OpsMgr 2012: Configure notifications

Setting up notifications for email, IM, or command channels is almost identical to how this was configured in OpsMgr 2007 R2.  This article will just serve as a walk through to the process, such as immediately after deploying OpsMgr 2012.  The key difference here is that Notifications are now managed by a Resource Pool, instead of just depending on the RMS.


Notifications in OpsMgr are made of of three primary components – the Channel, Subscriber, and the Subscription.  The Channel is the mechanism that we want to notify by, such as Email.  The subscriber is the person or distribution list we want to send to, and the subscription is a definition of criteria around what should be sent.


The SMTP Channel:


We will first need to create the channel:  Under Administration pane > Notifications > Channels.  Right click and choose New channel > Email (SMTP)



Give your channel a name.  We might have multiple email channels.  Once for emails to our primary work mailboxes.  Maybe another with different formatting for sending email to cell phones and pager devices.  Lets just call this one our “Default SMTP Channel”



Click Add, and type in the FQDN of your SMTP server(s).  This can be an actual SMTP enabled mail server, or a load balanced virtual name.

I am going to select “Windows Integrated” for my Authentication mechanism, since my mail server does not allow Anonymous connections.



For the Return Address – I have created an actual mail enabled user to send Email notifications through SCOM.  This might not be a requirement to be a real mail address – mostly that depends on your mail server security policies.



Next up is the email format.  We can customize this with very specific information that is relevant to how we want emails to look from SCOM.  I will just accept the defaults for now.  I can always come back and customize this one, or create additional channels with different formats later.



The Subscriber:

Next up – creating the subscriber.  Right Click “Subscribers” and choose “New Subscriber”

This will default to show your domain account.  You can change this to whatever you like:


Next – we need to choose when Kevin wants to receive email notifications.  This is especially important for things like on call pager devices, or when people work shifts and only want to see emails during certain times.

Next – we need to add an email address to the subscriber.  I will add my default work email:


Then select the Channel type, and the email address:



Additionally – you can configure a specific schedule for this specific address.  The previous schedule was for the subscriber itself, but a subscriber can have multiple addresses with different schedules if needed.  I will keep things simple and choose “Always send”.   Click Finish a couple times and your subscriber is set up.


The Subscription:


Now we create a new subscription – Right Click “Subscriptions” and choose New Subscription.

Give your subscription a descriptive name that describes what it is and who it is to.  Like – “Messaging team – all critical email alerts”  Here is mine:



On the criteria screen – we have some very granular capabilities to scope this subscription.  My goal for this simple one is just to send me any new critical alert that comes into my environment:




Next we add the subscribers to the subscription:




We also need to choose which Channel we want to use for this subscription:




On this same screen – there is an option for delay aging:



What that does – is allow for you to have multiple alert subscriptions – and using delay – create an escalation path if an alert is not modified in a way that takes it out of the notification path for these subscriptions.

Click “Finish” and we are all set.  Behind the scenes – what happened is that all this information was actually written to a special management pack – the Microsoft.SystemCenter.Notifications.Internal MP.

Let’s test our work.


I have a test rule that generates a critical alert whenever a specific event is written to the event log.  Since I subscribed to all critical alerts – this should trigger my subscription and deliver an email:


It worked!




Advanced configuration – setting up a Run As Account to authenticate to the SMTP server:


Note – there is a Run-As Profile that ships with SCOM called the “Notification Account”.  If this is not configured, SCOM will try to authenticate to the Exchange server using the Management Server Action Account.  If this is not allowed to authenticate, you might need to configure this Run-As profile with a Run As Account.

For instance – I disabled the ability for mail relay on my Exchange server.  When I do this – only mail enabled Exchange servers can connect to it.  Subsequent notifications fail to go through – and I will see two possible alerts in the console:

Failed to send notification

Notification subsystem failed to send notification over ‘Smtp’ protocol to ‘kevinhol@opsmgr.net’. Rule id: Subscription02e8b6be_528d_407c_8edf_5f29dddaae6b

Failed to send notification using server/device

Notification subsystem failed to send notification using device/server ‘ex10mb1.opsmgr.net’ over ‘Smtp’ protocol to ‘kevinhol@opsmgr.net’. Microsoft.EnterpriseManagement.HealthService.Modules.Notification.SmtpNotificationException: Mailbox unavailable. The server response was: 5.7.1 Client does not have permissions to send as this sender. Smtp status code ‘MailboxUnavailable’. Rule id: Subscription02e8b6be_528d_407c_8edf_5f29dddaae6b

In this case – I must configure the Run-As account with a credential that is able to authenticate properly with my Mail Server.  I already have a user account and mailbox set up:  OPSMGR\scomnotify

Under Administration > Run As Configuration > Accounts – create a Run As Account.

The account type will be “Windows” and give it a name that makes sense:


Input the user account credentials:


Choose “More Secure” and click Next, then Close.


So – we have created our Run As Account – next we need to choose where to distribute it.  Account credential distribution is part of the “More Secure” option – we need to choose which Health Services will be allowed to use this credential.  In this case – we want to distribute the account to the management server pool in SCOM 2012 that handles notifications.

Open the properties of our newly created action account, and select the Distribution tab:



Click “Add”, and in the Option field – change it to “Search by Resource Pool Name” and click Search:



Choose the Notifications Resource Pool, click Add, and OK:




Now we have created our Run As Account for notifications, and then distributed it to the Notifications Resource Pool (which contains all management servers dynamically)

Next – we need to configure the Run As Profile – which will associate this account credential with the actual Notification workflows.

Under Administration > Run As Configuration > Profiles, find the “Notification Account” profile.  Open the properties of this Profile.

Under Run As Accounts – click Add:



Select our Notification Run As Account, and click OK


Then Save it.  This will update the Microsoft.SystemCenter.SecureReferenceOverride MP with these credentials and configurations for notification workflows.

From this point forward – Whichever Management server in the Notifications Resource Pool that is currently responsible for handling notifications, will spawn a MonitoringHost.exe process under our credential that we configured:



This credential will be used to authenticate to the Exchange server to send SMTP notifications.  Now my email notifications are flowing smoothly once again!  If the current management server goes down, another management server in the Notifications Resource Pool will pick up this responsibility and spawn the process, and continue sending notifications. 


High availability out of the box.  One of the benefits of the improved SCOM 2012 architecture improvements.

Comments (44)

  1. Kevin Holman says:

    @Andy – My understanding is that the connector framework has not changed so your custom connectorsa should just work.  You should test, however, to ensure that there is no back compat issue with your SDK commands custom to your connector.

  2. David Flores Zafra says:

    Saludos, Kevin Holman

    He realizado todos los pasos que indicas en tu tutorial y me sigue saliendo este error.

    Notification subsystem failed to send notification using device/server ‘outlook.latam.telefonica.corp’ over ‘Smtp’ protocol to ‘consolasccm.fija.pe@telefonica.com’. Microsoft.EnterpriseManagement.HealthService.Modules.Notification.SmtpNotificationException: Failure sending mail. –> Unable to connect to the remote server –> No connection could be made because the target machine actively refused it Smtp status code ‘GeneralFailure’. Rule id: Subscription6cd8df94_a9c8_4721_9f13_ee48c23ae340

    Otro error que muestra también es:

    Notification subsystem failed to send notification over ‘Smtp’ protocol to ‘consolasccm.fija.pe@telefonica.com’. Rule id: Subscription6cd8df94_a9c8_4721_9f13_ee48c23ae340

    Le solicito si me puede apoyar a resolver este caso, para ello brindo los siguientes datos que he realizado,

    Al utilizar el comando PING al “outlook.latam.telefonica.corp” me muestra que no hay respuesta o tiempo de espera agotado para esta solicitud.

    Agradecere a interpretar es error que me muestra esos dos mensajes y así poder buscar una solución, cuyo objetivo es que me permita enviar notificaciones de alertas a mi Correo.


    1. Joel M. says:

      Hi, @David Flores Zafra encontraste la solucion? Podrias ayudarme porfavor? Tengo el mismo error pero con el servidor GMAIL. Gracias, espero tu respuesta porfavor.

  3. Kevin Holman says:

    @Samir – I cannot say – it depends on how your SMTP server is configured.  Best to get with your Exchange admins.

  4. También utilice : http://sourceforge.net/projects/smtpclient/files/ y desde este equipo recibo mail sin problemas son de la herramienta de notificación de SCOM 2012 – Responder : jecavallin@hotmail.com

  5. Also use: http://sourceforge.net/projects/smtpclient/files/ and receive mail from this computer without problems are the notification tool SCOM 2012

  6. Kevin Holman says:

    @DH –

    The notification account is only used on a single management server that is part of the notifications resource pool… whichever MS happens to own the notification role.  It is the only management server that connect to exchange.  You do not distribute the notification account to gateways… their alerts flow into a management server queue, then they are inserted into the database, then a notification workflow runs on a set frequency and looks for alerts matching notification criteria, and sends notifications.  If there is something different or unique about alerts coming from agents behind gateways – that is based on the configuration of those servers.

  7. Hi Kevin, I tell him that I have a setup like this on the way to spend it publishes. Retail Version 2012 Version 7.0.8560.0.
    The mail server is Lotus Notes. Perform all the checks are correct, for example Talnet port 25.
    But do not send emails. I can tell you can configure a cone event generation? thank you very much

  8. Kevin Holman says:

    @DC – I haven’t – I just cant always answer all the blog questions in a timely manner. These are busy days for a PFE in the field! Blog comments are not just for the blog owner to answer questions – this is for the community to answer questions as well.

    @Timothy – no – there is no audit log. There are many blog posts about this topic with some ideas, like using command channel notification to create a log, or sending a copy of all notifications to a test mailbox for inspection. The logging would be at the
    SMTP layer.

  9. Anonymous says:

    How to configure smtp.gmail.com for outbound alerts/notifications in SCOM 2012?

  10. Anonymous says:

    Hi Kevin!

    I have been following your blogs and they are simply excellent!! 🙂

    One of the issues w.r.t notifications I found was- I have 2 SCOM 2012 environments (PROD- with UR2 and DEV-RTM and  both notifications setups are exact replica) I am getting alerts for DEV and not for PROD. All my mail server settings are fine. Do you think this could be an issue with UR2?

    Thanks and regards,


    System Center Consultant

  11. Anonymous says:

    Hi Kevin

    My customer has configured the Authentication method for SMTP as Anonymous in Channel.

    Also not created Domain User account, Run As Account & Run As Profile.

    The current configuration is without Run As Account & Run As Profile & running fine, received notification mails.

    It means if Authentication method for SMTP is Anonymous then in that case no need to have Domain User account & no need to create Run As Account & then Run As Profile.

    The Run As Account & Run As Profile need to create when selected Windows Integrated as Authentication method.

    kindly reply



  12. Kevin Holman says:

    @Rick – same as in SCOM 2007 – use groups, different subscriptions, different criteria, different subscribers, different schedules.

  13. Anonymous says:


    Can someone advise on how to stop the email notifications at every polling interval?

    I have configured a disk utilization alert and specified the interval frequency as 5 minutes.

    I am receiving email notifcations at every polling interval and this is causing too many mail triggers.

    Please advise!




  14. andyinsdca says:

    Do internal connectors still run the same? What system actually runs the bits for an internal connector?

  15. Rick says:

    Kevin, thanks for the info, how would one set up multi-level notifications??  I need my notifications to alert at different times based off different info..

  16. klauss says:

    How to configure smtp.gmail.com for outbound alerts/notifications in SCOM 2012?

  17. Ismail says:

    Hi Kevin,

    We are trying to setup notifications for a client, we are running though issues. The client is using the below.

    SMTP:  externally hosted exchange

    User name and password- need to be authenticated using SSL

    Now when we configure the Alerts, the notification fail due to TLS not authenticating. I followed the steps you mentioned above. It does not seem to work. Can you please let me know to get around this.



  18. Ismail says:

    Sorry forgot to mention, the Port bieng used is a custom port number. Not the regular SMTP.

    Authentication: SSL


    Exchange- Externally hosted.

  19. SAMIR FARHAT says:

    Excellent post Kevin, you give excellent blogs.

    I want to use a notification account that doesn't have a mailbox (Exchange 2010).

    What are the minimal rights (where to find them) to allow the account to connect to the SMTP Exchange Server.


    Samir FARHAT, Infrastructure Consultant

  20. sugu says:

    Can i send the output of the command as a notifications  via email in SCOM?

    e.e gpresult in command line

  21. Warren says:

    Is there anything different that needs to be done to get SMS notifications via a modem working with OM2012? After we upgraded our sms's stopped sending.

  22. davide says:

    Hi Kevin I'm configuring the notification for SCOM 2012 Sp1. The scenario is: a command channel and an SMTP channel… I also have configurated the Subscribers and the subscription one for command and one for SMTP. Where's the problem now? If I enable all the subscription everything work but if i set on my command subscription to use command and smtp channel, mail stop to arrive to my mailbox when new alert is generated. Do U know if is there some problem about this?



  23. Gareth Davies says:

    Hi Kevin,

    I am looking to implement a tiered notification, with escalation..so for example..

    Initial alert hits Email Group

    Unresolved after 30 mins text sent to on call engineer

    Unresolved after a further 60 mins all engineers receive text

    Is this possible to configure in scom 2012 sp1?



  24. Shahin Choudhury says:

    Hi Kevin,

    A thing about the Notification Channel format. Printing Priority and Severity does not necessarily translate into the user friendly string format. I expected like 'Low' or 'High'  to be printed for Priority or severity being 'Warning' or 'Error'. Instead when I add the following text into my channel format for Severity: $Data[Default='Not Present']/Context/DataItem/Severity$, I get 2 for error, 1 for Warning and 0 for Information. Same issue with Priority as well.

    I want to know if this is by design or can we somehow translate the numbers into user friendly string format. It helps for our support engineers to prioritize their work.

    Thank you,


  25. DH says:

    Hi Kevin, great post as always, I do have a question though and it is probably a stupid one. We have everything set up and working for notifications internally and we have 2 remote domains that send notifications in via Gateway servers. The internal notifications are fine but the external ones have the date set in American format. I did some reading and it was suggested that I should log on to the management server using the notification account but this would seem silly since the internal ones work fine.

    The question is, do I have to set up a new notification account from each of the external domains and add them as a user in Exchange or can I use the internal notification account and distribute the credentials to the external Gateway servers? I'm just a bit unclear on the authentication across external domains.

  26. JStar73 says:

    Are there some restrictions who can or cannot view the hyperlinks with in the emails?

    How are these configured, I have setup the Read-Only Operators, within the User Roles, however my users are still getting 403 errors?  My SCOM Admins open up the links without any problems at all.


  27. Miguel Mota says:

    Hello Kevin,

    I'm trying to configure the notifications alerts from SCOM 2012, but i keep getting the error "Client not authenticated".

    I'm not using Exchange, i'm using an third part software smtp server just to relay to Office365 smtp server. I've configured everything right (RunAsAccount, RunAsProfile, Channels, Subscribers and Subscriptions).

    Could you please help me on this one?

  28. gowdhaman says:

    Kevin, I wonder why there is no option to subscribe for alerts associated with particular agent (path). Instead we need to create a group for bunch of objects for which we need subscriptions. This ends up in multiple group creation for multiple customers and finally a big mess. I'm currently using a powershell to notify based on path parameter but I like to have it as inbuilt feature. Please let me know if it makes sense…

  29. Anonymous says:

    Pingback from SCOM QUICK Install | config.re

  30. Bettra says:

    Hi Kevin.

    I want to send notifications using SCOM 365 office, configure the relay and configure notifications following your blog, but notifications do not work.

    The error is: Notification subsystem failed to send notification over ‘Smtp’ protocol to ‘user@domain.com’

    Notification subsystem failed to send notification using device / server ‘smtp.office365.com’ over ‘Smtp’ protocol to ‘user@domain.com’.

    help me!
    Thank you

  31. Anonymous says:

    С принятием Федерального закона Российской Федерации от 21.07.2014г. № 248-ФЗ «Об исчислении времени»

  32. Anonymous says:

    С принятием Федерального закона Российской Федерации от 21.07.2014г. № 248-ФЗ «Об исчислении времени»

  33. Hi Kevin,
    I have a subscriber to receive alerts between specified time (schedule time) for some particular services if they are stopped. I am wondering if other services also get this setting, that if other services stop, then alerts for these other services alert only
    during the schedule time and no alerts during unschedule time, which I do not want, the other services should be alerted all time, except the ones which are configured during schedule period


  34. Anonymous says:

    Обновление от 09.10.2014: В данную статью внесены дополнения, в связи с выпуском пакета обновлений KB2998527

  35. Timothy Francis says:

    Is there an audit log for notifications in SCOM 2012? I am constantly hounded by users saying "I didn’t get my email on the alert". In SCOM 2007 R2 I included myself on every email for this very reason. Very inefficient. Are there any improvements to report?

  36. DC says:

    I’m thinking Kev’s moved on….

  37. Delay Notifications says:

    If I understand it right , using a Subscriber Schedule (or extra Schedule on used channel for a subscriber) the mail/SMS will only be sent when the event condition occurs within that time frame. How to make sure that an event that occurs earlier but the
    error-condition still exists at the start of aschedule window will be sent ?
    Or in short : how to masks events but to reports all open events to time-frame 5am-11pm e.g ?

  38. Noah says:

    Excellent walkthrough of the topic, thanks. I was looking for a way to send SMS texts and voice calls from SCOM alerts and ended up creating a PowerShell script to do this. If anyone is looking for something similar, it’s available for download with docs
    and videos here:

  39. Kyle says:

    Anyone else having trouble setting this up for office365 SMTP Servers?

  40. Amar says:

    Hi Kevin,

    We have a SCOM 2012 SP1 environment. We have 6 management servers and all of them are in the notification resource pool as the membership is still set to automatic. One day the email notifications stopped working and they started working after i flushed the
    health service state on the RMS emulator. All other servers in the pool were healthy, except for the RMS emulator which was greyed out.

    Why would the notification stop working if only the RMS emulator was greyed out. Notifications should have continued to work, because other servers in the pool were healthy. Is there still some kind of dependency on the RMS emulator ?

  41. Joachim Luengas says:

    Please, somebody: How to configure smtp.gmail.com for outbound alerts/notifications in SCOM 2012?

  42. Ron says:

    How to create a notification when my server is now up.

  43. Surya says:

    Hi Kevin,
    How can we send email to multiple address in ‘To’ in the email. We added different addresses in Subscribers but it still sends as different emails like To:’someteam@some.com’ and another email as To:’anotherteam@another.com’. I want it as To:’someteam@some.com;anotherteam@another.com’