Sunday, November 6, 2011

SCOM 2007 Installation checklist

I finally got involved in my first SCOM project and realized that client’s IT environment might not be as ideally as how we want it to be, in terms of their IT security policy / GPO. However, below is a some checklist which i think it is handy before we proceed with SCOM installation without much hiccups.

  • SCOM action account is created and granted with relevant permissions. Make sure that the SCOM action account is granted “log on as a service” and “log on as a batch job”. “Log on as a batch job” is required, especially if you are using SCOM action account to run the Service Level Dashboard. If not, the application pool for SLD in the IIS will be immediately stopped, once the SLD website is loaded.
  • Check if “System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing” is enabled and can be disabled if it is. If not, then you might need to apply kb911722 for the SCOM web console, if it is displaying "the implementation was not part of the windows platform FIPS validated cryptographic algorithms" at your browser.
  • The rest will the same as my previous SCOM 101 post.
Posted by at No comments:
Labels:

SQL 2008 R2 Reporting Services

Installing the SQL 2008 R2 reporting services is definitely a simple and straight forward step where you can just check to enable the option during the SQL 2008 R2 server installation. Often, it is the configuration part that gives you the headache.

When you try to access the SQL reporting or reportserver sites, you might encounter the following error message in the web browser, or the event logs below (screen captures). You might want to check the credentials used to run the SQL reporting service.

The report server cannot decrypt the symmetric key that is used to access sensitive or encrypted data in a report server database. You must either restore a backup key or delete all encrypted content. (rsReportServerDisabled) Get Online Help

Bad Data. (Exception from HRESULT: 0x80090005)

 

imageimage

Tried changing the account used to run the reporting service to use the SCOM admin account and it works !!! Smile

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)