I have two forest (Forest A and Forest B) AD on MS Windows 2003 R2 in Native Mode with two way trusts.In forest A i have the RMS.All servers in Forest A work fine. But i can't monitor servers in Frest B. After install agent on Servers i have two errors in Event View:Event ID: 20057Source: OpsMgr Connector Failed to initialize security context for target MSOMHSvc/servername.domainA.x returned is 0x80090303(The specified target is unknown or unreachable). This error can apply to either the Kerberos or the SChannel package. andEvent ID: 21001 The OpsMgr Connector could not connect to MSOMHSvc/servername.domainA.x because mutual authentication failed. Verify the SPN is properly registered on the server and that, if the server is in a separate domain, there is a full-trust relationship between the two domains. 11

Hi,You need to make sure SPN is configured correct, please take a look at http://blogs.technet.com/kevinholman/archive/2007/12/13/system-center-operations-manager-sdk-service-failed-to-register-an-spn.aspxAnders Bengtsson | Microsoft MVP - Operations Manager | http://www.contoso.se

I sorry i post not here my Product MS System Center Operation Manager 2007 R2.I check spn first it's all correct. In forest B i can't add spn because rms server don't present in Forest B.

Hello ilya,This forum is for System Center Essentials(SCE) related issues. For questions about System Center Operations Manager(SCOM), please use the following Forums, which would be the best resource for your question. System Center Operations Manager Forumshttp://social.technet.microsoft.com/Forums/en-CA/operationsmanagergeneral/threadsThanks,Yog Li - MSFT

I sorry i post not here my Product MS System Center Operation Manager 2007 R2. I check spn first it's all correct. In forest B i can't add spn because rms server don't present in Forest B. did you ever get an answer to this? i am having the same issue across forests with the SPN scenario.

Hi, You need to make sure SPN is configured correct, please take a look at http://blogs.technet.com/kevinholman/archive/2007/12/13/system-center-operations-manager-sdk-service-failed-to-register-an-spn.aspx Anders Bengtsson | Microsoft MVP - Operations Manager | http://www.contoso.se yeah but as like the guy who initiated this, that is for the same forest/domain...is there anything out there that describes how to accomplish this across forests without the gateway servers and certs. i have trusts in between also and get the same errors he is having.

Hi,even if you have multiple forests I belive you need to register this in each one of themAnders Bengtsson | Microsoft MVP - Operations Manager | http://www.contoso.se

I'm having the exact same issue. Anders, how would one register the record in domain b, since it presumably has a different domain.com at the end of its FQDN?