Deploying Stand-Alone Management Servers on Windows Server 2008

Applies To: Operations Manager 2007 R2, Operations Manager 2007 SP1

To allow agents to have fail-over targets and to further distribute the Operations Manager 2007 Server components, you must install additional management servers in the management group. After they are installed, you can use the Agent Assignment and Failover Wizard to indicate which management servers are available for failover, and you can install the ACS Collector server and Web console components.

In this scenario, two additional secondary stand-alone management servers are installed.

Before You Start

To prepare servers for management server components

  1. Make sure that all servers that will be used as management servers are in Forests that share a Kerberos trust with the Forest that the root management server (RMS) is in.

  2. Use the Manage Your Server tool to add the Application Server role to the server or manually install IIS. Install the .NET Framework version 2.0, .NET Framework version 3.0 components, MSXML 6.0. If you are going to install the Web console component on Windows Server 2008, you must enable IIS 6.0 backwards compatibility mode and ensure that IIS7 is configured to use Windows Authentication. Install Windows PowerShell if you want to install the Operations Manager Command Shell component.

  3. Add the Operations Manager Administrators Domain group to the Local Administrators group, add the domain-based msaa to the Local Administrators group, and add the SDK and Config Service account to the Local Administrators group.

  4. Complete the RMS cluster setup and verify the health of the RMS before you start installing any stand-alone secondary management servers.

To check for management server prerequisites by using Prerequisite Viewer

  1. Log on to the target server with the Operations Manager administrator account credentials.

  2. From your Operations Manager 2007 installation media, double-click SetupOM.exe to start the System Center Operations Manager 2007 R2 Setup on the Start page.

  3. Under the Prepare heading, click Check Prerequisites to start the Prerequisite Viewer.

  4. In the Components box, select the Server, Console, and PowerShell components.

    Note

    When the Server, Console, and PowerShell components are selected, the Prerequisite Viewer checks for presence of 2048-MB physical memory, Windows Server 2003 SP1, MDAC Version 2.80.1022 or later, .NET Framework 2.0, .NET Framework 3.0 components, WSMAN v 1.1, and Windows PowerShell.

    Note

    The results are displayed at the bottom of the Prerequisite Viewer. If there are any deficiencies, they are marked either as Warning or as Failed. Warnings can be ignored at the risk of degraded performance or other issues; Failed prerequisites must be fixed before the installation can proceed. You can close the Prerequisite Viewer, fix the items and then rerun the Prerequisite Viewer checks as many times as it is necessary, until a status of Passed is achieved on all items.

  5. When you are done with the Prerequisite Viewer, click Close.

Installing a Stand-Alone Management Server

In this procedure, you install a secondary management server in the management group on a stand-alone server.

To install a stand-alone management server

  1. On the server that you are going to install Operations Manager on, log on with the Operations Manager administrator account.

  2. On your installation media, start SetupOM.exe. This starts the System Center Operations Manager 2007 R2 Setup Wizard on the Start page.

  3. In the Install area, click Install Operations Manager 2007 R2 to start the Operations Manager 2007 R2 Setup Wizard.

  4. On the Setup Wizard Welcome page, click Next.

  5. On the End User License Agreement page, select the I accept the terms in the license agreement option, and then click Next.

  6. On the Product Registration page, enter the appropriate values in the User Name and Organization fields. Enter your 25-digit CD Key, and then click Next.

  7. On the Custom Setup page, ensure that the Management Server, User Interfaces and Command Shell components are set to This component, and all dependent components, will be installed on the local disk drive. Set the Database and Web Console options to This component will not be available. To change the installation directory, click Browse, enter the appropriate path and folder name, and then click Next.

  8. On the SQL Server Database Instance page, enter the name of the clustered SQL Server instance in the SC database Server field. This is the value that is in the Network Name field of the SQL Server Name Cluster Resource. In the SQL Database Name field, ensure that OperationsManager is listed, or change it if you changed the name of the database when you installed the Operations Manager database component. In the SQL Server Port field, accept the default of 1433 unless you have configured SQL Server to use a different port for communications. If you have done so, enter the appropriate port number.

  9. Click Next.

  10. On the Management Server Action Account page, accept the default Domain or Local Computer Account option, enter the credentials of the msaa, and then click Next.

    Note

    By using a domain-based account, it will be much easier to perform discovery and push agent installation later on than if you chose the Local System account. For more information about agent installation, see Agent and Agentless Monitoring.

  11. On the SDK and Config Service Account page, select the Domain or Local Account option, enter the credentials for the data access and configuration service account, and then click Next.

    Note

    It is necessary to use a domain-based account because you are distributing the Operations Manager server components across multiple servers.

    Note

    If you receive an Account Verification Error when you click Next, it is most likely that you mistyped the credentials or the data access and configuration service account was not added to the Local Administrators group.

  12. On the Customer Experience Improvement Program page, indicate whether you want to join this program, and then click Next.

  13. On the Microsoft Update page, optionally indicate whether you want to use the Microsoft Update services to check for updates, and then click Next.

  14. On the Ready to Install the Program page, click Install when you are ready for the installation to proceed.

  15. On the Completing the System Center Operations Manager 2007 R2 Setup Wizard page, accept the default option to Start the Console, and then click Finish.

    Note

    If Setup fails, it provides you with a value to search on and a link to open the setup log.

  16. In the Operations Console, in the Monitoring view, expand the Operations Manager folder, expand the Management Server folder, and select the management server state object, and then confirm that the newly added management server is present and in a Healthy state.

    Note

    It may take up to five minutes for the System Center Management Service on the new management server to establish secure communications with the clustered RMS, and during that time it appears as not monitored. When communications are established, its Health state changes to Healthy.

    Note

    If you uninstall Server Components of Operations Manager 2007, the Operations Manager event log remains following the uninstall, by design. This also causes the Operations Manager installation folder to remain (default: %ProgramFiles%\Microsoft System Center Operations Manager 2007).

Troubleshooting Tips

If the secondary management server cannot establish a secure communications channel with the RMS, it is because Kerberos authentication is failing. You will see these three events in the Operations Manager Event Viewer event log. If this occurs, rerun the SetSPN tool, paying special attention to the syntax, on the cluster node that owns the RMS cluster resources. Take the RMS cluster group offline, open Computer Management on the owning node, and then expand the Services and Applications, Services node. Restart the System Center Management Service, and then bring the RMS cluster group back online. It might also be necessary to restart the System Center Management on the stand-alone management server. After five to ten minutes, the secure channel is established and communication starts.

Event Type: Error

Event Source: OpsMgr Connector

Event Category: None

Event ID: 20057

Date: 3/2/2007

Time: 7:55:58 PM

User: N/A

Computer: <ManagementServerName>

Description:

Failed to initialize security context for target MSOMHSvc/<clusteredRMSName.Contoso.com>. The error returned is 0x80090303 (the specified target is unknown or unreachable). This error can apply to either the Kerberos or the SChannel package.

Event Type: Error

Event Source: OpsMgr Connector

Event Category: None

Event ID: 21001

Date: 3/2/2007

Time: 7:55:58 PM

User: N/A

Computer: <ManagementServerName>

Description:

The OpsMgr Connector could not connect to MSOMHSvc/<clusteredRMSName.Contoso.com> because mutual authentication failed. Verify that the SPN is properly registered on the server and that, if the server is in a separate domain, there is a full-trust relationship between the two domains.

Event Type: Error

Event Source: OpsMgr Connector

Event Category: None

Event ID: 21016

Date: 3/2/2007

Time: 7:56:04 PM

User: N/A

Computer: <ManagementServerName>

Description:

OpsMgr was unable to set up a communications channel to <clusteredRMSName.Contoso.com> and there are no failover hosts. Communication will resume when <clusteredRMSName.Contoso.com> is available and allows communication from this computer.