Good day.

Scom is reporting errors on servers on the outer network. 

the servers a running fine, and all services are ok.

but scom reports faults with aplications on this servers:

The OpsMgr Connector connected to XXXXXXXX, but the connection was closed immediately after authentication occurred.  The most likely cause of this error is that the agent is not authorized to communicate with the server, or the server has not received configuration.  Check the event log on the server for the presence of 20000 events, indicating that agents which are not approved are attempting to connect.

and on scom servers:

 - Provider 

   [ Name]  OpsMgr Connector 
 
  - EventID 20022 

   [ Qualifiers]  32768 
 
   Level 2 
 
   Task 3 
 
   Keywords 0x80000000000000 
 
  - TimeCreated 

   [ SystemTime]  2015-02-25T10:50:48.000000000Z 
 
   EventRecordID 224860 
 
   Channel Operations Manager 
 
   Computer xxxxxxxxxxx 
 
   Security 
 

Hi Paulo,

By default, SCOM/Operations Manager will reject manually installed agents automatically.  You need to change the setting in the Administration Pane -> Settings -> Security to Review new manual agent installations in pending management.   Once this is ticked, you should see the agents come up in Pending Management within a few minutes, where you can approve them.

As a security best practice, It is not suggested enabling Automatically approve new manually installed agents.  As the administrator, you should always verify each agent when it is manually installed (especially by someone else).

In addition you said the error occured on the outer network, do you monitor computers that belong to another domain or workgroup?

If that is the case, you may check whether your certificate is expired or not. Please also look into operation manager event logs to get more details about the issue.

Here is a blog about how to monitor non-domain members:

Monitoring non-domain members with OM 2012

http://blogs.technet.com/b/stefan_stranger/archive/2012/04/17/monitoring-non-domain-members-with-om-2012.aspx

Regards,

1) Make sure that port 5723 is open between the agent machine and its management server
2) If the agent is manually installed, make sure that you has approved the agent. By default SCOM will reject manually installed agents, you should change the setting by Review new manual agent installations in pending management under Administration Workspace --> Settings --> Security.
3) If your agent machine is a workgroup machine or in an untrust domain, no trust relation with management server domain, you should deploy certificate to the agent machine.
Roger

Thanks for the replay Yan.

That is not the issue, as the agent was on the servers of the outer network already and working fine for months. and my issue is that apparently they cant communicate from 3 days ago. the agents have been on the servers for a long time and they report green on the agent management . 

Hi Paulo,

Did you try stopping / restarting the Health service on that Agent for which you are receiving the Event ?

If yes is it still reporting restarting the Healthservice ?

Also just check if there is any expired certificate which the agent / Management server uses to communicate from both sides has expired.

The reason i asked is i had a similar issue on my SCOM 2007 R2 RMS where we were monitoring agents in another domain and it remained green. Post re starting the Healthservice on both Agent and RMS they went grey and post analysis we found the authentication certificate had expired on the RMS so.