Solved

SCOM Gateway Server

Posted on 2010-09-20
2
921 Views
Last Modified: 2012-05-10
I have a scenario wherein I am monitoring 70 domain controllers using SCOM 2007 R2. We have a Microsoft CA installed in our LAN and out of 70 domain controllers 65 DC's are in LAN and are getting monitored using SCOM which is implemented in LAN zone. 5 DC's are in DMZ zone and have no connection to SCOM server or CA server. But those DC's have connectivity with PDC and one more member server. I want to monitor the DMZ servers also but not able to do so.

If I go ahead and install the member server as Gateway server then I need certificate for the DMZ servers from the LAN CA server which is not conneted from DMZ servers.

Please suggest how can I implement monitoring of DMZ servers through SCOM.
0
Comment
Question by:Neo_78
2 Comments
 

Author Comment

by:Neo_78
ID: 33722928
Please provide some suggestion to the above question.
0
 
LVL 1

Accepted Solution

by:
Larsjh earned 250 total points
ID: 33747658
Certificate authentication is only required when Kerberos will not work. From your description, it seems your DMZ SCOM gateway server will be able to use Kerberos authentication to your DMZ DCs, so you should not have to put Certificates on any of your DMZ DCs.  ( I am assuming all DCs are members of the same forest...as well as your member server in the DMZ for the Gateway)

Your firewall will probably not allow Kerberos authentication from you DMZ SCOM gateway to  SCOM management server in your LAN, so you will need a cert on your DMZ Gateway and your SCOM Management Server. You will also need TCP port 5723 open both ways from your DMZ SCOM Gateway to your SCOM Management Server.

After your certs are installed run the momcertimport utility on both your Gateway and your SCOM MS. Install the SCOM Gateway, then run the command on your SCOM RMS to approve the gateway. (GatewayApprovalTool.exe)

Manually install the SCOM agent on your DCs, use the name of the gateway server as the SCOM management server in the install wizard. Then approve the manually installed clients in SCOM under Administration | Pending Management.

0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
Technology opened people to different means of presenting information, but PowerPoint remains to be above competition. Know why PPT still works today.
The viewer will learn how to simulate a series of coin tosses with the rand() function and learn how to make these “tosses” depend on a predetermined probability. Flipping Coins in Excel: Enter =RAND() into cell A2: Recalculate the random variable…
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question