Sign in
 
HomeProductsLibraryLearnDownloadsSupportForums
Microsoft Forefront TechCenter >
MOM Server is no longer auto approving Computers

Locked MOM Server is no longer auto approving Computers

  • Friday, March 12, 2010 3:35 PM
     
     
    Sign In to Vote
    0
    The Forefront MOM server is no longer auto approving computers after 1 hour, I have objects that have been in the pending actions for over a week.

    Any ideas one which settings I can check for this?

    FYI, I have 2 separate environments on the same domain that are doing the same thing. Both started doing this around the same time.

    Thanks for any help! 
       

    All Replies

    • Monday, March 15, 2010 10:01 AM
       
       
      Sign In to Vote
      0
      Hi WKessler76,

      did you change something in the configuration of the auto-approval?

      how are you installing FCS clients  in the client computers? manually? policy? Logon Script?

      if you let WSUS/FCSpolicy install it it should auto-approve computers, elseway it shouldn't.

      did you change policy and didn't distribute it to target (through the FCS console)?


      HTH bye!
      Diego Castelli
         
      • Tuesday, March 16, 2010 8:09 AM
        Moderator
         
         Answered
        Sign In to Vote
        0

        Hi,

         

        Thank you for the post.

         

        Once FCS is approved, we need to confirm the policy has deployed from the FCS management console. If you have created different groups in WSUS, you will need to make sure the FCS Client package is approved for those groups. And you may disable automatic approval and just do manual approvals of these machines and see if it works.

         

        Regards,

        Nick Gu - MSFT
           
        • Monday, March 22, 2010 1:07 PM
           
           Proposed Answer
          Sign In to Vote
          2

          Hi,

          I think you mean Auto-Approve Pending Computers in MOM 2005 Administrator Console.

          If you have resolved a "Flooding Detected" alert parameter, you must manually reset this parameter to true if you want Client Security to resume automatically approving pending computers.

          To reset this parameter (copied from the URL below):

          1. On the collection server, open the MOM Administrator console and expand the Microsoft Operations Manager tree, click Management Packs, click Rule Groups, click Microsoft Forefront Client Security, click Server Behaviors, and then click Event Rules.

          2. Double-click Run Flood Protection.

          3. In the Event Rules Properties dialog box, click the Responses tab.

          4. Select the flood protection script and click Edit.

          5. In the Launch a Script dialog box, under Script parameters, select the parameter you want to change and click Edit Parameter.

          6. In the Edit Script Parameter dialog box, enter the new parameter value in the Value box. Valid values depend on which parameter you chose to edit. For details, see the following list:

            • Auto-approve pending computers—To enable automatic approval of pending computers, type true. To disable automatic approval of pending computers, type false. The default value is true.
            • Disconnect clients—To enable disconnection of flooding computers, type 1. To disable disconnection of flooding computers, type 0. The default value is 1.
            • Maximum allowed parameters per event—Type a whole number. The default value is 40.
            • Maximum events per computer in OPDB—Type a whole number. The default value is 5,000.

          7. Click OK three times, and then right-click the Management Packs node and click Commit Configuration Change. MOM implements the changes you made.

          http://technet.microsoft.com/en-us/library/bb418904.aspx

          Regards

          • Proposed As Answer by Diego Castelli Tuesday, March 23, 2010 3:22 PM
          •  
             
          • Thursday, March 25, 2010 2:43 PM
             
             
            Sign In to Vote
            0

            Sorry for not getting back to any of you, I did not receive a notification there were replies up here for me.

             

            What Snilerdahl posted corrected the issue. Auto Approval was off. I had found that post on TechNet the day after I posted this here.

             

            Thanks for the replies, but can anyone explain why this got turned off on its own? Because I have not resolved a "Flooding Detected" alert.

             

             

               
            • Friday, March 26, 2010 1:52 PM
               
               
              Sign In to Vote
              0

              Hi,

              Use Alerts History to find out if there was an alert.

              Got to: http://<Report Server>/Reports ---> open "Microsoft Forefront Client Security" ---> open "Alerts History" ---> Enter "Start Time" and "End Time",  specify the time when you suspect the Flooding occured.

              Under "Alert Details" you should see an "Security issue" if there has been an Alert.

              Regards

                 
              • Tuesday, June 29, 2010 6:30 PM
                 
                 
                Sign In to Vote
                0

                I am new to the whole FCS app/server environment.  We evaluated the product, decided to purchase, then had to reinstall with non trial software to rollout.  During the evaluation everything worked great.  Now that we are trying to roll this out into production we are starting to see some problems.  Agents are not auto approving and I'm not sure why.  The post by Nick looks great, but I'm not really sure what all of that means since I'm sort of a noob at this.  Little history:

                We are rolling this out manually.
                Machines are showing up in MOM under agentless managed computers.  once approving for install they work fine.
                I have changed the policy in FCS to a new policy if that makes a difference.

                I'm not really sure what's going on with MOM not auto approving when it did during our evaluation.  If someone could help me make some sense out of this. I would really appreciate it.