With the arrival of Windows Server 2008 R2 it seems that more administrators are keeping UAC enabled. I ran into an issue where I installed the certs for a gateway server and ran the cert import tool but kept getting this error
Event: 21016
OpsMgr was unable to set up a communications channel to scomrms1.scom.com and there are no failover hosts. Communication will resume when scomrms1.scom.com is available and communication from this computer is allowed.
and
Event: 21007
The OpsMgr Connector cannot create a mutually authenticated connection to scomrms.scom.com because it is not in a trusted domain.
I ran MOMCertImport and everything seemed to be fine. After taking a look into HKLM\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Machine Settings\ I realized that there was no reg key for ChannelCertificateSerialNumber.
This told me there was a problem with running the MOMCertImport tool as nothing was being written to the registry.
It turns out that running MOMCertImport doesn’t call the UAC dialog box the application runs and lets you select you cert and exits normally. So what you must do is right click on MOMCertImport.exe and click on Run as administrator.
Then click Continue in the UAC dialog box.
No comments yet.