We have a SCOM server for monitoring local domain infrastructure. One time one of the agents went gray and in "Agent Health State" we have Errors like:
The System Center Management Health Service has stopped on a computer.
This alert is generated by a Heath Service Watcher. This object is run on the All Management Servers Resource Pool and monitors the health of all System Center Management Health Services in a Management Group. When a System Center Management Health Service fails to heartbeat, as set of Diagnostics are run and Recoveries are then executed to attempt to fix this problem with the remote agent.
Causes
This can happen when:
• The System Center Management Health Service has been stopped.
• The System Center Management Health Service failed to start up correctly.
• The System Center Management Health Service has been set to Manual/Disabled and the machine was rebooted.
Also, on SCOM server, no any errors in Event log about this Client VM.
On Client VM we have Error - ID 20070
The OpsMgr Connector connected to SCOM.mydomain.com, but the connection was closed immediately after authentication occurred. The most likely cause of this error is that the agent is not authorized to communicate with the server, or the server has not received configuration. Check the event log on the server for the presence of 20000 events, indicating that agents which are not approved are attempting to connect.
SCOM and Client VM is Windows 2019 Server, Firewall is off, Antivirus - onboarded Defender.
Other VMs with the same configuration are green and work.
What I have done:
- checked the "Health Service" service on Client VM, restart it
- checked ports from SCOM to Client VM - 135/TCP, 137/UDP, 138/UDP, 139/TCP, 445/TCP, RPC/DCOM High Ports 49152-65535/TCP, ICMP - opened
- From Client VM to SCOM - port 5723 - opened
- Tried to repair agent from SCOM, but it didn't work at all, repair pending state was 2 days.
- Deleted and reinstated agent from SCOM (approved this VM from SCOM for connection after each installation)
- Deleted and reinstated agent manually with log (installation was successfully completed)
- checked DNS suffix on Client VM
Any ideas how it can be fixed?