Amend MOM server within client registry via group policy (32 bit machines)

Reading Time: < 1 minute

Copy below to a notepad and rename with a .reg extension. Such as AmendMOMagent.reg

Test on a client and check the registry is amended. When ready, apply via group policy. If you wish to use a script, see https://cloudbuild.co.uk/?p=1638

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Mission Critical Software\OnePoint\Configurations\forefrontclientsecurity\Operations\Agent\Consolidators]
“PeerCount”=dword:00000001
“Consolidator 1 Host”=”server.domain.com”
“Consolidator 1 AD Name”=”server.domain.com”

Reconfigure MOM agents to point to new server Script

Reading Time: < 1 minute

Insert the below script into a notepad, amend bold text as required. Save as .bat file and deploy via group policy or run manually if you have a few machines. Test before applying to live environment.

MsiExec.exe /I \\path to momagent.msi /norestart /qn /l*v “%temp%\MOMReinstall.log” CONFIG_GROUP=”Default is ForefrontClientSecurity but amend if different” CONFIG_GROUP_OPERATION=”ModifyConfigGroup” MANAGEMENT_SERVER=”NEW MOM SERVER GOES HERE” AM_CONTROL=”Full” REQUIRE_AUTH_COMMN=1 REINSTALL=”ALL”

If mom agent control is not FULL (AM_CONTROL=”Full”), please amend. Mine were set to full.

Firewall Ports which require opening for MOM 2005 to work

Reading Time: < 1 minute

135
1270 TCP/UDP
1433
80
1272
1271

A useful tool to use to check all required ports are open is momNetChk.exe – This is available from the Microsoft Operations Manager 2005 Toolkit. You can download directly from Microsoft from http://download.microsoft.com/download/d/4/b/d4bfc32c-d8d2-4541-8356-4c6359eecbb4/MOM2005ResKit.msi

If you prefer to have a read before downloading visit http://technet.microsoft.com/en-us/systemcenter/om/bb498260. The tool is available below the Tools and Utilities section.

After you have installed the tool kit, a folder will appear under c:\Program Files named Microsoft Operations Manager Resource Kit. Do a search for momnetchk.exe and then double click the .exe, type in a machine name and click run scan. All tests should show green, if not save the results to a log file and check which ports were blocked.

A really useful tool.

I would recommend you run the tool from both, Server and Client and ensure the required ports are open. For example, if you open port 1270 TCP but not UDP you may experience issues such as the last contact column within MOM console being blank. To install on the client just copy the whole folder across to C:\program files on the client machine.