Deploying the Single Server, Single Management Group Scenario

  • Article

Applies To: Operations Manager 2007 R2, Operations Manager 2007 SP1

This topic provides the procedures to deploy the single server, single management group scenario. It is applicable for both Windows Server 2003 and Windows Server 2008. This procedure assumes that Windows PowerShell and SQL Server 2005 or SQL Server 2008 have been installed with the user interface, database, and reporting options. For a complete list of required software and supported configurations, see Operations Manager 2007 R2 Supported Configurations at https://go.microsoft.com/fwlink/?LinkId=89360. For complete instructions on installing and configuring SQL Server 2005, see https://go.microsoft.com/fwlink/?LinkId=146945 and for SQL Server 2008, see https://go.microsoft.com/fwlink/?LinkId=146943

Before You Start

To prepare accounts and groups in Active Directory

  1. In Active Directory Users and Computers, create five accounts: the Management Server Action account, the SDK and Configuration Service account, the Data Reader account, the Data Warehouse Write Action account, and an Operations Manager Administrator account (for example, OpsMgrAdmin). These can all be domain user accounts. No special privileges are required at the domain level.

    Note

    If you have a domain password expiration Group Policy in place and you do not want to change these service account passwords on the same schedule, select Password never expires for the individual accounts.

  2. In Active Directory Domain Services, create a Global Security group for the Operations Manager Administrators. If you plan to use of any of the other Operations Manager 2007 R2 roles, create e-mail-enabled Global Security groups for those also.

  3. Add the Operations Manager Administrator Account to the Operations Manager Administrators Global Security group.

To prepare accounts and groups on the Operations Manager server

  1. On the server that you are going to install Operations Manager on, log on with an account that has local administrator rights.

  2. In the Computer Management tool, under Local Users and Groups, open the Administrators group and add the Operations Manager Administrators Global Security group that you created in step 2 of "To prepare accounts and groups in Active Directory." Also add the accounts that you created to use as the Management Server Action account, the SDK and Config account, the Data Reader account, and the Data Warehouse Write Action account.

  3. Log off and then log back on with the Operations Manager Administrator account (for example, OpsMgrAdmin).

Validating your SQL Server Installation

This procedure assumes that SQL Server 2005 Standard or SQL Server 2005 Enterprise editions or SQL Server 2008 Standard or SQL Server 2008 Enterprise editions or SQL Server 2008 R2 Standard or SQL Server 2008 Enterprise editions have already been installed. Prior to installing Operations Manager 2007 R2, you should verify your SQL Server Reporting Services installation is functioning correctly and that the SQL Server Service Principal Name (SPN) is set correctly. For detailed information on why you must register the SQL Server SPN, see: Registering a Service Principal Name https://go.microsoft.com/fwlink/?LinkId=162313. You will need the setspn.exe tool from the Windows Server 2003 Support Tools, to check the SPN registration and to set it manually if necessary. This procedure assumes that you have installed the setspn.exe on the server that you will be installing Operations Manager 2007 R2 on.

Note

If you are using SQL Server 2008 R2, you must install the Operations Manager 2007 R2 databases using the DBCreateWizard tool. See KB2425714 for details.

Note

SQL Server Reporting Services, when used to support Operations Manager 2007 R2, cannot have any additional Reporting Services applications installed on the same instance of SQL Server. Also, SQL Server Reporting Services must be configured to run in Native mode, not SharePoint Integrated mode.

To validate your SQL Server Installation to support the single server, single management group scenario

  1. Confirm the existence of the ReportServer and ReportServerTempDB databases in SQL Server Management Studio. Click Start, point to Programs, point to Microsoft SQL Server edition, point SQL Server Management Studio, and connect to the default database instance. Open the Databases node and look for the two Reporting Services databases.

  2. Confirm the correct configuration of SQL Server Reporting Services. Click Start, point to Programs, point to Microsoft SQL Server edition, point to Configuration Tools, and click Reporting Services Configuration to launch the Configure Report Server tool. Connect to the instance that you installed Reporting Services on.

  3. In the left pane, ensure that Server Status, Report Server Virtual Directory, Report Manager Virtual Directory, Windows Service Identity, Database Setup, and Initialization are not flagged as Not configured; any other state is acceptable. If any are flagged Not configured, select the item and follow the configuration instructions in the right pane.

  4. Confirm that the SQL Server reporting Services service is running. Click Start, point to Settings, and select Control Panel. In the Control Panel, select Administrative Tools, and open Services.

  5. In the Name column, find the SQL Server Reporting Services instance service and confirm that its status reads Started and that its Startup Type is reads Automatic.

  6. Confirm that the Report Server Web site is up by browsing to http://<computername>/ReportServer<instancename>. You should see a page with the <servername>/ReportServer<$INSTANCE> and the text Microsoft SQL Server Reporting Services Version #.##.####.## where the # is the version number of your SQL Server installation.

  7. Confirm the correct configuration of Report Manager Web site by opening Internet Explorer and browsing to http://<servername>/reports<instance>.

  8. Once you are in the Report Manager Web site, click New Folder to create a new folder. Enter a name and description and click OK. Ensure that the new created folder is visible on the Report Manager Web site.

For more information on how to verify a SQL Server Reporting Services installation see: https://go.microsoft.com/fwlink/?LinkId=137091

Verify SQL Server SPN is registered correctly

  1. Log on to the computer that you will be installing Operations Manager 2007 on with an account that has administrator rights in the domain.

  2. Open a command prompt window by using the Run as administrator option.

  3. In the command prompt window, type setspn –L <sqlservercomputername> if the SQL Service account is Local System or Network Service. If the SQL Service account is a domain account, then type setspn –L <username>.

  4. In the list that appears, if the SQL Server SPN has been registered correctly, you will see MSSQLSvc/<serverFQDN>:SQLServerportnumber. For example, if the SQL Server computer name is computer1.contoso.com, the output would be “MSSQLSvc/computer1.contoso.com:1433” where 1433 is the default port for SQL Server.

  5. If the SPN is not registered, run setspn –A <servername> to register it.

  6. If the SPN is listed, but is not correct, then run setspn –R <servername> to re-register it correctly.

Installing Operations Manager 2007 R2 Single Server Configuration

The Prerequisite checker only checks for the presence of the minimum required components and configuration. For example if you are installing Operations Manager 2007 R2 on Windows Server 2008, the prerequisite checker will return a rating of Passed as installing and running Windows Server 2008 is supported by Operations  2007 R2.

To use the Prerequisite Viewer for single server configuration

  1. Log on to the server that you are going to install Operations Manager on with an account that has Operations Manager administrator rights and local administrator rights.

  2. On your installation media, run SetupOM.exe to start the System Center Operations Manager 2007 R2 Setup wizard.

  3. On the Start page, under the Prepare heading, click Check Prerequisites to start the Prerequisite Viewer.

  4. In the Components box, select all options, which are Operational Database, Server, Console, Power Shell, Web Console, Reporting, and Data Warehouse, and then click Check.

    Note

    When all components are selected, the Prerequisite Viewer checks for the minimum of Windows Server 2003 SP1, SQL Server 2005 SP1, SQL Server Reporting Services SP1, MDAC version 2.80.1022.0 or later, .NET Framework version 2.0, .NET Framework 3.0 components, and Windows PowerShell. If you are installing on Windows Server 2008, it checks to see if IIS 7 is installed and that IIS 7 Windows Authentication is configured. You must also ensure that IIS 6 backwards compatibility mode is enabled. It then checks to ensure that the WWW service is running and set to automatic startup mode.

    Note

    The results are displayed at the bottom of the Prerequisite Viewer. If there are any deficiencies, they are marked either as a Warning or as Failed. Warnings can be ignored at the risk of degraded performance; Failed prerequisites must be fixed before the installation can proceed. You can close the Prerequisite Viewer, fix the items, and rerun the Prerequisite Viewer checks as many times as necessary until a Pass evaluation is achieved on all items. You can click any row for more details as well as remediation steps.

    Note

    Multiple Operations consoles can be installed in a management group. Each one accesses the root management server (RMS). If one of the servers that the Operations console component has been installed on fails, you can install additional consoles on other servers or workstations and use them to connect to the RMS to perform management functions. In this scenario, you can install Operations consoles on client machines if you wish.

  5. When you are finished with the Prerequisite Viewer, click Close.

    Warning

    Operations Manager 2007 does not support the renaming of servers or changing the DNS namespace that the server is in, once any Operations Manager server role has been installed. To rename a server, you must first uninstall any Operations Manager 2007 server roles.

To install the server components

  1. Log on to the server that you are going to install Operations Manager on with an account that has Operations Manager administrator rights and local administrator rights and SQL administrator rights.

    Note

    It is necessary to use an account with local administrator rights because the setup process creates services, folders structures, SQL databases, SQL logins and SQL roles.

  2. On your installation media, run SetupOM.exe to start the System Center Operations Manager 2007 Setup Wizard.

  3. On the Start page, under the Install heading, click Install Operations Manager 2007 R2 to start the Operations Manager 2007 Setup Wizard.

  4. On the Setup Wizard Welcome page, click Next.

  5. On the End User License Agreement page, read the license agreement, select the I accept the terms in the license agreement option, and then click Next.

  6. On the Product Registration page enter the appropriate values in the User Name and Organization fields. Enter your 25-digit CD Key, and then click Next.

  7. On the Custom Setup page, ensure that all the components are set to This component, and all dependent components, will be installed on the local disk drive. If you want to change the installation directory, click Browse and enter the appropriate path and folder name, and then click Next.

  8. On the Management Group Configuration page, in the Management Group name box, enter the appropriate management group name.

    Note

    After the management group name is set, it cannot be changed. The Management Group name cannot contain the following characters:, ( ) ^ ~ : ; . ! ? " , ' ` @ # % \ / * + = $ | & [ ] <>{}, and it cannot have a leading or trailing space. It is recommended that the Management Group name be unique within your organization if you plan to connect several Operations Manager 2007 R2 Management Groups together.

  9. In the Configure Operations Manager Administrators box, click Browse to select the Global Security group for Operations Manager Administrators, and then click Next.

  10. On the SQL Server Database Instance page, select the instance of the SQL Server database from the drop-down list if necessary. The drop-down list contains the SQL Server database instance name that was created when you installed SQL Server. This name should be the name of the server you are installing on. Click Next.

    Note

    The SQL Server Port must be the same as the SQL installation, by default 1433. Entering the wrong port will cause the installation to fail and roll back. If you encounter this failure, simply repeat the installation using the correct port.

    Note

    The default time format for the OperationsManager database is set in the SQL Server configuration. For information on SQL Server see Microsoft SQL Server https://go.microsoft.com/fwlink/?LinkID=162007 in the Technet Library.

  11. On the Database and Log File Options page, you can accept the default value of OperationsManager for the SQL Database Name, or you can change it. It is recommended that you accept the default. Enter the appropriate value in the Database size field or accept the default 1000-MB.

  12. The Data file location and Log file location boxes indicate where the Operations Manager database and log files will be installed. The default location is the installation directory of SQL Server on the computer. If you have created additional partitions or drives to separate the database files and the log files, click Advanced to enter the appropriate drive, path, and folder names. Otherwise, click Next.

  13. On the Management Server Action Account page, accept the default Domain or Local Computer Account option, enter the credentials of the management server Action account, and then click Next.

    Note

    For more information about what accounts to use for the management server action account and the SDK and Config account, see the Operations Manager Security Guide at (https://go.microsoft.com/fwlink/?LinkID=91153). By using a domain-based account, it will be much easier to perform discovery and push agent installation later on than it will be if you chose the Local System account. For more information about agent installation, see Agent and Agentless Monitoring.

  14. On the SDK and Config Service Account page, select the Domain or Local Account option and enter the credentials for the SDK and Config service account, and then click Next.

    Note

    Because all components are being installed on one server, you can select the Local System account option. But using a domain-based account allows you to add other management servers to the management group at a later date.

    Note

    If you receive an Account Verification Error when you click Next, either you mistyped the credentials or the SDK and Config service account was not added to the local Administrators group.

  15. On the Web Console Authentication Configuration page, accept the default selection of Use Windows Authentication (Recommended) if the Web Console will be primarily consumed from Intranet-based clients. Select Use Forms Authentication if you plan to offer the Web Console to Internet usage, and then click Next.

    Note

    Selecting Forms Authentication alone does not make the Web console available to Internet-based users. Additional steps and infrastructure are required.

  16. On the Operations Manager Error Reports page, you can optionally select Do you want to send error reports to Microsoft?. Click Next.

    Note

    The error reports selection has no effect on the deployment or functionality of the Agentless Exception Management feature in Operations Manager 2007 R2.

  17. On the Microsoft Update page, you can optionally select User Microsoft Update when I check for updates (recommended), and then click Next

  18. On the Customer Experience Improvement Program page, indicate whether you want to join this program, and then click Next.

  19. On the Ready to Install the Program page, click Install when you are ready for the installation to proceed.

  20. On the Completing the System Center Operations Manager 2007 R2 Setup Wizard page, accept the default options to Back up Encryption Key and to Start the Console, and then click Finish. The Operations Console and the Encryption Key Backup or Restore Wizard will start.

    Note

    If Setup fails, the wizard will provide a link to open the setup log and a value to search for within the log.

    Note

    If you uninstall the server components, the Operations Manager event log and the Operations Manager installation folder (default: %ProgramFiles%\Microsoft System Center Operations Manager 2007) will not be deleted. This is by design.

When installation is complete, the wizard will start the Operations console. If the Operations console does not start successfully or you are prompted for credentials, you probably are not logged on with an account that is a member of the Operations Manager Administrators security group.

To use the Encryption Key Backup or Restore Wizard to backup the RMS encryption key

  1. On the Introduction page, click Next.

  2. On the Backup or Restore? page, select Backup the Encryption Key, and then click Next.

  3. On the Provide a Location page, specify a valid path for the encryption key file, and then click Next.

  4. On the Provide a Password page, enter an eight-character or longer password to secure the encryption key file, and then click Next to start the backup process.

  5. On the Secure Storage Backup Complete page, click Finish.

Confirming the Health of the Management Group

The core management group roles of root management server, OperationsManager database, Operations console, PowerShell, and Web console have now been installed. Reporting and Audit Collection Services are installed separately. For more information about Reporting and Audit Collection Services, see Deploying Reporting in the Single Server, Single Management Group Scenario and How to Deploy Audit Collection Services (ACS). Prior to deploying agents and importing management packs, it is necessary to confirm the health state of the management group.

To confirm the health of the Management Group

  1. In the Operations console, in the Monitoring view, expand the Operations Manager folder, and then expand the Management Server folder.

  2. In the Management Server folder, select the Management Server State view. Confirm that the Root Management Server health state is listed as Healthy. This view tracks the health state of all the roles that are installed on the management server by showing entries for the Collection Management Server state (ACS) and the Gateway Management Server state.

  3. Open SQL Server Management Studio, expand the Databases folder, and confirm the existence of the OperationsManager database and that it is online.

  4. Expand the OperationsManager database, expand the Security folder, and select the Users folder. Confirm that the management server action account and the SDK and Config domain accounts are present.

  5. Right-click the management server action account and display its properties. In the Database role membership box, confirm that the management server action account is a member of the db_datareader, db_datawriter and dbmodule_users SQL roles.

  6. Right-click the SDK and Config service account and display its properties. In the Database role membership box, confirm that the SDK and Config service account is a member of the configsvc_users, db_datareader, db_datawriter, db_ddladmin and sdk_users SQL roles.

To confirm the health of the Web console

  • Click Start, point to All Programs, point to System Center Operations Manager 2007 R2, and select Web Console. Confirm that the Web Console starts successfully.

    Note

    The default URL for the Web console is http://<servername>:51908. This can be set in the Operations console, Administration view, Settings object, Web Address properties.