Share via


Monitoring Linux using SCOM 2007 R2

You may see an error message with event ID 1108 after discovering and deploying the agent.
"An account specified in the run as profile "Microsoft.unix.prvilegedAccount" cannot ve resolved. Specifically, the account is used in the secure Reference Override""
To Monitor Linux Server you can follow steps below…….

RunAs accounts that will be used by Operations Manager 2007 to install, and to monitor/manage the target Linux machines. For this, two user accounts are created:

· Non-privileged user, used to remotely monitor the Linux/Unix server.

· Privileged User, used to deploy the Unix/Linux agent, as well as to restart processes where privileged rights are required.

Creating a Non-Privileged UNIX User Run As Profile

1. In the Operations console, click **Administration **to open up the Administration space

2. Under the Run As Configuration node of the tree, click Profiles

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image002_thumb.jpg

3. In the Profiles pane, look for the Unix Action Account profile. Right-click on Unix Action Account and select Properties. This opens the Run As Profile Wizard

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image004_thumb.jpg

4. At the Introduction screen, click Next >

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image006_thumb.jpg

5. At the General Properties screen, click Next >

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image008_thumb.jpg

6. At the Run As Accounts screen, click **Add... **to create a new Run As Account. The Add a Run As Account dialog will open. NOTE: If you examine the list of current Run As accounts you will see none for UNIX/Linux, so we have to create one.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image010_thumb.jpg

7. Click **New... **to open the Create Run As Account Wizard

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image012_thumb.jpg

At the Introduction screen, click Next >

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image014_thumb.jpg

9. Under the General Properties screen a. Select Basic Authentication from the Run As Account type drop-down list. b. Set the display name to "UNIX non-privileged account"

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image016_thumb.jpg

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image018_thumb.jpg

Click Next >

Provide Credential for Non Privileged Account

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image020_thumb.jpg

Click Next >

Under Distribution Security, select the **More Secure... **option.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image022_thumb.jpg

When the creation is complete, you will see a warning message that the Run Account must be associated with an appropriate Run As profile. We will do this in just a moment. Click Close to return to the Add a Run As Account dialog

Click **Select ... **and choose **Class... **from the drop down.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image024_thumb.jpg

In the Class Search dialog, enter Unix in the Filter By text box, and click Search

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image026_thumb.jpg

From the list of items returned from the search, select Unix Computer and click OK

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image028_thumb.jpg

Unix Computer now appears as the selected class against which the Run As Account will be applied. Click OK to close the Add a Run As Account dialog

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image030_thumb.jpg

You will now see the **UNIX non-privileged account **Run As Account just created within the list of accounts for this profile. Click Save.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image032_thumb.jpg

We now have to associate the Run As account with the RMS management server. Click on the **UNIX non-privileged account **hyperlink to open the Run As Account properties.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image034_thumb.jpg

Check to see you are in the Distribution tab.

Click Add

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image036_thumb.jpg

In the Option: drop down, select Show Management Servers and click Search.

Select **RMS Server Name **from the results, and click Add

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image038_thumb.jpg

Creating a Privileged UNIX User Run As Profile

In the Profiles pane, look for the Unix Privileged Account profile.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image040_thumb.jpg

Right-click on Unix Privileged Account and select Properties. This opens the Run As Profile Wizard

At the Introduction screen, click Next >

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image042_thumb.jpg

At the General Properties screen, click Next >

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image044_thumb.jpg

At the Run As Accounts screen, click **Add... **to create a new Run As Account. The Add a Run As Account dialog will open.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image046_thumb.jpg

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image048_thumb.jpg

Click **New... **to open the Create Run As Account Wizard

At the Introduction screen, click Next >

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image050_thumb.jpg

Select Basic Authentication from the Run As Account type drop-down list . Set the display name to "UNIX privileged account

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image052_thumb.jpg

Under the Account screen Set The credential for Privilege

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image054_thumb.jpg

Click Next >

Under Distribution Security, select the **More Secure... **option. Click Create.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image056_thumb.jpg

When the creation is complete, you will see a warning message that the Run Account must be associated with an appropriate Run As profile. We will do this in just a moment. Click Close to return to the Add a Run As Account dialog.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image058_thumb.jpg

Notice that the UNIX privileged account you just created now appears as the selected option in the drop down box.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image060_thumb.jpg

Click **Select ... **and choose **Class... **from the drop down

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image062_thumb.jpg

In the Class Search dialog, enter Unix in the Filter By text box, and click Search

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image064_thumb.jpg

From the list of items returned from the search, select Unix Computer and click OK

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image066_thumb.jpg

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image068_thumb.jpg

You will now see the **UNIX privileged account **Run As Account just created within the list of accounts for this profile. Click Save.

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image070_thumb.jpg

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image072_thumb.jpg

We now have to associate the Run As account with the RMS management server. Click on the **UNIX privileged account **hyperlink to open the Run As Account properties

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image074_thumb.jpg

Check to see you are in the Distribution tab

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image076_thumb.jpg

Select **RMS Server Name **from the results, and click **Add and **Click OK

http://blogs.technet.com/blogfiles/birojitn/WindowsLiveWriter/MonitoringLinuxUsingSCOM2007R2_9A30/clip_image077_thumb.jpg

-Chandan Bharti