Archive for October, 2012

Learned something interesting today about how Azure handles federation for an Azure Web Role. I thought Web.config was no longer applicable for Azure Web applications now that  ServiceConfig.cscfg exists. I was wrong.

In the Azure Portal I configured an Access Control Service (ACS) namespace along with Identity Providers, Rules,  and Relying Party for my Azure Web application.  In Visual Studio for my Azure ASP.NET Web role I chose “Add STS Reference” to invoke the Federation Utility Wizard. Went through all the dialogs to successfully link my app to the ACS Namespace I had created.  Opened up the ServiceConfiguration.cscfg file to view the changes made by the wizard —  and there was none. Snooping around I opened up Web.config and found a number of entries written by the Federation Utility Wizard.  I thought the ServiceConfiguration.cscfg file was to replace Web.config for Azure-only applications. So how would these become visible to the ServiceConfiguration.cscfg  file? How would my Azure application make use of these settings in the Web.config file?

Here’s how it works.  Federation support in ServiceConfiguration.cscfg  file is not implemented as of yet. For now, Azure will use the entries in Web.config to manage federation of an application using ACS.  If you need to change values in Web.config relating to federation after the Azure Web app has been deployed without having to repackage and redeploy, here is a tip on how to do that.

Duplicate the settings found in Web.config in ServiceConfiguration.cscfg. (Note you also have to duplicate those in the ServiceDefinition.csdef for them to be able to be valid in the cscfg file).  In the OnStart method when your Azure Web role first loads have code to read the federation elements from the ServiceConfiguration.cscfg.  That code can then in turn write those values out to their matching elements in the Web.config file.  The Web.config file handles the actual federation not the  ServiceConfig.cscfg file. The role of the ServiceConfig.cscfg relating to Web.config in this case is to act as a conduit in case federation values need to be changed in the Web.config file of a deployed Azure Web application. This can be done by uploading an updated ServiceConfig.cscfg file in the Azure portal without redeploying the entire application.


Since the Windows Azure work of SCOM 2012 is not complete yet you cannot directly view custom performance counters in SCOM 2012. Rather you have to first use SCOM 2007 R2 Operations Manager and the Authoring Console to assist with this.  Here is information on how to do this.


Install the System Center Monitoring Pack for Windows Azure Applications from  Once you have installed the Azure Management pack on your SCOM server, you will have to follow those steps:

  1. In SCOM 2007 R2 create the appropriate accounts in Operation Manager to connect to your Azure environment for Azure applications discovery.
  2. Configure Performance Monitoring for Windows Azure applications.
  3. Export the pack into SCOM 2012 and view the results of the performance counters collection.


Step 1 – Create Run AS Accounts:

You will need three “Run As” Account in System Center Operation Manager 2012:

  • One for Binary Authentication. This account will use the Management Certificate to connect to Azure.
  • One for Basic Authentication. This account will be used for the Certificate and will store the password for the Certificate.
  • One that will be used for the proxy agent (Optional).

For detailed steps refer the following documents:

Step 2 – Configure Windows Azure Management Pack Template:

1. Click the Authoring button in the left pane, select the Authoring \ Management Pack Templates \ Windows Azure Application and click the Add Monitoring Wizard task in the right pane to open the Monitoring Wizard’s Select Monitoring Type dialog with Windows Azure Application selected.

2. Click Next to open the Name and Description dialog. Type a Name and Description for the service and click the new button to open the Create a new Management Pack dialog. Type a Name e.g. MY AZURE MP, which fills in the ID value, Version number, and Description.

3. Click Next to Open the Application Details dialog, type the service’s DNS prefix, e.g. MYDEVAPP1, copy the Subscription ID from the Developer portal and paste it in the text box, accept the default Production as the Environment to Monitor. Using the accounts you previously created, select the Binary Authentication account in the Azure Certificate Run As Account and the Basic Authentication account for the Azure Certificate Password Run As Account.

4. Click Next to open the Select Proxy Agent dialog and click Browse to open another Select Proxy Agent dialog. Click Search to list computers on your network and select an agent-managed computer to act as a proxy agent for the Windows Azure application, e.g. ITPRODC.

5. Click OK to close the dialog and click next, which displays a message. Click Yes to distribute the account to the selected Proxy Agent and open the Summary dialog.

6. Click Create to create the new Management Pack for the MYDEVAPP1 with Azure Applications Discovery.

7. Click the Monitoring button in the left pane, select the Monitoring \ Distributed Applications node to open the Distributed Applications list, and select the new MYDEVAPP1 hosted service monitor (Healthy state indicates monitoring is occurring):

8. Verify that Detail Views of the Deployment State, Hosted Service State, Role Instance State and Role State correspond to the known current state of the service.


  1. Create Performance Collection Rule using existing Performance Counters
  2. Create A Performance Rule using Custom Azure Counters
  3. Export the SCOM 2007 R2 Management Pack into SCOM 2012

Step 1 – Create Performance Collection Rule using Standard Performance Counters

In Operations Manager Console for 2007 R2 open Rules and select the following Targets:

  • Windows Azure Deployment
  • Windows Azure Hosted Service
  • Windows Azure Role
  • Windows Azure Role Instance
  1. Open Create Rule Wizard and select Collection Rules Node.
  2. Under the Performance Collection Node select the Windows Performance Node and select the Custom Management Pack (i.e. My Azure MP in our case).
  3. Provide the rule name e.g. “ASP.NET Applications Requests/sec (Custom)”.
  4. Select Performance Collection as the rule category.
  5. Select the Target as Windows Azure Role Instance (This will collect data for all role instances across hosted services you are monitoring).
  6. To collect data for instances within a particular hosted service, select the Windows Azure Role Instance (i.e. MYDEVAPP1 in our case).
  7. On the next Page select Performance Object, Counter, and Instance as:

Object Name:     ASP.NET Applications

Counter Name:  Requests/Sec

Instance Name: __Total__

All Instances: True or False

  1. Optimize Performance Collection Settings as default which means it will not use optimization.
  2. Save the performance collection rules.

Step 2 – Import the Management Pack into Authoring Console

  1. Open Authoring Console for Operations Manager 2007 R2.
  2. Connect to Management Group (i.e. “DEVMANAGEMENTGROUP”).
  3. Click on Tools and select Import Management Pack.
  4. Select the Custom MP created earlier (i.e. “My Azure MP”).  The Management Pack should successfully load in the Authoring Console.
  5. Open the Health Model Tab and click on Rules.
  6. You should see the same performance collection rule (Check display name to display correct rule names).
  7. Open the Rule Properties and click on Modules tab.
  8. Under Data Sources delete the existing Data Source values.
  9. Click on Create and select “Microsoft.SystemCenter.Azure.RoleInstance.PerformanceCounter.CollectData.DS” type entry.
  10. Give a custom name of ModuleID (i.e.  AzureDS).
  11. Edit the Data Source just created to adjust values for Counters and InstanceName.
  12. Provide the following values in Data Source module:





<ObjectName>ASP.NET Applications</ObjectName>




13. Save those values and save the Management Pack in SCOM 2007 R2 Authoring Console.

14. Export the Management Pack back to in SCOM 2007 R2 Operations Manager Console.

15. Make sure you can see the Performance Data in the Console by creating a new Performance View.

Step 3 – Create Performance Collection Rule using Custom Azure Counters

  1. Create another Performance Collection Rule for Azure in the same manner mentioned above for standard counters but this time use a custom counter.
  2. Ensure the values under the Data Source Modules should be as follow:

Object Name:     CustomCategory

Counter Name:  TotalnumberofFileUpload

Instance Name:

All Instances: False










(This means the InstanceName should be empty and AllInstances set to false).

NOTE – You need to follow all these steps in Operations Manager 2007 R2 set up or Management Group.

  1. Save the Management Pack and export it to Operations Manager 2007 R2 Management Group.
  2. Create a new Performance Collection View under Monitoring to see the Data related to Custom Counters.
  3. Once all the Rules are created, and when you can see the Data under Performance Collection View for Custom Counters save the Management Pack as a XML file using the Authoring Console.


  1. Copy the saved Management Pack file to Operations Manager 2012 Management Server. Import the Management Pack using Operations Manager 2012 Console.
  2. Open Authoring Console on the same Management Server and select “import from Management Group” and select the Custom Azure MP in the list.
  3. Now open the Health Model and click on Rules. Select the Custom Counter Performance Collection Rule.
  4. Check the Data Sources in the Module and confirm that the correct Modules for Azure, Operations Manager and Operations Manager DW Database are selected.
  5. Change the Data Sources if required and save the Management Pack in the Console.
  6. Now export the Management Pack to Operations Manager 2012 Management Group using Authoring Console.
  7. Ensure to change the Azure Run As Accounts (if different in Operations Manager 2007 R2) used in Windows Azure Management Pack Template for Azure Discovery process using Operations Manager 2012.
  8. Also change the Proxy Agent in Azure MP Template to new Operations Manager 2012 Management Server.
  9. Save all the settings made in the Azure MP Template in same custom MP.
  10. Restart the Health Service on the Management Server and make sure all Azure Role Instances, Hosted Services and Deployment are successfully discovered.
  11. You should also see the same Performance Collection View in the Console as in Operations Manager 2007 R2 Console.
  12. Now you should see the same Performance Data for Custom Counters in the View.
  13. Similarly you can create more Rules for different Custom Performance Counters.

Important: In case you get the Event ID 34024, make sure to apply an Override and change the Diagnostic Connection String used in Windows Azure with your Custom Connection String.