FCS Not Updating from WSUS / Cannot open MOM Console / Cannot connect to MOM DB RRS feed

  • Question

  • Hi,

    My original problem was that FCS was not updating from WSUS. Then after reading up, and trying a whole lot of different things I managed to break it further. Now I cannot open the Microsoft Forefront Client Security Console on the management server, The Administrator Console and the Operator Console cannot connect to the Management server (They are on the management server)

    As a side note: The reporting hasn't worked at all, not even after the last Systems Admin reloaded the whole FCS implementation.

    I need assistance to get everything working again, and I think it might take a while to get everything resolved.

    I don't know what information to provide so here is some to start with:

    I believe this is a on server topology:

    1. There is the management server, with all the roles except the "distribution" role installed.

    2. The updates to FCS are set to go through our WSUS server.

    3. The WSUS server works fine in all regards except to push the FCS updates through (I release other MS updates every week and they all go through)

    4. Management server is 32-bit Windows Server 2008 Standard with SP1, with Microsoft Operations Manager 2005 (Unsure of SP1 is installed, but I think it is), and Microsoft SQL Server 2005 (It doesn't have the SQL Studio thing)

    5. I have domain admin credentials

    6. When opening the Microsoft Forefront Client Security console it crashes with a "MMC has detected an error in a snap-in and will unload it". Clicking on ok gives a new error page of exception: "System.Reflection.TargetInvocationException"

    7. Opening the Operator console give a message of "Error connecting to server" and clicking on ok brings up the console settings where you specify the MOM management server etc

    8. Opening the Administrator conolse immediately brings up the "Connect to a different MOM Management Server" window.

    I am hoping that someone here can ask the right questions and helped get through all these issues to get this system working again

    Sunday, February 9, 2014 6:34 PM


All replies

  • Hi,

    Thank you for your patience and support.

    I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.

    Thank you for your understanding and support.

    Best Regards

    Quan Gu

    Monday, February 10, 2014 8:31 AM
  • Hi Connaver, for the FCS Console issue ("System.Reflection.TargetInvocationException") please download & install this hotfix http://support.microsoft.com/kb/942581

    For the MOM Operator console issue, please check your event logs (Application & System) for events with 'Event Source: Microsoft Operations Manager', those should indicate the cause of the MOM Server problem. 

    Faron Faulk [MSFT]

    Tuesday, February 11, 2014 1:43 PM
  • Thanks Quan and Faron for your replies. Firstly, when I logged into the server today and tried to open the consoles, the FCS console did not give me an error. Before I originally posted my message I already downloaded and tried that hotfix. The problem is there is no SQL Management Studio. Microsoft SQL Server 2005 is installed.

    The only error that really stands out is this one under the application logs:

    Source: Microsoft Operations Manager

    Event ID: 20607

    The Data Access Server (DAS) on computer SSCIS04 returned an error. System error code: -2147217770 System error text: IDispatch error #3222 DAS method called: ConfigurationGetOnePointFreeSpace Called from file: d:\bt\4\private\product\core\engine\managers\perfcountermanager\src\momperfcountermanager.cpp Called from line: 984 Other than that there are some terminal server printer errors and print spooler errors (which are common on pretty much all our servers), and Heartbeat errors (Event ID: 21213: Heartbeat update failed for 1 or fewer agents. Error details: IDispatch error #3222)

    I have just checked again and the FCS console is still opening without error. And I can start a scan. (No clients report back to the server though)

    • Edited by Connaver Tuesday, February 11, 2014 4:47 PM
    Tuesday, February 11, 2014 4:46 PM
  • I think I might have figured out what the problem is. I think I changed some accounts, as the last person to set this system up was retrenched, and he used his account to configure things. His AD account was disabled.

    Could changing the MOM DAS account cause these problems?

    I was looking at this Technet page:


    Tuesday, February 11, 2014 5:40 PM
  • Hi, yes changing the DAS account could cause problems like this, especially in relation to SQL permissions.
    you can find more information about this here:


    and here:

    Please let me know if this is helpful.



    Faron Faulk [MSFT]

    • Marked as answer by Quan Gu Tuesday, February 25, 2014 3:06 AM
    Monday, February 17, 2014 8:53 PM
  • Unfortunately I could not come right with the links you provided. But the problem has been resolved.

    I am not 100% sure what I did that directly resolved it, but I have a feeling it was the local admin account.

    We have a GPO that forces a password change every 30 days, but it shouldn't be applied to servers and local admin accounts.

    When I logged in with the local admin account I noticed that it called for a password change. I set it to never require a change, and restarted the server.

    I reran the Microsoft Forefront Client Security config (from the MS FCS console), and everything passed all the checks (even the DAS account).

    Anyway, after the restart, everything just started working.

    Tuesday, February 25, 2014 5:51 AM
  • Ok that is great news, I'm glad to hear it's working now.

    I'll close out the case now.

    have a nice day,

    Faron (Microsoft)

    Tuesday, February 25, 2014 9:59 PM