locked
Solaris 10 with SCOM 2019 Agent Issues RRS feed

  • Question

  • I am curious to hear from other members that have a fully deployable Solaris 10 agent.
     
    Solaris 11 and REHL work out of the box but having issues with the Solaris 10 agents.
     
    SCOM Agent version: 1.6.4-7 (Release_Build - 20191212L)
     
    Solaris 10 host meets the minimum requirements including the openssl patch.
    openssl s_client -help 2>&1 > /dev/null | egrep "\-(ssl|tls)[^a-z]"
     -ssl3        
    - just use SSLv3
     -tls1_2      
    - just use TLSv1.2
     -tls1_1      
    - just use TLSv1.1
     -tls1        
    - just use TLSv1
     
    The agent will install, Certs are signed then fails.
    The Certs look fine and have also used the manual signing method.
     
    Looking further the SCOM agent still references the old SSL lib which only supports TLS 1.0
         
    ldd /opt/omi/bin/omiengine
    libssl.so.0.9.7 =>       /usr/sfw/lib/libssl.so.0.9.7
    libcrypto.so.0.9.7 =>    /usr/sfw/lib/libcrypto.so.0.9.7
     
    I see there is a feature request ticket open with Microsoft developers to resolve this.
     
    Windows Server 2016 does not support TLS 1.0 by default, so enable 1.0 and 1.1 and re-tried deployment process and manual steps. still failing.
     
    I would like to hear from anyone that has a deployable Solaris 10 agent and be open to sharing their experience in getting it to work.
     
    Thanks
     
    Gavin


    Thursday, June 11, 2020 2:06 AM

Answers

  • Hi,

    Thank you very much for the update and we're glad the problem is solved now. 

    One more point, when we use winrm enumerate command, if the password contains special characters, for example, the dot, we may use double quotes, as shown in below example picture.

    Hope others facing the same situation will benefit from this thread. Here's a short summary for the problem.

    Problem/Symptom:
    ===================
    Platform: Solaris 10 with SCOM 2019
    Problem details:
    having issues with the Solaris 10 agents

    Analysis/Possible Cause:
    ===================
    1, make sure port 1270 is open
    2, use winrm enumerate command to test the winrm connection

    Solution/Workarounds:
    ===================
    1, use winrm enumerate command to check the status
         winrm enumerate http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_Agent?__cimnamespace=root/scx -username:<userid> -password:<password> -r:https://<host>:1270/wsman -auth:basic -encoding:utf-8
    2, restart the agent and confirm the enumerate command is successful
         scxadmin -restart
    3, run the discovery again from operations manager console to manage the agent-installed Solaris host



    Reference:
    ===================
    N/A

    If you have any questions in future, we warmly welcome you to post in this forum again.

    Have a nice day!

    Regards,

    Alex Zhu
    -----------------------------------------------
    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
    Friday, June 12, 2020 6:28 AM

All replies

  • Hi,

    For linux/unix agent, secure shell (default tcp port 22 or user-defined) and wsman (tcp port 1270) should be allowed. Firstly, we may run either of the following command to check the port status

    from linux computer
    nc -vz <ip address of Solaris 10 computer> <port>



    from windows computer, for example, management server
    Test-NetConnection -Computername "Solaris 10 computer" -Port 1270



    Hope the above information helps.

    Regards,

    Alex Zhu
    -----------------------------------------------
    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
    Thursday, June 11, 2020 6:31 AM
  • Thanks Alex for those additional commands which will come in handy.

    After spending some time with MS Support the solution for our Solaris 10 installs was:

    (1) Run discovery which fails after the cert signing step and during validation.

     - Run this from Management Server which fails

    winrm enumerate http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_Agent?__cimnamespace=root/scx -username:<userid> -password:<password> -r:https://<host>:1270/wsman -auth:basic -encoding:utf-8

    (2) On the Solaris 10 host, restart the agent: scxadmin -restart

     - Running this from Management Server is now successful 

    winrm enumerate http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_Agent?__cimnamespace=root/scx -username:<userid> -password:<password> -r:https://<host>:1270/wsman -auth:basic -encoding:utf-8

    (3) Run discovery again which identifies the host as having an agent installed.

    (4) Choose to manage and wait about 4 minutes for it to come online.

    Friday, June 12, 2020 2:17 AM
  • Hi,

    Thank you very much for the update and we're glad the problem is solved now. 

    One more point, when we use winrm enumerate command, if the password contains special characters, for example, the dot, we may use double quotes, as shown in below example picture.

    Hope others facing the same situation will benefit from this thread. Here's a short summary for the problem.

    Problem/Symptom:
    ===================
    Platform: Solaris 10 with SCOM 2019
    Problem details:
    having issues with the Solaris 10 agents

    Analysis/Possible Cause:
    ===================
    1, make sure port 1270 is open
    2, use winrm enumerate command to test the winrm connection

    Solution/Workarounds:
    ===================
    1, use winrm enumerate command to check the status
         winrm enumerate http://schemas.microsoft.com/wbem/wscim/1/cim-schema/2/SCX_Agent?__cimnamespace=root/scx -username:<userid> -password:<password> -r:https://<host>:1270/wsman -auth:basic -encoding:utf-8
    2, restart the agent and confirm the enumerate command is successful
         scxadmin -restart
    3, run the discovery again from operations manager console to manage the agent-installed Solaris host



    Reference:
    ===================
    N/A

    If you have any questions in future, we warmly welcome you to post in this forum again.

    Have a nice day!

    Regards,

    Alex Zhu
    -----------------------------------------------
    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
    Friday, June 12, 2020 6:28 AM