Hi all,

kind of new to SCOM ,but we are now trying to setup an agent on another server in different domain.. When restart Monitoring agent service on agent server we get error 20071 in event ID and server is not shown on the SCOM management server.

According to the research for the event ID it is related to Certificate or maybe port. Also followed this guide and all seems ok:

https://geertbaeten.wordpress.com/2013/07/08/scom-agent-or-gateway-certificate-issue/

Question is the 5723 port. Is it needed so that Management server can talk to agent server on port 5723 or is it only needed for agent to communicate management server?

We have disabled firewall on both server but with no help.Agent server can fine communicate management server over port 5723.

As event ID stated,communication seems fine but authentication did not take place:

Hi 

check if the server is in pending management agent in scom server, if yes you need to approve the agent to communicate.

to establish the communication between MS and agent 5723 port is required in one way from agent to scom.i.e you should able to telnet 5723 port from agent to MS.

Hi

Only port 5723 from agent to Management Server is required.

Is this domain in the same Kerberos realm as the domain that Operations Manager is deployed to? If not, you'll need to configure certificates.  

http://blogs.technet.com/b/pfesweplat/archive/2012/10/15/step-by-step-walkthrough-installing-an-operations-manager-2012-gateway.aspx

Otherwise, make sure you have enabled manual agent installs in SCOM Administration \ Settings. It won't show up in pending install unless this is set.

Cheers

Graham

Hi all thanks for reply, we manage to fix it by re-issuing new certificate.

Now all is well.