SCOM AD Integration

For manual installation of agents SCOM has a way to utilize AD DS to assign agent-managed computers to Management Groups.

First Step in achieving this is by running Disk:\SupportTools\CPUArch\MomADAdmin.exe using domain admin account

For my setup I ran MomADAdmin with the following parameters

MomADAdmin.exe MgmtGrp Mulpuru\OpsMgrAdmin SCOM01 MULPURU

MgmtGrp is the ManagementGroup name choosen @ SCOM Installation
OpsMgrAdmin is MOMAdminSecurityGroup
SCOM01 is RootManagementServer(RMS)
MULPURU is the Domain Name

What did MomAdAdmin.exe do?

The following

  • Creates OperationsManager OU object under Domain Root, MgmtGrp OU, HealthServiceSCP OU and MgmtGrp_HSvcSCP_SG Global Group
  • The AD DS security group (OpsMgrAdmin) provided in the command line is granted read and delete child permissions to the container. this way, OpsMgr admins are given the permission necessary to add Management Servers to the container and assign computers to them, without needing to be domain administrators.

Second Step is to run Operations Manager 2007 Agent Assignment and Failover Wizard using the OpsMgrAdmin member to populate values in AD for clients to find the Root Management Server

The above steps will make the management server to publish it’s information to AD on next polling cycle; by default hourly. I forced RMS to publish sooner by restarting the server (can be done by restarting the Health Service as well).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s