Had my final battle with WMI and am happy to say, I won. This time the issue was caused by agentless monitoring problems. I had followed the usual steps, starting with the encryption issue in the mof files, followed by updating WMI and then WSH. However, those steps did not solve the problem with my agentless systems constantly reporting back WMI errors on monitoring.
Here is the concoction I came up wtih that finally stopped the last of the warnings in the console.
These were Windows 2003 servers I was atempting to monitor. I started by adding both the SCOM action account to the DCOM group on the local server. I also added the SCOM management server computer account. I had noticed the server and action account were both showing up in the security logs on the local server I was trying to monitor.
Next, I tweaked my component services permissions to allow both the action and computer accounts to both the "Access Permissions" and "Launch and Activation Permissions" options under COM Security.
I installed "Remote DTC" as a windows feature and allowed remote clients to connect for network DTC access.
Finally, I added the action account and management server computer account with full permissions over the following registry key:
HKLM\Software\Microsoft\WBEM
Upon rebooting, I received no further WMI errors. I will post a more detailed, blow by blow accounting of all the things to use for troubleshooting WMI warnings in System Center.
No comments:
Post a Comment