Before you start on the SCOM side of things, a couple of points to note. The Windows Server 8 machine is best off being a member of an Active Directory domain as it avoids having to manually install the SCOM agent.
Note: It is a pre-requisite to have the .NET Framework 3.5 feature installed first before you go and install the agent. Quite a few people have been commenting (see below) on coming across errors with agent deployment and the solution is to install this feature.
Post Update 12.03.2012: A good friend of mine (whose technical opinion I've a lot of respect for), commented to me that there's no point in having this shiny new secure operating system if you're gonna go disabling the windows firewall and UAC on it as it wouldn't be something we'd do in a production environment anyway for obvious security reasons. I totally agree with him and put my initial suggestion of disabling both these security features down to a combination of eagerness to get the solution working and tiredness when I orginally wrote up the post. As a result, I've amended the following sections below that state there's a need to turn off the firewall and I've added in the correct steps to take to get it working in a secure and firewalled environment.
When I tried to initially install the SCOM agent on a vanilla install of Windows Server 8 (with the server in a domain)it failed.
You can leave User Account Control (UAC) turned on as it doesn't affect the agent deployment. The screens below show the windows firewall enabled and the default UAC setting within the Windows Server 8 Operating System.
Firewall turned on
UAC configured
To configure the Windows Server 8 firewall to allow the specific ports for SCOM 2012, open the Windows Firewall Advanced Configuration window from the control panel and then right mouse click on Inbound Rules to open the New Inbound Rule Wizard
Select Port from the first screen, then click Next
Select TCP and then type in the specific ports that you want to allow - in this example, I've used 5723,5724,80 and 51909 as I will most likely be installing the SCOM Console on this server at some point so want to provision for that now. Click Next once you're finished your selection.
Select All the connection, then click Next
Choose whether or not the rule applies to your domain, private or public profiles, then click Next
Type a description, then click Finish
At this point, you have your inbound rule created, but if you run the SCOM Agent installer wizard, you will receive an error message like the one below
The final step you need to take here (and this is what catches people out when trying to configure this-I know it caught me!), is to enable the already created rules for File and Print Sharing and WMI from within the Firewall Console. Although these rules are already existent in your firewall configuration, they are disabled by default and need to be turned on for the SCOM push installer to actually run.
The screen below shows the File and Print Sharing rules to be enabled
This screen shows the WMI rules that need to be enabled
Note: If you want a full list of all the required ports that SCOM needs, check out this link for more information-paying particular attention to the 'Operations Manager Feature Firewall Exceptions' section: http://technet.microsoft.com/en-us/library/hh205990.aspx
Once you have UAC and the firewall turned off configured the firewall with the relevant ports allowed, you can then start the installation of the SCOM agent.
To begin installing the SCOM agent, click on the Administration tab in the SCOM console and then select the 'Discovery Wizard' option located at the menu on the left hand side.
This will open up the 'Computer and Device Management Wizard' as shown below. Select Windows Computers and click Next
Leave the discovery at Servers and Clients and choose your SCOM management server, then click Next
Either type the name of your Windows Server 8 or browse for it in the following screen, then click Next
Type the credentials for a domain admin account and then click Next
If the credentials you entered are correct and your firewall and UAC are disabled, you should see the computer object being discovered by the wizard. Just click on the server name and then select Next to continue
Leave the settings in the screen below as they are and click Finish
The Agent Management Task Status window should display a Success message if all went well with the deployment as below
If we wait a few minutes for discovery, we can then see the Windows Server 8 object in the Operations Manager Agent Managed console view as below
We can also see it in the Monitoring tab of the console showing a health state (hopefully!)
To demonstrate some of the custom tasks I have running against the Windows Server 8 agent, I need to enable the Remote Desktop Protocol (RDP) on the new server. This can be enabled from the new Server Manager window by clicking on the 'Remote Desktop' link as below
We can now enable RDP for the new Windows Server 8 as shown
Once RDP is enabled on the server, back in the SCOM console at the Monitoring tab, if I click on an alert that is relevant to the new Windows Server 8 machine, I will see my custom '01-Run Remote Desktop' task in the Actions pane on the right hand side. If I click on the alert, then select this action,
I should get prompted for my credentials to initiate an RDP session and then it'll logon to the new server as the screen below shows
Obviously, there will be a number of things not working on this agent and when we go into the Health Explorer for it, we can see that all of the Operating System rollups are in a Not Monitored state. This is to be expected when we haven't yet got a management pack released for Windows Server 8.
This concludes the installation of Windows Server 8 and the deployment of the SCOM 2012 agent to it. Hopefully you've enjoyed this short exploratory series!
As a Dell employee I think your post is really intersting. I think windows servers are more powerful versions of their desktop operating system counterparts and are designed to more efficiently handle corporate networking, Internet/intranet hosting, databases, enterprise-scale messaging and similar functions.
ReplyDeleteJust to inform you, for successful agent installation on server 8, a .net 3.5 feature is required, otherwise it just fails the installation with error that it cannot install performance counters.
ReplyDeleteGood point Pixa,
DeleteIt's nearly standard practice to always install .NET onto your servers these days but you're right in saying that if the .NET Framework isn't present, then the agent deployment will fail.
Thanks!
Kevin.
Thank you. I struggled with the installation for a few hours. Installed .NET 3.5 and it worked. The error isn't very good and searching on the error code doesn't give this fix.
DeleteThanks for that. This saved my day.
DeleteGunter
Thanks Gunter - I've added in an additional note to the post as I'm sure you guys aren't the only ones having this problem!
DeleteKevin.
Hello Kevin.
DeleteI can't install SCOM 2012 R2 agent on Windows Server 2012R2.
First i tried to install it from Console but failed with "Access denied". I resolve that.
Second installation from Console failed with "Fatal error during install".
I tried to install agent manual on server but it return error.
The error is:25211.Failed to install performance counters (the parameter is incorrect).
After some investigation i found out that .NET 3.5 is required.Install that, restart server but still unable to install agent manual. Same error.
Tried almost everything what could be found on web, but nothing helps.
I can install agent only with NOAPM switch.
Any suggestions what could be the problem?
Thanks for help.
Hi Johan,
DeleteThere should be no blockers to installing the SCOM 2012 R2 agent onto a Windows Server 2012 R2 server. If the manual deployment is failing, then you can rule out any firewall or network issues.
Is your WS2012R2 server physical? If so, you might have some corruption on the OS disk. If it's virtual, you could encounter corruption too.
I'd recommend trying it on a completely new build of Windows Server 2012 R2 (not from a previously built VM template) and if it deploys fine there, then you'll know the original server has corruption or disk problems. If it doesn't deploy to a brand new WS2012R2 build, then I'd suggest re-downloading the SCOM media again as there might be an issue there (or even try this first).
HTH,
Kevin.
Hi Kevin,
DeleteThanks for quick reply.My WS2012R2 is physical(HP BL465c G5).
I already test agent install on other new WS2012 R2(HP DL360 G6) physical server.I push agent from console and install successfully! The only difference was that .NET 3.5 was already installed before installing agent.
I tried to install SCOM 2012 SP1 agent.The error while installing is the same.So media is also not problem.
I think the problem is in corrupted Registry or WMI, maybe because first install/uninstall did not complete successfully?
Could the problem be with HP EVA counters?This server is for managing HP EVA storage with HP Command View which was installed before SCOM agent?
BR,
Johan
Thanks for posting about the .NET 3.5 install; the error code led me down the wrong path of investigation for several hours.
ReplyDelete