在 Operations Manager 中連線管理群組Connecting management groups in Operations Manager

重要

已不再支援此版本的 Operations Manager,建議升級至 Operations Manager 2019This version of Operations Manager has reached the end of support, we recommend you to upgrade to Operations Manager 2019.

連線到 System Center Operations Manager 中的管理群組可讓您在單一 Operations 主控台中檢視來自多個管理群組的資料並與之互動。Connecting management groups in System Center Operations Manager enables the ability to view and interact with data from multiple management groups in a single Operations console. 可使用彙總檢視的管理群組稱為本機管理群組,而提供資料給彙總檢視的管理群組則稱為連線管理群組。The management group in which the consolidated view is available is called the local management group, and those that contribute their data to the consolidated view are called the connected management groups. 這些群組以階層方式相互關聯,連線群組位於底層,本機群組位於最上層。They relate to each other in a hierarchical fashion, with connected groups in the bottom tier and the local group in the top tier. 連線群組彼此為對等關係。The connected groups are in a peer-to-peer relationship with each other. 每個連線群組均看不到其他連線群組或與之互動;您只能從本機群組看到連線群組。Each connected group has no visibility or interaction with the other connected groups; the visibility is strictly from the local group into the connected group.

注意

Operations Manager 不支援對等管理群組之間的資料通訊。Operations Manager does not support communication of data between peer management groups. 只支援本機到連線階層的設定。Only the local to connected hierarchy configuration is supported. 不支援管理群組同時為本機群組和連線群組的多層模式。Multiple tiers, where a management group would be both a local group and a connected group, are not supported.

當您連線到管理群組時,並不會部署任何新伺服器,而是允許本機管理群組存取連線管理群組中的警示和探索資訊。When you connect management groups, you are not deploying any new servers; rather, you are allowing the local management group to have access to the alerts and discovery information that is in a connected management group. 如此一來,您就可以在單一 Operations 主控台中檢視和處理來自多個管理群組的所有警示和其他監視資料。In this way, you can view and interact with all the alerts and other monitoring data from multiple management groups in a single Operations console. 此外,您還可以在連線管理群組的受監視電腦上執行工作。In addition, you can run tasks on the monitored computers of the connected management groups.

已連線的管理群組提供下列額外服務:Connecting management groups offers these additional services:

  • 針對超過 6,000 個代理程式提供彙總監視和警示功能Consolidated monitoring and alerting for greater than 6,000 agents

  • 跨信任界限提供彙總監視Consolidated monitoring across trust boundaries

重要

兩個管理群組都必須執行相同版本的 Operations Manager。Both management groups must be running the same build of Operations Manager. 例如,兩個管理群組都必須執行 System Center 2016 – Operations Manager。For example, both management groups must be running System Center 2016 - Operations Manager.

除了多台伺服器、單一管理群組設定中使用的所有通訊通道,連線管理群組需要本機群組的管理伺服器和連線群組的管理伺服器透過 TCP 5723 和 5724 通訊。In addition to all of the communications channels used in the multiple server, single management group configuration, connected management groups require communication between the management servers of the local group and the management servers of the connected group over TCP 5723 and 5724. 如需 Operations Manager 所使用的完整連接埠清單,請參閱Operations Manager 的防火牆For a complete list of ports used by Operations Manager, see Configuring a Firewall for Operations Manager.

連線管理群組支援所有 Operations Manager 使用者角色,並使用 Operations Manager 連接器架構啟用連線群組和本機群組間的雙向通訊。Connected management groups support all Operations Manager user roles and makes use of the Operations Manager Connector Framework to enable bidirectional communication between the connected groups and local groups.

在此程序中,您會在兩個管理群組之間建立連線。In this procedure, you create a connection between two management groups. 這些管理群組可以位於相同網域中,或可以位於信任的網域中。These management groups can be in the same domain, or they can be in trusted domains. 您可以連線到位於不受信任網域中的管理群組,但除非從本機管理群組的網域新增帳戶到連線管理群組的 Operations Manager 角色,否則無法從這些網域檢視資料。You can connect to management groups that are in domains that are not trusted, but you cannot view data from those domains until you add an account from the domain of the local management groups to an Operations Manager role for the connected management group. 若要這麼做,網域間必須建立信任。To do this, a trust must be established between the domains.

在您開始使用 Intune 之前Before you start

  1. 若要連線管理群組,您必須提供連線的管理群組的管理伺服器完整網域名稱 (FQDN)。To connect management groups, you must provide the fully qualified domain name (FQDN) of a management server of the connected management group. 本機管理群組的管理伺服器必須能夠解析此 FQDN。The management server of the local management group must be able to resolve this FQDN. 如果兩個管理群組未使用相同的網域名稱系統 (DNS) 服務,您必須在本機管理群組使用的 DNS 服務中建立次要 DNS 區域。If the two management groups do not use the same Domain Name System (DNS) service, you must create a secondary DNS zone in the DNS service that the local management group uses. 這個次要 DNS 區域會從連線管理群組的主要 DNS 區域傳送 DNS 資訊。This secondary DNS zone transfers the DNS information from the primary DNS zone of the connected management group. 所傳送的資訊基本上就是可供本機管理群組之管理伺服器使用的 DNS 資訊複本。The transferred information is essentially a copy of the DNS information that is available to the management server of the local management group.

  2. 將連線管理群組的 System Center 資料存取服務和 System Center 管理設定服務帳戶新增到連線管理群組的 Operations Manager 系統管理員角色,或將其新增到連線管理群組網域中的網域型 Operations Manager 系統管理員安全性群組,此群組已經新增到 Operations Manager 系統管理員角色。Add the System Center Data Access service and System Center Management Configuration service account of the connected management groups to the Operations Manager Administrator role for the connected management group, or add it to the domain-based Operations Manager Administrator security group in the connected management group's domain, which has already been added to the Operations Manager Administrator role.

  3. 從連線管理群組收集 System Center 資料存取服務和 System Center 管理設定服務帳戶認證。Collect the System Center Data Access service and System Center Management Configuration service account credentials from the connected management groups. 當您將連線管理群組新增到本機管理群組時,需要使用這些認證。These credentials are needed when you add the connected management group in the local management group.

  4. 識別本機管理群組的網域中需要從連線管理群組存取資料的使用者。Identify users in the domain of the local management group that will need access to data from the connected management groups. 這些使用者必須新增到連線管理群組中的適當 Operations Manager 角色。They must be added to the appropriate Operations Manager roles in the connected management group.

若要連線管理群組To connect management groups

  1. 使用屬於 Operations Manager 系統管理員使用者角色成員的帳戶登入電腦。Log on to the computer with an account that is a member of the Operations Manager Administrators user role.

  2. 在已連線至目的管理群組的 Operations 主控台中,按一下 [系統管理] 。In the Operations console that is connected to the destination management group, click Administration.

  3. 在 [系統管理] 工作區中,以滑鼠右鍵按一下 [已連線的管理群組] ,然後按一下 [新增管理群組] 。In the Administration workspace, right-click Connected Management Groups, and then click Add Management Group.

  4. 在 [加入管理群組] 對話方塊中,執行下列動作:In the Add Management Group dialog box, do the following:

    1. 輸入需要連線之管理群組的 [管理群組名稱] 。Type the Management Group name of the management group to be connected.

    2. 輸入需要連線之管理群組中 [管理伺服器] 的完整網域名稱 (FQDN)。Type the fully qualified domain name (FQDN) of a Management Server in the desired management group to be connected.

    3. 指定初始連線至已連線管理群組所使用的帳戶,方式是保留選取 [使用 SDK 服務帳戶] ,或選取 [其他使用者帳戶] ,然後輸入 [使用者名稱] 、[密碼] 和 [網域] 。Specify the account that will be used for the initial connection to the connected management group, either by leaving Use SDK service account selected or selecting Other user account and typing in the User name, Password, and Domain. 帳戶必須是連線管理群組的 Operations Manager 系統管理員角色成員。The account must be a member of the Operations Manager Administrators role for the connected management group.

  5. 按一下 [加入] 。Click Add.

授與已連線管理群組的存取權To grant access to Connected Management Groups

  1. 在本機管理群組中,找出需要存取已連線管理群組的使用者。Identify users in the local management group that need access to the connected management groups.

  2. 將這些使用者新增為已連線管理群組中適當使用者角色的成員。Add those users as members to the appropriate user role in the connected management groups.

    注意

    如果本機和已連線的管理群組位於不同的網域,而且這兩個網域之間沒有信任關係,您必須在已連線的管理群組網域中,為本機管理群組網域中的使用者建立帳戶。If local and connected management groups are not in the same domain and there is no trust relationship between the two domains, you will have to create accounts in the connected management group domain for the users in the local management group domain to use.

  3. 在本機管理群組的 Operations 主控台的 [系統管理] 檢視中,展開 [安全性] ,然後按一下 [使用者角色] 。In the Operations console for the local management group, in the Administration view, expand Security, and then click User Roles.

  4. 在右窗格中,以滑鼠右鍵按一下您要授與已連線管理群組存取權的使用者角色,然後按一下 [內容] 。In the right pane, right-click the user role to which you want to grant connected management group access, and then click Properties.

  5. 在 [群組領域] 索引標籤上,選取您要對其授與此使用者角色存取權的已連線管理群組,然後按一下 [確定] 。On the Group Scope tab, select the connected management groups to which you want to grant access to this user role, and then click OK. 如果使用者具有至少一個已連線管理群組的使用權限和存取權,則 [監視] 空間中任何 [警示] 檢視的工具列都會顯示 [顯示連線的警示] 按鈕。A user with both permission and access to at least one connected management group will see the Show Connected Alerts button in the toolbar of any Alert view in the Monitoring space.

  6. [登入] 對話方塊將會出現,並提示使用者輸入認證 (用來登入已連線的管理群組)。A Log On dialog box appears and prompts the user for credentials (to log on to the connected management groups). 請輸入認證,然後按一下 [確定] 。Enter the credentials, and then click OK. 警示隨即出現;這些警示的來源是您對其具有存取權和使用權限的所有已連線管理群組。Alerts appear from all connected management groups for which you have access and permission. 您可以在已連線管理群組的受管理電腦上執行工作。You can run tasks in the managed computers of connected management groups.

後續步驟Next steps

  • 若要使用排程,在已計劃的維護期間暫時停止監視電腦、電腦群組或受監視的物件,或是在針對問題進行疑難排解的時候停止監視,請參閱如何使用維護模式暫停監視To stop monitoring of a computer, group of computers or monitored object temporarily during planned maintenance using a schedule, or to stop monitoring while troubleshooting an issue, see How to Suspend Monitoring Temporarily by Using Maintenance Mode.

  • 群組可協助分類、分級或排列一或多個受監視的物件以管理視覺化資料、覆寫、報表等等的目標。Groups help categorize, classify or arrange one or more monitored objects to manage targeting of visualized data, overrides, reports, and more. 若要了解如何建立群組以及群組的常見用法,請參閱建立及管理群組To learn how to create groups and common uses for groups, see Creating and Managing Groups.

  • Operations Manager 延伸 PowerShell 命令列環境和工作指令碼技術,將大部分的 Operations Manager 系統管理工作自動化。Operations Manager extends the PowerShell command-line environment and task-based scripting technology to automate most Operations Manager administrative tasks. 請參閱使用 Operations Manager 殼層See Using Operations Manager Shell .

  • 若要了解如何從 Operations Manager 主控台啟動常用的工具或命令,協助減少調查及診斷問題所需的時間,請參閱在 Operations Manager 中執行工作To learn how to launch common tools or commands from the Operations Manager console to help reduce your time investigating and diagnosing issues, see Running Tasks in Operations Manager.