Service Manager 2016 UR2 released

February 27, 2017 Posted by Anders Asp

As in the title – Update Rollup 2 for SCSM 2016 was released a couple of days ago. It’s a small UR that fixes the known issue with SM crashing when trying to create a new Exchange Connector through the wizard. Other than that there are some fixes to the HTML5 portal:

  • You as an administrator create a new Exchange Connector through the System Center 2016 Service Manager console. When you click the Test Connection button in the Server Connection pane of the Create Exchange Connector wizard, you receive an exception.
  • Requests that are created through the Self-Service Portal always have the Source field of the work item set as Portal and the Status field set as New. These values are not overwritten when a template or Request Offering input mapping is applied.
  • In the Self-Service Portal, the Request Offering forms display validation errors in English, even when a non-English language is selected.
  • The Self-Service Portal does not display the full name of users (such as the reviewers list for Review Activity and implementer for Manual Activity) but instead only displays the domain\user-name information for the user.
  • The My Requests and the My Activities pages do not load in the Self-Service Portal if the object associated to a work item class has duplicate properties that have the same name because of class inheritance.

Download the UR here:

Note that there’s no need to install anything unless you are running the HTML5 portal. The Exchange Connector fix is just an updated DLL file.

Service Manager 2016 related links

October 18, 2016 Posted by Anders Asp

A short post containing some useful Service Manager 2016 related links.

Official Service Manager 2016 documentation:

Read the System Center 2016 Release Notes here (Known Issues – do read this if you’re planning to use any SC 2016 product!):

Download the Service Manager 2016 Authoring Tool here:

Download a fix for the HTML5 Portal if you’re doing an upgrade here:

Download the Operations Manager Management Pack for Service Manager 2016 here:

Also note that Update Rollup 1 for System Center 2016 has been release. However, UR1 does not contain any fixes for Service Manager 2016. Download and read more here:

Service Manager 2016 now available

October 17, 2016 Posted by Anders Asp


Since a couple of days back the whole System Center 2016 suite, including Service Manager, is now available on MSDN and MVLS. The new version of Service Manager includes:

  • Performance improvements
  • Faster SCCM and Active Directory connector sync with disabling ECL logging
  • Grooming improvements for ECL logs
  • Reduction in incident workflow lag
  • Integrated ADGroupExpansion Workflow into ADConnector
  • New Date dimensions in Data Warehouse cubes
  • New HTML based Self Service portal
  • Spell check in SM console
  • Open activity in progress
  • Support for Lync 2013 and Skype for Business
  • Setup changes to support SQL AlwaysOn installation
  • Support for .NET Framework 4.5.1
  • Support for Windows Server 2016
  • Support for SQL Server 2016

Read more here.

The list is certainly not as long as we wish it would have been, but some fixes, especially the Performance Improvements, are really important. Here’s some numbers from Microsoft to display the performance improvements:

Improved work-item creation and update commit performance
Time to create and update work items was greatly reduced using this improvement.

Action SM2012R2 SM2016 Improvement
Incident creation time 2 – 6 seconds 0.5 seconds 4 times
Incident creation time during connector sync 8 – 10 seconds Less than 1 second 8 times

Improved workflow processing
Workflows in Service Manager should have less latency and should catch up faster when you do experience latency.

Here are the times for workflows to catch up after 2 hours of latency at a 45 work item per minute rate:

Action SM2012R2 SM2016 Improvement
Workflow catch-up time 2 hours 50 mins 1 hour 46 mins 1.5 times

Higher work-item per second processing capacity
Service Manger can more easily handle a large inflow of 45 work items per minute.

Action SM2012R2 SM2016 Improvement
Average incident creation time 2.2 seconds 0.5 seconds 4 times

As you can see by looking at the numbers, the improvements made has really made an impact, and I can honestly say that I was blown away by speed of the console while trying SCSM 2016 in my lab. Hopefully the improvements will be this noticeable in all production environments as well, once people manage to upgrade.

Also, a couple of things has been deprecated and is no longer supported:

  • The Silverlight based Self Service Portal
  • The IT GRC Process Pack
  • The CSSP, Cloud Service Process Pack

Read more here.

AD-Connector to external, untrusted domain stops after UR7 or later

October 5, 2016 Posted by Alexander Axberg

If you have an untrusted AD-connector that suddenly cannot connect anymore, after applying UR7 or later it could be due to an LDP connectivity issue.
In my case, the Operations Manager log on the workflow server logged the error: The specified domain does not exist or cannot be contacted.. each time the connector started.

DNS resolution of the domain name worked fine, and I could connect manually to a DC on port 389 using ldp.exe, from the workflow server.
However, because of the updates in the AD-connector done in UR7, SCSM is now also connecting to the DC on port 389/UDP instead of only 389/TCP.

So go to you network guy and ask him to open up for both TCP and UDP on port 389.

You can troubleshoot the LDAP connectivity yourself using this tool:
PortQryUI (

UR3 patch for the HTML5 portal

May 26, 2016 Posted by Alexander Axberg

If anyone has missed it, the 3rd cumulative patch was released for the Microsoft HTML5 portal a couple of weeks ago. Grab it here:

Here are new features introduced with this release
• Attachments a can be viewed and downloaded for Self Service Portal.
• The Must Vote and Has Veto information is added for reviewers in Review activities.
• By default, the portal puts custom enumerations for My Request (incident & Service Requests) states in the Closed filter category. Now the portal allows for customization to map required custom states to the Active filter category also. For more details check for “CustomActiveRequestStatusEnumList” under “Basic Customization” section on this link.
Here are issues fixed in this release
• Multiple selections across pages in the Query UI do not work.
• Enums in list don’t appear in the same order as they are shown in the console.
• Cannot scroll to last item in Internet Explorer 10.
• Selections of optional query element in a request offering is not being mapped to work item fields.
• The Resolved Date property for an incident is not being set while resolving an incident from the Self Service Portal.
• When you author the request offering, custom properties cannot be mapped to an activity which is part of another activity.
• The portal is not setting Actual End Date or Decision Date values for manual and review activities.
• The portal displays an incorrect time when the server uses the 12 Hr (AM/PM) time format.
• Request offerings and Service offerings are unsorted (now are shown alphabetically).
• Page load fails with a JavaScript error when you click the Share icon for an item which has a single quotation mark (‘) in the title.
• Marking a manual activity as failed takes it to the Completed state.
• The Date Picker in a request offering form keeps the date only in U.S. format.
• A request offering form crashes if it contains an empty Simple list form element.
• Activities are missing in MyActivites for “All” filter in Turkish Language
• Display-Only Query Results are behaving as Mandatory Field.

Update Rollup 7 released – includes the write collision fix!

July 29, 2015 Posted by Anders Asp

Today is a big day! Not only was Windows 10 released today but also Update Rollup 7 for SCSM. Why is UR7 such a big deal? Well, among other things, it contains a fix for the write collision issue that’s been in the product since day 1! (See this post for more information about the “error”:


After applying UR7, you shouldn’t be getting the error above if the WI you’re working with is updated by someone or something else (such as a workflow) while you still haven’t saved your changes. Instead your update will be merged with the other update.

Example: If User A and User B works with the same Incident, let’s call it IR1234, and User A updates the Title while User B still have the Incident form opened. User A presses OK and moves along to the next case. User B has now updated the same Incident, IR1234, with a new Description. Remember, the Title change that User A did is not yet reflected on the form, since User B had the form opened when User A updated this! Previously when User B pressed OK or Apply the error above would be thrown, but now with UR7 applied the update will be commited, and the form would be updated to also reflect the update to Title that was commited by User A. To highlight that this merge of data has been done, the form will display a piece of information in the top of the form, just like this.


The only exception to this would be if User A and User B actually updates the exact same property. In that case, the old data collision error will still occur. To get more information about write collision fix, see this official blogpost:

To get UR 7 and to read about all the fixes, go here:


How to run Active Directory cmdlets in Orchestrator .Net Activity

March 13, 2015 Posted by Alexander Axberg

As you might have noticed, Orchestrator can be a bit grumpy when it comes to running Powershell scripts. Some cmdlets will simply not load in a .Net Script Activity.
Running scripts in a .Net Script Activity is really nice, because we have the possibility to publish variables in the script directly to the data bus.
A way around this could be to run scripts remotely on another server or add: Powershell{ /script\ } around your script, but in both cases we loose the possibility to publish all variables to the data bus.


The Problem

Orchestrator runs all powershell scripts in powershell v2 and in 32-bit mode. We can simulate this by:

  1. Starting a Powershell (x86) console
  2. Loading version 2 by typing: powershell -version 2
  3. If we try to load the cmdlets: import-module activedirectory you will see it will fail to load with some strange errors


The Cause

Active Directory cmdlets are compiled using the .Net4 assemblies, and poweshell v2 will only load .Net2 by default.
You can verify this by typing: [Environment]::version in your powershell console. “Major” is the version of the currently loaded .Net assembly.
If you compare on a regular x64 powershell console, and in a x86 v2 console like the one we started in the section above, you will see the difference.


The Solution

Add the following REG_DWORD registry key on the Orchestrator server and set the value to 1, to make Powershell (x86) always load the latest .Net assemblies :


New TechNet Gallery contribution – Affected Items Custom Control

March 8, 2015 Posted by Anders Asp

I just posted a new contribution to the TechNet Gallery. This time it’s a custom control called Affected Items which you can add to any of your Work Item forms to get a consistent way of adding Affected Items. The control also makes the relationship Required, which means that the Analyst will have to add at least one CI to the control in order to save the WI. Here’s some screenshots of how it can look when added to the form.



Service Request




For more information and to download the custom control, please head over to the TechNet Gallery at


Exchange Connector 3.1 released

December 12, 2014 Posted by Anders Asp

A new version of the Exchange Connector for Service Manager has been released. This updated version fixes these bugs:

  • Exchange Connector sometimes create multiple work items against a single email request.
  • Exchange connector gets stuck processing e-mails when large e-mails containing complex HTML formatting are processed.
  • Exchange connector fails to process the emails if it contains a ‘.msg’ file as attachment.
  • Exchange Connector sometimes consume very high memory (several GBs) when updating Work Items.
  • A new User CI is created in CMDB, if an external user (who is not in CMDB) is a To/CC recipient in the email which Exchange Connector processes. With this senders can accidently add new users in the CMDB, if they add any external users in the To/CC of an email which they are sending to the Exchange Connector monitored mailbox. This behavior is now configurable.
  • Voting for a Review Activity using the Exchange connector does not update the “VotedBy” field in the Review Activity.
  • Exchange Connector adds a new reviewer in the Review Activity when a user who is not in reviewer’s list sends an email to approve/decline that particular Activity.

See this link for more information:

I’ve not tried it myself yet, so if you try it out and discover anything unsual, please drop a comment below!


Useful PowerShell snippets – Get-UserByEmail

November 10, 2014 Posted by Anders Asp

Here’s another useful PowerShell snippet which I created when I built my PowerShell Exchange Connector for SCSM. The function itself will return the user object of the given e-mail address. If no user is found you also have to option to create the user object using the -CreateUser switch.

The function have the following parameters:

The e-mail address of the user who you want to retrieve

If this switch is enetered, the function will create a user object if no match is found in the CMDB

If you know the name of the user that you might create, you can specify the name of the object in this parameter

The script itself:

# This function will return the user object of the specified Email Address. If a matching user isn't found, the function can create an Internal user within the SCSM CMDB
# NOTE: SMlets must be loaded in order for the function to work

Function Get-UserByEmail {
    param (


    # Get all the classes and relationships
    $UserPreferenceClass = Get-SCSMClass System.UserPreference$
    $UserPrefRel = Get-SCSMRelationshipClass System.UserHasPreference$
    $ADUser = Get-SCSMClass Microsoft.Ad.User$
    # Check if the user exist
    $SMTPObj = Get-SCSMObject -Class $UserPreferenceClass -Filter "DisplayName -like '*SMTP'" | ?{$_.TargetAddress -eq $EmailAddress}

    If ($SMTPObj) {
        # A matching user exist, return the object

        # If, for some reason, several users are found, return the first one
        If ($SMTPObj.Count -gt 1) {$SMTPObj = $SMTPObj[0]}

        $RelObj = Get-SCSMRelationshipObject -TargetRelationship $UserPrefRel -TargetObject $SMTPObj
        Return $AffectedUser = Get-scsmobject -Id ($RelObj.SourceObject).Get_Id()

    } elseif ($CreateUser -and !$SMTPObj) {
        # A matching user does NOT exist. Do some processing to get the needed properties for creating the user object
        If (!$Name -or $Name -eq '') {
            $Name = $EmailAddress.Substring(0,$EmailAddress.IndexOf("@"))
            $UserName = $Name.Replace(",","")
            $UserName = $UserName.Replace(" ","")
        } else {
            $Name = $Name
            $UserName = $Name.Replace(",","")
            $UserName = $UserName.Replace(" ","")

        # Try Username to make sure we have a unique username
        $Loop = $TRUE
        $i = 1

        While ($Loop -eq $TRUE) {
            $tempUser = Get-SCSMObject -Class (Get-SCSMClass System.Domain.User$) -Filter "UserName -eq $UserName"

            If ($tempUser) {
                $UserName = $UserName + $i
                $i = $i +1
            } elseif ($i -gt 15) {
                Throw "Unable to find a unique username for the new user"
            } else {
                $Loop = $False

        # Create the Property Hash for the new user object
        $PropertyHash = @{"DisplayName" = $Name;
                            "Domain" = "SMINTERNAL";
                            "UserName" = $UserName;

        # Create the actual user object
        $AffectedUser = New-SCSMObject -Class (Get-SCSMClass System.Domain.User$) -PropertyHashtable $PropertyHash -PassThru

        # Add the SMTP notification address to the created user object

        If ($AffectedUser) {
            $NewGUID = ([guid]::NewGuid()).ToString()

            $DisplayName = $EmailAddress + "_SMTP"

            $Projection = @{__CLASS = "System.Domain.User";
                            __SEED = $AffectedUser;
                            Notification = @{__CLASS = "System.Notification.Endpoint";
                                             __OBJECT = @{Id = $NewGUID;
                                                          DisplayName = $DisplayName;
                                                          ChannelName = "SMTP";
                                                          TargetAddress = $EmailAddress;
                                                          Description = $EmailAddress;

            New-SCSMObjectProjection -Type "System.User.Preferences.Projection" -Projection $Projection


        # Return the created user object
        Return $AffectedUser



Using the function to retrieve a user:



Using the -CreateUser switch:




You can also download the whole script as a file here: Get-UserByEmail