Deploying Multiple Management Groups with Multihomed Agents
You can configure agents to be members of, and to report to, more than one management group by using multihoming. Multihoming allows you to distribute monitoring requirements across different groups within your organization. For example, one group monitors a computer only for security issues, while another group monitors the same computer because it is running a specific Microsoft Windows application, such as Microsoft Exchange. By installing multiple management groups and then multihoming Microsoft Operations Manager (MOM) agents, you can distribute monitoring requirements across these groups.
In This Chapter
Before You Begin
Before you begin deploying MOM, review the key concepts of MOM and your deployment design and planning documents. Areas to review include:
Chapter 3, "Deploying MOM 2005 Across Multiple Computers."
The MOM 2005 release notes to identify any changes that could affect planning for a new deployment (for example, performance and sizing calculations).
The Microsoft Operations Manager 2005 Security Guide.
Identifying Computers to be Multihomed
Identify the computers on which you want to have multihomed agents. If you plan to install agents remotely by using the MOM Administrator console, decide which Management Server within each management group you will use to install the agent.
Multihoming a MOM Management Server or Database Server- If you plan to monitor a MOM Management Server or Database Server for one management group from another management group, the Management Server or Database Server will not appear in the Microsoft Operations Manger 2005 Agents group in the MOM Operator console, but rather in the Microsoft Operations Manger 2005 Servers or Microsoft Operations Manger 2005 Databases group.
Reviewing Installation Requirements
Before installing agents, verify that all managed computers meet the minimum system requirements. For more information about these requirements, see the MOM 2005 Supported Configurations data sheet.
Multihomed agents require an additional 3 MB of disk space for each additional management group that the agent belongs to.
Verifying Network Connectivity to Managed Computers
Run network connectivity tests, such as the Ping tool, to verify that the communication between each Management Server and the managed computers is functioning correctly.
Determining Which Agent Installation Method to Use
You can install multihomed agents on a managed computer either remotely, by using the Add Computers Wizard in the MOM Administrator console, or locally, by running the Manual Agent Setup Wizard on the target computer. You do not have to use the same installation method for all management groups, so you can use the installation method that works best for each management group.
Remotely installing multihomed agents
When you use a Management Server in the first management group to remotely install an agent to a target computer, MOM installs the agent software on the computer.
As you add this same computer to additional management groups, MOM does not install any additional software, it only adds the name of each new management group to the configuration for the managed computer. The Management Server then restarts the MOM service, which causes the agent to recognize the new management group.
Manually installing multihomed agents
Under certain circumstances, installing an agent manually is preferable to using the Management Server to install the agent. In some cases, installing the agent manually is the only method available for installing an agent. For more information about when and how to install agents manually see Chapter 4, "Discovering Computers and Deploying MOM Agents."
When you run the Manual Agent Setup Wizard locally on the target computer to add the first management group, MOM installs the agent software on the computer.
You can run the wizard again for each additional management group that you want the computer to belong to. When you add the computer to subsequent management groups, MOM does not install any additional software, it only adds the name of each new management group to the registry of the computer. The Manual Agent Setup Wizard then restarts the MOM service, which causes the agent to recognize the new management group.
Reviewing Security Implications
By default, on Windows 2000, the MOM Service on the managed computer runs under the Local System account and on Windows Server 2003 it runs under the Network Service account. When the MOM Service needs to run a task, such as checking the local providers for data or running a response, the service initiates a separate process. This process runs either in the context of the Local System / Network Service account or in the context of the domain or local account that was specified for the Action Account at the time that the agent was installed. For a multihomed agent, each management group can independently specify the agent Action Account that the MOM Service uses to check providers and run responses.
For additional information about the security implications for installing agents, see the Microsoft Operations Manager 2005 Security Guide.
Coordinating Multihomed Agent Ownership
It there are different administrators for the management groups that a multihomed agent will belong to, you should assign a primary owner for each multihomed agent or group of agents. The primary owner should work with the administrators of other management groups to coordinate the following:
Identify the method that will be used to install agents. The method might vary between management groups. Ensure that no agent will belong to more than four management groups.
Agent version and updates
Determine which version of the MOM agent is used and determine when the agent is updated. After an agent is updated, management groups cannot install a previous version of the agent unless the updated agent is uninstalled.
Disk space requirements
Ensure that adequate disk space is available on the managed computer for all management groups. See the "Review Installation Requirements" section earlier in this chapter.
Agent log file settings
Review the size requirements for the event log files on the managed computer. Set the log sizes to the maximum value that is required by any one of the management groups. For more information about configuring log files, see Chapter 4, "Discovering Computers and Deploying Agents."
Troubleshooting agent issues
Coordinate with administrators across management groups to troubleshoot and resolve agent issues.