The error message you're encountering, "Failed to initialize security context for target MSOMHSvc/server.domain. The error returned is 0x80090342," indicates an issue with the encryption type requested by the Kerberos Key Distribution Center (KDC) or the SChannel package.
Here are a few troubleshooting steps you can try to resolve the issue:
Verify the encryption settings: Ensure that both the SCOM server (running on the 2012 R2 server) and the Windows 2019 server have compatible encryption settings. Check the encryption algorithms and encryption levels configured on both systems and ensure they match.
Check time synchronization: Make sure that the clocks on both the SCOM server and the Windows 2019 server are synchronized. Time differences between the systems can cause authentication failures.
Confirm Kerberos configuration: Validate the Kerberos configuration on both servers. Ensure that the Kerberos settings are properly configured and that the necessary SPN (Service Principal Name) is registered for the SCOM server.
Check for SPN conflicts: Verify that there are no conflicts with SPNs associated with the SCOM server. Ensure that the SPN for the SCOM server is unique and not registered to any other account or service.
Review firewall settings: Check the firewall settings on both servers to ensure that the necessary ports are open for communication between the SCOM server and the Windows 2019 server.
Restart services: Restart the System Center Management service (HealthService) on the SCOM server and the SCOM agent service on the Windows 2019 server to ensure a fresh start and to apply any configuration changes.
If the issue persists after trying these steps, you may need to involve your IT infrastructure team or Microsoft Support for further assistance in troubleshooting the specific error and resolving the connectivity problem between SCOM and the Windows 2019 server.