Posts Tagged ‘GW’

How to stop false heartbeat alerts for DMZ servers

12/04/2011 Leave a comment

One of the strange things in OpsMgr is the relationship between Health Service Watcher object and the Root Management Server. A common mistake is to think that when we point a server to a gateway server (GW) or a Management Server (MS), the GW or MS are responsible to alert us about the availability of the monitored server.

This is not the case in the current version of OpsMgr (hopefully next version will help us dill with it better). All  Health service Watcher objects are placed on the RMS, and if the GW server is down we will get a lot of “Computer not reachable” & “Health Service Heartbeat Failure” for servers that are up and running!!!


Lets start with a common scenario where we have a GW server that is connected to a MS thru a FW.


in this scenario when the MS,GW or FW is down we will get a lot of false alarms in the console that alert us that all agents behind the FW are down.

We have 2 options to work around this:

Option 1: 


Add another GW server (GW2) and set all agents to failover to the new one in case of a failure in GW1. (How to failover an agent\GW). take in mind that if the FW or network devices that connect the GW to the MS fail you will still get all the unwanted alerts.

Option 2: We need to create an override for the 2 monitors “Computer not reachable” & “Health Service Heartbeat Failure” and to create a rule on the GW server that will catch an event when a monitored server is down.

1. Create a group that contain all health service watcher (agent) in the DMZ, in my case it was easy, I just needed to exclude all my internal domains agents


2. Go to authoring pane and search for the 2 monitor “Computer not reachable” & “Health Service Heartbeat Failure” and set an override to the group created in step 1.



3. Create an event rule that catch the following event and assign the rule only to the GW server.


in the end you will have 2 overtraded monitors and a new event rule


Hope this will help you to lower the number of false notification alerts.

Categories: OpsMgr Tags: , , ,

OpsMgr – How to set a primary MS for a Gateway server

16/01/2010 Leave a comment

Several days ago I was asked by one of my customers to changed the primary server for a gateway server for load balancing.


Until now there was only one management server (RMS) and now after deploying a second MS we needed to move the gateway from RMS to MS.


To accomplish this I used the following Powershell commands:


First we need to set the primary MS and failover MS :

$primaryMS = Get-ManagementServer | where {$_.Name -eq ‘MS.mydom.corp’}


$failoverMS = Get-ManagementServer | where {$_.Name -eq ‘RMS.mydom.corp’}


Set the Gateway server name:

$gatewayMS = Get-GatewayManagementServer | where {$_.Name -eq ‘GW.DMZ.corp’}


The following commnad set a primary and failover MS for a gateway:

Set-ManagementServer -GatewayManagementServer: $gatewayMS -primarymanagementserver: $primaryMS -FailoverServer: $failoverMS


To verify the change I used the following command:

Get-GatewayManagementServer | where {$_.Name -eq ‘GW.DMZ.corp’| Get-FailoverManagementServer



Categories: OpsMgr Tags: ,

OpsMgr 2007 R2 – Recover a failed gateway server

25/12/2009 Leave a comment

We had a problem last week with a gateway server.

There was no option to recover the server and we need to do a clean install.


So we followed these steps:


1. New OS installation. (the same name and IP)

2. Installation of a new gateway server

3. Import the old certificate (we used the old server certificate),

but I think that a new one can be generated. just remember to use the same root ca as for the RMS/MS.


And everything start to work just like it was before the crash.

Categories: OpsMgr Tags: ,