Hello,
we have some servers in our LAN with another domain then our scom server. We create a scom certificate from our scom cert template with the servername.other.domain and import it with the Momcertimport.exe on the server. The entry on the Key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft
Operations Manager\3.0\Machine Settings" is correct like the serial number in the imported certificate. The telent connection runs successfulll over port 5723.
But the server is not visible at scom and throws some errors in OM event log:
- ID20057: Failed to initialize security context for target MSOMHSvc/SCOMSERVER.domain The error returned is 0x80090303(The specified target is unknown or unreachable). This error can apply to either the Kerberos or the SChannel package.
- ID21001: The OpsMgr Connector could not connect to MSOMHSvc/SCOMSERVER.domain because mutual authentication failed. Verify the SPN is properly registered on the server and that, if the server is in a separate domain, there is a full-trust relationship between the two domains.
- ID20071: The OpsMgr Connector connected to SCOMSERVER.domain, but the connection was closed immediately without authentication taking place. The most likely cause of this error is a failure to authenticate either this agent or the server. Check the event log on the server and on the agent for events which indicate a failure to authenticate.
- ID21016: OpsMgr was unable to set up a communications channel to SCOMSERVER.domain and there are no failover hosts. Communication will resume when SCOMSERVER.domain is available and communication from this computer is allowed.
What can we check?
Thanks & regards
Doreen