Hi, All!
Some time ago when trees was yound and skyes was blue Microsoft SCOM allowed to send HTML mail notifications on alert. It was nice capability which allows send links to any web-consoles, better format notifications etc. BTW it was a security issue. What is the problem? Heh...it's very easy to create new fake MP which simulates for example SQL Server alerts and provide a link to fake admin console to IT operations! Very easy way to grab admins passwords.
In SCOM 2007 R2 Microsoft fixed it and now you can recieve ugly boring plain-text mails from your SCOM...no fun, no links, no colors :( but you can feel safe yourself!
At the same time some of IT operations really loved that capability and prefer to use it instead of be safe. For such brave guys Tao Yang propose workaround available by this link. There some PowerShell scripting and configuration actions but finally you can have your old nice formatted notifications...of course it's pretty safe because I can't believe that many IT operations will use it so it's not so interesting for hack...
No comments:
Post a Comment