29 August 2014

SCOM 2007 - error 0x80090303

Event ID 21001
The OpsMgr Connector could not connect to MSOMHSvc/hostname.local because mutual authentication failed. Verify the SPN is properly registered on the server and that, if the server is in a separate domain, there is a full-trust relationship between the two domains.

Event ID 20057
Failed to initialize security context for target MSOMHSvc/hostname.local. The error returned is 0x80090303 (The specified target is unknown or unreachable). This error can apply to either the Kerberos or the SChannel package.

my setup: certificate based authentication for servers in workgroup.

problem identified: MOMCertImport tool wrote the wrong certificate serial number to the registry so the wrong certificate was used for authentication.

registry key: HKLM\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Machine Settings\ChannelCertificateSerialNumber

this registry key must contain the certificate serial number from : Local Computer / Personal / Certificates folder

!!! the certificate serial number is wrote in the registry in reverse order.!!!

No comments:

Post a Comment