MOM 2005 and Firewalls - Original Posted Jun 30, 2005
I had to laugh at myself yesterday. It just kills me how a simple search will save you tons of effort and reading...
I am installing MOM 2005 as part of my testing. I ran the discovery and tried to deploy agents to all the computers on my network. Most of the agents installed perfectly. However, I notice that all of the ones that didn't install are Windows XP computers with Service Pack 2 (no, I am not really going to try to manage them, but I thought it would be interesting to see their data as I get fully up to speed on MOM 2005). Hmmm, interesting. So, I put it aside and figure I will attack it later.
As I am reading through tons of whitepapers, I see the process for manually installing agents using the MOM 2005 install media. Yep, just like MOM 2001, so this is nothing new to me. I am thinking to myself that I will probably need to do a manual install of the agents on a couple of the XP computers that failed and test them out. As I am thinking about this in the back of my mind and reading further, I notice that one of the reasons for doing a manual install of the agents from media is because of firewall issues where the MOM 2005 Managment Server can't access the computer to install agents because port 1270 needs to be open.
Wait... I am adding in my head, 2 + 2 = 4... There it is, I got it... Firewall issue... XP SP2... yes, there it is, I got it. SP2 for XP installs the firewall by default. I disable the firewall, and all is well. Of course, I could have just created the exception rule, too. I will do that later. I am pretty sure that I will need to open up more than 1270 as RPCs are needed as well.
So, today, I am doing some more digging and I stumble on the
KB article 885726 which has been out for a good while now. It pretty much says that MOM 2005 will not be able to install agents on XP with SP2 when the firewall is in use and doesn't allow port 1270.
One of these days I will learn to do a little searching before I start experimenting.