Using MOM with Non-Trusted Domains or Workgroups for Additional Security

Your IT environment might be composed of both trusted domains and non-trusted domain, or workgroups. Depending on your topology, this separation might present an issue. Table 7 shows when a connection across a trusted/non-trusted barrier is supported for MOM computers.

Table 7 - Non-Trusted Domain Compatibility with MOM 2005

Connection

Non-Trusted

Remarks

Management Server - Agentless

NO

Management Servers Action Account must be administrator on remote computer

Management Server - Administrator console

NO

 

Management Server - Operator console

NO

 

Management Server - Agent

OK

See note below.

Management Server - MOM Database

NO

 

Reporting Database - MOM Database

NO

 

Reporting Database - Reporting console

OK

HTTP port 80

Management Server - Web console

OK

TCP port 1272

MMPC - MMPC

OK

TCP port 1271

OK - communication with a non-trusted domain is supported

NO - communication with a non-trusted domain is not supported

Note

Support for Installing Agents Across a Trust Boundary - Agents can be push installed to a non-trusted domain in most environments except to a Domain Controller. Also, because of the large number of configuration combinations available in Active Directory, not all have been tested thoroughly and push-installing agents to target computers in your specific environment might not work properly. If this happens the agents must be installed manually.

Show: