This is a repost of an article written by Milan Jajal that I put over on the Configuration Manager Support Team blog so if you follow that one you’ve probably already seen it. Back when I originally posted this I wasn’t part of the SCE blog family but now that I am I thought it would be nice if we had everything in one convenient place. Anyway, if you ever have the need to add a workgroup based host then this should get you going in the right direction.
You are using System Center Essentials (SCE) 2010 and you try to designate a host that is in a workgroup and not in a domain. The result is that it fails with the following error:
Error (2912) An internal error has occurred trying to contact an agent on the <server-name> server.
Recommended Action Ensure the agent is installed and running. Ensure the WS-Management service is installed and running, then restart the agent.
This can occur when the host is not in the domain and instead is in a workgroup, causing the authentication between them to fail.
Note that the SCE console does not support the option of adding a host from perimeter network so you have to manually add the perimeter host using VMM Powershell available on SCE server.
You can take the steps below to make this work:
1. Connect to the host computer via RDP, then from Control Panel –> Add/Remove programs, un-install the SCVMM 2008 R2 Agent (If already installed manually).
2. Using the source media for SCE, manually install the SCVMM 2008 R2 Agent from \setup\vmm\amd64\SetupVMM.exe. Select option to install a Local Agent.
3. In this wizard, select the option “This host is on a perimeter network” and specify a password for the Security file encryption key and do not select to use CA certificate.
4. Select Use Local computer name and click Next and Install.
5. This installs the SCVMM agent on that host. Note that you have to copy that SecurityFile.txt file from Host server to SCE server.
6. Now on the SCE server, open Start Menu –> Microsoft System Center –> Virtual Machine Manager 2008 R2 –> Windows Power Shell –> Virtual Machine Manager.
7. In the power shell run the commands below to add the host:
a. >Get-VMMServer -ComputerName "<SCE-server-FQDN>" - (This server connects to a SCE server which is an SCVMM server also). b. >$Key = Get-Credential
This prompts for the user name and password. Specify user name as Administrator and the password as the same one you specified during the manual agent install.
c. >Add-VMHost "<hostname>" -Description "Perimeter host" -RemoteConnectEnabled $False -PerimeterNetworkHost -SecurityFile "C:\temp\SecurityFile.txt" -EncryptionKey $Key - (Note: The location of security file is any location where you copied file from host to SCE server)
8. Now Host should get added fine.
9. You should eventually see the event below in the VM Manager event log on the SCE Server:
Log Name: VM Manager Source: Virtual Machine Manager Date: <date, time> Event ID: 1705 Task Category: None Level: Information Keywords: Classic User: N/A Computer: <SCE-server-name> Description: Job 2bb6c79f-24de-4a9a-a279-036d72165b2e (Add perimeter network host) completed successfully.
10. Now in the SCE console you will see this computer as a host.
11. In the SCE console, below the All Virtual Machines view, you will now see all VMs hosted by this host.
12. While connecting to it, you may get prompted for credentials. After supplying the correct user name and password it may show one more prompt saying the certificate is not trusted.
13. From this prompt click on view certificate, go to the details tab, click on copy to file and export the certificate as .cer file.
14. From the SCE server –> MMC console –> Certificate snap-in, import this certificate under Trusted Root Certification Authorities.
15. Now exit and reopen the SCE console.
16. The SCE Console should be now able to see the host, all VMs and connect to all VMs fine.
“You can designate and configure servers as hosts for virtual machines in Essentials 2010 from the Essentials management server or from the Essentials console. You can also set up and manage the virtual machines on hosts in trusted domains, workgroups, or perimeter networks.”
You can find this in the Technet Library at this URL: http://technet.microsoft.com/en-us/library/ff603625.aspx
Hope this helps,
Milan Jajal | System Center Support Engineer
The App-V Team blog: http://blogs.technet.com/appv/ The WSUS Support Team blog: http://blogs.technet.com/sus/ The SCMDM Support Team blog: http://blogs.technet.com/mdm/ The ConfigMgr Support Team blog: http://blogs.technet.com/configurationmgr/ The SCOM 2007 Support Team blog: http://blogs.technet.com/operationsmgr/ The SCVMM Team blog: http://blogs.technet.com/scvmm/ The MED-V Team blog: http://blogs.technet.com/medv/ The DPM Team blog: http://blogs.technet.com/dpm/ The OOB Support Team blog: http://blogs.technet.com/oob/ The Opalis Team blog: http://blogs.technet.com/opalis The Service Manager Team blog: http: http://blogs.technet.com/b/servicemanager The AVIcode Team blog: http: http://blogs.technet.com/b/avicode The System Center Essentials Team blog: http: http://blogs.technet.com/b/systemcenteressentials