The Microsoft Operations Manager (MOM) 2005 agent does not download any rules or send any information back to the MOM 2005 Management Server (904738)


The information in this article applies to:

  • Microsoft Operations Manager 2005

SYMPTOMS

After you manually install a Microsoft Operations Manager (MOM) 2005 agent, the MOM 2005 agent does not download any rules or send any information back to the MOM 2005 management server. Additionally, you receive either of the following two error messages in the MOM 2005 Operator Console:
A Manually installed agent connection has been refused
Agent Install Failure - Upgrade Failed
This symptom occurs if the following conditions are true:
  • The Mutual authentication required setting or the Reject new manual agent installations setting is enabled.
  • The MOM 2005 agents and MOM 2005 Management Server authenticate one another by using the Kerberos protocol.
  • The MOM 2005 agents are outside a firewall or are in an un-trusted domain.

RESOLUTION

To resolve this problem, follow these steps:
  1. Start the MOM 2005 Administrators Console.
  2. Expand Microsoft Operations Manager (MOMServerName), expand Administration, and then click Global Settings.
  3. Double-click Security.
  4. On the Security tab, click to clear the Mutual authentication required check box, and then click OK.
  5. Double-click Management Servers.
  6. Click the Agent Install tab, click to clear the Reject new manual agent installations check box, and then click OK.

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

Mutual authentication prevents a malicious attacker from posing as a MOM 2005 Management Server or a MOM 2005 agent and then initiating communications or performing actions. Mutual authentication requires that the MOM 2005 Management Server and the MOM 2005 agent authenticate each other by using the Kerberos protocol before the communication. By default, the Mutual authentication required setting is enabled if you are using Active Directory on the network.
Modification Type:MajorLast Reviewed:8/2/2005
Keywords:kberrmsg kbtshoot kbprb KB904738 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.