SCOM 2012 Gateway fails to communicate - Certificate Problem?

Hello SCOM Guru's
I wonder if someone out there may be able to help.
I have two (non-trusted) domains - both hosted in
Azure. See graphic below (a picture paints a thousand words!)
Just to put some context around the diagram - I have a two domains, the left-hand side contains the SCOM MS and the right-hand side is a non-trusted domain hosting the SCOM GW. The idea is that I want computers (agents) from the right-hand side domain to
be able to talk back to the SCOM MS vai the SCOM GW.
In a nutshell I have followed some great 'how to' guides - for instance:
http://blogs.technet.com/b/pfesweplat/archive/2012/10/15/step-by-step-walkthrough-installing-an-operations-manager-2012-gateway.aspx
After hours of messing around I still cannot get my Gateway Server to talk successfully back to the SCOM Management Server in the other domain. I have deployed my own Certificate Authority and followed documentation to put the relevant Certs on both
servers. I have checked all Certs and they report 'The certificate is OK'.
Also I can confirm that the MOMCertImport tool was run on both the SCOM MS and SCOM GW server (I did the MS 1st and GW 2nd) - both returned a 'Success' cmd prompt. I have also rebooted both servers - to restart all relevant SCOM Services.
On the Azure VMs I have allowed TCP 5723 on both servers. Additionally, the SCOM MS can resolve the SCOM GW server in the other domain via a HOSTS file entry (and vice-versa). I have tested connectivity using
telnet <FQDN> 5723 (both ends seem to connect). No internal Windows Firewalls are enabled on any servers.
The cluster of errors reported by the
SCOM Gateway server are (first to last):
20057: Failed to initialize security context for target MSOMHSvc/SCOM-01.DOMAIN.local The error returned is 0x80090303(The specified target is unknown or unreachable). This error can apply to either the Kerberos or the SChannel package.
21001: The OpsMgr Connector could not connect to MSOMHSvc/SCOM-01.DOMAIN.local because mutual authentication failed. Verify the SPN is properly registered on the server and that, if the server is in a separate domain, there is a full-trust
relationship between the two domains
20071: The OpsMgr Connector connected to SCOM-01.DOMAIN.local, but the connection was closed immediately without authentication taking place. The most likely cause of this error is a failure to authenticate either this agent or the
server . Check the event log on the server and on the agent for events which indicate a failure to authenticate.
The same events repeat every 15 mins in the Operations Manager event log - and thus the SCOM Gateway remains 'Not Monitored'.
I don't get any relevant Events logged from the SCOM MS side - I guess cos it's not even got that far / authenticated?
I'm sure this is a Certificate type of problem but I'm really not sure where I go from here - any suggestions?
Many thanks
Darren

Hi,
Check this post:
Solving the Gateway 20071 event
http://michelkamp.wordpress.com/2012/01/05/solving-the-gateway-20071-event/
and this: Event ID 21001 and 20057 on SCOM agents - duplicate SPN:
http://blogs.technet.com/b/kevinholman/archive/2011/08/08/opsmgr-2012-what-should-the-spn-s-look-like.aspx
Similar answer has been provided by DKTOA Here:
https://social.technet.microsoft.com/forums/systemcenter/en-US/05019b70-73a3-4a37-993b-66b607f3c222/scom-2012-gateway-server-isses-20057-21001-20071-ids
Did it solve your problem?
Regards
Jure
Jure Labrovic | Blog

Similar Messages

Difference between Scom 2007 and Scom 2012 Gateway server setup.

Hi All,
Greetings!!
I would like to know the differences for gateway server setup in Scom 2007 and 2012 versions..
Are there any changes in the data collection or in the configuration? and also the prerequisites for it.
Please let me know these info..
Regards,
Gokul

There is no great different in settng up gateway server in SCOM 2007 R2 and SCOM 2012. As summary, it requires
1.Request certificates.
2. Import those certificates into the target computers by using the MOMCertImport.exe tool.
3. Distribute the Microsoft.EnterpriseManagement.GatewayApprovalTool.exe to the management server.
4. Run the Microsoft.EnterpriseManagement.GatewayApprovalTool.exe tool to initiate communication between the management server and the gateway
5. Install the gateway server.
However, the prerequisites has different between SCOM 2007 R2 and SCOM 2012
SCOM 2007 R2 gateway server support folloiwng OS
Windows Server 2003 Standard Edition with Service Pack 1 (SP1)
Windows Server 2003 Standard Edition with Service Pack 2 (SP2)
Windows Server 2003 Standard x64 Edition with SP1 or SP2
Windows Server 2003 Enterprise Edition with SP1
Windows Server 2003 Enterprise Edition with SP2
Windows Server 2003 Enterprise x64 Edition with SP1 or SP2
Windows Server 2003 R2 Standard Edition with SP1 or SP2
Windows Server 2003 R2 Standard x64 Edition with SP1 or SP2
Windows Server 2003 R2 Enterprise Edition with SP1 or SP2
Windows Server 2003 R2 Enterprise x64 Edition with SP1 or SP2
Windows Server 2008 Standard 32-Bit with SP1 or SP2
The 64-bit edition of Windows Server 2008 Standard with SP1 or SP2
Windows Server 2008 Enterprise 32-Bit with SP1 or SP2
The 64-bit edition of Windows Server 2008 Enterprise with SP1 or SP2
Windows Server 2008 Datacenter 32-Bit with SP1 or SP2
The 64-bit edition of Windows Server 2008 Datacenter with SP1 or SP2
Windows Server 2008 R2
Windows Server 2008 R2 with SP1
SCOM 2007 R2 gateway server
CPU :2.8 GHz or faster
Memory: 2 GB of RAM or more
available Space: 20 GB of available hard disk space
NET Framework 2.0
Microsoft Core XML Services (MSXML) 6.0
SCOM 2012 Gateway server
Disk space: %SYSTEMDRIVE% requires at least 1024 MB free hard disk space.
Server Operating System: must be Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 Core Installation or Windows Server® 2012 R2.
Processor Architecture: must be x64.
Windows PowerShell version: Windows PowerShell version 2.0, or Windows PowerShell version 3.0.
Microsoft Core XML Services (MSXML) version: Microsoft Core XML Services 6.0 is required for the management server.
.NET Framework 4 is required if the Gateway server manages UNIX/Linux agents or network devices.
Roger

SCOM 2012 Installation fails while deploying Datawarehouse

Hi All,
I have a strange issue, My SCOM 2012 installation fails during Datawarehouse deployment. (This setup is not SCOM 2012 SP1 OR 2012 R2 it is just SCOM 2012)
When i check the SCOM installation logs it says it tried to connect to my Management server and it could not open Port 5724.
During the installation i checked that the SDK Service was stopping frequently and also a Visual studio debugger popup also occured. Can any one assist in solving the issue ?
Screenshots:
Error logs
Microsoft.EnterpriseManagement.OperationsManager.Setup.ReportingComponent.GetExistingManagementServerFromOMDB(String omSQLServer, Nullable`1 omSqlPort, String omDatabaseName, String& firstWorkingManagementServer)
[01:08:57]: Error:
:Inner Exception.Type: System.ServiceModel.EndpointNotFoundException, Exception Error Code: 0x80131500, Exception.Message: Could not connect to net.tcp://My management server:5724/DispatcherService. The connection attempt lasted for a time span of 00:00:03.0079280.
TCP error code 10061: No connection could be made because the target machine actively refused it 172.17.221.45:5724.
[01:08:57]: Error:
:InnerException.StackTrace:
Server stack trace:
at System.ServiceModel.Channels.SocketConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
at System.ServiceModel.Channels.BufferedConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.EnterpriseManagement.Common.Internal.IDispatcherService.Connect(SdkClientConnectionOptions connectionOptions)
at Microsoft.EnterpriseManagement.Common.Internal.SdkDataLayerProxyCore.Initialize(EnterpriseManagementConnectionSettings connectionSettings, SdkChannelObject`1 channelObjectDispatcherService)
at Microsoft.EnterpriseManagement.Common.Internal.SdkDataLayerProxyCore.CreateEndpoint[T](EnterpriseManagementConnectionSettings connectionSettings, SdkChannelObject`1 channelObjectDispatcherService)
[01:08:57]: Error:
:Inner Exception.Type: System.Net.Sockets.SocketException, Exception Error Code: 0x80131500, Exception.Message: No connection could be made because the target machine actively refused it 172.17.221.45:5724
[01:08:57]: Error:
:InnerException.StackTrace: at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.Connect(EndPoint remoteEP)
at System.ServiceModel.Channels.SocketConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
[01:08:57]: Always:
:Management Server My management server failed to connect, now trying another one.
[01:08:57]: Warn:
:Failed to connect to any SDK in the management group, trying again
[01:09:17]: Info:
:Info:trying to connect with server My management server
[01:09:26]: Info:
:Info:Error while connecting to management server: The Data Access service is either not running or not yet initialized. Check the event log for more information.
[01:09:26]: Error:
:Couldn't connect to mgt server stack: : Threw Exception.Type: Microsoft.EnterpriseManagement.Common.ServiceNotRunningException, Exception Error Code: 0x80131500, Exception.Message: The Data Access service is either not running or not yet initialized.
Check the event log for more information.
[01:09:26]: Error:
:StackTrace: at Microsoft.EnterpriseManagement.Common.Internal.ExceptionHandlers.HandleChannelExceptions(Exception ex)
at Microsoft.EnterpriseManagement.Common.Internal.SdkDataLayerProxyCore.CreateEndpoint[T](EnterpriseManagementConnectionSettings connectionSettings, SdkChannelObject`1 channelObjectDispatcherService)
at Microsoft.EnterpriseManagement.Common.Internal.SdkDataLayerProxyCore.ConstructEnterpriseManagementGroupInternal[T,P](EnterpriseManagementConnectionSettings connectionSettings, ClientDataAccessCore clientCallback)
at Microsoft.EnterpriseManagement.Common.Internal.SdkDataLayerProxyCore.RetrieveEnterpriseManagementGroupInternal[T,P](EnterpriseManagementConnectionSettings connectionSettings, ClientDataAccessCore callbackDispatcherService)
at Microsoft.EnterpriseManagement.Common.Internal.SdkDataLayerProxyCore.Connect[T,P](EnterpriseManagementConnectionSettings connectionSettings, ClientDataAccessCore callbackDispatcherService)
at Microsoft.EnterpriseManagement.ManagementGroup.InternalInitialize(EnterpriseManagementConnectionSettings connectionSettings, ManagementGroupInternal internals)
at Microsoft.EnterpriseManagement.OperationsManager.Setup.ReportingComponent.GetExistingManagementServerFromOMDB(String omSQLServer, Nullable`1 omSqlPort, String omDatabaseName, String& firstWorkingManagementServer)
[01:09:26]: Error:
:Inner Exception.Type: System.ServiceModel.EndpointNotFoundException, Exception Error Code: 0x80131500, Exception.Message: Could not connect to net.tcp://My management server:5724/DispatcherService. The connection attempt lasted for a time span of 00:00:03.0040216.
TCP error code 10061: No connection could be made because the target machine actively refused it 172.17.221.45:5724.
[01:09:26]: Error:
:InnerException.StackTrace:
Server stack trace:
at System.ServiceModel.Channels.SocketConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
at System.ServiceModel.Channels.BufferedConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Microsoft.EnterpriseManagement.Common.Internal.IDispatcherService.Connect(SdkClientConnectionOptions connectionOptions)
at Microsoft.EnterpriseManagement.Common.Internal.SdkDataLayerProxyCore.Initialize(EnterpriseManagementConnectionSettings connectionSettings, SdkChannelObject`1 channelObjectDispatcherService)
at Microsoft.EnterpriseManagement.Common.Internal.SdkDataLayerProxyCore.CreateEndpoint[T](EnterpriseManagementConnectionSettings connectionSettings, SdkChannelObject`1 channelObjectDispatcherService)
[01:09:26]: Error:
:Inner Exception.Type: System.Net.Sockets.SocketException, Exception Error Code: 0x80131500, Exception.Message: No connection could be made because the target machine actively refused it 172.17.221.45:5724
[01:09:26]: Error:
:InnerException.StackTrace: at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.Sockets.Socket.Connect(EndPoint remoteEP)
at System.ServiceModel.Channels.SocketConnectionInitiator.Connect(Uri uri, TimeSpan timeout)
[01:09:26]: Always:
:Management Server My management server failed to connect, now trying another one.
[01:09:26]: Warn:
:Failed to connect to any SDK in the management group, trying again
[01:09:46]: Error:
:Error:Could not connect to management group. Can not continue with DW upgrade...
[01:09:46]: Info:
:Info:got MG connection
[01:09:46]: Error:
:Error:Could not connect to management group. Cannot continue with current action...
[01:09:46]: Error:
:FATAL ACTION: GetManagementGroup
[01:09:46]: Error:
:FATAL ACTION: DWInstallActionsPostProcessor
[01:09:46]: Error:
:ProcessInstalls: Running the PostProcessDelegate returned false.
[01:09:46]: Always:
:SetErrorType: Setting VitalFailure. currentInstallItem: Data Warehouse Configuration
[01:09:46]: Error:
:ProcessInstalls: Running the PostProcessDelegate for OMDATAWAREHOUSE failed.... This is a fatal item. Setting rollback.
[01:09:46]: Info:
:SetProgressScreen: FinishMinorStep.
[01:09:46]: Always:
:!***** Installing: OMCONSOLE ***
[01:09:46]: Info:
:ProcessInstalls: Rollback is set and we are not doing an uninstall so we will stop processing installs
[01:09:46]: Always:
[01:09:46]: Always:
:****Starting*RollBack*******************************************
[01:09:46]: Always:
[01:09:46]: Info:
:SetProgressScreen: StartMinorStep.
[01:09:46]: Info:
:SetProgressScreen: StartMinorStep.
[01:09:46]: Debug:
:ProcessInstalls: Install Item Data Warehouse Configuration has a Preprocessing delegate of RunXamlPreProcessor. Launching it now.
[01:09:46]: Always:
:Determining actions to be run.
[01:09:46]: Always:
:Done validating action list; now running individual actions.
[01:09:46]: Always:
:Current Action: UninstallPrePreprocessor
[01:09:46]: Info:
:UninstallPrePreprocessor completed.
[01:09:46]: Always:
:Current Action: UpgradePreprocessor
[01:09:46]: Info:
:UpgradePreprocessor completed.
[01:09:46]: Always:
:LaunchExeSetup: Launching E:\SCOM setups\SCOM 2012\Setup\AMD64\SetupInstallItem.exe with arguments:
[01:09:46]: Info:
:SetProgressScreen: Init Exe Install progress.
[01:09:47]: Always:
:LaunchExeSetup: Install return value was: 0
[01:09:47]: Info:
:CheckPointPassed is removing the Rollback property as this is an uninstall.
[01:09:47]: Always:
:SetErrorType: Setting VitalFailure. currentInstallItem: Data Warehouse
Gautam.75801

Hi All,
So i got the actual commands to register the SPN. So the above were wrong. Hope the below is useful for some one if the face the above issue.
In Windows Server 2008R2 – the command is SETSPN –A. In WS2012, it changed to SETPSPN –S which checks for duplicates before it allows you to create them.
Legend: SCOM Server - SCOMSVR.Contoso.com
DNS Domain: Contoso.com
SDK Account: SDKSVC
To add SPN for the SDK Service:
===================================
In Win2k 12
setspn -S MSOMSdkSvc/SCOM Server FQDN Domain\SDK Account name
setspn -S MSOMSdkSvc/SCOM Server name without FQDN Domain\SDK Account name
Ex: setspn -S MSOMSdkSvc/SCOMSVR.Contoso.com Contoso\SDKSVC
setspn -S MSOMSdkSvc/SCOMSVR Contoso\SDKSVC
In Win2k8
setspn -A MSOMSdkSvc/SCOM Server FQDN Domain\SDK Account name
setspn -A MSOMSdkSvc/SCOM Server name without FQDN Domain\SDK Account name
Ex: setspn -A MSOMSdkSvc/SCOMSVR.Contoso.com Contoso\SDKSVC
setspn -A MSOMSdkSvc/SCOMSVR Contoso\SDKSVC
To verify the SPN's
============================
1. setspn -L MS Host name without FQDN
Ex: setspn -L SCOMSVR
2. setspn -L Domain\DSK Action account
Ex: setspn -L Contoso\SDKSVC
Post entering the above commands you should see the entries of the Healthservice and not the entries of the SDK Service.
1. If you are are using a Domain account for SDK / DAS then that entry should not appear when execute the command “setspn -L SCOMSVR”. Where SCOMSVR is the name of the MS and it should be without FQDN.
Example: The below entry should not appear when you enter setspn -L SCOMSVR
MSOMSdkSvc/SCOMSVR
MSOMSdkSvc/SCOMSVR.contoso.com
If you get the above entries for "setspn -L SCOMSVR" then you need to delete and re add the SPN again and re check.
If you get Duplicate entries the below post entering "setspn -L Contoso\SDKSVC" then you need to delete the duplicate entries and re add the SPN again and re check.
Ex: MSOMSdkSvc/SCOMSVR
MSOMSdkSvc/SCOMSVR.contoso.com
MSOMSdkSvc/SCOMSVR.contoso.com
MSOMSdkSvc/SCOMSVR
To delete a SPN if required:
===============================
setspn -D MSOMSdkSvc/SCOM MS FQDN Hostname without FQDN Hostname
setspn -D MSOMSdkSvc/Hostname without FQDN Hostname without FQDN again
Ex: setspn -D MSOMSdkSvc/SCOMSVR.Contoso.com SCOMSVR
setspn -D MSOMSdkSvc/SCOMSVR SCOMSVR
Reference used : http://blogs.technet.com/b/kevinholman/archive/2011/08/08/opsmgr-2012-what-should-the-spn-s-look-like.aspx
Gautam.75801

SCOM 2012 SP1 failed to send notifications by IM Channel

Hello, I have a problem with my SCOM 2012 SP1. When it tries to send notification by IM Channel I get the following alert in SCOM:
Notification subsystem failed to send notification using
device/server 'live.august.ru:5060' over 'sip' protocol to
'sip:[email protected]'.
Microsoft.Rtc.Signaling.OperationFailureException: The GetInbandDataAsyncResult
operation has failed with message: "The data session subscription to server
failed.". See the InnerException and FailureReason properties as well as the
logs for additional information. . Rule id:
Subscription077dc311_59c0_4ba5_a432_072b486cd287
At the same time the following event in the Application Event Log generates on the server with IM service:
Event Type: Warning
Event Source: Live Communications Server Authentication
Event Category: (1003)
Event ID: 16435
User: N/A
Computer: LCS
Description:
At least one invalid authentication signature was detected.
There were 2 messages with invalid signatures in the last 7112 minutes. The last one had the FROM header: sip:[email protected]
Cause: This could be due to a client or server which is not handling authentication correctly, or it could be due to an attacker.
Resolution:
None needed unless the failure count is high (>100). Check your network for any rogue clients. Restart the server if problem persists.
Notifications sent by the SMTP channel work fine!
I Have the following Servers:
LCS (live.august.ru) - Win 2003 EE SP2 + Live Communication Server 2005 SP1
SCOM - Win 2012 + SCOM 2012 SP1
Also I have a third server (Win 2003 + SCOM 2007 R2) and it sends notifications to the same VMLCS server successfully. The configurations of IM Channels are identical on both servers:
IM server: live.august.ru
Return address: sip:[email protected]
Protocol option: TCP
Authentication method: Kerberos
IM port: 5060
I tried to change the Authentication method to NTLM, and the port to 5061, but it doesn't help...

Hi,
Please refer to these following articles to configure IM channel correctly:
How to Create and Configure the Notification Action Account
http://technet.microsoft.com/en-us/library/hh212835.aspx
How to Enable an Instant Message Notification Channel
http://technet.microsoft.com/en-us/library/hh212690.aspx
Enabling Instant Messaging Notifications in System Center 2012 Operations Manager
http://opsmgrunleashed.wordpress.com/2012/02/24/enabling-instant-messaging-notifications-in-system-center-2012-operations-manager/
Alex Zhao
TechNet Community Support

SCOM 2012 Reporting Fails During Install

I am having issues installing the Reporting Module for SCOM 2012. Here is my environment:
Stand-alone SQL server with SQL 2012 (Default Instance and only is used for SCOM)
Reporting Services Installed and I am able to browse to the URL
Reader Account has access to both servers and both Report/OPM databases.
Stand-alone Management Server
Everything is running fine.
When I go to install Reporting on the SQL Server it fails during the Configuring Security phase and here are the logs:
Error:All retrys failed!!. Message:SetSRSSecurity Exception, now throwing:Cannot stop ReportServer service on computer '.'.
Error: :SetSRSSecurity failed: Threw Exception.Type: System.InvalidOperationException, Exception Error Code: 0x80131509, Exception.Message: Cannot stop ReportServer service on computer '.'.

I also see this error:
[12:50:50]: Error:
:StackTrace: at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Microsoft.EnterpriseManagement.OperationsManager.Setup.ReportingConfigurationHelper.ReportingConfiguration.ModifySRSServiceAccount(String userName, String userPassword, String sqlSRSServer, String srsServiceName, String sqlServerForSRSDatabase,
String srsDBName)
[12:50:50]: Warn:
:Message:SetSRSSecurity Exception Exception: The specified @job_name ('F5DDC431-93E3-41CF-8913-00EDFD457F99') does not exist.
The specified @job_name ('3AA30844-4417-479D-80EF-059C9CAAF84D') does not exist.
The specified @job_name ('A65C33A6-DC11-44AA-B8AD-077A7D94213D') does not exist.
The specified @job_name ('C9192EB7-87D8-475D-9826-100AF193F33F') does not exist.
The specified @job_name ('410DA81B-318F-4BD8-AA5B-14AC61AC82C3') does not exist.
The specified @job_name ('E26B57B7-72CE-449F-AA19-19B192CD10C0') does not exist.
The specified @job_name ('FF9BC31C-E6F9-4987-ABBC-1C20D41E0A7D') does not exist.
The specified @job_name ('BBE14DB5-E183-4F05-AC45-1CD147DD72BE') does not exist.
The specified @job_name ('D69172E5-4FD6-4FF2-9F98-1FA57C98B6B5') does not exist.
The specified @job_name ('566D3953-B305-43EC-9C08-2FA53CABA2FE') does not exist.
The specified @job_name ('B3D9B9B3-9C8A-4109-884B-36899D560A9B') does not exist.
The specified @job_name ('B47669F4-54A5-4F78-AEF4-40A9F40D9BC6') does not exist.
The specified @job_name ('97FA149B-5275-4A4D-A3C8-4E69B20C0D92') does not exist.
The specified @job_name ('86AEBFB5-CAA3-4D2A-859F-4E751B660257') does not exist.
The specified @job_name ('FE970B3F-D021-46A2-8387-4E989590A86D') does not exist.
The specified @job_name ('D6C2E45D-E677-4F2B-81AA-5103FB8E1B92') does not exist.
The specified @job_name ('7412F626-CAD9-48BE-8211-5145A3F51085') does not exist.
The specified @job_name ('17838236-691B-49D7-AD7C-553B1886AB58') does not exist.
The specified @job_name ('5445E14F-A22C-4014-9EB8-55C8BAF5A061') does not exist.
The specified @job_name ('C914C932-C350-404D-9CF4-575D108DDA82') does not exist.
The specified @job_name ('CB87B0AD-069A-4F07-BB62-580FBEF5C31B') does not exist.
The specified @job_name ('BC838396-DFE1-4BC5-8D24-58B194A7214E') does not exist.
The specified @job_name ('D58C71E8-A821-4A73-A0A7-5F5080BC6730') does not exist.
The specified @job_name ('49F42A35-15DA-4C9E-A95B-66F4040E139F') does not exist.
The specified @job_name ('F4F9400D-1212-4DD6-AAFF-671192BF2B25') does not exist.
The specified @job_name ('F0EFEFAA-F2D5-494E-B97E-6D075AC17F2F') does not exist.
The specified @job_name ('0721E6DF-0209-4874-B473-70E5026E8FF2') does not exist.
The specified @job_name ('B2AECE06-0F8F-4C5D-A04E-8148D8F6C255') does not exist.
The specified @job_name ('A9813C14-FB76-4461-80B9-8350CBE9E5BB') does not exist.
The specified @job_name ('71ABB496-3F2E-4D8D-8551-8650DBC45721') does not exist.
The specified @job_name ('EF1AAD40-47DA-41A2-A9F6-87A6AE140BB3') does not exist.
The specified @job_name ('B887666E-E580-427C-ADBA-8B605561E8E9') does not exist.
The specified @job_name ('A19772C9-CA88-455C-9CA7-8E11F960BB84') does not exist.
The specified @job_name ('CAFFEA4E-AE64-4B5F-9129-913272C5251D') does not exist.
The specified @job_name ('826AF562-C9D2-461B-AEEB-91B64FF3003A') does not exist.
The specified @job_name ('09458F97-C2ED-46B5-BB8E-91C4C54C22B4') does not exist.
The specified @job_name ('021AA26B-62EA-4C38-8ACF-975CE6B33FAD') does not exist.
The specified @job_name ('33EA5BB5-35A7-442F-8635-9FE560EDABBE') does not exist.
The specified @job_name ('E7405185-56A5-4C46-87AB-A1FA9FA4271B') does not exist.
The specified @job_name ('CEDDD21A-2E75-4BA6-BA99-A4E5B79073BC') does not exist.
The specified @job_name ('8A6E115B-616F-46D6-9A94-A7C22C94D11C') does not exist.
The specified @job_name ('30A0182B-0A70-4D33-A62F-AB277ABC4D63') does not exist.
The specified @job_name ('5B252CA0-FCFF-49FA-8B40-AD6667B345A1') does not exist.
The specified @job_name ('D0007E85-046E-4264-933A-AF662B8FECF7') does not exist.
The specified @job_name ('D1835177-4454-44C0-8134-B080AFD99B52') does not exist.
The specified @job_name ('B02F7A14-A658-420D-A2B0-B18577080FDD') does not exist.
The specified @job_name ('7CD641D9-C2C3-4907-88F9-BAED4FA93AAF') does not exist.
The specified @job_name ('23241CD1-4317-42EA-887E-C3F7441645D7') does not exist.
The specified @job_name ('9AB583BC-94AA-49BB-B4E4-CACE094A2764') does not exist.
The specified @job_name ('31EAC604-0DF5-4A9C-B510-CD6BEF72B608') does not exist.
The specified @job_name ('8412C87D-CC61-4FA0-9804-CFC8528DB66E') does not exist.
The specified @job_name ('314FBBDC-013B-4742-B65B-D122968AF014') does not exist.
The specified @job_name ('002B780F-351F-4345-9D97-D3DD370E2317') does not exist.
The specified @job_name ('F21C6C3D-5219-4917-BF29-D5AA1B315565') does not exist.
The specified @job_name ('34FCE497-498B-47EE-9A8B-D8EC2CFEC3AA') does not exist.
The specified @job_name ('1B356BC7-8300-4A6A-8E66-E036C1053C47') does not exist.
The specified @job_name ('6C94A462-3025-46AC-BD67-E7575ABBA4D9') does not exist.
The specified @job_name ('A79F3134-A3BC-470F-8D6C-F457C6114EBA') does not exist.

SCOM 2012 Gateway servers certificates

Hi,
We have 2 datacenters in different location but in same forest and no firewall exist and with full trust. we have one management servers in one datacenter and we are planning to deploy gateway servers in another another datacenter due to bandwidth
issue between datacenters. Do we need to have PKI or certificates to deploy gateway servers if management server is in same forest but different domain with full trust and no firewall.
Regards,
Bunny

Hi,
If there is a full trust between the domains there is no need for certificates to enable connection between GW and MS.
You could also refer to this TechNet article:
http://technet.microsoft.com/en-us/library/hh212823.aspx
Cheers,
Christoph
Blog: http://blog.cmaresch.at/ Twitter:
LinkedIn:
XING:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

DFS Replication doesn't work. Windows server 2012. Failed to communicate with partner. Error 5012.

Hi! I really confused with this error. I created replication group within two servers - AD domain controller and File server. I just want to migrate some files from AD domain controller to FS. But synchronization doesn't work. I get the error
- DFS Replication cannot replicate with partner <server name> for replication group <domain>\<name space>\<share>. The partner did not recognize the connection or the replication group configuration. The DFS Replication service used
partner DNS name MyDCName, IP address <the server ip>, and WINS address <server name> but failed with error ID: 9026 (The connection is invalid). Event ID: 5012
It seems my DC doesn’t accept connection from FS. I checked network, permissions and other settings which are mentioned in this article.
http://social.technet.microsoft.com/Forums/en-US/953be9ef-e9e3-4885-a5c4-47fc475ba562/dfs-is-not-working-anymore?Thread%3A953be9ef-e9e3-4885-a5c4-47fc475ba562=Microsoft.Forums.Data.Models.Discussion&ThreadViewModel%3A953be9ef-e9e3-4885-a5c4-47fc475ba562=Microsoft.Forums.CachedViewModels.ThreadPageViewModel&forum=winserverfiles
But nothing happens. Replication still doesn’t work. Please, help me with this. May be there is a check list to solve this problem? Thank you.

Check this ; https://social.technet.microsoft.com/wiki/contents/articles/1205.dfsr-event-5012-dfs-replication.aspx
Arnav Sharma | Facebook |
Twitter Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members
reading the thread.

Deploy SCOM 2012 R2 Agents to Domain Servers on Perimeter Network using SCOM Gateway on different Domain

Hi, I have a bit odd situation on a SCOM 2012R2 deployment.
I have a MS on the internal network, and a Gateway Server on the perimeter network. Each server is connected to different Active Directory Forests and there are no trust relationships between them. I configured the communication between the two using certificates.
I have already connected some servers through the Gateway using certificates because there are on Workgroups, they are already approved on the MS and reporting their status.
However, I have some servers that are member servers of the internal AD domain but are located on the perimeter network.
So I've tried to configure one of them for testing to connect to the Gateway Server using a certificate using manual agent installation. Initially it didn't report on the SCOM, but then I ran the get-scompendingmanagement and saw that it showed there,
so I ended up approving the agent using Powershell and then it was reported on the Console as "Not Monitored"
First the agent was running as local system and then tried using a local admin account on the server, neither options have worked.
I get the following errors:
The OpsMgr Connector connected to scomgateway.externaldomain.com, but the connection was closed immediately after authentication occurred. The most likely cause of this error is that the agent is not authorized to communicate with the server, or the
server has not received configuration. Check the event log on the server for the presence of 20000 events, indicating that agents which are not approved are attempting to connect.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
OpsMgr was unable to set up a communications channel to scomgateway.externaldomain.com and there are no failover hosts. Communication will resume when scomgateway.externaldomain.com is available and communication from this computer is allowed.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Is this configuration possible? Or do I need to open communication ports from the agents to the MS inside the corporate network and not use the Gateway?
Any ideas if someone else has done this are appreciated.
Thank you.
Regards.
Eduardo Rojas

I'm sorry, maybe I didn't explained myself correctly, I already have the gateway up and running with some Workgroup machines connected to it using certificates, so the Gateway is indeed working. These Workgroup machines are in fact reporting back to the
Management Server on the internal network through the Gateway.
My problem is with Domain Member machines that are on the perimeter network. This machines are joined to the Active Directory inside the corporate firewall, not the Active directory from the perimeter network (where the Gateway is joined). So my question
is, can I connect these machines through the Gateway (even if the Gateway is on a different domain) or do I need to open ports and connect them directly to the management server (which is on the same active directory domain)?
Let me know if I made myself clear.
Thank you.
Regards.
Eduardo Rojas

SCOM 2012 R2 Gateway installation error and no System Center Management server after install

Hi,
I have installed SCOM 2012 R2 Gateway and I got an error 25372 error at the start of the install. It still installs though. However I have no system center management service running in services but I can see healthservice.exe is running.
Why am I not seeing the system center management service?
Thanks.

Using gateways with certificates is always a bit complicated because there are several things that needs to be configured correctly.
DNS: The MS and the GW server need to be able to resolve each others FQDN. you can adjust the hosts files if needed.
Traffic is only TCP 5723 from the gateway to the MS. You can test this with the telnet client.
Certificates:
http://marthijnvanrheenen.wordpress.com/2012/03/28/scom-2012-connecting-a-gateway-server-using-certificates/
The gateway server should NOT be in pending management. Remove it from here before running the approval.
You should start by making sure DNS and the 5723 port are functioning because that is probably where the problem is.
Please remember, if you see a post that helped you please click (Vote As Helpful" and if it answered your question, please click (Mark As Answer).

SCOM 2012 R2 agent upgrade fails crippling agents

Running into a large amount of SCOM agents that are failing the upgrade from 2012 SP1 to R2 and would appreciate any feedback from my SCOM community colleagues. Warning this issue is not for the faint of heart.
Plan:
I am in the process of upgrading 1900 manually installed SCOM 2012 SP1 agents to R2. I am using SCCM to deliver the upgrade using the standard sanctioned upgrade parameters.
Momagent.msi /qn /l*v %SystemDrive%\SCOM2012AgentUpgrade.log AcceptEndUserLicenseAgreement=1
Problem:
I have run into a problem where on a larger group of systems, 165 servers, where the upgrade fails and leaves the agent in a crippled state. At this point the agent cannot be removed cleanly via add remove, nor can a straight install of the agent
be done. What is required is a manual removal of registry keys and then a clean install of the agent can be performed to remediate. This is no problem and I am able to do this. (Note: all other methods of agent removal did not work ie:
Cleanmom.exe utility or add remove)
Task:
Seeing that we need to do agent upgrades in the future it would be great to know why this happened so we can plan for this in the future.
Notes:
Seems like a random sample of servers (2003/2008) with different applications running on them so that doesn't help in narrowing things down.
Looking at the MSI log, I see a common issue among systems that had this problem.
******* Product: {387306D9-78CE-4E0E-B952-28A50CC8B3EE}
           ******* Action:
           ******* CommandLine: **********
MSI (s) (7C:7C) [08:08:43:668]: User policy value 'SearchOrder' is 'nmu'
MSI (s) (7C:7C) [08:08:43:668]: User policy value 'DisableMedia' is 0
MSI (s) (7C:7C) [08:08:43:668]: Machine policy value 'AllowLockdownMedia' is 0
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Media enabled only if package is safe.
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Looking for sourcelist for product {387306D9-78CE-4E0E-B952-28A50CC8B3EE}
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Adding {387306D9-78CE-4E0E-B952-28A50CC8B3EE}; to potential sourcelist list (pcode;disk;relpath).
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Now checking product {387306D9-78CE-4E0E-B952-28A50CC8B3EE}
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Media is enabled for product.
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Attempting to use LastUsedSource from source list.
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Trying source C:\WINDOWS\SysWOW64\CCM\Cache\LFG00446.1.System\i386\.
MSI (s) (7C:7C) [08:08:43:668]: Note: 1: 2203 2: C:\WINDOWS\SysWOW64\CCM\Cache\LFG00446.1.System\i386\MOMAgent.msi 3: -2147287037
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Source is invalid due to missing/inaccessible package.
MSI (s) (7C:7C) [08:08:43:668]: Note: 1: 1706 2: -2147483647 3: MOMAgent.msi
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Processing net source list.
MSI (s) (7C:7C) [08:08:43:668]: Note: 1: 1706 2: -2147483647 3: MOMAgent.msi
MSI (s) (7C:7C) [08:08:43:668]: SOURCEMGMT: Processing media source list.
MSI (s) (7C:7C) [08:08:44:744]: Note: 1: 2203 2: 3: -2147287037
MSI (s) (7C:7C) [08:08:44:744]: SOURCEMGMT: Source is invalid due to missing/inaccessible package.
MSI (s) (7C:7C) [08:08:44:744]: Note: 1: 1706 2: -2147483647 3: MOMAgent.msi
MSI (s) (7C:7C) [08:08:44:744]: SOURCEMGMT: Processing URL source list.
MSI (s) (7C:7C) [08:08:44:744]: Note: 1: 1402 2: UNKNOWN\URL 3: 2
MSI (s) (7C:7C) [08:08:44:744]: Note: 1: 1706 2: -2147483647 3: MOMAgent.msi
MSI (s) (7C:7C) [08:08:44:744]: Note: 1: 1706 2: 3: MOMAgent.msi
MSI (s) (7C:7C) [08:08:44:744]: SOURCEMGMT: Failed to resolve source
MSI (s) (7C:8C) [08:08:44:744]: Note: 1: 1714 2: Microsoft Monitoring Agent 3: 1612
CustomAction returned actual error code 1612 (note this may not be 100% accurate if translation happened inside sandbox)
MSI (s) (7C:8C) [08:08:44:744]: Product: Microsoft Monitoring Agent -- Error 1714.The older version of Microsoft Monitoring Agent cannot be removed. Contact your technical support group. System Error 1612.
Error 1714.The older version of Microsoft Monitoring Agent cannot be removed. Contact your technical support group. System Error 1612.
Action ended 8:08:44: RemoveExistingProducts. Return value 3.
Action ended 8:08:44: INSTALL. Return value 3.
Ok so the obvious is that the installer is looking for original source installation files and not able to find them. What is surprising to me however is that the product references a 32 bit scom agent guid
387306D9-78CE-4E0E-B952-28A50CC8B3EE, however this is a 64 bit machine. Our build process dictates that a 64 bit machine only receive a 64 bit SCOM agent.
Doing a search on this product guid I realized I skipped some other references at the top of the MSI log that might offer some more explanation...
MSI (s) (7C:8C) [08:08:11:896]: PROPERTY CHANGE: Adding OM_OM12_SP1_AGENT_FOUND property. Its value is '{8B21425D-02F3-4B80-88CE-8F79B320D330}'.
MSI (s) (7C:8C) [08:08:11:896]: PROPERTY CHANGE: Modifying OM_OM12_SP1_AGENT_FOUND property. Its current value is '{8B21425D-02F3-4B80-88CE-8F79B320D330}'. Its new value: '{8B21425D-02F3-4B80-88CE-8F79B320D330};{387306D9-78CE-4E0E-B952-28A50CC8B3EE}'.
MSI (s) (7C:8C) [08:08:11:896]: Skipping action: _StopCoreServices.80B659D9_F758_4E7D_B4FA_E53FC737DCC9 (condition is false)
MSI (s) (7C:8C) [08:08:11:896]: Skipping action: _KillOMProcesses.80B659D9_F758_4E7D_B4FA_E53FC737DCC9 (condition is false)
MSI (s) (7C:8C) [08:08:11:896]: Doing action: _Set_OM_AGENT_FOUND
Action ended 8:08:11: FindRelatedProducts. Return value 1.
MSI (s) (7C:8C) [08:08:11:896]: PROPERTY CHANGE: Adding OM_AGENT_FOUND property. Its value is '{8B21425D-02F3-4B80-88CE-8F79B320D330};{387306D9-78CE-4E0E-B952-28A50CC8B3EE}'.
Action start 8:08:11: _Set_OM_AGENT_FOUND.
MSI (s) (7C:8C) [08:08:11:896]: Doing action: _Set_MOMV3_AGENT_FOUND
Action ended 8:08:11: _Set_OM_AGENT_FOUND. Return value 1.
MSI (s) (7C:8C) [08:08:11:896]: PROPERTY CHANGE: Adding MOMV3_AGENT_FOUND property. Its value is '{8B21425D-02F3-4B80-88CE-8F79B320D330};{387306D9-78CE-4E0E-B952-28A50CC8B3EE}'.
Action start 8:08:11: _Set_MOMV3_AGENT_FOUND.
Well that is interesting, seems to me that in the first line the MSI installer reads the OM_OM12_SP1_AGENT_FOUND property and identifies this with a 64 bit agent guid (8B21425D-02F3-4B80-88CE-8F79B320D330), but then appends
the 32 bit guid at the end (387306D9-78CE-4E0E-B952-28A50CC8B3EE). This is the point of my confusion and my suspicion as the cause of the problem I am having.
Concluding thoughts:
Why does the installer seems to first recognizes a 64 bit agent, but then later changes it's property to include a 32 bit agent guid.  Could a 32 bit agent have got on this 64 bit server based on the details of this log? Would this
cause my agents to fail the upgrade? I think so, but looking to bounce this over to another fellow SCOM colleague who may have wrestled with this before.
Thanks in advance if you took the time to read this and think about it. Extra points if you have any extra thoughts!
Keith

Hi,
Have you used Requirement to limit the platform when you deploy application with SCCM.
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place.

SCOM 2012 R2 Continued Problems with State Widget

Hi All,
Just want to see if anyone is seeing problems with the state widget in R2. Confirmed that if the criteria selection page is left blank, that the widget will render, if anything is selected it just loads and loads and loads finally with an error (follows,
first). Corresponding error in event log (follows, second). I thought this was resolved with UR4?
Error in console===============
Microsoft.EnterpriseManagement.Common.UnknownDatabaseException:
The query processor ran out of internal resources and could not produce a query
plan. This is a rare event and only expected for extremely complex queries or
queries that reference a very large number of tables or partitions. Please
simplify the query. If you believe you have received this message in error,
contact Customer Support Services for more information.
   at
Microsoft.EnterpriseManagement.Common.Internal.ServiceProxy.HandleFault(String
methodName, Message message)
   at
Microsoft.EnterpriseManagement.Common.Internal.EntityObjectsServiceProxy.GetRelatedManagedEntitiesByManagedEntityTypesAndCriteriaWithInstanceQueryOptions(IList`1
parentManagedEntityIds, Boolean recurse, IList`1 managedEntityTypeIds, IList`1
managedEntityBaseTypeIds, IList`1 criterias, String languageCode,
InstanceQueryOptions instanceQueryOptions)
   at
Microsoft.EnterpriseManagement.InstancesManagement.GetRelatedObjectsInternal[T](ICollection`1
instanceIds, ICollection`1 criteriaCollection, TraversalDepth traversalDepth,
ObjectQueryOptions queryOptions)
   at
Microsoft.EnterpriseManagement.Management.DataProviders.ManagedEntityProvider.GetContainedManagedEntities(IDataObjectCollection
targetEntities, ICollection`1 recursionTypeNames, ICollection`1 baseTypeNames,
String criteriaString, List`1 valueDefinitions, List`1 sortValueDefinitions,
String typePropertyName, String typeWithIconPropertyName, Boolean
propertyCollectionRequested)
   --- End of inner exception stack trace ---
   at Microsoft.EnterpriseManagement.Presentation.DataAccess.DataProviderCommandMethodInvoker.Invoke()
   at
Microsoft.EnterpriseManagement.Monitoring.DataProviders.RetryCommandExecutionStrategy.Invoke(IDataProviderCommandMethodInvoker
invoker)
   at Microsoft.EnterpriseManagement.Presentation.DataAccess.DataProviderCommandMethod.Invoke(CoreDataGateway
gateWay, DataCommand command)
   at
Microsoft.EnterpriseManagement.Presentation.DataAccess.CoreDataGateway.ExecuteInternal[TResult](DataCommand
command)
   at Microsoft.EnterpriseManagement.Presentation.DataAccess.CoreDataGateway.<ExecuteAsync>b__0[TResult](<>f__AnonymousType0`1
data)
Error in Event Log==============
GetRelatedManagedEntitiesByManagedEntityTypesAndCriteriaWithInstanceQueryOptions
for session ID uuid:9078152d-9ff1-4c68-a997-c8088a16a34c;id=5.<o:p></o:p>
Exception
message: The creator of this fault did not specify a Reason.<o:p></o:p>
Full
Exception:
System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UnknownDatabaseException]:
The creator of this fault did not specify a Reason. (Fault Detail is equal to
The query processor ran out of internal resources and could not produce a query
plan. This is a rare event and only expected for extremely complex queries or
queries that reference a very large number of tables or partitions. Please
simplify the query. If you believe you have received this message in error,
contact Customer Support Services for more information.).<o:p></o:p>
<o:p></o:p>

I am so sorry for my mistake. Below is the url.
http://blogs.technet.com/b/scom_atlas/archive/2013/10/22/scom-2012-sp1-ur4-is-out.aspx
Juke Chou
TechNet Community Support

Error while running gateway approval tool (SCOM 2012)

We get an error saying "The gateway server does not exist: <GW server name>" while running gateway approval tool in SCOM 2012 MS. referred several blogs, but no help. MS servers are in healthy state and Ops DB has enough free space.
Port 5723 is the only port open between GW and SCOM MS servers. Could anyone assist with a solution pls?

Did you first install SCOM gateway server role on that GW Server. are the certificates installed properly.
Also please confirm that the GW server name exists in AD too.
Please check that GW server does not already exists in SCOM as a computer object. Check the SCOM database too for any stale entry of the GW Server.
Once the above are clear. Then you can run the gateway approval tool with action =delete.
After that again try to run the gateway approval tool with action =create.
Hope this helps.
Thanks, S K Agrawal

The problem with forecast reports in SCOM 2012 after integration with VMM 2012

Hello.
I have problem with forecast reports in SCOM 2012 after integration with VMM 2012. All other reports (not forecasting) works fine. For example, report “Host Group Forecasting” don’t work. The report is generated, but I have error: “Subreport
could not be shown”. I find only errors in SQL Server Reporting logs like this:
library!ReportServer_0-13!1758!06/26/2012-18:26:23:: i INFO: RenderForNewSession('/Microsoft.SystemCenter.VirtualMachineManager.2012.Reports/Microsoft.SystemCenter.VirtualMachineManager.2012.Report.ForecastHostGroup')
processing!ReportServer_0-13!1758!06/26/2012-18:26:28:: e ERROR: Throwing Microsoft.ReportingServices.ReportProcessing.ReportProcessingException: , Microsoft.ReportingServices.ReportProcessing.ReportProcessingException: Не удалось выполнить
запрос для набора данных "DiskSpaceUsageForecasting". ---> Microsoft.AnalysisServices.AdomdClient.AdomdErrorResponseException: Execution of the managed stored procedure GetTimeSeriesForecast failed with the following error: Exception has been thrown by
the target of an invocation..
Query (5, 58) Parser: The syntax for '6' is incorrect.
   at Microsoft.AnalysisServices.AdomdClient.AdomdConnection.XmlaClientProvider.Microsoft.AnalysisServices.AdomdClient.IExecuteProvider.ExecuteTabular(CommandBehavior behavior, ICommandContentProvider contentProvider,
AdomdPropertyCollection commandProperties, IDataParameterCollection parameters)
   at Microsoft.AnalysisServices.AdomdClient.AdomdCommand.ExecuteReader(CommandBehavior behavior)
   at Microsoft.AnalysisServices.AdomdClient.AdomdCommand.System.Data.IDbCommand.ExecuteReader(CommandBehavior behavior)
   at Microsoft.ReportingServices.DataExtensions.AdoMdCommand.ExecuteReader(CommandBehavior behavior)
   at Microsoft.ReportingServices.OnDemandProcessing.RuntimeDataSet.RunEmbeddedQuery(Boolean& readerExtensionsSupported, Boolean& readerFieldProperties, List`1 queryParams, Object[] paramValues)
   --- End of inner exception stack trace ---;
The Russian string “Не удалось
выполнить запрос для набора данных "DiskSpaceUsageForecasting"” is translated to “Could not execute query for data set "DiskSpaceUsageForecasting"”.
I have clean installation SCOM 2012 RU1, VMM 2012 RU1. Integration SCOM with VMM work fine.
SQL collation for all SQL DB instances (SCOM and VMM and SCOM reporting) – “SQL_Latin1_General_CP1_CI_AS”
SQL Analysis service: SQL collation – “Latin1_General” ; language for the server – English (United States)
I think the problem in regional settings. By my opinion there are two possible mistakes:
SQL collation for all SQL DB instances. May be need use “Latin1_General_CI_AS”
as provided by
http://blogs.technet.com/b/momteam/archive/2012/05/25/clarification-on-sql-server-collation-requirements-for-system-center-2012.aspx
Need change regional setting. Question is for what (OS regional setting, SQL Analysis service settings,…) ?

Error: Subreport could not be shown
Opening a report for Client Security might result in the following error being displayed in one or more areas of the report: "Error: Subreport could not be shown."
Background
There are two possible reasons for this error:
1. Wrong location   The reporting server is pointing to the wrong computer running SQL Server or a SQL Server instance.
2. Insufficient permissions   The account configured (in SQL Server Reporting Services) to connect to the reporting database does not have appropriate permissions for the database.
Solution
To determine which reason is causing the error, attempt to directly open the subreport reporting the error, by clicking the name of the subreport.
If the reporting server is pointing to a wrong location, the report displays an error similar to the following:
Error message
An error has occurred during report processing.
Cannot create a connection to data source 'SystemCenterReporting'. Cannot open database "SystemCenterReporting" requested by the login. The login failed. Login failed for user username.
To verify the correct SQL Server computer and instance path
In Report Manager, navigate to the report generating the error and click the Properties tab.
Click Data Sources and under a Shared data source, note the path.
Open the reporting Web site. If you chose the default virtual directory for reports, the URL is: http://hostname/Reports/
If you chose to secure the viewing of reports with HTTPS, the URL is: https://hostname/Reports/
Click SCDW.
In the Connection type list, ensure that Microsoft SQL Server is selected.
In the Connection string box, ensure that the correct SQL Server computer and instance name are entered.
Note:
A period (.) denotes the local computer.
If the account has insufficient permissions, the report displays an error similar to the following:
Error message
An error has occurred during report processing. (rsProcessingAborted) Query execution failed for data set 'DSDashboardComputersTrend'. (rsErrorExecutingCommand) EXECUTE permission denied on object 'prSAS_UX_DashboardComputersTrend', database 'SystemCenterReporting',
schema 'dbo'.
To determine if you are experiencing the SQL Server permissions issue
Open the reporting Web site. If you chose the default virtual directory for reports, the URL is:http://hostname/Reportserver/
If you chose to secure the viewing of reports with HTTPS, the URL is:https://hostname/Reportserver/
Click Microsoft Operations Manager Reporting, click Microsoft Forefront Client Security, and scroll to DashboardComputersTrend.
Click DashboardComputersTrend.
If you are experiencing a SQL Server permissions issue, an error similar to the preceding error appears.
To grant permissions to the SQL Server computer
1. In Report Manager, click SCDW and note the account in the Connect using section. This is the account under which the database is contacted.
2. On the server with the System Center Reporting database, start SQL Server Management Studio.
3. In the tree, expand Security, and then expand Logins. Do one of the following:
If the user account is listed, right-click the account, click Properties, and then go to step 5.
If the user account is not listed, right-click Logins and choose New Login.
4. In the Login name box, enter the user account (domain\username).
5. In the Login Properties dialog box, click User Mapping, and then under Users mapped to this login, select the System Center Reporting check box.
6. Under Database role membership for: System Center Reporting, select the db_owner check box, and then click OK.
Thanks,
Yog Li
TechNet Community Support

Automatic windows agent fail over in SCOM 2012 / 2012 R2

Hi All,
I have a question with respect to SCOM 2012 / 2012 R2 windows agent fail over.
For example i have only 400 windows agents and i have 2 MS in my environment. So 200 windows agents are managed by MS1 and the rest 200 are managed by the MS2.
What i want to know is if either of the MS (MS1 or MS2) Shutdown / restart or any thing happens to them, Do the agents automatically fail over to the other MS ? As i have not configured ant thing for this as i don't know.
So is there any configuration to be done for the above to happen after the deployment of both the management servers is done before discovering the agents or does it automatically understand take the rest 200 agents thinking that the other MS is down ?
Gautam.75801

Hi All,
I have a question with respect to SCOM 2012 / 2012 R2 windows agent fail over.
For example i have only 400 windows agents and i have 2 MS in my environment. So 200 windows agents are managed by MS1 and the rest 200 are managed by the MS2.
What i want to know is if either of the MS (MS1 or MS2) Shutdown / restart or any thing happens to them, Do the agents automatically fail over to the other MS ? As i have not configured ant thing for this as i don't know.
So is there any configuration to be done for the above to happen after the deployment of both the management servers is done before discovering the agents or does it automatically understand take the rest 200 agents thinking that the other MS is down ?
Gautam.75801
This happens automagically for Windows agents within a domain that are assigned to a Management Server. For other scenarios, such as Gateways, the Gateways should be configured for failover between Management Servers, and the agents attached to those
Gateways should be configured to failover between the Gateways. Cross platform agents report to a resource pool, so that happens automagically as well.
To confirm your scenario, simply run the Get-SCOMAgent cmdlet.
To test you can do the following, assuming first agent in the array isn't a Management Server/Gateway :)
$SCOMAgents = get-scomagent
$SCOMAgents[0].PrimaryManagementServerName
$SCOMAgents[0].GetFailoverManagementServers()
Supporting article:
http://blogs.technet.com/b/jimmyharper/archive/2010/07/23/powershell-commands-to-configure-gateway-server-agent-failover.aspx

Gateway server and Management server in SCOM 2012

What are the main Different between Gateway server and Management server in SCOM 2012?
I have referred this , is there anything ?
http://blogs.technet.com/b/momteam/archive/2008/02/19/10-reasons-to-use-a-gateway-server.aspx

1) Management server can write data , gathered from agent, directly into operations manager database. Gateway server should forward data, collected from managed agent to management server.
2) In a unturst environment for example workgroup or untrust domain, and you do not want to deploy a certificate to every monitored agent, you should deploy gateway server rather than managment server.
Roger

SCOM 2012 Gateway fails to communicate - Certificate Problem?

Similar Messages

Maybe you are looking for