SCOM 2012 - Deploying Agents to Untrusted Domains

When you have gateway servers sitting in untrusted domains you can deploy agents a couple of ways. You can use the gateway server itself or you can deploy from a management group server. I recently worked on a project where we were not able to use the gateway server because of some environmental factors so we had to deploy from the management group. The following are the steps you need to take to do this. It is similar a normal deployment with a few differences.

In the Administration space Right Click on Administration and select Discovery Wizard. Then select Windows Computers. Click Next

Select the Advanced discovery radio button. Then chose the gateway server you want to use as the primary management server. Click Next

In Discovery Method select the Browse for, or type-in computer names radio button In the active field enter the name(s) of the computers to be discovered (don't bother doing a browse for them, they won't be found). Click Next

For the Administrative Account you want to use the SCOM management account for the respective domain you are deploying to. Be sure to check This is a local computer account, not a domain account to avoid credential problems. Click Discover

You will be warned about the validation of the provided credentials, Click Yes

Check the box(s) of the computers to deploy to, choose agent or agent-less and Click Next

Leave the Agent action account as Local System and Click Finish

The agents will deploy in proper time and you are all set.


More to come!

If you like this blog give it a g+1