SCOM 2012 and NAP 802.1X Enforcement - Event ID: 6276 during client startup - False positive

Similar Messages

• Orchestrator/SCOM 2012 and UTC Time for Get Alert

  We are currently moving to using Orchestrator to act as a connector between SCOM 2012 and Unicenter for ticket generation.  Right now, the runbook that I have built out does the following.
  Monitor Date/Time > Format Date/Time > Get Alert
  The monitor Date/Time runs every 60 seconds.
  Format Date/Time then pulls from a variable that grabs the current time using now().  I then have it adding 4 hours and 55 minutes to the time to set the UTC time to 5 minutes earlier.
  Get Alert then looks for all alerts that meet a specific criteria.  This includes the time and any alert that was generated within the last 5 minutes, which is why I have it currently set to 4 hours and 55 minutes. 
  In a few months, that's going to break and I'll have to manually update the format date/time to 5 hours and 55 minutes.  What I'm trying to find is a way to do this automatically so the runbook doesn't have to be modified.  I'm thinking of using
  the 'Activity End Time in UTC' from the Monitor Date/Time but want to see if there's any other easier way of doing it.

  Hi again,
  If the question is to have a an easy way to get only Alerts not already seen with "Get Alert" before:
  Use "Update Alert" and update fields like TicketID or ResoultionState after "Get Alert" and exclude this criteria in the Filter tab of "Get Alert" ...
  Regards,
  Stefan
  www.sc-orchestrator.eu ,
  Blog sc-orchestrator.eu

• Top 4 basic issues that are encountered in SCOM 2012 and SCCM 2012

  HI,
  I need to give a presentation on the basic issues that are encountered in SCOM 2012 and SCCm 2012.
  Can anyone help me out with this?
  Thanks in advance
  Rohith Kumar

  Hi,
  I am not familiar with SCCM, so I will give some issue I encounterred in SCOM:
  1. Not monitored and grey agent, here is an article for your reference:
  http://technet.microsoft.com/en-us/library/hh212723.aspx
  2. Failed to discover and install agents, this may caused by the action account or install account does not have proper permissions to install the agents. Some time maybe the discovery rule is not enabled.
  3. Failed to import Management Pack, this may caused by references MPs are not imported to the management group, or sometime the proper referenced MPs are imported, but there may be incorrect typing in the XML file which defines the management pack.
  4. Runas account and Action account fail. If you change password for action account, you may also need to change the password everywhere the account is used in SCOM. For run as account, if the account does not have enough right to run some tasks, we may
  encounter errors. You may refer to the below link which take SQL mp for example:
  http://blogs.technet.com/b/kevinholman/archive/2010/09/08/configuring-run-as-accounts-and-profiles-in-r2-a-sql-management-pack-example.aspx
  Regards,
  Yan Li
  Regards, Yan Li

• Is Multiple Compliant VLAN Possible with NAP 802.1x Enforcement?

  Multiple Compliant VLANs for 802.1x NAP Enforcement
  <small class="single-by" style="font-family:Arial, Helvetica, sans-serif;font-size:0.9em;line-height:1.5em;color:#777777;text-transform:capitalize;"></small>
  Hello Dear,
  I am implementing NAP with 802.1x enforcement type. but it is an existing network where the organisation already has the network segmented into about 7 VLANs based on the departments in the organisation and the VLANs equally have IP interfaces on them (meaning
  they are subnets).
  By design NAP with 802.1x enforcement supports 2 VLANs: Compliant and Non-Compliant VLANs apart from the GuestVlan which the switch uses for 802.1x pre-authentication.
  In my test lab, authenticated clients are pushed to Compliant VLAN if they meet SHV set. Also,if they don’t meet the SHV they are moved to Non-Compliant VLAN.
  How do I apply this type of enforcement for multiple VLANs belonging to the organisation’s different Departments? Assuming I decide to create a single Non-Compliant VLAN this may cater for non-compliant clients but what VLAN among the 7 existing VLAN will compliant
  clients be pushed into?
  How will the switch know the VLAN a member of a particular department should be moved to since there are more than one Compliant VLAN assuming I configured ” NPS Network Policy” for more than one compliant VLAN?
  Please your help is very important.
  Thanks.
  Alex.

  Thanks Greg.
  That works. But I have two other big challenges:
  1st Challenge:
  I have close to 50 VoIP devices as well as printers that must be exempted from NAP and the position of the 802.1x enabled switch is such that it is the Distribution switch to which Access Switches tied to each VLANs are connected(each access switch connect
  to an authenticating port on the Distribution Switch) and IP Phones,data points and printers are then connecting to the Access Switches.  
  There is the limitation of how many MAC addresses can be exempted even when pattern matching is used in NPS(256 characters maximum) and this cannot cater for over 50 non-NAPcapable devices in this network. Should I create
  several exemption policies using the pattern matching to accommodate the 50+ non-NAPcapable devices? Please advise.
  2nd Challenge:
  In this existing Network, there are branch offices that communicate with this HQ over a dedicated WAN connection(NOT VPN over internet). Please how do I ensure routing communication between HQ and branches is not hampered at the introduction of 802.1x NAP
  enforcement at this HQ network? Your prompt response will be highly appreciated...
  Thanks a great deal.
  Alex.

• How is called the Services "OpsMgr Health Service" in the SCOM 2012 and Client machine?

  Hi,
  Can anybody tell me how is called the Services of OpsMgr Health Service in the SCOM 2012?
  I have installed the agent of scom2012 on my client computer. But I dont find any agent called "OpsMgr Health Service" on the Client machine?
  Regards

  Hi
  If you look in the services.msc window then it is listed as the System Center Management Service. This is the display name.
  The actual service name is HealthService
  Cheers
  Graham
  Regards Graham New System Center 2012 Blog! -
  http://www.systemcentersolutions.co.uk
  View OpsMgr tips and tricks at
  http://systemcentersolutions.wordpress.com/
  The Ayman answer is god, It is called "Microsoft Monitoring Agent"

• SCOM 2012 and AIX 6.1.0.0

  I am new to SCOM, and have been tasked with getting SCOM setup to monitor some AIX servers.  After the initial install, I did install the available AIX management packs, which included the 6.1 packs, show in the below screen shot.  Yet when I attempt
  to discover a system I am told it is AIX v. 6.1.0.0 and that it is unsupported.
  Can someone tell me what dumb thing I am missing here?

  The account I'm referring to is a Windows account not a UNIX/Linux account. This is the account you installed SCOM with and is configured as the 'Action Account'. It will look similar to the screen shot below but with your domain\account. Is this account
  a local administrator on the SCOM server itself?
  You can also search this directory and see if the agents got extracted from the MPB "C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server\Health Service State\Resources". Look for any *.gz files.
  Regards,
  -Steve

• SCOM 2012 and New-WebServiceProxy issue to access C:\Windows\Temp

  I am currently development management pack for data center equipment. This management pack connect to a WCF service (hosted as windows service on one of the management servers in the management group). WCF service works as intermediate layer between equipment
  and management pack. It connects to equipment and does following task periodically:
  1. Connect to equipment
  2. Generate inventory information from equipment
  3. Collect fault information
  4. Map inventory information to faults
  Management pack connects to WCF service and requests the inventory information, fault information etc. Following is the way to access WCF service.
  $wcfConnection = New-WebServiceProxy http://<fqdn of management server>:8732/DataCenterEquipmentService
  Now we use connection object to retrieve the data.
  $wcfConnection.GetFaults() will provide me fault data as XML and using MOM.ScriptAPI object we insert data to SCOM.
  Now the issue is when create WCF connection object, it throws errors:
  Could not load file or assembly 'file:///C:\Windows\TEMP\gjdtzucb.dll' or one of its dependencies. The system cannot find the file specified.
  This arbitrary dll file name is very random and every time it tries to make connection to WCF service, it throws random dll name.
  Please help me to resolve this issue.
  Thanks,
  -Mukul

  Hello Mukul, were you able to resolve this? I am getting the exact same error. Thanks.

• LabVIEW Touch Panel -- I can not get activesync to connect between the TPC-2012 and my XP workstation. There is no USB client connection on TPC-2012

  How do I get the TPC-2012 to connect to my workstation?  I have read all the hardware manuals, getting started manuals: nothing works.  The remote access using http://x.x.x.x/RemoteAdmin does not work.  I have tried to get the FTP service working using the instructions in "How do I configure the FTP server on tpc-2006 and TPC-2016" .  Active sync seems to want a USB connection only.  I have tried to connect a serial line between com1 on the TPC and com4 on my XP workstation with no results.
  I have been able to use the touch panel module with my iPAQ. It worked flawlessly the first time.  
  Help!
  Louis Prugh
  General Dynamics

  Hi David,
  thank you once again for your help.
  So when viewing your Local Area Connection>>Status
  you're seeing data packets sent but no packets received on your desktop
  machine? - Yes
  Is your desktop configured with a static IP address or is it
  configured to obtain an IP address automatically?I' ve tried both static IP address and that it obtain IP address automatically, I have also done it with the TPC.
  Also, does your TPC
  get a valid IP address when the connection to your desktop is present? - when TPC is set to obtain adress automatically it gets IP address and then after some time it loses it - it is set to 0.0.0.0, and then it obtains the IP adress again and so on.
  Can you provide the address, subnet, and gateway you're getting for
  both machines?- I've done it, but it didn'e help
  Also any firewall settings or exceptions you may have
  active if the firewall is enabled? - firewall is disabled
  I'd also like to know what
  modules and toolkits you do have installed on both the TPC - TPC is new and I haven't installed there anything.
  On my desktop - I have standard Labview 8.2,the real time module is installed. All I know, there are already drivers for TPC2012 in this LabView version. On the included CD I have only drivers for another TPCs.
  Thanks,
  Martin

• SCCM and SCOM 2012 R2 Databases on one box

  Our current situation is: About 150 Servers(VMware) and 600 windows 7 clients.
  SCCM 2007 and SQL 2008 on one box, and for SCOM 2007 we have a dedicated SQL2005 VM. All of them on W2K3R2 OS.
  Because of end of support for W2K3, we are not going to upgrade the servers.
  New situation is SCCM and SCOM 2012 R2 with SQL 2014 on W2k12R2. I'm considering to install one SQL 2014 server only for SCOM and SCCM. Would performance be an issue??
  I've read   http://www.hasmug.com/wp-content/uploads/2012/10/07-201210-Oct-SQL-Server-Optimization-and-Best-Practices-for-System-Center-Administrators-Kevin-Holman.pdf
  and other articles, but couldn't find info about the pro and cons having both SCOM and SCCM DB's on one SQL 2014 server
  Thanx

  Hi,
  Please refer to the following articles:
  SQL Instances and System Center 2012 (#SYSCTR #SQL #SCOM #SCCM #SCSM)
  http://www.systemcentercentral.com/sql-instances-and-system-center-2012-sysctr-sql-scom-sccm-scsm/
  SCOM 2012 and SQL Server Question
  https://social.technet.microsoft.com/Forums/systemcenter/en-US/fabf4318-4de6-4627-9f6d-71834ac2bcab/scom-2012-and-sql-server-question?forum=operationsmanagerdeployment
  Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• SCOM 2012 Design including DR

  I have been spending quite a bit of time researching HA in SCOM 2012 and have seen other posters being pointed in the direction of best practice docs etc but none seem to talk about hyper-v replica.  My initial implementation will consist of about 300
  servers to be monitored, the sizing tool recommends 2 MS and a single SQL server hosting the OPS and DW SQL DB.
  This seems a reasonable configuration but I need to incorporate a DR solution into this.  We have a Hyper-V 2008 cluster in DC1 which is replicated to DC2 which is out DR site.  I am proposing hosting all of the servers on the Hyper-V cluster,
  in the event of DC1 going down my plan is to bring the replicated servers up in DC2.
  Does this seem like a reasonable solution or am I missing something?  Are there any limitations to this design that I am not seeing or any problems I am likely to run into?
  Thanks

  A good idea is to backup the operational database daily, and ship that backup using whatever tool or process you want. If you care about historical data, then I suggest setting up log shipping or similar for the data warehouse database.
  In terms of DR for the MG, my preferred way to go about this is to have warm MS's in another DC, completely installed and ready to go. Depending on how "mission critical" monitoring is, this is about as good as it gets for DR. If monitoring is
  number 1 priority mission critical to your business, then I suggest 2 MG's - one in each DC - and multi-homing your Windows agents and monitoring all other devices (network, UNIX/Linux) from both MG's at all times. When one fails, there is literally no outage
  for those monitored instances in the DC that is still alive, and no additional DR procedures are really necessary in this case.
  In my experience, monitoring is not mission critical. This is not my opinion, but the opinion of all the organizations I've worked with. There is a cost to DR, and having a completely HA scenario with absolutely no down time for those instances that are
  still "alive", usually it simply isn't worth the cost and administrative overhead.
  A simple backup and move job of the operational database, and a "seed" management server in another DC is typically the design I would suggest.
  Jonathan Almquist | SCOMskills, LLC (http://scomskills.com)

• Update agent from SCoM 2007 to SCOM 2012

  Expets,
  We have SCOM 2007 R2 CU7on 1 server.
  we installed another single SCOM 2012 r2 on another server.
  when i push the agent from the SCOM 2012 to machine still monitored by SCOM 2007, the machine appear in pending management under device management under  setting
  tab
  but when i remove the SCOM 2007 manualy, there is no problem and the installing of SCOM 2012 agent done successfully
  any way to make SCOM 2012 agent automatically without remove SCOM 2007 agent ?
  Ahmad Samir | MCSE 2003 | MCTS: Exchange 2010, MCTS: Lync 2010. MCTS: SCOM 2007

  Hi,
  If SCOM 2012 and SCOM 2007 R2 belong to the same management group, then you are trying to make your agents multi-homing, and if so, just discovery them and push agent to them should work.
  Here is a similar thread, please go through it:
  http://social.technet.microsoft.com/Forums/en-US/c6d15d7f-1779-47ea-a437-bc6ab00e2f64/upgrading-scom-2007-r2-to-scom-2012?forum=operationsmanagergeneral
  And we may need to logon to one agent and check its event viwer for operation manager log for more details.
  Regards,
  Yan Li
  Regards, Yan Li

• SCOM 2012 - Additional Management Server - Database not Found (no errors)

  Hello,
  I am installing a second management server (SCOM 2012) and am running into an issue connecting to the existing database. 
  I selected Add a Management server to an existing management group.
  On the installer page Configuration/Configure the Operational Database, I enter the sql server name (fqdn) just as I did on the first management server (i took screenshots of the entire install so I could verify what I am
  doing). Then the installer takes over for a second to verify the server information.  There are no errors but the Database Name is blank, no choices in the drop down, nothing auto-populated.
  If I put an incorrect server name in there is an error (as is expected).  The port I am connecting on is the same one as the first management server: 1433.
  The servers are both running Windows Server 2008 R2 (64bit).  They were both created from the same template at the same time.
  I used the ODBC Data Source Administrator to test a connection to the SQL server from the Additional Management Server and the test completed successfully.
  I checked in the Operations Console to see if there was an entry in the Management Servers list for this second server and there is only the First management server listed there.
  Please let me know if you have any suggestions as to how I can see the database names when the server conneciton is not failing.  Thanks in advance.
  Zach

  Hi,
  Are the accounts permissions correct? Are you using the same account you used installing the first management server and is it a local admin on the 2nd management server?
  If all the above can be answered with yes please check if the 2nd management server is already known inside OpsMgr. If it is delete it from here and try again.
  You can also check the OpsMgrSetup.log for more detailed information.
  Your problem might be a known one:
  http://social.technet.microsoft.com/Forums/en-US/operationsmanagerdeployment/thread/25b05b2f-dd90-44e5-a5cb-c51c9e4944d2
  Hope this helps,

• SCOM 2012 Alerts for Ping Network Device

  Hi
  I have SCOM 2012 and configure Rule for Ping my Network Device.
  My question is, How to Configure Alert for send mail when timeout is detected on Rule?. Step by step documentation? I see tab Alerts on the monitor but Generate Alerts option is greyed out. 
   thanks.

  More info:
  How to test email notification settings in Operations Manager
  https://support.microsoft.com/kb/934756?wa=wsignin1.0
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• SCOM 2012 with SCDPM 2012 MP

  We've SCOM 2012 (without R2...). We need to deploy SCDPM 2012 R2 Management Pack.
  My questions are:
  1) Is it necessaty deploy SCDPM 2012 R2 central console on SCOM Server?
  2) What are the benefits of deploying SCDPM 2012 R2 console?
  3) Is there a problema with SCOM 2012 and SCDPM 2012 R2 central console?
  4) If I've 4 SCOM servers...Must I deploy SCDPM central console on all SCOM servers ??
  Thanks

  Install the DPM Central Console on the OpsMgr Management Server
  Central Console is a System Center 2012 Operations Manager console that can be deployed to manage and monitor multiple System Center 2012 – Data Protection Manager (DPM) servers from a single location
  No, it must working.
  No, it not necessary to deploy on all servers
  http://www.systemcentercentral.com/quicktricks-where-are-the-dpm-2012-management-packs-scom-scdpm-sysctr/
  Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
  Mai Ali | My blog: Technical | Twitter:
  Mai Ali

• SCOM 2012

  Hi;
  I had added the 3 set of servers in scom 2012 and all of them are showing healthy in management server. But when I am
  trying to pull report for cpu & memory, these servers are not showing under "Add Group" / "Add Object" tabs. Refer the below snip.                                                         Should
  I need to add these servers under any particular group. I can able to pull the reports for other servers. pls guide me or assit if any thing had gone wrong while configuration or adding these servers in group.
  Regards, Rajeev Parambil

  Hi
  If you take the filter out does it show your server?
  Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.