How to Decommission SCOM Gateway

This article shows you how to remove a SCOM Gateway.

Posted by : on

Category : guides   operationsManager   powershell

The Steps Required

  1. Move any agents (Agents or Agentless) assigned to the Gateway to another server.

  2. Uninstall the SCOM Gateway through programs and features.

  3. Delete the Gateway with the Gateway Approval Tool.

    The Microsoft.EnterpriseManagement.GatewayApprovalTool.exe tool is needed only on the management server, and it only has to be run once.

    To copy Microsoft.EnterpriseManagement.GatewayApprovalTool.exe to management servers From a target management server, open the Operations Manager installation media \SupportTools\ (amd64 or x86) directory.

    Copy the Microsoft.EnterpriseManagement.GatewayApprovalTool.exe from the installation media to the Operations Manager installation directory.

    The command to delete a SCOM Gateway:

     Microsoft.EnterpriseManagement.GatewayApprovalTool.exe /ManagementServerName=<managementserverFQDN> /GatewayName=<GatewayFQDN> /Action=Delete

Kevin Holman has a good guide for Management Server’s here (which some items apply for Gateway’s as well): https://kevinholman.com/2016/02/03/checklist-removing-migrating-old-management-servers-to-new-ones/

Powershell Script to move Agentless-Managed Machines

#Author: Blake Drumm ([email protected])
#Date: August 8th, 2023

#------------------------------- 
# Variables Section 
#------------------------------- 
$FromGatewayServer = 'GW01-2019.contoso-2019.com' # Management Server or Gateway Server to move FROM
$ToGatewayServer = 'MS01-2019.contoso-2019.com' # Management Server or Gateway Server to move TO 
#-------------------------------

$MSList = Get-SCOMManagementServer 
$FromGatewayServer = $MSList | Where-Object {$_.Name -match $FromGatewayServer} 
$ToGatewayServer =  $MSList | Where-Object {$_.Name -match $ToGatewayServer}

Get-SCOMAgentlessManagedComputer | Where-Object {$_.ProxyAgentPrincipalName -match $FromGatewayServer.DisplayName} | Set-SCOMAgentlessManagedComputer -ManagedByManagementServer $ToGatewayServer -PassThru

Powershell Script to move Agents

You can find the below script (and others) here:
https://github.com/blakedrumm/SCOM-Scripts-and-SQL/tree/master/Powershell/Agents%20Failover

Replace the following variables before running:

<MoveFrom_MS>
<MoveToPrimary_MS>
<MoveToSecondary_MS>

Be aware, the machines will need to be remotely manageable before you can run the below script. More information here: https://kevinholman.com/2010/02/20/how-to-get-your-agents-back-to-remotely-manageable-in-scom/

# ===============================
# Author: Blake Drumm ([email protected])
# Created: September 30th, 2022
# Modified: September 30th, 2022
# Script location: https://github.com/blakedrumm/SCOM-Scripts-and-SQL/blob/master/Powershell/Agents%20Failover/Set-AgentFailover.ps1
# ===============================

Import-Module OperationsManager

#===================================================================
#region Script Variables

#We will look for all Agents Managed by this Management Server.
$movefromManagementServer = Get-SCOMManagementServer -Name "<MoveFrom_MS>"

#Primary Management Server
$movetoPrimaryMgmtServer = Get-SCOMManagementServer -Name "<MoveToPrimary_MS>"

#Secondary Management Server
$movetoFailoverMgmtServer = Get-SCOMManagementServer -Name '<MoveToSecondary_MS>'

#Gather the System Center Agent Class so we can get the Agents:
$scomAgent = Get-SCOMClass | Where-Object{ $_.name -eq "Microsoft.SystemCenter.Agent" } | Get-SCOMClassInstance

#endregion Variables
#===================================================================

#===================================================================
#region MainScript
$i = 0
foreach ($agent in $scomAgent)
{
	$i++
	$i = $i
	
	#Check the name of the current
	$scomAgentDetails = Get-SCOMAgent -ManagementServer $movefromManagementServer | Where { $_.DisplayName -match $agent.DisplayName }
	if ($scomAgentDetails)
	{
		#Remove Failover Management Server
		Write-Output "($i/$($scomAgent.count)) $($agent.DisplayName)`n`t`tRemoving Failover"
		$scomAgentDetails | Set-SCOMParentManagementServer -FailoverServer $null | Out-Null
		#Set Primary Management Server
		Write-Output "`t`tCurrent Primary: $($movefromManagementServer.DisplayName)`n`t`tUpdating Primary to: $($movetoPrimaryMgmtServer.DisplayName)"
		$scomAgentDetails | Set-SCOMParentManagementServer -PrimaryServer $movetoPrimaryMgmtServer | Out-Null
		if ($movetoFailoverMgmtServer -and $movetoFailoverMgmtServer -ne '<MoveToSecondary_MS>')
		{
			#Set Secondary Management Server
			Write-Output "               $($agent.DisplayName) Failover: $($movetoFailoverMgmtServer.DisplayName)`n`n"
			$scomAgentDetails | Set-SCOMParentManagementServer -FailoverServer $movetoFailoverMgmtServer | Out-Null
		}
	}
	else
	{
		Write-Verbose "Unable to locate any data."
	}
}
Write-Output "Script completed!"
#endregion MainScript
#===================================================================

Page Views


Share on:
About Blake Drumm
Blake Drumm

I like to collaborate and work on projects. My skills with Powershell allow me to quickly develop automated solutions to suit my customers, and my own needs.

Email :

Website :

About Blake Drumm

My name is Blake Drumm, I am working on the Azure Monitoring Enterprise Team with Microsoft. Currently working to update public documentation for System Center products and write troubleshooting guides to assist with fixing issues that may arise while using the products. I like to blog on Operations Manager and Azure Automation products, keep checking back for new posts. My goal is to post atleast once a month if possible.

Follow @blakedrumm
Categories
  • powershell
  • projects
  • operationsManager
  • troubleshooting
  • guides
  • certificates
  • linux
  • security
  • azure
  • containerapps
    • Useful Links
  • Home
  • About
  • Blog
  • Contact