Before You Import the Management Pack

  • Artikel

Betrifft: Internet Security and Acceleration Server (ISA), Operations Manager 2007, Operations Manager 2007 R2

Before you import the ISA Server 2006 Management Pack, note the following limitations of the management pack:

  • Previous versions of the ISA Management Pack must be removed before you can import ISA Management Pack version 6.0.6648.0.

  • For ISA Server 2006 environments that have both DNS and DHCP connectivity verifiers enabled:

    • If one connectivity verifier fails, the alert will identify the incorrect connectivity verifier as failing. This is a known issue and will be addressed in a future release of this management pack.

Before you import the ISA Server 2006 Management Pack, take the following actions:

  • Remove previous versions of the ISA Management Pack.

  • Configure the Operations Manager 2007 server to allow manual agent deployment on ISA Server computers.

  • Enable the system policy rule for Operations Manager on the ISA Server computers.

  • Install the Operations Manager agent on the ISA Server computers.

  • Import the ISA Server 2006 Management Pack to the Operations Manager server.

Configuring the Operations Manager Server to Allow Manual Agent Deployment on ISA Server Computers

To configure management server settings for manual agent deployment on the Operations Manager 2007 server

  1. In the Operations console, click the Administration button.

  2. In the Administration pane, Administration, click Settings.

  3. In the Settings pane, expand Type: Server, right-click Security, and then click Properties.

  4. In the Global Management Server Settings - Security dialog box, in the General tab, click Review new manual agent installations in pending management view, and then click OK.

  5. After completing the manual agent installation process and configuring the appropriate firewall rules on the ISA Server computer as described later, you will need to approve the agent for installation in the Pending Actions view in the Administration space.

Create a New Access Rule for Operations Manager

To create a new access rule for remote monitoring of ISA Server 2006 computers using the Operations Manager agent, perform the following procedure. For ISA Server Enterprise Edition, this procedure needs to be performed for each array in which you want to deploy the Operations Manager agent. For ISA Server Standard Edition, this procedure needs to be performed on each ISA Server computer on which you want to deploy the Operations Manager agent.

To create a new access rule for the Operations Manager agent in ISA Server

  1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.

  2. Expand the Firewall Policy node under the desired computer in the navigation pane, and click Create Access Rule in the tasks pane.

  3. Name the access rule Operations Manager Agent, and click Next.

  4. On the Rule Action page, select Allow and click Next.

  5. In This rule applies to, select Selected protocols and click Add.

  6. In the Add Protocols dialog box, click New, and then click Protocol.

  7. In the New Protocol Definition Wizard, enter TCP 5723 (HealthService).

  8. On the Primary Connection Information page, click New.

  9. On the New/Edit Protocol Information page, enter 5723 in both the From and To boxes, and click OK.

  10. On the Secondary Connections page, click Next, and then click Finish.

  11. In the Add Protocols dialog box, click New, and then click Protocol.

  12. In the New Protocol Definition Wizard, enter TCP 8530 (UpdateServices).

  13. On the Primary Connection Information page, click New.

  14. On the New/Edit Protocol Information page, enter 8530 in both the From and To boxes, and click OK.

  15. On the Secondary Connections page, click Next, and then click Finish.

  16. In the Add Protocols dialog box, click New, and then click Protocol.

  17. In the New Protocol Definition Wizard, enter TCP 8531 (UpdateServices).

  18. On the Primary Connection Information page, click New.

  19. On the New/Edit Protocol Information page, enter 8531 in both the From and To boxes, and click OK.

  20. On the Secondary Connections page, click Next, and then click Finish.

  21. In the Add Protocols dialog box, click New, and then click Protocol.

  22. In the New Protocol Definition Wizard, enter TCP 51906 (AEM).

  23. On the Primary Connection Information page, click New.

  24. On the New/Edit Protocol Information page, enter 51906 in both the From and To boxes, and click OK.

  25. On the Secondary Connections page, click Next, and then click Finish.

  26. On the Primary Connection Information page, click Next.

  27. On the Secondary Connections page, click Next.

  28. On the Completing the New Protocol Definition Wizard page, click Finish.

  29. In the Add Protocols dialog box, expand the User-Defined folder, select TCP 5723 (HealthService), TCP 8530 (UpdateServices), TCP 8531 (UpdateServices) and TCP 51906 (AEM), and click Add.

  30. Click Close to close the Add Protocols dialog box.

  31. On the Protocols page of the New Access Rule Wizard, click Next.

  32. In the Access Rule Sources dialog box, click Add.

  33. In the Add Protocols dialog box, expand the Networks folder, select Local Host, and click Add, and then click Close.

  34. On the Access Rule Destinations page of the New Access Rule Wizard, click Next.

  35. In the Add Network Entities dialog box, expand the Networks folder, select Internal, and click Add, and then click Close.

  36. On the Access Rule Destinations page of the New Access Rule Wizard, click Next.

  37. In the User Sets dialog box, click Next.

  38. On the Completing the New Access Rule Wizard page, click Finish.

  39. Click Apply to save changes and update the configuration.

Install the Operations Manager Agent on the ISA Server Computers

The Operations Manager agent runs on each computer that Operations Manager monitors. The Operations Manager agent is typically installed by starting the Discovery Wizard from the Operations Manager 2007 Administrator Console on the Operations Manager server. Because the Microsoft Firewall service blocks the traffic between the Operations Manager server and the ISA Server computers that is needed to install an Operations Manager agent, we recommend that you install the Operations Manager agent manually on each ISA Server computer that you want to configure as an Operations Manager agent computer by performing the following procedures.

To install the Operations Manager agent manually on an ISA Server computer

  1. On the computer on which you want to install the agent, run SetupOM.exe from the Operations Manager 2007 installation media.

  2. Click Agent to install an agent.

  3. In the Agent Setup Wizard, select the Specify Management Group Information option.

  4. On the Management Group Configuration page, specify the following:

    • In the Management Group Name box, type the name of the management group to which the agent will connect.

    • In the Management Server Name box, type the fully qualified domain name (FQDN) of the Operations Manager 2007 server.

  5. Select either Local System or specify a domain user account for the agent action account.

  6. Complete the Agent Setup Wizard.

To approve the agent on the Operations Manager server

  1. In the Operations Manager Console, click the Administration button.

  2. Click Administration, expand Administration, expand Device Management, and then click Pending Management.

  3. In the Pending Management pane, select computers in Type: Manual Agent Install.

  4. Right-click the computers, and then click Approve.

  5. In the Manual Agent Install dialog box, click Approve to display the computers in the Agent Managed node showing that they are ready to be managed.

    Hinweis

    Rejected agents remain in Pending Management until the agent is uninstalled for the Management Group.