For manual installation of agents SCOM has a way to utilize AD DS to assign agent-managed computers to Management Groups.
First Step in achieving this is by running Disk:\SupportTools\CPUArch\MomADAdmin.exe using domain admin account
For my setup I ran MomADAdmin with the following parameters
MomADAdmin.exe MgmtGrp Mulpuru\OpsMgrAdmin SCOM01 MULPURU
MgmtGrp is the ManagementGroup name choosen @ SCOM Installation
OpsMgrAdmin is MOMAdminSecurityGroup
SCOM01 is RootManagementServer(RMS)
MULPURU is the Domain Name
What did MomAdAdmin.exe do?
The following
- Creates OperationsManager OU object under Domain Root, MgmtGrp OU, HealthServiceSCP OU and MgmtGrp_HSvcSCP_SG Global Group
- The AD DS security group (OpsMgrAdmin) provided in the command line is granted read and delete child permissions to the container. this way, OpsMgr admins are given the permission necessary to add Management Servers to the container and assign computers to them, without needing to be domain administrators.
Second Step is to run Operations Manager 2007 Agent Assignment and Failover Wizard using the OpsMgrAdmin member to populate values in AD for clients to find the Root Management Server
The above steps will make the management server to publish it’s information to AD on next polling cycle; by default hourly. I forced RMS to publish sooner by restarting the server (can be done by restarting the Health Service as well).
