Install a MOM Agent behind a Firewall

Overview

Agents can communicate directly with the Management Server across a firewall. All events and alerts can be sent directly to the Management Server. However, the Management Server cannot install, upgrade, or uninstall agents on these computers. To perform these functions, the Management Server requires the RPC, DCOM, and SMB ports to be open and they are usually closed on a firewall, You must manually install, configure, upgrade, and uninstall agents on these computers.

Installation Steps

1.         In the MOM Administrator console, expand Administration, and then click Global Settings. 

2.         In the details pane, select Management Servers.

3.         On the Agent Install tab, clear the Reject new manual agent  installations check box. 

4.         Select Global Settings again from the Administration pane, choosing  the Global Settings option. 

5.         Select the Security tab, clear the Mutual Authentication Required  field. 

6.         Right-click the Management Pack folder and click Commit  Configuration Change.

7.         Restart the MOM Service on all of the Management Servers in the  management group. 

For each Server behind the Firewall:

8.         Configure the firewall to allow TCP/UPD send/receive on port 1270.

(Important! Heartbeat are initiated in managed mode always from the agents to the Management Servers on UDP 1270)

9.         Run setup.exe on the machine behind the firewall and select the Manual Agent Install tab. 

10.       Launch the Microsoft Operations Manager 2005 agent install. 

11.       Provide the Management Server name and management group on the agent configuration screen.  Keep the agent control level as none. 

12.       Bypass the screen which cannot contact the management server.  This is expected.

13.       Select No on the Active Directory Configuration page.  This disables mutual authentication.

14.       Finish the agent install.  Allow the agent at least 60 seconds to attempt connection to the Management Server. 

15.       In the MOM Administrator console, expand Administration, expand Computers, and then click Pending Actions. 

16.       In the details pane, right-click the computer for which you want to approve the agent, click Approve Manual Agent Installation Now, and then click Yes. You do not have to run computer discovery again. 



 All Scripts and Documents are as is. No guarantee.
For problems or questions regarding this Web site contact MOM Solutions Webmaster.
Last updated: 02/09/06.