none
Monitoring Workgroup Servers from SCOM 2012 R2 RRS feed

  • Question

  • Hi,

    I have to monitor a 50 servers of Workgroup environment and around 10-15 servers that is part of different forest`s multiple Child Domain.

    So,I am looking for a solution how can i Monitor those all servers of Workgroup and different Forest`s multiple child domain.

    Is Gateway server required/reduce our efforts in this senarios or should i go manual certificate installation on each Servers (that is part of workgroup or different forest`s multiple child domain) that i need to monitor.

    I want this monitoring in easiest way. please suggest.



    Shailendra Dev

    Friday, January 15, 2016 5:20 PM

All replies

  • A gateway server is definitely not required, but using one in each non-trusted forest/domain will reduce your effort : you will authenticate communications between gateways and management servers using a certificate, and then the agents in these domains will authenticate to the gateway using kerberos.

    So you'll just need to create and maintain certificates for the gateway servers.

    Concerning the workgroup agents, you will still have to authenticate each of them using a certificate, so a gateway server will just help by reducing the nework ports you will have to open depending on how your firewalls are managed.

    Saturday, January 16, 2016 9:01 AM
  • Hi,

    it means using gateway server will not reduce my certificate installing efforts for each Work-group Servers ?

    In my Senario  gateway servers will help with reduce the certificate installation on Domain Member Servers only that are in untrusted forest? 


    Shailendra Dev

    Saturday, January 16, 2016 9:14 AM
  • that's correct
    Saturday, January 16, 2016 9:16 AM
  • Hi Sir,

    Agree with CyrAz.

    Please refer to following article :

    https://technet.microsoft.com/en-us/library/hh212823.aspx?f=255&MSPPError=-2147217396

    And the similar thread here :

    https://social.technet.microsoft.com/Forums/en-US/20d6c1ac-9d24-4733-a7ae-f20bcd4a3fc2/scom-gatway-server-is-necessory-for-monitoring-workgroup-computers?forum=operationsmanagergeneral

    Best Regards,

    Elton


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com .

    Monday, January 18, 2016 12:13 PM
    Moderator
  • Hi Elton,

    and what i have to do if i want to deploy the Gateway server (to reduce all the monitored agent traffic directly goes to scom management server) to monitor the workgroup servers  and some untrusted forest`s server.

    my ask is :

    1. will the gateway server be part of untrusted domain`s member or of  workgroup?

    2. if i will install gateway server in workgroup environment of DMZ than how the workgroup server agent will communicated to Gateway server? what are the steps require in this? and which server name i have to use to install the agents on workgroup servers.?


    Shailendra Dev

    Thursday, January 21, 2016 6:34 AM
  • Hi Sir,

    http://blogs.technet.com/b/stefan_stranger/archive/2012/04/17/monitoring-non-domain-members-with-om-2012.aspx

    Based on my understanding , the gateway server should be more useful when you monitor other site's  computers untrusted domain .

    If there is alot of workgroup computers we may need to add each one as the above article mentioned .

    Best Regards,

    Elton


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com .

    Monday, February 15, 2016 8:18 AM
    Moderator