file:

Remove-SCOMObsoleteReferenceFromMPFile -inFile 'C:\Unsealed MPs\MyOverrides.xml' -outDir 'C:\Usealed MPs\Modified MPs'

This will retrieve all .xml files and pipe them into the function:

Get-ChildItem -Path 'C:\CustomMPsExported' | Remove-SCOMObsoleteReferenceFromMPFile -outDir 'C:\Usealed MPs\Modified MPs'


This will standardize all of the aliases in one or more unsealed (.xml) management pack files.

Occasionally (unfortunately) it is necessary to move elements from one unsealed pack to another unsealed pack by cutting/pasting. When unsealed MPs are created by activities within the Console, the references/aliases that get created are randomly named/assigned and often times are ambiguous and usually inconsistent between unsealed packs. This makes it very difficult to cut from one file and place into another file because the aliases won’t match (this is assuming that the same/necessary references exist in both files).

This function will inventory all of the MP reference IDs that can be found in the single file (or set of .XML files) specified by the InputPath parameter. It will create a customized set of condensed alias acronyms to be standardized across all of the unsealed management packs. It will then replace the aliases in the Manifest section of the file(s) as well as throughout the file in elements where the aliases are used.

Note: This will modify the unsealed MPs located in the designated ‘InputPath’ location. However, the functionality of the MPs will not be affected.



Set-SCOMMPAliases -InputPath 'C:\UnSealedMPs\'

This is an example of what your updated unsealed MP file will look like.



Will display all known modules contained in all sealed management packs as well as basic schema information. Based on an original script found here:
This can prove to be useful when authoring or debugging.

I’m a big fan of Out-Gridview.



Show-SCOMModules | Out-GridView


This will test any number of TCP ports on any number of hosts. It will accept piped Computers/IPs or Ports and then test those ports on the targets for connectivity.



Test-Port -Computer db01,"",'' -Port 80,53,139


There are plenty of examples of how to unseal MP files but this version will will unseal .MP and .MPB files along with any additional resources contained therein and place all files into version-coded folders.


1) This will unseal all of your Microsoft sealed packs (which normally get extracted/installed to the default SCOM MP folder location).

Unseal-SCOMMP -inDir 'C:\Program Files (x86)\System Center Management Packs' -outDir 'C:\Temp\Unsealed'

Find-Module scomhelper -Repository PSGallery | Install-Module -Verbose

Here’s an example from my lab:

Note: You may have to force TLS 1.2 for your PowerShell session first with this command:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Note: You may also have to update your ‘PowerShellGet’ module with this command:

Install-Module PowerShellGet -Force -Verbose

If for some reason you don’t have a default repository (or any repository at all) you can always register the default.

Q. How do I know if I don’t have any repository?
A. If you run the following command and get no result:

Q. How can I register the default repository (PSGallery)?
A. Run this command: Register-PSRepository -Default

If you are unable to register the default repository it might be because your machine is behind a proxy. See this article for how to configure your default proxy settings for PowerShell.

Note: You may also have to add PSGallery to your trusted repositories with this command (after you update PowerShellGet as shown above):

Get-PSRepository -Name PSGallery -Verbose | Set-PSRepository -InstallationPolicy Trusted -Verbose

Once you have the PSGallery repository registered and PowerShellGet imported/installed, then you can attempt to “Find” SCOMHelper with this command: Find-Module SCOMHelper -Verbose

Once you are able to find the module (verify that you can reach PSGallery and that SCOMHelper exists there), you can install it with this command:
Find-Module scomhelper -Repository PSGallery | Install-Module -Verbose

Additionally you can view more info at the PSGallery.

Manual Installation

Download the archive manually. It has a funny extension, but it’s just a compressed archive. You should be able to extract the contents with any zip tool (7zip, Winzip, WinRar, etc.)

Note: This will install the SCOMHelper module only. There are some commands in this module that require additional/separate modules/packages like the New-SCOMClassGraph tool. Typically these dependencies can be installed right from the PowerShell console. However, if you don’t have internet access on your target server, it will be up to you to figure out how to get those other dependencies installed.

Extract the specific files to the precise path as shown:
C:\Program Files\WindowsPowerShell\Modules\SCOMHelper

You may have to unblock these files. It will depend on your local security policy:

Get-ChildItem -Path 'C:\Program Files\WindowsPowerShell\Modules\SCOMHelper' | Unblock-File -Verbose

Once the module (folder and files) exists at the correct location, you may import the module:

# Import module, Opsman module too.
Import-Module 'SCOMHelper','OperationsManager' -Verbose

Note: After updating/installing GraphViz version 2.44.1 you may encounter the following error:
dot.exe : Format: "png" not recognized. Use one of:
At C:\Program Files\WindowsPowerShell\Modules\PSGraph\2.1.19\PSGraph.psm1:884 char:55
+ ...       $output = $standardInput.ToString() | & $graphViz @($arguments)
+                                                 ~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (Format: "png" n...ed. Use one of::String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
Export-PSGraph : System error.
At C:\Test\SCOMHelperDev\Untitled10.ps1:819 char:11
+       } | Export-PSGraph -DestinationPath $outPath -ShowGraph:$ShowGr ...
+           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], ParseException
    + FullyQualifiedErrorId : System.Management.Automation.ParseException,Export-PSGraph


Simply run the following command to register the plugin config file:

dot -c

Additionally you can run the following command to view the GraphViz plugin config info:

dot -v

24 Replies to “SCOMHelper PowerShell Module – A SCOM Admin’s Best Friend”

    1. @Joseph, I’m glad that you are enjoying it.
      I’m always looking to improve and/or add features. I’m open to suggestions and feedback.

  1. I just referred someone to this MP because of the ability to move overrides. They are moving from version specific SQL MPs to the the SQL version agnostic MP. Thanks!

  2. Thank you for the great module!
    One question – i’ve found on Server 2019 under PoSH 5.1, after installing Graphviz via choco, the New-SCOMClassGraph fails with the error:
    “Required package ‘Graphviz’ does not exist”.
    After investigating, I found that your module does a “If (-NOT ([bool](Get-Package -Name ‘GraphViz’ -ErrorAction SilentlyContinue))) {…” to determine if Graphviz exists. With version 2.44.1 of Graphviz, the Name property is now “Graphviz 2.44.1” when doing a Get-Package, not “Graphviz”.
    Changing the line to “If (-NOT ([bool](Get-Package -provider Programs | where-Object {$_.Name -Like ‘GraphViz*’} -ErrorAction SilentlyContinue))) {…” and it works.

  3. great tools !!
    I was running Start-SCOMOverrrideTool – and received a few errors on line 2396 when using the option 10: Remove obsolete references from unsealed management packs

    line 2396 contains:
    $msg = @”
    MP Verify failed. Rejecting changes.
    Exception: $($Error.Exception[0])

    it should be $error[0] and to prevent issues when there is only 1 error, I test for the count of errors.
    SoI have changed this section to the following:

    if ($error.count -eq 0)
    $msg = @”
    MP Verify failed. Rejecting changes.
    Exception: $($Error.Exception)
    $msg = @”
    MP Verify failed. Rejecting changes.
    Exception: $($Error[0].Exception)

    now it displays the exception and no script errors

    1. @Andre,
      Thank you very much for your suggestion! I updated the code with a simple fix and published the module to the PowerShell Gallery.

  4. Hi,

    I want to run the “Export-SCOMEffectiveMonitoringConfigurationReport” script, but I cannot find the location of the script (ps1). Not sure the actual steps. Could you advice? Thanks

    1. @ChewPingY,
      This is not a script. It’s an advanced function that exists in the PowerShell module. Therefore you would use it like a cmdlet.
      See the help documentation for examples. View Help content with this command:
      Get-Help Export-SCOMEffectiveMonitoringConfigurationReport -ShowWindow

    1. @Ruben,
      Please see the Installation section of the article. If you are having trouble please provide more detail.

      If your access to the PowerShell Gallery ( is not blocked, this command should be able find the module successfully:
      Find-Module scomhelper -Repository PSGallery

      …and this command should download it to your standard modules path:
      Find-Module scomhelper -Repository PSGallery | Install-Module -Verbose

  5. Hi Tyson – Any chance you might have this in GitHub where we could fork and provide a PR for suggested changes/improvements?
    Also, you still have the unapproved verbs in there. With stricter checking likely coming in 7.2, you may want to alter those cmdlets.

Leave a Reply

Your email address will not be published. Required fields are marked *