Agents in DMZ

Hi,
i want to set up some agents which are located in a DMZ. There is a firewall between DMZ and internal network where the SDS resides. The documentations tells about a proxy when using agents in a DMZ, but not in detail. Is this an UCE proxy or a regular HTTP proxy? Do we also have a 2-way communication from agent to SDS and vice versa and which ports do we have to open in our firewall.
Thanks in advance,
Kai.

Hi
Management Server (SDS) listens on ports 8100 and 8002 and goes out to the 'net on normal ports 80/443 (http/https) [this is it's http proxy]
Agents listen on on 8200

Similar Messages

[Install Agent on DMZ] How to trouble shooting AMAgentNotRespondingOnDMZHost exception

We have a hyper-v server in DMZ and trying to add it into VMM 2012 R2 for management followed by http://technet.microsoft.com/en-us/library/gg610642.aspx
As the 443 port has been used ,we changed the port to 5985,5986 and also update port on VMM Server.
I have tried several times, but keep failure when add the server in DMZ into VMM.
I enabled debug logging of VMM and get following exception from server
at Microsoft.VirtualManager.Engine.TaskRepository.Task`1.SubtaskRun(Object state) ***
Carmine error was: AMAgentNotRespondingOnDMZHost (426) *** test.mydomain.local **
[s#370cc] Task`1.SubtaskRun(this: (Task`1#2b), TaskID: (guid) 101a000e-3869-436a-9e20-eec5f1cd5b55) in Task.cs:line 252 Full call stack from when the exception was thrown: at System.Environment.GetStackTrace(Exception e, Boolean
needFileInfo) at ystem.Environment.get_StackTrace() at Microsoft.VirtualManager.Utils.CarmineException..ctor(ErrorInfo error, Exception innerException) at Microsoft.VirtualManager.Engine.Adhc.AddAgentTask.ThrowCarmineException(ErrorInfo
error, Exception innerException) at Microsoft.VirtualManager.Engine.Adhc.AddAgentTask.CheckIfInstallRequired() at icrosoft.VirtualManager.Engine.Adhc.AddAgentTask.InstallAgentIfNeeded() at icrosoft.VirtualManager.Engine.Adhc.AddHostAgentSubtask.SubtaskThreadFunction()
at icrosoft.VirtualManager.Engine.Adhc.AddAgentTask.RunSubtask() at icrosoft.VirtualManager.Engine.TaskRepository.SubtaskBase.Run() at icrosoft.VirtualManager.Engine.Adhc.AddHostSubtask.InstallAgent(Host lockedDbHost)
at icrosoft.VirtualManager.Engine.Adhc.AddHyperVHostSubtask.RunDeploymentSubtasks(Host lockedDbHost) at icrosoft.VirtualManager.Engine.Adhc.AddHostSubtask.RunSubtask() at icrosoft.VirtualManager.Engine.TaskRepository.SubtaskBase.Run()
at icrosoft.VirtualManager.Engine.TaskRepository.Task`1.SubtaskRun(Object state) at ystem.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
在 System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at ystem.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at ystem.Threading.ThreadPoolWorkQueue.Dispatch(),{101a000e-3869-436a-9e20-eec5f1cd5b55}
I aware the issue may relate to many problems, include firewall, security... etc.
I was wandering if there is an best practice to troubleshooting the problem.
Thanks.

Hello, would be any one experienced VMM Agent installation on DMZ?

SCOM Agents in DMZ via Gateway Server

I need to monitor all the web servers in our DMZ by placing a Gateway Server between them and SCOM RMS.
Jus a simple Question I have ................do I need to install certificates on all my web servers in DMZ to talk to SCOM Gateway Server or not????
If I need certificates on all my DMZ webservers then what is the purpose of a gateway server?
thanx

Hi There,
The certificate installation depends on the scenario.
Scenario 1# If the Gateway server is in domain but, the servers in DMZ are not part of domain. We need certificate for each server to create Trust with Gateway server. Otherwise Gateway may not authenticate agent servers due to domain mismatch. And AD authentication
is must while installing Agents.
Scenario 2# If the Gateway Server and Agent Servers are in same domain in DMZ. In this scenario we need to have certificate only for Agent Servers not for Agent Servers, as the agents will be authenticated using AD (due to same domain).
Scenario 3# If none of the Gateway server or Agent Server are in Domain. This case we need to issue certificate for each Server, including Gateway Server. This scenario the Gateway server will work as a mediator for communication only(in a Manner of speaking).
Be sure that Gateway server concept can be avoided with servers DMZ and not in domain, but this will increase the security risk by authorizing multiple endpoint rules in firewall.
Below link will give you more info about Gateway servers and its uses.
http://technet.microsoft.com/en-us/library/hh212823.aspx
http://technet.microsoft.com/en-us/library/hh230684.aspx
Thanks,
Goutam Nepak

Scom agent errors from dmz computer

hello everybody.
i have installed scom agent on dmz computer. there is connection with scom rms server and after approving it listed in my agent managed computer list.
but i have some erros in agent computer event log .
hear is.
Log Name:      Operations Manager
Source:        Health Service Modules
Date:          03/10/2014 09:17:13
Event ID:      11903
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      srv-ns1
Description:
The Microsoft Operations Manager Expression Filter Module could not convert the received value to the requested type.
Property Expression: Property[@Name='QueriesResponded']
Property Value: Property[@Name='QueriesResponded']
Conversion Type: DataItemElementTypeInteger(5)
Original Error: 0x80FF005A
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.Server.DNS.2012R2.Monitor.DNSSEC.NameResolutionQueries
Instance name: ameriaam.am on srv-ns1
Instance ID: {CA3BB4AA-6AD9-B0CD-D35E-CF17BAC9BCE2}
Management group: AmeriabankMG
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Health Service Modules" />
    <EventID Qualifiers="49152">11903</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-10-03T05:17:13.000000000Z" />
    <EventRecordID>1051</EventRecordID>
    <Channel>Operations Manager</Channel>
    <Computer>srv-ns1</Computer>
    <Security />
</System>
<EventData>
    <Data>AmeriabankMG</Data>
    <Data>Microsoft.Windows.Server.DNS.2012R2.Monitor.DNSSEC.NameResolutionQueries</Data>
    <Data>ameriaam.am on srv-ns1</Data>
    <Data>{CA3BB4AA-6AD9-B0CD-D35E-CF17BAC9BCE2}</Data>
    <Data>Property[@Name='QueriesResponded']</Data>
    <Data>Property[@Name='QueriesResponded']</Data>
    <Data>DataItemElementTypeInteger(5)</Data>
    <Data>0x80FF005A</Data>
</EventData>
</Event>
Log Name:      Operations Manager
Source:        Health Service Modules
Date:          03/10/2014 09:17:13
Event ID:      11903
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      srv-ns1
Description:
The Microsoft Operations Manager Expression Filter Module could not convert the received value to the requested type.
Property Expression: Property[@Name='QueriesResponded']
Property Value: Property[@Name='QueriesResponded']
Conversion Type: DataItemElementTypeInteger(5)
Original Error: 0x80FF005A
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.Server.DNS.2012R2.Monitor.DNSSEC.NameResolutionQueries
Instance name: esazatem.am on srv-ns1
Instance ID: {8A7B8118-E730-492F-30BD-E754979CF884}
Management group: AmeriabankMG
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Health Service Modules" />
    <EventID Qualifiers="49152">11903</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-10-03T05:17:13.000000000Z" />
    <EventRecordID>1049</EventRecordID>
    <Channel>Operations Manager</Channel>
    <Computer>srv-ns1</Computer>
    <Security />
</System>
<EventData>
    <Data>AmeriabankMG</Data>
    <Data>Microsoft.Windows.Server.DNS.2012R2.Monitor.DNSSEC.NameResolutionQueries</Data>
    <Data>esazatem.am on srv-ns1</Data>
    <Data>{8A7B8118-E730-492F-30BD-E754979CF884}</Data>
    <Data>Property[@Name='QueriesResponded']</Data>
    <Data>Property[@Name='QueriesResponded']</Data>
    <Data>DataItemElementTypeInteger(5)</Data>
    <Data>0x80FF005A</Data>
</EventData>
</Event>
Log Name:      Operations Manager
Source:        Health Service Modules
Date:          03/10/2014 09:17:12
Event ID:      11903
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      srv-ns1
Description:
The Microsoft Operations Manager Expression Filter Module could not convert the received value to the requested type.
Property Expression: Property[@Name='QueriesResponded']
Property Value: Property[@Name='QueriesResponded']
Conversion Type: DataItemElementTypeInteger(5)
Original Error: 0x80FF005A
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.Server.DNS.2012R2.Monitor.DNSSEC.NameResolutionQueries
Instance name: ameriagroup.am on srv-ns1
Instance ID: {C57A482A-A0B6-CC89-0855-FD43B75FCE26}
Management group: AmeriabankMG
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Health Service Modules" />
    <EventID Qualifiers="49152">11903</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-10-03T05:17:12.000000000Z" />
    <EventRecordID>1047</EventRecordID>
    <Channel>Operations Manager</Channel>
    <Computer>srv-ns1</Computer>
    <Security />
</System>
<EventData>
    <Data>AmeriabankMG</Data>
    <Data>Microsoft.Windows.Server.DNS.2012R2.Monitor.DNSSEC.NameResolutionQueries</Data>
    <Data>ameriagroup.am on srv-ns1</Data>
    <Data>{C57A482A-A0B6-CC89-0855-FD43B75FCE26}</Data>
    <Data>Property[@Name='QueriesResponded']</Data>
    <Data>Property[@Name='QueriesResponded']</Data>
    <Data>DataItemElementTypeInteger(5)</Data>
    <Data>0x80FF005A</Data>
</EventData>
</Event>

These errors are coming from the DNS 2012 R2 MP. Is this server in your DMZ a DNS 2012 R2 Server? if not, it should go away once the discovery for this mp runs or re-runs, and the SCOM agent stops running those monitors on that agent. If it does not go away,
stop the SCOM Agent, and clear the agent cache then start up the agent again.
Hope this helps!
Scott Moss MVP (Operations Manager) President - System Center Virtual Users Group |Vice President - Atlanta Southeast Management Users Group (ATL SMUG)
Please remember to click “Mark as Answer” on the post that helps you!
my new blog om2012.wordpress.com

I think QT is at fault? Error -8 , DMZ, No Firewall, No Encryption....

Hi,
I had a bunch of error -8 messages, then they went away and I was happy. Now they are back and I am miserable.
The only real change that occured since the last time iChat worked and now that it is poop, is that I upgraded to QuickTime Pro - and I ran an update for M$ office 2004, and a security update for Java.
This is what I have done so far. I configured the firewall, i turn off the firewall, I set up a static IP, I went DMZ, I turned off iChat encryption, QT is set to 1.5 Mb...
When I try to Video Chat with my friend, I get the following:
<Me> did not respond
And here is the message to Apple:
Date/Time: 2006-12-23 18:39:58.918 -0500
OS Version: 10.4.8 (Build 8L2127)
Report Version: 4
iChat Connection Log:
AVChat started with ID 2569740774.
0x44c160: State change from AVChatNoState to AVChatStateWaiting.
[email protected]: State change from AVChatNoState to AVChatStateInvited.
0x44c160: State change from AVChatStateWaiting to AVChatStateConnecting.
[email protected]: State change from AVChatStateInvited to AVChatStateConnecting.
0x44c160: State change from AVChatStateConnecting to AVChatStateEnded.
Chat ended with error -8
[email protected]: State change from AVChatStateConnecting to AVChatStateEnded.
Chat ended with error -8
Video Conference Error Report:
@:0 type=4 (00000000/22)
[VCSIP_INVITEERROR]
[19]
@SIP/SIP.c:2437 type=4 (900A0015/22)
[SIPConnectIPPort failed]
@SIP/SIP.c:2437 type=4 (900A0015/22)
[SIPConnectIPPort failed]
Video Conference Support Report:
@SIP/Transport.c:1218 type=1 (00000000/0)
[INVITE sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP 192.168.2.98;branch=z9hG4bK46e5e8e30cda0d2b
Max-Forwards: 70
To: "u0" <sip:[email protected]>
From: "[email protected]" <sip:[email protected]>;tag=856212704
Call-ID: e06a9b7a-92de-11db-989d-d4060f3613c4@lip
CSeq: 1 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 500
v=0
o=francoisdavid 0 0 IN IP4 192.168.2.98
[email protected]
c=IN IP4 192.168.2.98
b=AS:2147483647
t=0 0
a=hwi:1092:2:2160
a=bandwidthDetection:YES
a=iChatEncryption:NO
m=audio 16386 RTP/AVP 12 3 0
a=rtpmap:3 GSM/8000
a=rtpmap:0 PCMU/8000
a=rtpID:-1762381632
m=video 16384 RTP/AVP 126 34
a=rtpmap:126 X-H264
a=fmtp:34 imagesize 1 rules 30:352:288
a=framerate:20
a=RTCP:AUDIO 16387 VIDEO 16385
a=pogo
a=fmtp:126 imagesize 0 rules 20:640:480:640:480
a=rtpID:1374871985
@SIP/Transport.c:1218 type=1 (00000000/0)
[INVITE sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP 192.168.2.98;branch=z9hG4bK46e5e8e30cda0d2b
Max-Forwards: 70
To: "u0" <sip:[email protected]>
From: "[email protected]" <sip:[email protected]>;tag=856212704
Call-ID: e06a9b7a-92de-11db-989d-d4060f3613c4@lip
CSeq: 1 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 500
v=0
o=francoisdavid 0 0 IN IP4 192.168.2.98
[email protected]
c=IN IP4 192.168.2.98
b=AS:2147483647
t=0 0
a=hwi:1092:2:2160
a=bandwidthDetection:YES
a=iChatEncryption:NO
m=audio 16386 RTP/AVP 12 3 0
a=rtpmap:3 GSM/8000
a=rtpmap:0 PCMU/8000
a=rtpID:-1762381632
m=video 16384 RTP/AVP 126 34
a=rtpmap:126 X-H264
a=fmtp:34 imagesize 1 rules 30:352:288
a=framerate:20
a=RTCP:AUDIO 16387 VIDEO 16385
a=pogo
a=fmtp:126 imagesize 0 rules 20:640:480:640:480
a=rtpID:1374871985
@SIP/Transport.c:1218 type=1 (00000000/0)
[INVITE sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP 192.168.2.98;branch=z9hG4bK46e5e8e30cda0d2b
Max-Forwards: 70
To: "u0" <sip:[email protected]>
From: "[email protected]" <sip:[email protected]>;tag=856212704
Call-ID: e06a9b7a-92de-11db-989d-d4060f3613c4@lip
CSeq: 1 INVITE
Contact: <sip:[email protected]>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 500
v=0
o=francoisdavid 0 0 IN IP4 192.168.2.98
[email protected]
c=IN IP4 192.168.2.98
b=AS:2147483647
t=0 0
a=hwi:1092:2:2160
a=bandwidthDetection:YES
a=iChatEncryption:NO
m=audio 16386 RTP/AVP 12 3 0
a=rtpmap:3 GSM/8000
a=rtpmap:0 PCMU/8000
a=rtpID:-1762381632
m=video 16384 RTP/AVP 126 34
a=rtpmap:126 X-H264
a=fmtp:34 imagesize 1 rules 30:352:288
a=framerate:20
a=RTCP:AUDIO 16387 VIDEO 16385
a=pogo
a=fmtp:126 imagesize 0 rules 20:640:480:640:480
a=rtpID:1374871985
@SIP/Transport.c:1218 type=1 (00000000/0)
[INVITE sip:[email protected]:60326 SIP/2.0
Via: SIP/2.0/UDP m.0:33744;branch=z9hG4bK4a7b846141a72bbb
Max-Forwards: 70
To: "u0" <sip:[email protected]:60326>
From: "[email protected]" <sip:[email protected]>;tag=324498562
Call-ID: df39429c-92de-11db-989d-dc465ff013c4@lip
CSeq: 1 INVITE
Contact: <sip:[email protected]:33744>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 502
v=0
o=francoisdavid 0 0 IN IP4 m.0
[email protected]
c=IN IP4 m.0
b=AS:2147483647
t=0 0
a=hwi:1092:2:2160
a=bandwidthDetection:YES
a=iChatEncryption:NO
m=audio 33732 RTP/AVP 12 3 0
a=rtpmap:3 GSM/8000
a=rtpmap:0 PCMU/8000
a=rtpID:-1762381632
m=video 34780 RTP/AVP 126 34
a=rtpmap:126 X-H264
a=fmtp:34 imagesize 1 rules 30:352:288
a=framerate:20
a=RTCP:AUDIO 33728 VIDEO 33752
a=pogo
a=fmtp:126 imagesize 0 rules 20:640:480:640:480
a=rtpID:1374871985
@SIP/Transport.c:1218 type=1 (00000000/0)
[INVITE sip:[email protected]:60326 SIP/2.0
Via: SIP/2.0/UDP m.0:33744;branch=z9hG4bK4a7b846141a72bbb
Max-Forwards: 70
To: "u0" <sip:[email protected]:60326>
From: "[email protected]" <sip:[email protected]>;tag=324498562
Call-ID: df39429c-92de-11db-989d-dc465ff013c4@lip
CSeq: 1 INVITE
Contact: <sip:[email protected]:33744>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 502
v=0
o=francoisdavid 0 0 IN IP4 m.0
[email protected]
c=IN IP4 m.0
b=AS:2147483647
t=0 0
a=hwi:1092:2:2160
a=bandwidthDetection:YES
a=iChatEncryption:NO
m=audio 33732 RTP/AVP 12 3 0
a=rtpmap:3 GSM/8000
a=rtpmap:0 PCMU/8000
a=rtpID:-1762381632
m=video 34780 RTP/AVP 126 34
a=rtpmap:126 X-H264
a=fmtp:34 imagesize 1 rules 30:352:288
a=framerate:20
a=RTCP:AUDIO 33728 VIDEO 33752
a=pogo
a=fmtp:126 imagesize 0 rules 20:640:480:640:480
a=rtpID:1374871985
@SIP/Transport.c:1218 type=1 (00000000/0)
[INVITE sip:[email protected]:60326 SIP/2.0
Via: SIP/2.0/UDP m.0:33744;branch=z9hG4bK4a7b846141a72bbb
Max-Forwards: 70
To: "u0" <sip:[email protected]:60326>
From: "[email protected]" <sip:[email protected]>;tag=324498562
Call-ID: df39429c-92de-11db-989d-dc465ff013c4@lip
CSeq: 1 INVITE
Contact: <sip:[email protected]:33744>;isfocus
User-Agent: Viceroy 1.2
Content-Type: application/sdp
Content-Length: 502
v=0
o=francoisdavid 0 0 IN IP4 m.0
[email protected]
c=IN IP4 m.0
b=AS:2147483647
t=0 0
a=hwi:1092:2:2160
a=bandwidthDetection:YES
a=iChatEncryption:NO
m=audio 33732 RTP/AVP 12 3 0
a=rtpmap:3 GSM/8000
a=rtpmap:0 PCMU/8000
a=rtpID:-1762381632
m=video 34780 RTP/AVP 126 34
a=rtpmap:126 X-H264
a=fmtp:34 imagesize 1 rules 30:352:288
a=framerate:20
a=RTCP:AUDIO 33728 VIDEO 33752
a=pogo
a=fmtp:126 imagesize 0 rules 20:640:480:640:480
a=rtpID:1374871985
@:0 type=2 (00000000/22)
[VCVIDEO_OUTGOINGATTEMPT]
[4]
Video Conference User Report:
Binary Images Description for "iChat":
0x1000 - 0x17cfff com.apple.iChat 3.1.5 (440) /Applications/iChat.app/Contents/MacOS/iChat
0x15ca0000 - 0x15ca9fff com.apple.IOFWDVComponents 1.9.0
I cut the rest off.
Now, I saw in another post, that perhaps QT is the trouble maker, and the solution could be in re-installing QT.
Well, being the total Mac N00b that I am, how do I reinstall QT?
What kind of irks me a lot, is that my friends have a 1.8 GHz MacBook, and an iMac, they converence fine, it's me with my MBP that is poop.
Thanks, and Merry Christmas

Needed to turn off the firewall and go use the DMZ IP address on the router.

Log Out Page is Not working in R12.1.3 DMZ

Hi Everyone ,
Good Evening.
Apps Version : 12.1.3
DB Version 11.2.0.3
PLatform : AIX 6.1
Arch : LBR ---> Reverse Proxy ----> EXternal Middle Tier (DMZ) --- DB
I am able to login to External Middle tier using the URL ( https://LBR.Domain/OA_HTML/AppsLocalLogin.jsp. I am able to navigate the links like preferences , Diagnostic , Home. But As soon as I am clicking on the log out link , I am getting http 500 error.
One this Which I have Observer that Lou out Url is changing to the host name of the server instead of LBR Name as
( https://hostname.domain/OA_HTML/AppsLocalLogin.jsp?cancelUrl=/OA_HTML/AppsLocalLogin.jsp&_logoutRedirect=y&langCode=US)
I have already followed the doc on Metalinks but no luck. Have tried to run the Autoconfig and bouncing of application but no luck. Enabled the Debug for OC4J but couldn't get any thing
Advanced Configurations and Topologies for Enterprise Deployments of E-Business Suite 11i [ID 217368.1]
Oracle E-Business Suite R12 Configuration in a DMZ (Doc ID 380490.1)
MOS Doc 380489.1 (Using Load-Balancers with Oracle E-Business Suite Release 12)
Tips and Queries for Troubleshooting Advanced Topologies (Doc ID 364439.1)
Enabling SSL in Oracle E-Business Suite Release 12 (Doc ID 376700.1)
Case History: Implementing a Reverse Proxy Alone in a DMZ Configuration - R12 (Doc ID 726953.1)
Regards
Sourabh Gupta

Access LOG
192.25.91.72 - - [12/Jan/2013:03:19:51 -0800] "GET /OA_HTML/AppsLocalLogin.jsp HTTP/1.1" 302 654
192.25.91.72 - - [12/Jan/2013:03:20:09 -0800] "GET /OA_HTML/RF.jsp?function_id=33375&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US&params=Qs-5KmFWI7wTvCh5zUbV0Q&oa
s=kukIe_oeKd3-mIFqpYDc-g.. HTTP/1.1" 200 36832
192.25.91.72 - - [12/Jan/2013:03:20:12 -0800] "GET /OA_MEDIA/nlsgb.gif HTTP/1.1" 404 224
192.25.91.72 - - [12/Jan/2013:03:20:13 -0800] "GET /favicon.ico HTTP/1.1" 404 217
192.25.91.72 - - [12/Jan/2013:03:20:43 -0800] "POST /OA_HTML/OA.jsp?page=/oracle/apps/fnd/sso/login/webui/MainLoginPG&_ri=0&_ti=1178971693&language_code=US&requestUrl=&oapc=2&oa
s=yYEcdVDqcyn1J76kQdGvIg.. HTTP/1.1" 302 297
192.25.91.72 - - [12/Jan/2013:03:20:49 -0800] "GET /OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE HTTP/1.1" 200 23961
192.25.91.72 - - [12/Jan/2013:03:20:51 -0800] "GET /favicon.ico HTTP/1.1" 404 217
192.25.91.72 - - [12/Jan/2013:03:20:51 -0800] "POST /OA_HTML/RF.jsp?function_id=MAINMENUREST&security_group_id=0 HTTP/1.1" 200 527
192.25.91.72 - - [12/Jan/2013:03:20:58 -0800] "GET /OA_HTML/OALogout.jsp?menu=Y HTTP/1.1" 302 255
192.25.91.72 - - [12/Jan/2013:03:20:59 -0800] "GET /OA_HTML/AppsLogout HTTP/1.1" 302 474
192.25.91.72 - - [12/Jan/2013:03:21:21 -0800] "GET /OA_HTML/xxatatgibeCAcdLogin.jsp HTTP/1.1" 200 4955
192.25.91.72 - - [12/Jan/2013:03:21:22 -0800] "GET /favicon.ico HTTP/1.1" 404 217
Error-Log ====================
[Sat Jan 12 05:27:42 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997262:192.25.89.136:17825804
:0:16,0] mod_oc4j: Response header 3, Key: Location, Value: https://LBR:443/OA_HTML/AppsLogout
[Sat Jan 12 05:27:42 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1748): [client 192.25.91.72] [ecid: 1357997262:192.25.89.136:17825804
:0:16,0] mod_oc4j: sending response chunk to client: 243 bytes
[Sat Jan 12 05:27:42 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_main.c(554): [client 192.25.91.72] [ecid: 1357997262:192.25.89.136:17825804:0:16,0]
mod_oc4j: Successfully serviced the request by worker: home.
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(845): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Sending request to: hostname.cos.domain.com:21530
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(900): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: num request headers: 13
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 0, Key: Accept, Value: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 1, Key: Accept-Charset, Value: ISO-8859-1,utf-8;q=0.7,*;q=0.3
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 2, Key: Accept-Encoding, Value: gzip,deflate,sdch
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 3, Key: Accept-Language, Value: en-US,en;q=0.8
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 4, Key: Connection, Value: Keep-Alive
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 5, Key: Cookie, Value: OTST_pses=ZGF3942C49577C19434B20BB2BFC38217F24B83798344666F7EBDA8A2CE821953ED87BB7860DF6137DC51AB7F3AB1DD1D7; JSESSIONID=
1d74eb5633089116f24c2c69ae565cbadc116765f9bbba7ef053c2d31f9f18a2.e38QahiPbxuObi0LbxeKaN0Kch0Re0; rvprod=; AGRL=thcgn_ivteb36%40lnubb.pb.va%7C%3A%3Bbde49ffdb22662e94721e6e73d7c20
f4%3A%3DUmaluUp4qT5fgOwL8NFUGg%3D%3D%3A%3B57f4c9dc1bf265e6378a7ea00a65338f%3A%3DUmaluUp4qT5fgOwL8NFUGg%3D%3D%3A%3B4ed5d2eaed1a1fadcc41ad1d58ed603e%3A%3DUmaluUp4qT5fgOwL8NFUGg%3D
%3D%3A%3Bdb486e4cdf8b2048591e59f683319c4c%3A%3DUmaluUp4qT5fgOwL8NFUGg%3D%3D%3A%3B459d9fca17e3a950deae755d13578292%3A%3DUmaluUp4qT5fgOwL8NFUGg%3D%3D%3A%3Bed89387bcd11937a7a92a99a
2cbfb5d7%3A%3Dox20hZArLI714LpPDtK%2Fhw%3D%3D%3A%3Bef21925fada6dfb684b5d8ec72114bb1%3A%3DATXmBagSN%2B8f817OiRKOyg%3D%3D%3A%3Bf7a42fe7211f98ac7a60a285ac3a9e87%3A%3DUmaluUp4qT5fgOw
L8NFUGg%3D%3D%3A%3B851f5ac9941d720844d143ed9cfcf60a%3A%3DUmaluUp4qT5fgOwL8NFUGg%3D%3D%3A%3B9ed39e2ea931586b6a985a6942ef573e%3A%3DUmaluUp4qT5fgOwL8NFUGg%3D%3D%3A%3Becfdd0a8fcb7da
c5ef0e651b7a6bb24c%3A%3DUmaluUp4qT5fgOwL8NFUGg%3D%3D; AGWL=; s_vi=[CS]v1|2834C339851633B7-600001A68017C480[CE]; treemenu1=none open; OTST=t3ThpFHMpGPbJV3neU811CUwTg; oracle.uix=
0^^GMT+5:30^p
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 6, Key: Host, Value: hostname.cos.domain.com:4493
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 7, Key: Referer, Value: https://LBR/OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 7, Key: Referer, Value: https://LBR/OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 8, Key: User-Agent, Value: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.52 Safari/537.17
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 9, Key: X-Forwarded-For, Value: 192.25.91.88
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 10, Key: X-Forwarded-Host, Value: LBR
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 11, Key: X-Forwarded-Server, Value: LBR
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(914): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: Request header 12, Key: Oracle-ECID, Value: 1357997264:192.25.89.136:12451862:0:52,0
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(980): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:
0:52,0] mod_oc4j: jvm_route: e38QahiPbxuObi0LbxeKaN0Kch0Re0
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1117): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: uri4oc4j: /OA_HTML/AppsLogout
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1668): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] Number of response headers: 8
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: Response header 0, Key: Date, Value: Sat, 12 Jan 2013 13:27:43 G
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: Response header 1, Key: Content-Type, Value: text/html
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: Response header 2, Key: Set-Cookie, Value: JSESSIONID=1d74eb5633089116f24c2c69ae565cbadc116765f9bbba7ef053c2d31f9f18a2.e38QahiPbxuObi0LbxeKaN0Kch0Re0; path=/O
A_HTML; secure
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: Response header 3, Key: Set-Cookie, Value: OTST=-1; Domain=.domain.com; Path=/; Secure
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: Response header 4, Key: Cache-Control, Value: no-cache
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: Response header 5, Key: Pragma, Value: no-cache
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: Response header 6, Key: Expires, Value: Thu, 01 Jan 1970 00:00:00 GMT
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1700): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: Response header 7, Key: Location, Value: https://hostname.cos.domain.com/OA_HTML/AppsLocalLogin.jsp?cancelUrl=/OA_HTML/AppsLocalLogin.jsp&_logoutRedirect=y&l
angCode=US
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_ajp13_worker.c(1748): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862
:0:52,0] mod_oc4j: sending response chunk to client: 462 bytes
[Sat Jan 12 05:27:44 2013] [debug] /ade/plebld_ascore_467553/oracle/asg_apache/oc4j/src/oc4j_main.c(554): [client 192.25.91.72] [ecid: 1357997264:192.25.89.136:12451862:0:52,0]
mod_oc4j: Successfully serviced the request by worker: home.

Failover agents who work with active directory integration

Hi Guys,
I have implemented 'Active Directory' failover in SCOM. But what i see is that it doesn't work.
The agents are assigned by AD, but the first (RMS Role) management server has got all the agents and is to busy and
has got many problems to handle all the load. Even with this case nothing is failing over.
A few i could failover with hand, but the most i cannot because 'change primary management' server is blanked out. Even with the agents turned back from manuel to automatic (blog Kevin Holman).
1. Has anybody got any idea of getting the AD failover to work automatic?
2. Has anybody got a workaround to do this manual, by powershell (SCOM 2012 R2 cmdlets), bypassing the grayed out 'Change primary management server?
3. In my failover screen is see the management servers + the internet DMZ gateway server. I don't want to failover to the internet DMZ Gateway server. Can i delete this?
Please have a look at my specific question. I did read many blogs who are based on powershell without AD integration or AD integration without explaining how the automatic failover works.
Kind regards,
André

Hi,
SCOM windows agents automatic failover does not require AD integration or PowerShell scripting or Configuration Manager or manual agents installation specially for small to medium environment and agents distribution between different SCOM management servers
can be accomplished through push agents wizard, and windows agents failover can be simply verified from event viewer.
Please refer to the below links for more details:
How to Use Active Directory Domain Services to Assign Computers to Management Servers
http://technet.microsoft.com/en-us/library/hh212712.aspx
OpsMgr AD Integration - how it works
http://blogs.msdn.com/b/steverac/archive/2008/03/20/opsmgr-ad-integration-how-it-works.aspx
Regards,
Yan Li
Regards, Yan Li

SCCM 2012 What Ports Do I need to open so DMZ servers can communicate with my SCCM Server?

Hi,
What ports do I need to open in the firewall so my DMZ servers can talk to my SCCM server on the network?
Here are my steps before to make my DMZ servers talk to my SCCM server:
1. On my SCCM 2012 SP1 CU2 I have bounderies installed --> I install SCCM Client on my DMZ server with the appropriate switches --> I go back to my SCCM server to approve the server --> Works
But now my DMZ servers stops getting definition updates from my SCCM server and I was suggested that it is much easier to open ports in DMZ.
Now, could you please tell me what ports should we open to ensure two way communication among servers?
Thanks!

Yes and no. It's a bit muddy at times.
For Internet based clients, putting an Internet-enabled MP in the DMZ is perfectly acceptable because Internet clients will only choose MPs enabled for Internet communication.
For systems in the DMZ, that's where it really gets muddy. There's no perfect way to accomplish this. IMO, DMZ clients should be allowed to go back to the MP/DP in the Intranet with a targeted opening in the DMZ firewall rules that allows them to only go
to the internal MP. That's a security policy question though for your organization.
Another option is to treat the clients in the DMZ as Internet only clients. This way, they will only go to the Internet MP in the DMZ. You do lose some functionality though like Remote Control.
A final way is to actually put an MP/DP in the DMZ and deal with the timeout's that happen when clients try to talk to the MP in the Intranet. Clients will try 5 times to contact that MP before giving up. They try to find a new MP at the following times
(which are not configurable):
- Every 25 hours
- WHen the client detects a network change
- When the client agent starts
Jason | http://blog.configmgrftw.com

Configuration of grid control agent 11g

Hello guys,
I have problem with configuration of Grid control agent 11g. Root cause of the problem is that target machine is in DMZ Zone. So there is lack of ports enabled. Other agents I've been installed works properlly.
The one I am talking is able to upload data, but in case of configration I get error message: "Error occurred while getting information for the specified target. Possible reasons include: the target doesn't exist; connection to the target failed."
Here you are output from emctl status agent
Oracle Enterprise Manager 11g Release 1 Grid Control 11.1.0.1.0
Copyright (c) 1996, 2010 Oracle Corporation. All rights reserved.
Agent Version : 11.1.0.1.0
OMS Version : 11.1.0.1.0
Protocol Version : 11.1.0.0.0
Agent Home : /orahome/agent11g
Agent binaries : /orahome/agent11g
Agent Process ID : 3011
Parent Process ID : 2985
Agent URL : https://demodb:1830/emd/main/
Repository URL : https://admin:4900/em/upload
Started at : 2011-02-11 10:23:43
Started by user : oracle
Last Reload : 2011-02-11 10:39:40
Last successful upload : 2011-02-11 17:04:08
Total Megabytes of XML files uploaded so far : 20.98
Number of XML files pending upload : 0
Size of XML files pending upload(MB) : 0.00
Available disk space on upload filesystem : 14.21%
Last successful heartbeat to OMS : 2011-02-11 17:13:05
Agent is Running and Ready
emctl status oms -details
Oracle Enterprise Manager 11g Release 1 Grid Control
Copyright (c) 1996, 2010 Oracle Corporation. All rights reserved.
Enter Enterprise Manager Root (SYSMAN) Password :
Console Server Host : admin
HTTP Console Port : 7788
HTTPS Console Port : 7799
HTTP Upload Port : 4889
HTTPS Upload Port : 4900
OMS is not configured with SLB or virtual hostname
Agent Upload is locked.
OMS Console is locked.
Active CA ID: 1
Enabled ports:
from admin to demodb -1830
from demodb to admin - 4900, 4889
What else ports neeeds to be enabled? 1521..?
Thanks in advance!
Have a nice day

Thanks Lubiez Jean-Valentin! I think the point is here.
Configuring the Firewall to Allow Incoming Communication From the Management Service
While the Management Agents in your environment must upload data from your managed hosts to the Management Service, the Management Service must also communicate with the Management Agents. As a result, if the Management Agent is protected by a firewall, the Management Service must be able to contact the Management Agent through the firewall on the Management Agent port.
By default, the Enterprise Manager installation procedure assigns port 1830 to the Management Agent. However, if that port is occupied, the installation may assign an alternate port number.
After you determine the port number assigned to the Management Agent, you must then configure the firewall to allow incoming HTTP or HTTPS traffic (depending upon whether or not you have enabled Enterprise Manager Framework Security) on that port.
As I said already port 1830 was enabled. I did it because I saw that agent status - attached also here.
In case anybody know please tell me who to determine the port assigned to the Mangement Agent...

Installing Sun Messaging Server on DMZ Architecture

Hello,
we want to install Sun Messaging Server in a DMZ Architecture and I need know if it is possible to install the Messaging Server on the private network to protect data and users, and a pop agent on the DMZ which allows the public to access to mail accounts.
For this I want to know how to install Sun Messaging Server, so I install two instances of Messaging Server over the DMZ and the other on Private, and then what there components that need be configured in each side (Store, SMTP in Private and POP in DMZ).
Finally Thank you for your understanding.
Good works.
Mabrouk Bouchoucha
GS1 Tunisia

GS1-Tunisia wrote:
we want to install Sun Messaging Server in a DMZ Architecture and I need know if it is possible to install the Messaging Server on the private network to protect data and users, and a pop agent on the DMZ which allows the public to access to mail accounts.This is very-much possible and is in-fact a common deployment. There is an example here:
http://docs.sun.com/app/docs/doc/819-4439/acrqg?a=view
In your case Tier 2 would be inside the DMZ (private network) and Tier 1 outside the DMZ (public network).
For this I want to know how to install Sun Messaging Server, so I install two instances of Messaging Server over the DMZ and the other on Private, and then what there components that need be configured in each side (Store, SMTP in Private and POP in DMZ).MTA + MMP + Webmail daemon go on the private network.
Store + MTA goes on the public network.
Regards,
Shane.

SMD agent communication channel

Hi All,
I am configuring SMD for our landscape.
I have successfully installed Wily Introscope Enterprise Manager 7.2 on our solution manager system.
from what i understand i need to install SMD agent in satellite system to connect to SMD server in Solman system. fyi, my satellite system reside in different segment of solman system. Whats port do i have to use to connect the SMD agent(satellite) & SMD server(Solman system)? Thanks
Ridhwan

The following ports have to be opened up in your firewall prior to End-to-End Diagnostics
installation. It is recommended to place the SAP Solution Manager within the same subnet or
DMZ of your managed landscape. In case you are managing systems in different subnets you
have to adapt your security settings and firewall accordingly.
Connection established u201CServiceu201D on dest. host / Protocol Service port example /from host(s) Format Src. Host to host
Dest. Host
Outside Diagnostics
Server
J2EE engine / HTTP
Ex: 50100 /
5<InstanceNb>00
DMZ Diagnostics Server
ITS / HTTP Default: 8000
Outside Diagnostics Server
Introscope Manager/ HTTP
Default: 8081
Diagnostics Server
IGS / HTTP Ex: 41080 /
4<InstanceNb>80
ALL Managed systems
(Diag. Agent)
Diagnostics Server
J2EE engine / P4 Ex: 50104 / 5<InstanceNb>04
ALL Managed
Diagnostics Server
Message srv. / HTTP
Ex: 8101 / 81<InstanceNb>
Hope this helps,
Thanks
Aditya.

What is the Action account type to be created to Workgroup agents in SCOM for monitoring them

Hi All,
I have newly deployed 20 Workgroup Windows server 2008 R2 DMZ machines in our SCOM 2007 R2. We have deployed it using certificates and ever thing is working fine except for the below.
I keep getting the below alert saying "Run as account login check failed" on all the 20 agents.
So i want to know what type of Run as account is to be created for monitoring the Workgroup agents from the below list ?
Also to which all Run as profile do i need to add the account post creating the Run as account so i the agent is fully being monitored ?
Gautam.75801

Hey
Gautam.75801, I use Action Account. As mentioned also make sure your distribute the Action account to the workgroup computers and update the default action account as Roger mentioned.
Cheers,
Martin
Blog:
http://sustaslog.wordpress.com
LinkedIn:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

After installation of Mavericks, I get the warning : Apple Qmaster File Agent not found. Any solutions?

Hello,
Everything was great running Mavericks in FCPX and seemingly Compressor... up until I hit the 'submit' button on a project. I found the following thread, which is related, but it doesn't mention Mavericks so I started a new one here. I'm guessing my problem has to do with Mavericks because I was able to export videos fine yesterday before the upgrade. I followed Russ' potential solution in that thread to no avail. The same problem happens whether I try to use the systems cluster or not. Here's the thread:
https://discussions.apple.com/message/23434754#23434754
After trying all of that, I decided to use FCS Remover to remove FCPX, Compressor and QMaster (like I've had to do in the past when something would stop working after an update). I then re-installed everything and opened my Compressor project back up for export. I was expecting it to go through at that point, but alas, the same dreaded warning message appears: "An internal error occurred: Apple Qmaster File Agent not found."
I'm stumped. Don't know what to do besides uninstalling all my pro apps, including QMaster, and reinstalling.
Any ideas?

I set QMaster Preferences for Compressor Services to "Share" = checked and "Managed" = Checked, then I set Instances to 4, it did not work, back to the original error "Qmaster file Agent not found".
Look at some of your information I noticed that in Qmaster Preference the "Advanced" - Network - Use Network Interface: "All Interfaces". So I changed that to "Built-in Ethernet 2" (NIC my cable is plugged into) and set "Enable Port Range: From 50,000 with number of ports 1000".
So, for the heck of it I tried setting Instances to 2 -- and it worked, look in Batch Monitor I see 5 segments, 1 audio and 4 video with 2 out of 4 video transcoding (each was assigned about a 2 min chunk of video). Progress -- ok, so now I set Instances to 3 and submit batch -- it's still working, I get 7 segments 6 video and 1 audio. Ok the big test, setting Instances to 4 and it still works!! 9 segments, 8 video and 1 audio, WoooHoo, its working!
Just to be sure I open up Activity monitor and all 4 of my CPUs were cranking at 95% utilization.
Also checked OS X firewall setting, they are set to most minimal. Checked my router also, 192.168.1.2 is the IP assigned to my MacPro and the router is set to DMZ that specific IP (meaning is basically open to any port).
But I think the KEY in my case was to change the "Use Network Interface" from "All Interfaces" to "Built-in Ethernet 2" and then Enable Port Range from 50,000.
On a side note, the progress bars in Batch Monitor and in Compressor are way off with the "Remaining" time estimates -- overall progress will suddenly jump -- it looks as if the remaining time isn't being divided by the number segments currently running or something?
Thank you for your assistance.
Rob.

UCCX 7.0 – Agent not logging on 'NATed' UCCX – License server down

Hello everybody,
One external network needs to work with our private CCM/CCX system.
The IP phones are installed on our managed network and they work fine, but the Cisco Agent Desktop is installed on the external PCs.
To protect and to secure both networks, they’re connected through a DMZ.
I configure a NAT to publish the UCCX and it’s reachable for the PCs with the agent installed.
I’ve updated the CAD directory Services with the natted/published IP, however, when I try to launch the agent, it connects to the published IP and also tries to connect to the real and private IP of the UCCX ( I’ve checked it with a netstat)
After a while there is a time-out and I get a license error.
Please, does anyone know how to get this scenario working?
I didn’t find any place, any register, where to configure this “natted” IP for the agent.
Thanks a lot!

Hi,
CAD does not support server-side network address translation (NAT). The CAD clients
must be able to connect using the real IP addresses of the server components. When
CAD client addresses are translated via NAT, VPN software must be used. If CAD
clients are used in a NAT environment without VPN software, a variety of problems
may occur, such as agents not being visible in Supervisor Desktop.
Reference:
http://www.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/crs/express_7_0/installation/guide/cad66ig-cm.pdf
Hope this helps.
Anand
Please rate the helpful posts by clicking on the stars below the right answers !!

OATS distributed load test agents

Hi,
1) I am preparing to perform a distributed load test on web application. full load is 500 users.
How many agent test servers do I need for this test?
How do i determine the number of servers, as I can't find any best practices or guide online.
2) Is there limitations on the full OATS download via oracle website? i heard that its a 30 day trial but its not stated anywhere of the 30 days limitation.
Joseph

Hi
You don't need to install the data collector in the servers, you can access then remotely using JMX in case of weblogic or JDBC in case of the DB.
You only need to install the agent in the server if you have a close DMZ as then you only need to open the port for the data collector (think is 9001) to the controller instead of opening all the ports needed for monitoring.
Even getting server OS level stats for uinx type servers the datacolector will open an SSH connection and gather the stats, and for windows it can connect remotly using perfmon.
*Note that perfmon uses dynamic ports making it very difficult to guarantee network connections.
Regards
Alex

Agents in DMZ

Similar Messages

Maybe you are looking for