Supported Configuration for Using MOM with Non-Trusted Domains or Workgroups
Your IT environment might be composed of both trusted domains and non-trusted domain, or workgroups. Depending on your topology, this separation might present an issue. Table 7 shows when a connection across a trusted/non-trusted barrier is supported for MOM computers.
Table 10 - Non-Trusted Domain Compatibility with MOM 2005 SP1
Connection |
Non-Trusted |
Remarks |
---|---|---|
Management Server - Agentless |
NO |
Management Servers Action Account must be administrator on remote computer |
Management Server - Administrator console |
NO |
|
Management Server - Operator console |
NO |
|
Management Server - Agent |
OK |
See note below. |
Management Server - MOM Database |
NO |
|
Reporting Database - MOM Database |
NO |
|
Reporting Database - Reporting console |
OK |
HTTP port 80 |
Management Server - Web console |
OK |
TCP port 1272 |
MMPC - MMPC |
OK |
TCP port 1271 Note: You must follow the steps described in the "To use client certificates and SSL with MCF or MMPC" section of the MOM 2005 Security Guide. |
OK - communication with a non-trusted domain is supported
NO - communication with a non-trusted domain is not supported
Note
Support for Installing Agents Across a Trust Boundary - Agents can be push installed to a non-trusted domain in most environments except to a Domain Controller. Also, because of the large number of configuration combinations available in Active Directory, not all have been tested thoroughly and push-installing agents to target computers in your specific environment might not be possible. If this happens the agents must be installed manually.