Full of I.T.

Kevin Remde's IT Pro WebLog

MOM 2005, Active Directory Management Pack Question

Lacking any photos of MOM 2005, I have instead included this old photo of “MOM 1963”.

MOM 1963

(Yes, that’s really my lovely mother holding sleepy little me.)

“Cute, Kevin.  But what was the question?”

Oh yeah.. I received this question in email from Jim:

Hey Kevin,

I was watching your webcast on the MOM/ADMP and wanted to ask you a question. 
A) While deploying ADMP there is a requirement for Agent action account to be a member of “Domain Admins” security group in order to monitor trusts, in other words if you have multiple domains in your forest and you want to monitor inter site trust, you will be required to make this account a DA.  Is that still true, or can I just use the “Local system/net sys(2003)” account for the ADMP agent action account?  What is the recommended procedure?

Well.. your Action Account will have to have specific rights on many different things, depending on what monitoring script is being used.  In the case of the “AD Monitor Trusts” script, the Action Account will need to be a local administrator on the domain controller that you’re monitoring.  Check out this article for a complete description of all of the scripts in the AD Management Pack, and all of the necessary permissions listed.  It’s lengthy, but I’m sure you’ll find what you need there.  HERE IS THAT ARTICLE.

Jimmy also asks:

B) Does MS recommend any specific DR solution for the MOM infrastructure? Would I be able to use SQL log shipping to another warm stand by server in the DR site and make it active in the event the primary goes down?  But this would still require me to build management servers at the DR site …right?

We have a list of solutions available for MOM 2005 – one of which is a “service continuity solution” that describes how to configure your MOM database to be safe and ready in case of disaster. 

Here is the solutions link.   

And here is the link to that specific Service Continuity Solution Accelerator.

Of course, if you would also like to see that webcast I delivered on this topic, you can find it here.  (Yes, I know the event registration page says that Keith Combs is the presenter, but it really is me.  I filled in for him while he was in Redmond and training on Exchange 12.)