With the arrival of Windows Server 2008 R2 it seems that more administrators are keeping UAC enabled.  I ran into an issue where I installed the certs for a gateway server and ran the cert import tool but kept getting this error

 

Event: 21016

OpsMgr was unable to set up a communications channel to scomrms1.scom.com and there are no failover hosts.  Communication will resume when scomrms1.scom.com is available and communication from this computer is allowed.

 

and

 

Event: 21007

 The OpsMgr Connector cannot create a mutually authenticated connection to scomrms.scom.com because it is not in a trusted domain.

 

I ran MOMCertImport and everything seemed to be fine.  After taking a look into HKLM\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Machine Settings\ I realized that there was no reg key for ChannelCertificateSerialNumber.

This told me there was a problem with running the MOMCertImport tool as nothing was being written to the registry.

It turns out that running MOMCertImport doesn’t call the UAC dialog box the application runs and lets you select you cert and exits normally.  So what you must do is right click on MOMCertImport.exe and click on Run as administrator.

CertImport

Then click Continue in the UAC dialog box.

Capture

Categories:

Tags:

No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *