Monitoring untrusted servers using SCOM

Operations Manager uses a more secure communication model which requires mutual authenticationbetween agent and management server. Mutual authentication between Operations Manager components can be achieved either using Kerberos or certificate authentication.  Mutual authentication via Kerberos requires trusted scenarios where all machines in the conversation are in the same Active Directory domain or in a domain with a two-way trust relationship with the domain containing the target Management Server.

However, in cases where machines outside the trusted environment must be monitored, Kerberos authentication is not possible. In these cases, Operations Manager 2007 can utilize x.509 certificates for mutual authentication in a variety of scenarios.

Following diagram explains the scenario solution.

Monitoring non-trusted servers using SCOM


About Jayachandran PK
My passion is for Microsoft technologies and how if properly implemented, they can provide actual value for an organization especially in the field of infrastructure, virtualization and system monitoring. I work for the biggest Microsoft partner in Kuwait, specialized in project consultation and implementation services for enterprise clients. When I'm not at work, I try to contribute back through a charitable organization dedicated to prompting cultural values of Kerala. In my free time, I dabble in gardening and am also an avid solar power aficionado.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: