moving agents from one gateway server to another

Forum: Operations Manager4
Viewing 13 posts - 1 through 13 (of 13 total)
  • #112303
    Profile photo of Syed Ikram
    Syed Ikram
    Participant

    Hi,

    I have two gateway servers configured in the same DMZ zone. Reason is the old gateway server needs to be upgraded. After installing the new gateway server I tested the environment and both the servers are working fine and communicating to the MS.

    I wanted to move the agents from Old Gateway to New one, so I simply selected the agents and clicked on “change Primary Management Server” and selected the New gateway. I normally do this for other MS and it works, but in this scenario the agent is moved from old gateway to new but the agent communication is not established.

    I had to do below steps to have proper agent communication.

    1. Set the IsManuallyInstalled=0 , so that the agent becomes remotely manageable via the SQL query below.
    UPDATE MT_HealthService
    SET IsManuallyInstalled=0
    WHERE IsManuallyInstalled=1
    AND BaseManagedEntityId IN
    (select BaseManagedEntityID from BaseManagedEntity
    where BaseManagedTypeId = ‘AB4C891F-3359-3FB6-0704-075FBFE36710’
    AND DisplayName = ‘xxx.xxx.xxx’)

    2. Change Primary Management Server from mmm01 to nnn02 through the console. or use powershell command
    $agents = get-agent | where {$_.name -like ‘xxx.xxx.xxx’}
    $ms = get-managementserver | where {$_.name -eq ‘nnn02’}
    $agents | set-managementServer -primaryManagementServer $ms

    After the above steps, the agent remains trying to communicate to the old gateway server. However the old gateway server rejects the connection, since it is no longer the management server for the agent.

    The workaround is to
    1. change the value of the AutheticationName and NetworkName registry keys to point to the new gateway server nnn02 on the agent:
    strKeyPath = “SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Agent Management Groups\DM-PROD\Parent Health Services”
    2. stop the agent
    3. purge the folder “C:\Program Files\System Center Operations Manager 2007\Health Service State\”
    4. restart the agent. After that the agent is able to communicate to the new gateway server.

    Can any one let me know how I can establish agent communication with new gateway from SCOM console ?

    Thanks in advance for your help

    Syed

    #112310
    Profile photo of David Allen
    David Allen
    Participant

    The reason it doesn’t work in the console is because when you change the primary gateway server of an agent, it can no longer communicate to the old primary, but it also can’t communicate with any other server to get its new configuration.

    What you need to do first is specify the new gateway server as a failover server on your agents using PowerShell, and then use the console to change the primary gateway server.

    Here is the PoSh you need.

    $fs = Get-SCOMGatewayManagementServer | where {$_.DisplayName -eq “failover gateway server FQDN“}

    $agents = get-scomagent | where {$_.PrimaryManagementServerName -eq “current gateway server FQDN“}

    $agents | Set-SCOMParentManagementServer -FailoverServer $fs

     

    David

    #112312
    Profile photo of Syed Ikram
    Syed Ikram
    Participant

    As I understand,

    I need to execute the above script to set the fail-over gateway server. And later I can use the SCOM console to move the agent from old gateway to new gateway server.

    But the Registry of the agent will still have old gatewayserver as “AuthenticationName” and “NetworkName”. So will that have any issues like earlier, triggering connection errors?

    Syed

    #112313
    Profile photo of David Allen
    David Allen
    Participant

    All the registry settings should get updated with the new settings when you move the agent in the SCOM console, as there is a failover server set that the agent is allowed to communicate with to get the new settings.

    #112406
    Profile photo of Syed Ikram
    Syed Ikram
    Participant

    Hi,

    There was issue with my Blog login. So it took sometime to reply back.

    From the SCOM console if we manually select the agent and change the primary management server to another MS it works fine. Fail-over is not set between them. Before changing the MS I checked the registry file HKLM\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Agent Management Groups\DM-PROD\Parent Health Services of the agent it has the old MS. After changing the MS from console I checked the same registry file and found the value was automatically changed to new MS.

    If I do the same with changing the gateway server the registry file doesn’t change automatically.

    Basically I am not looking for setting a failover. I am just trying to understand that why the “changePrimaryManagement” option works fine if it is within the ManagementServer but not within Gatewayserver.

    #112407
    Profile photo of Syed Ikram
    Syed Ikram
    Participant

    Adding one more point. The gateway server are in same DMZ with same domain, subnet and dns mapped. So it is like the MS that are with in same domain.

    #112412
    Profile photo of David Allen
    David Allen
    Participant

    The reason is because of the reason I mentioned previously.  When you select an agent that is connected to a management server, and change it’s primary management server, the agent can get it’s new configuration from any other management server.  An agent connected to a gateway, however, does not have any other gateway to get it’s new configuration data from.  So, when you change the primary gateway server, the agent will stop stop connecting into it’s current gateway but will not be able to connect to any other gateway to get it’s new configuration.

    You will have to manually set a failover gateway server for changing the primary server in the console.

    Hope that makes sense.

    David

    #112413
    Profile photo of Syed Ikram
    Syed Ikram
    Participant

    Thanks a lot.
    That clears everything. 🙂

    #112414
    Profile photo of Syed Ikram
    Syed Ikram
    Participant

    Thanks a lot.
    That clears everything. 🙂

    #226422
    Profile photo of Sengottuvel
    Sengottuvel
    Participant

    IN SCOM 2012 R2 is it possible to move SCOM agent between gateway server and management server ? I am aware gateway server to gateway server and MS to MS is possible.
    But would like to know move SCOM agent between gateway server to management server is possible ?

    #226600
    Profile photo of Scott Moss
    Scott Moss
    Participant

    Sengottuvel the best way to help with your issue is to start a new thread, instead of commenting on thread that is two years old.

    to answer your question, it could be possible only if the SCOM agent using the gateway server is in the same security boundary as the SCOM infrastructure. if it is in a different domain, this might not be possible. If you have questions about this please open up a new thread with this question, as well as weather the agent machines are on different domains from the SCOM infrastructure, or if they are trusted etc.

    #230398
    Profile photo of Gautam
    Gautam
    Participant

    Hi All,

    I know this is a old question. But thought to add some points for some one who faces this issue

    David’s Answer makes sense here. By default Agents reporting to a MS get the config mentioning the list of MS in order it has to fail over event though it is not configured as that is by design the config will include all the MS it has for a agent to fail over to.

     

    But a gateway does not work in that way and will fail. Hence setting up a primary MS and Secondary MS via shell script for Agents via Gateway will make the Agent connection remain continues and post changing the primary MS in the console it will get the new config from the fail over gateway and then it will update the config + registry keys and the Microsoft monitoring Agent control panel with the correct Gateway.

     

     

    #230420
    Profile photo of kannaiah
    kannaiah
    Participant

    Hi ,

    I have created Windows group for my servers after that use that group and creating CPU performance dashboard ,when i select the group “There was a probleam creating the view, when creating a view an unsealed manement pack” i got the error and not dispaly the servers in Dash board grap for cpu performance.

    Can any one soluction help me.

     

    Thanks,

Viewing 13 posts - 1 through 13 (of 13 total)

You must be logged in to reply to this topic.