Zim
2009-10-16 13:56:01 UTC
Hi,
I am doing a Disaster Recovery testing for my SCOM server.
I have single Server, single management group scenario.
I am taking the backup of my existing production server and restoring on a
diiferent server built from scratch.
All the components and server roles are installed on 1 server except the
Audit Collection Server. I found this while doing some research on how to
recover in this scenario:-
-----------------------------------------------------------------------------------------------------------------------------------------
Recovering from a Total Loss
What would it take to recover OpsMgr assuming a "total loss?" Assume the
following scenario:
The Operational database is installed on the RMS.
The management server is monitoring 200 agent-managed systems.
There is only one management server in our management group.
The Web console is installed.
OpsMgr Reporting and ACS are not installed.
Although this is a very simple implementation of Operations Manager, it is
intended to show you the steps necessary to recover OpsMgr from a complete
hardware failure of the management server. We will assume that our server
team has already built a new server using the same NetBIOS name in the same
domain, installed SQL Server 2005, and enabled IIS because we will use the
OpsMgr 2007 Web console. The appropriate level of service packs and security
patches are applied—be sure to be at the same level of software maintenance
that you had with your original system. We are ready to recover Operations
Manager.
At a general level, here are the steps involved:
Install Operations Manager 2007 from the installation media—selecting the
option for a typical installation and using the same management group name as
the original install. Remember that the group name is case sensitive. Specify
the same accounts (SDK and Config service, Management Server Action account)
as used by your original installation.
This type of information should be documented as part of your disaster
recovery planning. Detailed steps on installing OpsMgr can be found in
Chapter 6, "Installing Operations Manager 2007."
After Operations Manager is installed, immediately stop the SDK service to
prevent the RMS from sending data to the Operational database. This prevents
OpsMgr from writing data to this database, which you will be overlaying as
part of your recovery process. Because any data written to this new database
will be lost, immediately really means immediately!
Install any additional hotfixes previously installed with your original
installation.
Delete the OperationsManager database created from your OpsMgr installation
in step 1.
Restore the latest OperationsManager database created from your SQL backup.
Restore the RMS encryption keys.
Import any additional management packs that were loaded to your old
management server or changed and backed up after your last Operational
database backup.
Install the Web console.
Start the SDK service. Operations Manager will now be functional.
These steps constitute a high-level process for recovering Operations
Manager. Your actual plan should contain greater detail, including specific
hard drive configurations, the exact installation options, the SQL steps
necessary to -delete and restore the databases, and so forth.
-------------------------------------------------------------------------------------------------------------------------------------------
I have followed all the steps and I did not receive any error while
restoring the Operations Manager DB.
I am testing this in a test environment which is isolated from my Production
environmet.
I have not restored the reporting warehouse db at this moment though I have
that running in my production environment.
I will try that later once I test that everything is fiine with the first
restore of OPsmanager db.
I am able to start the SDK and Cinfig Service.Both these servcies are
running with the privileges of the Local System Account.
The problem that I am facing at this moment is that I am not able to open
the Operations Manager console,
I get this error:-
"Failed to connect to server :-ind-mhp1som001.mastek.com. Insufficient
Privileges.
The user mastek\poc does not have sufficient permissions to perform the
operation.
Date: 10/15/2009 1:36:15 PM
Application: System Center Operations Manager 2007
Application Version: 6.0.6278.0
Severity: Warning
Message: Failed to connect to server 'ind-mhp1som001.mastek.com'.
Insufficient privileges
Microsoft.EnterpriseManagement.Common.UnauthorizedAccessMonitoringException:
The user MASTEK\poc does not have sufficient permission to perform the
operation.
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer.HandleIndigoExceptions(Exception ex)
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer.CreateChannel(TieredManagementGroupConnectionSettings managementGroupTier)
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer..ctor(DuplexChannelFactory`1
channelFactory, TieredManagementGroupConnectionSettings managementGroupTier,
IClientDataAccess callback, CacheMode cacheMode)
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer.CreateEndpoint(ManagementGroupConnectionSettings
connectionSettings, IClientDataAccess clientCallback)
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer.Connect(ManagementGroupConnectionSettings connectionSettings)
at
Microsoft.EnterpriseManagement.ManagementGroup..ctor(ManagementGroupConnectionSettings connectionSettings)
at
Microsoft.EnterpriseManagement.ManagementGroup.Connect(ManagementGroupConnectionSettings connectionSettings)
at
Microsoft.EnterpriseManagement.Mom.Internal.UI.Common.ManagementGroupSessionManager.Connect(String
server, String username, SecureString password, String domain)
at
Microsoft.EnterpriseManagement.Mom.Internal.UI.Console.ConsoleWindowBase.ConnectWithCredentials(Exception ex, ConsoleJobEventArgs args)
The user is a Domain Admin and is part of the Local Admin Group on the Server.
Also the event viewer reports the following error:-
Event Type: Error
Event Source: OpsMgr SDK Service
Event Category: None
Event ID: 26319
Date: 10/15/2009
Time: 1:37:14 PM
User: N/A
Computer: IND-MHP1SOM001
Description:
An exception was thrown while processing Connect for session id
uuid:ac5899bf-4a23-4caa-8dd5-593001a9fe01;id=5.
Exception Message: The creator of this fault did not specify a Reason.
Full Exception:
System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UnauthorizedAccessMonitoringException]:
The creator of this fault did not specify a Reason. (Fault Detail is equal to
Microsoft.EnterpriseManagement.Common.UnauthorizedAccessMonitoringException:
The user MASTEK\poc does not have sufficient permission to perform the
operation.).
The user mastek\poc is a member of SCOMAdmins group.It is also a member of
the Local administrators on the server , and member of the Domain Admins
group.
My test environement has AD with 3 sites and 1 DC in each site.
Any help is appreciated.
I am doing a Disaster Recovery testing for my SCOM server.
I have single Server, single management group scenario.
I am taking the backup of my existing production server and restoring on a
diiferent server built from scratch.
All the components and server roles are installed on 1 server except the
Audit Collection Server. I found this while doing some research on how to
recover in this scenario:-
-----------------------------------------------------------------------------------------------------------------------------------------
Recovering from a Total Loss
What would it take to recover OpsMgr assuming a "total loss?" Assume the
following scenario:
The Operational database is installed on the RMS.
The management server is monitoring 200 agent-managed systems.
There is only one management server in our management group.
The Web console is installed.
OpsMgr Reporting and ACS are not installed.
Although this is a very simple implementation of Operations Manager, it is
intended to show you the steps necessary to recover OpsMgr from a complete
hardware failure of the management server. We will assume that our server
team has already built a new server using the same NetBIOS name in the same
domain, installed SQL Server 2005, and enabled IIS because we will use the
OpsMgr 2007 Web console. The appropriate level of service packs and security
patches are applied—be sure to be at the same level of software maintenance
that you had with your original system. We are ready to recover Operations
Manager.
At a general level, here are the steps involved:
Install Operations Manager 2007 from the installation media—selecting the
option for a typical installation and using the same management group name as
the original install. Remember that the group name is case sensitive. Specify
the same accounts (SDK and Config service, Management Server Action account)
as used by your original installation.
This type of information should be documented as part of your disaster
recovery planning. Detailed steps on installing OpsMgr can be found in
Chapter 6, "Installing Operations Manager 2007."
After Operations Manager is installed, immediately stop the SDK service to
prevent the RMS from sending data to the Operational database. This prevents
OpsMgr from writing data to this database, which you will be overlaying as
part of your recovery process. Because any data written to this new database
will be lost, immediately really means immediately!
Install any additional hotfixes previously installed with your original
installation.
Delete the OperationsManager database created from your OpsMgr installation
in step 1.
Restore the latest OperationsManager database created from your SQL backup.
Restore the RMS encryption keys.
Import any additional management packs that were loaded to your old
management server or changed and backed up after your last Operational
database backup.
Install the Web console.
Start the SDK service. Operations Manager will now be functional.
These steps constitute a high-level process for recovering Operations
Manager. Your actual plan should contain greater detail, including specific
hard drive configurations, the exact installation options, the SQL steps
necessary to -delete and restore the databases, and so forth.
-------------------------------------------------------------------------------------------------------------------------------------------
I have followed all the steps and I did not receive any error while
restoring the Operations Manager DB.
I am testing this in a test environment which is isolated from my Production
environmet.
I have not restored the reporting warehouse db at this moment though I have
that running in my production environment.
I will try that later once I test that everything is fiine with the first
restore of OPsmanager db.
I am able to start the SDK and Cinfig Service.Both these servcies are
running with the privileges of the Local System Account.
The problem that I am facing at this moment is that I am not able to open
the Operations Manager console,
I get this error:-
"Failed to connect to server :-ind-mhp1som001.mastek.com. Insufficient
Privileges.
The user mastek\poc does not have sufficient permissions to perform the
operation.
Date: 10/15/2009 1:36:15 PM
Application: System Center Operations Manager 2007
Application Version: 6.0.6278.0
Severity: Warning
Message: Failed to connect to server 'ind-mhp1som001.mastek.com'.
Insufficient privileges
Microsoft.EnterpriseManagement.Common.UnauthorizedAccessMonitoringException:
The user MASTEK\poc does not have sufficient permission to perform the
operation.
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer.HandleIndigoExceptions(Exception ex)
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer.CreateChannel(TieredManagementGroupConnectionSettings managementGroupTier)
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer..ctor(DuplexChannelFactory`1
channelFactory, TieredManagementGroupConnectionSettings managementGroupTier,
IClientDataAccess callback, CacheMode cacheMode)
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer.CreateEndpoint(ManagementGroupConnectionSettings
connectionSettings, IClientDataAccess clientCallback)
at
Microsoft.EnterpriseManagement.DataAbstractionLayer.SdkDataAbstractionLayer.Connect(ManagementGroupConnectionSettings connectionSettings)
at
Microsoft.EnterpriseManagement.ManagementGroup..ctor(ManagementGroupConnectionSettings connectionSettings)
at
Microsoft.EnterpriseManagement.ManagementGroup.Connect(ManagementGroupConnectionSettings connectionSettings)
at
Microsoft.EnterpriseManagement.Mom.Internal.UI.Common.ManagementGroupSessionManager.Connect(String
server, String username, SecureString password, String domain)
at
Microsoft.EnterpriseManagement.Mom.Internal.UI.Console.ConsoleWindowBase.ConnectWithCredentials(Exception ex, ConsoleJobEventArgs args)
The user is a Domain Admin and is part of the Local Admin Group on the Server.
Also the event viewer reports the following error:-
Event Type: Error
Event Source: OpsMgr SDK Service
Event Category: None
Event ID: 26319
Date: 10/15/2009
Time: 1:37:14 PM
User: N/A
Computer: IND-MHP1SOM001
Description:
An exception was thrown while processing Connect for session id
uuid:ac5899bf-4a23-4caa-8dd5-593001a9fe01;id=5.
Exception Message: The creator of this fault did not specify a Reason.
Full Exception:
System.ServiceModel.FaultException`1[Microsoft.EnterpriseManagement.Common.UnauthorizedAccessMonitoringException]:
The creator of this fault did not specify a Reason. (Fault Detail is equal to
Microsoft.EnterpriseManagement.Common.UnauthorizedAccessMonitoringException:
The user MASTEK\poc does not have sufficient permission to perform the
operation.).
The user mastek\poc is a member of SCOMAdmins group.It is also a member of
the Local administrators on the server , and member of the Domain Admins
group.
My test environement has AD with 3 sites and 1 DC in each site.
Any help is appreciated.