I have two domains testiserveri.local and itcf.local. Domains are in different network and vpn connection is made between networks. I have made two-way trust between domains. SCE management server is in testiserveri.local domain and there is also 3 pcs in this domain. Agents installs without problems those computers. But when i try to install agents to two computers in trusted domain itcf.local, agents stuck in pending management state in SCE. I checked those two computers and agents are installed in Program Files folders but cannot connect to testiserveri.local. This is the error in event log but I don't understand it. The OpsMgr Connector could not connect to MSOMHSvc/servu.testiserveri.local because mutual authentication failed. Verify the SPN is properly registered on the server and that, if the server is in a separate domain, there is a full-trust relationship between the two domains. I hope someone can help me with this problem. I'm making my dibloma work to my school and SCE is topic of my work.

Hello Cpt.Kidd,The "Installation in Progress" pending management type indicates that the agent was installed, but has never successfully connected to the management server. General connectivity problems can cause this, however the most likely cause is a Kerberos error. These symptoms can occur when the ServicePrincipalName (SPN) for the management server's HealthService is not registered or is not registered correctly (e.g. there's a duplicate SPN). Here is an article that discussed this issue: The OpsMgr Connector could not connect to MSOMHSvc\rms01.local http://www2.wolzak.com/index.php?option=com_content&task=view&id=15&Itemid=2 Please follow the steps in the article to see if it helps. Thanks,Yog Li - MSFT

Hi Cpt.Kidd,As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as "Answered" as the previous steps should be helpful for many similar scenarios. In addition, wed love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks,Yog Li - MSFT

Hi Yog Li, Sorry for the my answer be delayed. This didn't resolve my problem. I followed the steps in the article: http://www2.wolzak.com/index.php?option=com_content&task=view&id=15&Itemid=2 But I'm not sure that I did it correctly, I did'nt find any duplicate SPN:s. But here is my domain.txt is some can check it ? http://personal.inet.fi/atk/at/domain.txt The is also these two errors in the event viewer on clients: Failed to initialize security context for target MSOMHSvc/servu.testiserveri.local The error returned is 0x80090303(The specified target is unknown or unreachable). This error can apply to either the Kerberos or the SChannel package. OpsMgr was unable to set up a communications channel to servu.testiserveri.local and there are no failover hosts. Communication will resume when servu.testiserveri.local is both available and allows communication from this computer.