How to monitor RedHat Enterprise Linux 5 or 6 using Microsoft System Center Operations Manager (SCOM) 2012 SP1 - Part 2

Installation of the SCOM agents on RHEL

In part 1 there is a description how to modify SCOM and RHEL to get ready for the agent installation. If this wasn't properly done you will get into trouble. Believe me! In this part 2 I will describe the agent installation and how to check if the setup was well done.

  1. Open SCOM Operations Console, go to Administration pane, Device Management, right click on UNIX/Linux Computers, select Discovery Wizard
    Select computer device step 1

  2. Select UNIX/Linux computers, click Next
    Select computer device step 2

  3. Click Add in the Define the criteria for discovering... window
    Select computer device step 3

  4. Insert the FQDN or IP address of the Server which should be monitored:
    Select computer device step 4
    Hint: Hit the return key to add the FQDN. Don't forget to click Set credentials!

  5. Set the type of credentials in the following window as shown:
    Select computer device step 5
    Remember: In part 1 I have described the Linux setup of the user "opsmgrsvc"

  6. Check the settings:
    Select computer device step 6
    Don't forget to click Save!

  7. Selection of the target resource pool:
    Select computer device step 7
    Remember: In part 1 we have defined the resource pool. Click on Discover!

  8. Selection of the computers to manage:
    Select computer device step 8
    Select the appropriate checkbox and click on Manage!

  9. Agent deployment starts:
    Agent deployment step 1

  10. Agent deployment throws an error:
    Agent deployment step 2
    Oops! This wasn't expected. We have a look at the Linux server now. Do you remember that I told you to have a Linux admin by your side? Read the error message carefully and then click on Close!

  11. If you try to login via ssh, sftp or scp to a Linux system all these accesses are logged to /var/log/secure. This text file is the first address to look for connection problems. So, let's have a look to this. I'm using the tail command for this purpose:
    [root@<hostname> ~]# tail -f /var/log/secure
    Mar 27 15:09:55 <hostname> sshd[56686]: Accepted password for opsmgrsvc from <SCOM-IP> port 57389 ssh2
    Mar 27 15:09:55 <hostname> sshd[56686]: pam_unix(sshd:session): session opened for user opsmgrsvc by (uid=0)
    Mar 27 15:09:55 <hostname> sshd[56686]: pam_unix(sshd:session): session closed for user opsmgrsvc
    Mar 27 15:09:56 <hostname> sshd[56704]: Accepted password for opsmgrsvc from <SCOM-IP> port 57390 ssh2
    Mar 27 15:09:56 <hostname> sshd[56704]: pam_unix(sshd:session): session opened for user opsmgrsvc by (uid=0)
    Mar 27 15:09:56 <hostname> sshd[56706]: subsystem request for sftp
    Mar 27 15:09:56 <hostname> sshd[56704]: pam_unix(sshd:session): session closed for user opsmgrsvc
    
    As we can see there are successful connections via ssh, protocol version 2 and a successful data transfer using sftp. Now we can state that our credentials are OK and valid!

  12. Resignature of the Linux host certificate
    After some googling around I found that the problem could be solved by resignature the certificate of the Linux host. In short words: we have to fetch the SCOM Agent certificate, copy it to the SCOM server, resignature it and copy it back to the Linux server. It's really a shame for Microsoft that they are not able to do this process during the agent rollout. As we can see above this is not a matter of rigts/security!

  13. No we have to go back to the Select UNIX/Linux computers screen, click Next
    Select computer device step 2

  14. Check the settings:
    Select computer device step 6
    Don't forget to click Save!

  15. Again selection of the computers to manage:
    Insert Linux host after resignaturing step 1
    Select the appropriate checkbox and click on Manage! Note: There is just the action manage available.

  16. Agent deployment now successful:
    Insert Linux host after resignaturing step 2
    Click on Done! We've got it.

  17. You can download this page as pdf file [922 kB].

    On the next page I will provide some additional information about the SCOM agent.

    On the previous page I described the base setup of the SCOM and RHEL.


    Frank Ickstadt - Am Dattenbach 9-11 - 65817 Eppstein - Germany Frank Ickstadt
    Am Dattenbach 9-11
    65817 Eppstein
    Germany
      Phone: not available Phone: not available

    frank [dot] ickstadt [at] removethis gmail [dot] com

    frank [dot] ickstadt [at] removethis gmail [dot] com   Fax: currently out of order Fax: currently out of order

    jEdit Programmer's Text Editor button