Raphael Burri's blog

Mostly about Systemcenter Operations Manager 2012

Untrusted AD integration – Suppress misleading RunAs Alerts

Posted by rburri on December, 3 2008

When using OpsMgr’s Active Directory integration for remote (untrusted) domains, you will receive alerts by two monitors, complaining that the RunAs accounts used for the remote domain integration were not correctly configured. The monitors are defined in Microsoft.SystemCenter.2007 MP:

  •   RunAs Account Monitoring Check
  •   RunAs Successful Logon Check                                             

This is actually expected since the Root Management Server can not log on in its local domain using the remote user. In order to suppress these alerts you could disable the monitors (in the context of the RMS), using overrides. The downside of this is that you would miss out on any other locally defined RunAs accounts’ failures.

I chose an alternate approach by disabling the original monitors and replacing them with new ones, which allow filtering on the RunAs user account’s name.  The replacement monitors are:

  • RunAs Successful Logon Check (Replaced)
  • RunAs Account Monitoring Check (Replaced)

In order to reuse these two in your own environment, edit above monitors and replace the account names in the unhealthy event expression (FirstExpression) with the account names you would like to exclude from the RMS monitors. Should one of your RunAs accounts in the untrusted domains become invalid, you will receive other alerts from the AD writer.

Download link for a sample MP containing the RunAs overrides and monitors:
Custom.AD.Integration.Untrusted.RunASMonitorsExtension.xml MP V 1.0.0.0 (rename after downloading – it is a zip file)

About these ads

One Response to “Untrusted AD integration – Suppress misleading RunAs Alerts”

  1. [...] of Raphael Burri’s Blog – http://rburri.wordpress.com/2008/12/03/untrusted-ad-integration-suppress-misleading-runas-alerts/ Published Friday, December 26, 2008 1:56 AM by walterch Filed under: Operational [...]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.

%d bloggers like this: