In this post series I will go through detailed step by step (with screenshots) related to System Center Operations Manager 2007 R2 Installation and Configuration that IT Administrator or technical consultant will need to build Operations Manager 2007 R2,
In this part I will start with Pre-Build Steps:
a) The 1st step in Pre-Build is to design System Center Operations Manager 2007 R2 based on business, technical and operations requirements, and as a very good guidance for Operations Manager 2007 design you can use Microsoft Infrastructure Planning and Design for System Center Operations Manager 2007 http://technet.microsoft.com/en-us/library/ee354213.aspx , this beside using Microsoft Operations Manager 2007 R2 Design Guide and all other Operations Manager 2007 R2 Documentations http://technet.microsoft.com/en-us/systemcenter/om/bb498235 .
The output of System Center Operations Manager 2007 R2 design should include but not limited to the following:
Table below shows Supported Operations Manager 2007 R2 Firewall Scenarios:
Operations Manager 2007 R2 Component A
Port Number and Direction
Operations Manager 2007 R2 Component B
Configurable
Root Management Server
1433 --->
Operations Manager Database
Yes (Setup)
Management Server
5723, 5724 --->
No
The port must be open to install the component.
Port can be closed after install the component.
Gateway Server
Reporting Data Warehouse
Reporting Server
The port must be open to install the component. Port can be closed after install the component.
Operations Console
5724 --->
Connector Framework Source
51905 --->
Web Console Server
Connected Root Management Server (Local)
Connected Root Management Server (Connected)
Agent
5723 --->
Agent (Audit Collection Services Forwarder)
51909 --->
Management Server Audit Collection Services Collector
Yes (Registry)
Agentless Exception Monitoring data from client
51906 --->
Management Server Agentless Exception Monitoring file share
Yes (Client Monitoring Wizard)
Customer Experience Improvement Program data from client
51907 --->
Management Server (Customer Experience Improvement Program End) Point
Operations Console (Reports)
80 --->
SQL Reporting Services
The Operations Console uses Port 80 to connect to the SQL Reporting Services Web site.
Yes
Audit Collection Services Database
Management Server (Audit Collection Services Collector)
Web Console Browser
51908 --->
Yes (IIS Admin)
b) Follow the below deployment check list to be sure that you are ready for Operations Manager 2007 R2 deployment:
Item
Description
Comments
Base OS
All Management servers for OpsMgr will be Windows 2008 R2 Standard 64-bit; SQL Database servers will be Windows 2008 R2 Standard 64-bit (O.S. to be Windows 2008 R2 Enterprise Edition if Microsoft Cluster used for high availability).
Enable .Net 3.0 Framework and PowerShell feature components on all Management server roles in Table-1
Enable Web Server role selecting all component on Root Management Server as this server will be hosting Web Console.
Enable Web Server role selecting all component on SQL server role in Table-1 as these server will be hosting SQL reporting Services.
AD
AD with domain functional level of Windows 2000 Native and above.
OpsMgr OU for Operations Manager Servers created. All Computer accounts for Operations Manager Servers should be moved under OpsMgr OU.
Following Domain accounts are created:
* OpsMgrSQLService
* OpsMgrAction
* OpsMgrSDKConfig
* DWHWrite
* DWHRead
Please Note : * are service accounts and these accounts must have:
User cannot change password
Password never expires
Following Global Security Groups are created:
OpsMgrAdmins
Following Group Policy Objects will be created:
Group Policy at Domain Level to create Restricted Groups to make "OpsMgrAction" account a member of Local Administrators group on all servers to be monitored.
Group Policies for DC’s to make "OpsMgrAction" account a member of Local Administrators group. This group policy can be linked to Domain Controllers OU
Group Policy at OpsMgr OU Level to make following accounts a member of Local Administrators Group:
OpsMgrSQLService
OpsMgrAction
OpsMgrSDKConfig
DWHWrite
DWHRead
To push agents.
SQL
A standalone SQL 2008 SP2 64-bit Standard Edition named instance created (Enterprise Edition to be considered in case of using SQL Cluster)
Also SQL 2008 R2 can be used now while the steps in this MS Article should be followed: http://support.microsoft.com/kb/2425714
SMTP / Exchange
Confirm availability of primary and failover SMTP servers are available.
SAN Storage or Local Disks
LUN’s (Or Local Disks) with appropriate sizes are created as given in Design
In the coming post I will go through step by step for Operations Manager 2007 R2 installation with screenshots.
Related Posts:
Awesome, thanks
Part 2 released,
Part 3 released,
Part 4 released,
Part 5 released,
Part 6 released,
Part 7 released,
Part 8 released,
Hi,
Thanks for this usefull article.
Can you explain this one please :
"Group Policies for DC’s to make "OpsMgrAction" account a member of Local Administrators group. This group policy can be linked to Domain Controllers OU"
You mean, put OpsMgrAction account in Local Administrators group of DC's ?
DC don't have Local Admin group, right !?
Moreover, you create a OpsMgrAdmin group, but you don't put any account inside.
It is a little bit confusing to create a empty group...
Thanks in advance.
Bests regard.
Julien.G
I notice also that this security group is empty.
Which kind of account did you use for proceed to the installation on the server?
Is it the accounts created in AD?
This step is required if you want to allow Domain Account for SCOM to deploy Agents remotlly, without need to be Domain Administrator.
Thx very much Meged.
What you have done here is awesome for its detail.
I know it's early days, but will you also be preparing a set of documents for OpsMgr 2012?
Cheers,
John Bradshaw
yes sure I will :-)
And I started with SCCM 2012 already here blogs.technet.com/.../what-s-new-in-configuration-manager-2012-sccm-2012.aspx
meged ...
Thank you for this usefull article..
like it very much..:D
You are welcome Yan, did you check my orchestrator 2012 post series? You can find it in our blog blogs.technet.com/meamcs
New Similar detailed serier for Orchestrator 2010 posted blogs.technet.com/.../orchestrator-2012-deployment-amp-configuration-step-by-step-part-1-overview-and-architecture.aspx
Excellent and detailed posts but the one I was looking for wasn't included (overlooked?): installing/configuring a gateway server. Any plans for that or do you have a link for it in another post?
Hi Techiedude,
Thanks for your feedback, actually I do not have plan to extend more in this post seriers as SCOM 2012 is coming very soon, so I plan to deliver similar post seriers for SCOM 2012.