Starting to look at Microsoft Operations Manager

Earlier this year, I was given a boxed copy of Microsoft Operations Manager 2005 Workgroup Edition at a Microsoft event. This was not an evaluation copy but a fully operational boxed copy (I guess the thinking at Microsoft was that once I’m hooked with a maximum of 10 devices to manage, then I’ll go out and buy a grown-up version). It’s been sitting there waiting for me to install it for some time now, and yesterday I finally got around to doing it.

Installation was straightforward enough as the setup program has a pre-requisites checker and once I’d upgraded Windows Server 2003 to an application server (including ASP.NET), installed an instance of the Microsoft SQL Server 2000 Desktop Engine (MSDE) with SP3A, then set the startup type for the Background Intelligent Transfer Service, MSSQL$MSDEinstancename and SQLAgent$MSDEinstancename services to automatic (and started them) it was just a case of following the setup wizard (creating a domain user account to act as the MOM management server action account, although I later relaxed the security and made this a domain administrator as I didn’t have a suitable method of adding the account to the local administrators group on each client).

After I installed MOM, I needed to set up my clients. Setting up a computer discovery rule was easy enough, as was installing agents remotely on my Windows Server 2003 SP1 computers (they still have the Windows Firewall disabled – something which I aim to resolve soon), but the Windows XP SP2 computers just would not play. Every time I ran the Install Agent Wizard, I got the same result:

The MOM Server failed to perform specified operation on computer “computername.domainname“.

Error code: -2147023174
Error description: the RPC server is unavailable.

Microsoft knowledge base article 885726 gave some insight (along with articles 904866, 832017, and 842242) but even though this was on my home network, I wanted to apply enterprise principles – i.e. I didn’t want to disable the Windows Firewall or install agents manually.

I spent hours (well into the night) applying different firewall exceptions via group policy, and even disabling the Windows Firewall completely (disabling and stopping the service) but remote installation just wasn’t working.

Strangely (before I disabled the Windows Firewall), the MOM server was trying to contact my client on TCP port 139 (2005-10-27 00:33:38 OPEN-INBOUND TCP momserveripaddress clientipaddress 1744 139 – – – – – – – – –) so I even installed File and Printer Sharing for Microsoft Networks but all to no avail.

I tried installing MOM service pack 1, but that made no difference (except that I had to approve agent upgrades for my existing MOM clients, taking them from version 5.0.2749.0 to version 5.0.2911.0).

Eventually, I gave up and installed the agent manually, following the instructions in the troubleshooting section of the MOM SP1 installation guide but I find it difficult to believe that it is not possible to do this remotely, provided the correct firewall exceptions are in place. If anybody has any ideas (remember it didn’t even work with the firewall disabled!) then I’d be pleased to hear them.

Leave a Reply