How-to monitor non-domain computers ??

Hi

We have to setup monitoring on a Lync 2013 Edge server, and it is not in the same domain as the rest of the servers.

We have tried the procedure her: https://support.microsoft.com/en-us/kb/947691  , but we cannot make it work

Ive also looked at http://blog.coretech.dk/msk/common-issues-when-working-with-certificates-in-opsmgr/ , but none of the suggestions solve the problem

We have imported the CA certificate on both servers as it says in the Microsoft article, but after restarting the health service on the non-domain computer, the event viewer says:

Event 21016:OpsMgr was unable to set up a communications channel to <fqdn of managementserver> and there are no failover hosts.  Communication will resume when <fqdn of managementserver> is available and communication from this computer is allowed.

and

Event 21007: The OpsMgr Connector cannot create a mutually authenticated connection to <fqdn of managementserver> because it is not in a trusted domain.

Do anyone have any tips on how to solve this issue?

Environment, Opsmanager 2012R2

Thanks in advance

/Peter

May 18th, 2015 9:40am

Did you generate an Operations Manager certificate for the Lync serve and import it using momcertimport.exe on th

Free Windows Admin Tool Kit Click here and download it now
May 18th, 2015 3:43pm

Hi

Yes, we have imported the CA certificate stated in step 6 of https://support.microsoft.com/en-us/kb/947691 , on both the Opsmanager server and the lync server

May 19th, 2015 3:40am

The steps I have done is this:

-----At the Enterprise CA server:

1. open mmc and add Certificates - local computer, create a custom request and add the fqdn of the edge server as common name and as dns name(alternative name), and save the request as c:\temp\cert.req

C:\Windows\system32>certreq -submit -attrib certificatetemplate:<templatename> -config - c:\temp\cert.req

C:\Windows\system32>certreq -retrieve -f -config -  <requested>  c:\temp\edgecert.cer

2. Open mmc and add Certificates - local computer

3. Import the edgecer.cer certificate from step 1 to the personal machine store

4. Export the certificate with the private key to c:\temp\edgecer.pfx

-----At the edge-server:

5. Transfers the edgecer.pfx file to the edgeserver

6. run momcertimport edgecer.pfx

opening mmc and check that the certificate is OK

7. restarted the healthagent on the edgeserver, but no, still the "Event 21016/21007"

-------

What am I missing here??

May 19th, 2015 7:40am

At the Enterprise CA server:

1. open mmc and add Certificates - local computer, create a custom request and add the fqdn of the edge server

You need to do this on the edge server. Then copy the request file.

Free Windows Admin Tool Kit Click here and download it now
May 19th, 2015 7:55am

ok?,  but the certificate template I have to use is not available on the edge server, only on the CA server
May 19th, 2015 7:59am

performed the Scenario 2 to the letter, but still get the same eventIDs
May 19th, 2015 8:38am

TCP/UDP 5723 opened between the Lync Edge and SCOM server?
Free Windows Admin Tool Kit Click here and download it now
May 20th, 2015 12:43am

yes...
May 20th, 2015 3:46am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics