I'm seeing a strange issue our scom 2007 r2 at the minute. There are dozens of servers that are showing that the DFS Replication eventlog can't opened as the channel can't be found.
However these aren't dfs servers so it shouldn't be found really, they are a mix of application servers and web servers. After looking back through the State Change events for the servers that are being incorrectly reported it seems to have started 10/10/2012. The exact error message is:-
The Windows Event Log Provider was unable to open the DFS Replication event log on computer 'SERVERNAME.DOMAINNAME.com' for reading. The provider will retry opening the log every 30 seconds. Most recent error details: The specified channel could not be found. Check channel configuration. One or more workflows were affected by this. Workflow name: many Instance name: many Instance ID: many Management group: DOMAIN-scom
< DataItem type =" System.XmlData " time =" 2015-02-16T04:40:05.5352681-05:00 " sourceHealthServiceId =" 3D65CDB6-F82F-7D38-C11D-018317A90C38 " >< EventData >
< Data > COMPANY-scom </ Data >
< Data > many </ Data >
< Data > many </ Data >
< Data > many </ Data >
< Data > DFS Replication </ Data >
< Data > 4970160 </ Data >
< Data > The specified channel could not be found. Check channel configuration. </ Data >
< Data > SERVERNAME.DOMAINNAME.com </ Data >
< Data />
</ EventData >
</ DataItem >
I can put the monitor into maintanence mode however this doesn't help with getting to the cause of why the monitor is being applied. I've got a vague recollection of a windows update incorrectly adding a registry key for DFS a while ago however I don't recall the KB and bing-fu doesn't seem to be up to much today.
We are running SCOM 2007 R2 but are in the starting phases of deploying 2012 R2 and would like to get these sorts of issues resolved prior to the change over.
Any pointers would be greatly appreciated.
GUB
Other recent topics
