none
[SCOM 2012] Error adding a gateway

    Question

  • Hello,

    My problem is that I installed a SCOM Gateway on another domain and no connection is established.

    I have an event log error (20071) :

    The OpsMgr Connector connected to SCOM.toto.corp, but the connection was closed immediately without authentication taking place.  The most likely cause of this error is a failure to authenticate either this agent or the server .  Check the event log on the server and on the agent for events which indicate a failure to authenticate.

    Certificates are imported on the MS server and Gateway.

    They are on Windows Server 2012.

    Have you got an idea?

    Thank you.


    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Thursday, July 11, 2013 9:29 AM

All replies

  • Thursday, July 11, 2013 9:34 AM
  • Thank you for your reply.

    None of this help me, port 5723 open, DNS resolution OK, certificate ok, agent settings ok (with the FQDN), pending management ok. Any other idea?


    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Thursday, July 11, 2013 11:02 AM
  • have you check all issue in below link's ? if so can you provide errors events logged in MS for gateway

    http://blog.coretech.dk/msk/common-issues-when-working-with-certificates-in-opsmgr/

    http://blog.scomfaq.ch/2012/12/13/scom-agent-in-dmz-not-monitored-event-id-20071/

    Regards


    sridhar v

    Thursday, July 11, 2013 11:47 AM
  • Yes I checked all of these.

    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Thursday, July 11, 2013 12:24 PM
  • For information, I have this message error every 15 minutes.

    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Thursday, July 11, 2013 2:14 PM
  • I have the same error on two different gateway, if it can help...

    Thank you


    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Friday, July 12, 2013 6:32 AM
  • Any idea?

    Thanks


    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Monday, July 15, 2013 1:23 PM
  • I restarted the install and now, at the beginning, I have another warning alert. Event ID : 21035.

    The error is :

    Registration of a SPN for this computer with the "MSOMHSvc" service class has failed with error "Directory object not found.".  This may cause Kerberos authentication to or from this Health Service to fail.

    So I created this 4 SPN on my AD and it replicated to the RODC.

    SetSPN -A MSOMHSdkSvc/SCOM.toto.corp SCOM
    SetSPN -A MSOMHSdkSvc/SCOM SCOM
    SetSPN -A MSOMHSvc/SCOM.toto.corp SCOM
    SetSPN -A MSOMHSvc/SCOM SCOM

    I restarted the service on gateway and I have the same problem that before.
    Any idea?
    Thanks


    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Tuesday, July 16, 2013 8:17 AM
  • So, I try to do this with an agent on a 2003 server and it works.

    A difference exists between 2012 and 2003 for certificates?

    Thank you.

    Florent


    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Friday, July 19, 2013 9:34 AM
  • there is no difference there in the type of certificates. However make sure the certificate is trusted (so make sure its either a public type cert, or that the CA issuing the certificates is trusted on the windows server which is playing the gateway as well.

    Just to make sure, you did run the gateway approval tool before installing the gateway server right?


    Bob Cornelissen - BICTT (My Blog about SCOM) - MVP 2012 + 2013 and Microsoft Community Contributor 2011 + 2012 Recipient

    Friday, July 19, 2013 11:19 AM
    Moderator
  • Thanks for the answer.

    Yes I do.

    The CA is trusted on the gateway server. I have "The certificate is OK"


    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Friday, July 19, 2013 12:18 PM
  • I try to install this gateway on Windows Server 2008 R2 and it works. So I have a question, what is the difference between 2012 and 2008 R2?

    Thank you for your help.


    MCSA Windows Server 2012 - http://florent-appointaire.fr

    Friday, July 19, 2013 1:42 PM