Configuration SCOM System Center Troubleshooting

SCOM – Certificate Missing Enhanced Key Usage EventID 20050

Posted on Author stefanroth Comment(1)

missing

If you want to monitor a server which does not belong to a domain you need to use a certificate, which has special requirements. You will find many posts how to handle SCOM certificates using a Microsoft PKI on the internet. An example is the detailed post from Tyson Paul. One of the essential requirements for the certificates is to provide the Enhanced Key Usage properties for Client Authentication (OID 1.3.6.1.5.5.7.3.2) and Server Authentication (OID 1.3.6.1.5.5.7.3.1). If you do not provide these properties you will receive an error in the Operations Manager event log…

image

A problem you could face in the real world is, that some customers won’t allow you to create the certificates for SCOM and they might have “generic” certificates for other use cases. Usually YOU provide the request file and provide the configuration for the certificates. Under certain circumstances this might not be the case. This means, that you might certain properties will be missing on the certificate itself. In case of SCOM, you can add the missing properties on the certificate. Just go to the Details of the certificate after you imported it into your computer. Click Edit Properties and select the purpose in the dialog, like this…

image

Having this option in place, let’s you successfully monitor the workgroup servers.

This will probably save you some headache 🙂 .

stefanroth
http://www.stefanroth.net

Related Articles
Troubleshooting

Not monitored Domain Controllers still showing under Windows Computers – Active Directory MP DiscoverAgentOnly

Posted on Author stefanroth

If you are monitoring Active Directory in a multi-domain environment you might only want to monitor certain domain controller because you don’t have the administrative sovereignty nor any permission to access the other systems.In that case you probably installed the SCOM agents to your domain controllers and imported the Active Directory management pack. If so […]
Configuration Performance Software Testing Troubleshooting

SCOM – Global Service Monitor Using Visual Studio Web Test

Posted on Author stefanroth

Global Service Monitor has been around for quite some time now. If you never heard of Global Service Monitor then I would like to give you a short description by Microsoft. System Center Global Service Monitor is a cloud service that addresses this problem by extending the application monitoring capabilities in System Center 2012 beyond […]
Configuration Troubleshooting

SCOM 2012 SP1 – The .NET Framework 3.5.1 Story…

Posted on Author stefanroth

Today I ran in an unexpected problem at a customer. My mission was to install a SCOM 2012 SP1 Proof-of-Concept to show the customer what is possible and what information he can get out of SCOM. My last couple of installation were of course on Windows Server 2012. This customer was using Windows Server 2008 […]

One Reply to “SCOM – Certificate Missing Enhanced Key Usage EventID 20050

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.