Q/A from August 21st webcast - Planning and Deploying Microsoft Operations Manager (MOM) 2005

  • Article

Question1: Does SQL have to be on the same server as MOM, or can it run from a DB on another server?

 

Answer1: No, SQL can be on another server.

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Question2: If you install an evaluation version and then you purchase a license how do you convert the installation without having to start over?

 

Answer2:  Unfortunately I think you have to start over.

 

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Question3: Is SQL2005 supported?

 

Answer3:  Yes, they do work together now, you need to install MOM2005 SP1 and some hotfixes. https://support.microsoft.com/?id=917615

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Question4: When do you expect System Center Operations Manager 2007 to be

available?

 

Answer4:  Not sure of release date but the betas are available now: https://www.microsoft.com/mom/evaluation/beta/opsmgroverview.mspx

https://www.microsoft.com/smserver/evaluation/2003/smsv4.mspx

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Question5: If you have policies turn on to require password resets every 42 days do you need to do anything for the Mom accounts other than check the password never expires option?

 

Answer5:  Either that or use the SetActionAccount.exe command-line tool or Update Agent Settings to update expired passwords.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Question6

: Can the Management server and consoles be clustered?

 

Answered6: No, redundancy is done through multiple consoles, or multiple servers in the management group that the agents failover to, per the description in the session.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Question7

: Does the Mom license allow an unlimited number of machines to be monitored? If not is there a section in the console that shows number of monitored machines vs number of licenses and does it stop autodiscovering when the license number has been reached?

 

Answer7: Licensing in MOM 2005 is straight forward, a server license for each MOM server and a OML for each managed client.  Check couple of entries back in my blog https://blogs.technet.com/johnbaker/archive/2006/08/21/448295.aspx

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Question8: Do the agents communicate over specific ports so that

firewall rules can be used?

 

Answer8: You can have managed computers beyond a firewall from the Management Server but you open have to open TCP/UDP port 1270 and configure rules in the firewall to only allow the machine with the agent through the firewall.  It must be noted that you must manually install and update these agents.

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Question9: Can I put the management server outside the firewall?

 

Answer9:  Yes, but not recommended… check https://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndcom/html/msdn_dcomfirewall.asp

 

++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Question10: Why does the MOM DAS account need local admin on the database server? Can the admin privilege be removed after installation?

 

Answer10:  Looks like I misspoke and this is only the case AFTER an upgrade from MOM 200 SP1.  Check here for more info: https://www.microsoft.com/technet/prodtechnol/mom/mom2005/Library/44958f90-1b2e-4ef1-aa6d-6e1d56bfd050.mspx?mfr=true

 

Excerpt from the above link….

 

“DAS and Local Administrator Are Members of All MOM Groups After Upgrade

The DAS account and the local administrator account memberships are also copied over from their MOM 2000 SP1 equivalents. This means the DAS account and the local administrator are a member of the new MOM 2005 security groups (e.g. MOM Administrator, MOM System, MOM Author, MOM User). Because MOM 2005 only requires the DAS account to be a member of the MOM Users group, you can remove the DAS account from the other groups, and the local administrator account from all of the groups (unless you require it to be there).”

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Question11: Can the management server that not the domain?

Answer11: Yes, it can manage a server in another domain assuming there’s a

two-way trust...if the machine is in a workgroup or standalone then you would provide credentials when you install the agent.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Question12

: If you are monitoring a small number of servers on the same

network that has ISA 2004 installed on one of the servers do you have to add any

rules to ISA or is it only required if multiple networks are involved?

 

Answer12: If they’re on the same network then the agents and the management

server can communicate without going thru ISA, so you don’t need any special

rules. If they are on multiple networks then you would need to make rules that allow the agent/management server traffic, again check this link for info https://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndcom/html/msdn_dcomfirewall.asp