Pages

lørdag 20. april 2013

OpsMgr: How to seal management packs

You need to seal a management pack (.xml to .mp) if:
  • You want to reference it from another MP.
  • It has one or more console tasks (to prevent the security warning).
  • It contains Data Warehouse extensions.
  • You want consistent guids for you classes and properties (reuse MP on other systems).
Is is also a good practice to always seal your management packs.

Step 1 - Strong Name Key

You will need a Strong Name Key (.snk) to seal your management pack. Use sn.exe for this (part of Visual Studio or Windows SDK). I did this on Windows 8 (64-bit) using Windows Software Development Kit (SDK) for Windows 8. When installing SDK you only need to install the .NET Framework 4.5.1 Software Development Kit. Use the correct SDK version for your Operating System.

First we prepare a folder structure for dealing with management packs, open up Command Prompt and type as follows (PS! make proper changes so it will work in your environment):
MD D:\SCOMDev\MP\Key  
MD D:\SCOMDev\MP\Includes
MD D:\SCOMDev\MP\Unsealed
MD D:\SCOMDev\MP\Sealed
COPY X:\SupportTools\AMD64\MPSeal.exe D:\SCOMDev\MP

# Create SNK:
cd "C:\Program Files (x86)\Microsoft SDKs\Windows\v8.0A\bin\NETFX 4.0 Tools\x64"
sn.exe -k D:\SCOMDev\MP\Key\KeyFile.snk

# Extract public key from SNK:
sn.exe -p D:\SCOMDev\MP\Key\KeyFile.snk D:\SCOMDev\MP\Key\KeyFile_publickey.snk  

#Get the readable public key token:
sn.exe -tp D:\SCOMDev\MP\Key\KeyFile_publickey.snk > D:\SCOMDev\MP\Key\KeyFile_publickeytoken.txt

The KeyFile_publickeytoken.txt contains the public key token for your KeyFile. This can be used to reference management packs that you have sealed. You would do this by editing the .xml file and add you management pack to the <References> section and your public key token in the <PublicKeyToken> tag.

PS! I always use the same KeyFile within a company. So you should only need to do step 1 once.

Step 2 - Prepare for sealing

If you have made changes to a management pack always remember to increase the management pack version. Also remember to keep a copy of each unsealed version (.xml) you create (for history and debugging purposes).

Copy your management pack (.xml) to the Unsealed folder (D:\SCOMDev\MP\Unsealed).

Copy any referenced management pack (.mp) to the Includes folder (D:\SCOMDev\MP\Includes). To find the referenced management packs, open up the unsealed management pack (.xml) and look under the tag <References>.

PS! You could also keep a copy of all the management packs in the Includes folder, if you like.

Step 3 - Seal
Open up command prompt and type as follows (PS! make proper changes so it will work in your environment):
 D:\SCOMDev\MP\mpseal.exe D:\SCOMDev\MP\Unsealed\mpname.xml /I D:\SCOMDev\MP\Includes /Keyfile D:\SCOMDev\MP\Key\KeyFile.snk /Company "MyCompany" /Outdir "D:\SCOMDev\MP\Sealed"  

PS! I you are getting errors stating that MPSeal is unable to load ManagementPack this or that, it is because it is missing from the Includes directory. You need to either find it on your system and copy it to the Includes folder, or download the right version from the vendor (like Microsoft), install it and copy it to the Includes folder. When you install a management pack, and after you have copied it and imported it into Operations Manager, you can usually uninstall it.