MOM 2005 - Mutual Authentication


  • Hey Guys here is my situation:
    - I am working in a MS IPTV environment w/ several firewalls involved. (Ports 1270 & 1433 are open in the correct places)
    - 1 AD Domain (2003 Mode)
    - Everything is 2003 SP1
    -MOM 2005
    -2 clustered DB servers
    - 3 management servers (2 in backend, 1 in DMZ)  -- Yes the Management server in the DMZ can not comunicate with other Management Servers, but can talk to DB.
    - Before we went live I dropped all the firewalls to push the clients out to all the servers, and then brought back up the firewalls.  Everything worked fine until an Alcatel audit determined that we needed to needed to disable mutual authentication....AAAAHHHHHHH!!!!!
    - To disable MA I once again dropped the firewalls and used the agent update task to push agent MA changes...I verified that all all of the tasks completed successfully, and then I brought the firewalls back up.

    Here is the problem:
    - I get the MA error events on all 3 M servers, but If I restart the MOM serverice on these guys they flip which errors I get (for instance: I get the the events saying that the server is configured for MA, but the clients are not...if I look in the GUI the MA is disabled; I have also went to some of these agents and manually changed the agents to not use MA.  I can restart the MOM service on the servers then it will start giving the oposite errors saying that the server is not configured for MA but the clients are...)

    --Please Help Me....I think I have to call MS.

    Tuesday, June 5, 2007 10:57 PM