MOM 2005 Service Pack 1 support on Windows Server 2008-based computers

The support of MOM 2005 Service Pack 1 on Windows Server 2008-based computers is announced. The KB article publication was a little delayed in it's release (out of my control - sorry). The KB article discussing MOM 2005 SP1 Win2k8 support is released under 953140

 

Details:

MOM 2005 Roles Supported

The only MOM 2005 SP1 role supported on Window Server 2008 is the 32-bit Agent role.

Windows Server 2008 Roles Supported (Details to be published to the TechNet supported configurations for MOM 2005 SP1)

 

Operating System Agent-Managed computer (32-bit) Agent-Managed computer (64-bit) Agentless Managed Computer

Windows Server 2008, Standard x86 Edition

Yes No Yes

Windows Server 2008, Standard x64 Edition

Yes No Yes

Windows Server 2008, Enterprise x86 Edition

Yes No Yes

Windows Server 2008, Enterprise x64 Edition

Yes No Yes

Windows Server 2008, Datacenter x86 Edition

Yes No Yes

Windows Server 2008, Datacenter x64 Edition

Yes No Yes

Windows Server 2008, Standard x86 Edition, Core role installed

Yes No Yes

Windows Server 2008, Standard x64 Edition, Core role installed

Yes No Yes

Windows Server 2008, Enterprise x86 Edition, Core role installed

Yes No Yes

Windows Server 2008, Enterprise x64 Edition, Core role installed

Yes No Yes

Windows Server 2008, Datacenter x86 Edition, Core role installed

Yes No Yes

Windows Server 2008, Datacenter x64 Edition, Core role installed

Yes No Yes

Yes = Supported operating system. Setup does not prevent installation.

No = Setup prevents installation or upgrade.

 

Hotfixes that may be required

There is one potential hotfix required if deploying an agent to a Windows Server 2008-based domain controller computer. Details can be found within https://support.microsoft.com/kb/919154 (The MOM service does not start and event 9014 is logged when you deploy a Microsoft Operations Manager 2005 agent to a domain controller that is running Windows Server 2008)

 

Known Issues

Issue 1: Event log Descriptions for collected Windows Server 2008 Security event logs (Source=Microsoft-Windows-Security-Auditing) for rules utilizing the Security event log provider return “Unable to find Security source Microsoft-Windows-Security-Auditing message [nnnn]” in the description.

Workaround 1: None. Event log Descriptions and any collected parameters are otherwise unaffected. Rules using the Security event log provider which may specifically use the ‘From Source’ with parameter Security criterion may need to be duplicated for Windows Server 2008-based computers or have the ‘From Source’ criterion removed to allow successful collection of security events.

Issue 2: A low privilege agent action account is unable to monitor Windows Server 2008-based event logs.

Workaround 2: In addition to the requirement specified for a low privilege action account discussed in the MOM 2005 Security Guide whitepaper, the following additional requirements must be met:

· The low privilege action account also needs to be a member of the ‘Event Log Readers’ local group on Windows Server 2008.

· The Network Service built-in account requires explicit Read privileges on the following registry key of Windows Server 2008-based computers running the MOM agent

o HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\EventLog\Security

Issue 3: Internet Information Server (IIS) log collection does not work on Windows Server 2008-based servers running IIS using the Internet Information server Web server log MOM provider.

Workaround 3: None. W3C logs within IIS7 are in UNICODE format by default and log names preceded with u_ which the MOM Web server log provider is unable to read.