SCOM Troubleshooting: Management Server Installation
This article may be updated on a regular basis.
Introduction
This guide applies to System Center Operations Manager 2016, 1801, 1807 and 2019.
This article will describe some of the common SCOM installation issues, along with possible resolutions.
1. Prerequisites
SCOM Management Server
Roles / Features:
- Windows PowerShell version: Windows PowerShell version 2.0, or Windows PowerShell version 3.0.
- Windows Remote Management: Windows Remote Management must be enabled for the management server.
- .NET Framework 4 or .NET Framework 4.5 is required.
Operating System:
| SCOM Version | WinSrv 2012 R2 | WinSrv 2016 | WinSrv 2019 | WinSrv 2022 |
| SCOM 2016 | Yes | Yes | No | No |
| SCOM 1801 | Yes | Yes | No | No |
| SCOM 1807 | Yes | Yes | No | No |
| SCOM 2019 | No | Yes | Yes | Yes |
For more information, see: Server Operating System requirements
SCOM Database / Data Warehouse Server
SQL Features:
- Database Engine Services
- Full-Text and Semantic Extractions for Search
- Reporting Services
SQL versions:
**
**
| SQL Version | SQL 2012 | SQL 2014 | SQL 2016 | SQL 2017 | SQL 2019 | SQL 2022 |
| SCOM 2016 | Yes | Yes | Yes | No | No | No |
| SCOM 1801 | No | No | Yes | No | No | No |
| SCOM 1807 | No | No | Yes | Yes | No | No |
| SCOM 2019 | No | No | Yes | Yes | Yes (with CU8+) | No |
1.1 Logs
The SCOM installation logs can be located over here:
- %LocalAppData%\SCOM\Logs
2. Primary management server installation
2.1 Error - The Management server installation option is grayed out
The Management server feature option is grayed out in the Operations Manager Setup.
2.1.1 Solution
Make sure the computer does not have any SCOM agent installed.
2.2 Error - The computer running the SQL Server must have the SQL Server Full-Text Search component installed
The computer running SQL Server must have the SQL Server Full-Text Search component installed. Please install this component on this instance of SQL Server before proceeding with Setup.
2.2.1 Solution
Install the Full-Text and Semantic Extractions for Search SQL Server feature for the SCOM SQL Server instance.
2.3 Error - This SQL instance collation is not supported
When attempting to install a the first SCOM management server, during the database configuration step the following error is received:
The following can also be seen from the OpsMgrSetupWizard.txt log located at %LocalAppData%\SCOM\Logs:
Error: The SQL Collation SQL_Latin1_General_CP1_CI_AI is not supported. Please see the deployment guide for the supported SQL collations.
2.3.1 Solution
Ensure that the SCOM SQL Server instance has a supported collation, check the supported collations below:
| SQL Server Collation | Windows Collation |
| SQL_Latin1_General_CP1_CI_AS | Latin1_General_100_CI_AS |
| French_CI_AS | |
| Cyrillic_General_CI_AS | |
| Chinese_PRC_CI_AS | |
| Chinese_Simplified_Pinyin_100_CI_AS | |
| Chinese_Traditional_Stroke_Count_100_CI_AS | |
| Japanese_CI_AS | |
| Japanese_XJIS_100_CI_AS | |
| Traditional_Spanish_CI_AS | |
| Modern_Spanish_100_CI_AS | |
| Latin1_General_CI_AS | |
| Cyrillic_General_100_CI_AS | |
| Korean_100_CI_AS | |
| Czech_100_CI_AS | |
| Hungarian_100_CI_AS | |
| Polish_100_CI_AS | |
| Finnish_Swedish_100_CI_AS |
2.4 Error - The SQL server could not be found
When attempting to configure the operational database during the first management server installation, the SQL Server could not be found:
To get a better understanding at this error, check the OpsMgrSetupWizard.txt log located at %LocalAppData%\SCOM\Logs:
Error: :Inner Exception.Type: System.ComponentModel.Win32Exception, Exception Error Code: 0x80131509, Exception.Message: The RPC server is unavailable
Error: :InnerException.StackTrace:
Warn: :Could not start the SQL Service SCOMDB\SCOM but we will attempt to connect anyway.
Info: :Info:Opening/Testing Sql Connection on SCOMDB\SCOM, port:
Debug: :Connection was not open. We will try to open it.
Error: :Error opening SQL connection.: Threw Exception.Type: System.Data.SqlClient.SqlException, Exception Error Code: 0x80131904, Exception.Message: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 26 - Error Locating Server/Instance Specified)
2.4.1 Solution
Ensure that the required firewall ports have been opened between the SCOM management server and the server hosting the SCOM SQL Sever instance:
SCOM Database
| Source | Port number | Direction | Destination |
| Management server | 1433/TCP | ---> | Operations Manager database |
| Management server | 1434/UDP | ---> | Operations Manager database |
| Management server | 135/TCP (DCOM/RPC) | ---> | Operations Manager database |
| Management server | 137/UDP | ---> | Operations Manager database |
| Management server | 445/TCP | ---> | Operations Manager database |
| Management server | 49152-65535 | ---> | Operations Manager database |
Note:
WMI Port 135 (DCOM/RPC) for the initial connection and then a dynamically assigned port above 1024.** **
For further information, see Special considerations for Port 135.
Ports 135, 137, 445, 49152-65535 are only required to be open during the initial Management Server installation to allow the setup process to validate the state of the SQL services on the target machine.
SCOM Data Warehouse
| Source | Port number | Direction | Destination |
| Management server | 1433/TCP | ---> | Reporting data warehouse |
| Management server | 1434/UDP | ---> | Reporting data warehouse |
| Management server | 135/TCP (DCOM/RPC) | ---> | Reporting data warehouse |
| Management server | 137/UDP | ---> | Reporting data warehouse |
| Management server | 445/TCP | ---> | Reporting data warehouse |
| Management server | 49152-65535 | ---> | Reporting data warehouse |
Note:
Ports 135, 137, 445, 49152-65535 are only required to be open during the initial Management Server installation to allow the setup process to validate the state of the SQL services on the target machine.
For more information, see: Configuring a Firewall for Operations Manager
2.5 Error - Setup cannot be completed (Operational database configuration error)
When attempting to install a the first SCOM management server, the setup fails on the Operational database configuration after the setup has run for a short while.
To get a better understanding at this error, check the OpsMgrSetupWizard.txt log located at %LocalAppData%\SCOM\Logs:
[11:49:27]: Error: :DB operations failed with SQL error 10343: CREATE or ALTER ASSEMBLY for assembly 'Microsoft.Mom.DataAccess.Sql' with the SAFE or EXTERNAL_ACCESS option failed because the 'clr strict security' option of sp_configure is set to 1. Microsoft recommends that you sign the assembly with a certificate or asymmetric key that has a corresponding login with UNSAFE ASSEMBLY permission. Alternatively, you can trust the assembly using sp_add_trusted_assembly.
: Threw Exception.Type: System.Data.SqlClient.SqlException, Exception Error Code: 0x80131904, Exception.Message: CREATE or ALTER ASSEMBLY for assembly 'Microsoft.Mom.DataAccess.Sql' with the SAFE or EXTERNAL_ACCESS option failed because the 'clr strict security' option of sp_configure is set to 1. Microsoft recommends that you sign the assembly with a certificate or asymmetric key that has a corresponding login with UNSAFE ASSEMBLY permission. Alternatively, you can trust the assembly using sp_add_trusted_assembly.
[11:49:27]: Error: :StackTrace: at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Microsoft.EnterpriseManagement.OperationsManager.Setup.Common.SqlRetryHandler.ExecuteNonQuery(SqlCommand sqlCommand, Int32& result)
at Microsoft.EnterpriseManagement.OperationsManager.Setup.Common.SqlRetryHandler.Execute[T](SqlCommand sqlCommand, SqlRetryPolicy retryPolicy, GenericExecute`1 genericExecute)
[11:49:27]: Error: :Error:Failed to execute sql command. Setup will not retry on this Sql error. Command:
-- Create assembly from binary data.
CREATE ASSEMBLY [Microsoft.EnterpriseManagement.Sql.DataAccessLayer]
FROM 0x4d5a90000300000004000000ffff0000b800000000000000400000000000000000000000000000000000000000000000000000000000000000000000800000000e1fb
WITH permission_set = Safe;
[11:49:27]: Error: :Sql error: 14. Error: 10343. Error Message: CREATE or ALTER ASSEMBLY for assembly 'Microsoft.Mom.DataAccess.Sql' with the SAFE or EXTERNAL_ACCESS option failed because the 'clr strict security' option of sp_configure is set to 1. Microsoft recommends that you sign the assembly with a certificate or asymmetric key that has a corresponding login with UNSAFE ASSEMBLY permission. Alternatively, you can trust the assembly using sp_add_trusted_assembly.
[11:49:27]: Error: :Exception running sql string
-- Create assembly from binary data.
CREATE ASSEMBLY [Microsoft.EnterpriseManagement.Sql.DataAccessLayer]
FROM 0x4d5a90000300000004000000ffff0000b800000000000000400000000000000000000000000000000000000000000000000000000000000000000000800000000e1fb
WITH permission_set = Safe;
: Threw Exception.Type: System.Data.SqlClient.SqlException, Exception Error Code: 0x80131904, Exception.Message: CREATE or ALTER ASSEMBLY for assembly 'Microsoft.Mom.DataAccess.Sql' with the SAFE or EXTERNAL_ACCESS option failed because the 'clr strict security' option of sp_configure is set to 1. Microsoft recommends that you sign the assembly with a certificate or asymmetric key that has a corresponding login with UNSAFE ASSEMBLY permission. Alternatively, you can trust the assembly using sp_add_trusted_assembly.
[11:49:27]: Error: :StackTrace: at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Microsoft.EnterpriseManagement.OperationsManager.Setup.Common.SqlRetryHandler.ExecuteNonQuery(SqlCommand sqlCommand, Int32& result)
at Microsoft.EnterpriseManagement.OperationsManager.Setup.Common.SqlRetryHandler.Execute[T](SqlCommand sqlCommand, SqlRetryPolicy retryPolicy, GenericExecute`1 genericExecute)
at Microsoft.EnterpriseManagement.OperationsManager.Setup.DBConfigurationHelper.DBConfiguration.RunSqlCommandsList(IEnumerable`1 sqlCommands)
[11:49:27]: Error: :RunStandardScripts failed with the following exception: : Threw Exception.Type: System.Reflection.TargetInvocationException, Exception Error Code: 0x80131604, Exception.Message: Exception has been thrown by the target of an invocation.
[11:49:27]: Error: :StackTrace: at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
at System.Delegate.DynamicInvokeImpl(Object[] args)
at Microsoft.EnterpriseManagement.SetupFramework.ActionEngine.Action.Run(String displayStringNamespace, ProgressData progressData, Func`2 progressDelegate)
at Microsoft.EnterpriseManagement.SetupFramework.ActionEngine.InstallStep.Run(String displayStringNamespace, ProgressData progressData, Func`2 progressDelegate)
[11:49:27]: Error: :Inner Exception.Type: System.Data.SqlClient.SqlException, Exception Error Code: 0x80131604, Exception.Message: CREATE or ALTER ASSEMBLY for assembly 'Microsoft.Mom.DataAccess.Sql' with the SAFE or EXTERNAL_ACCESS option failed because the 'clr strict security' option of sp_configure is set to 1. Microsoft recommends that you sign the assembly with a certificate or asymmetric key that has a corresponding login with UNSAFE ASSEMBLY permission. Alternatively, you can trust the assembly using sp_add_trusted_assembly.
[11:49:27]: Error: :InnerException.StackTrace: at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at System.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at System.Data.SqlClient.SqlCommand.RunExecuteNonQueryTds(String methodName, Boolean async, Int32 timeout, Boolean asyncWrite)
at System.Data.SqlClient.SqlCommand.InternalExecuteNonQuery(TaskCompletionSource`1 completion, String methodName, Boolean sendToPipe, Int32 timeout, Boolean& usedCache, Boolean asyncWrite, Boolean inRetry)
at System.Data.SqlClient.SqlCommand.ExecuteNonQuery()
at Microsoft.EnterpriseManagement.OperationsManager.Setup.Common.SqlRetryHandler.ExecuteNonQuery(SqlCommand sqlCommand, Int32& result)
at Microsoft.EnterpriseManagement.OperationsManager.Setup.Common.SqlRetryHandler.Execute[T](SqlCommand sqlCommand, SqlRetryPolicy retryPolicy, GenericExecute`1 genericExecute)
at Microsoft.EnterpriseManagement.OperationsManager.Setup.DBConfigurationHelper.DBConfiguration.RunSqlCommandsList(IEnumerable`1 sqlCommands)
at Microsoft.EnterpriseManagement.OperationsManager.Setup.DBConfigurationHelper.DBConfiguration.RunSqlScripts(String configStep)
at Microsoft.SystemCenter.Essentials.SetupFramework.InstallItemsDelegates.OMDatabaseProcessor.RunScripts(String script, InstallingAction action)
at Microsoft.SystemCenter.Essentials.SetupFramework.InstallItemsDelegates.OMDatabaseProcessor.RunStandardScripts()
[11:49:27]: Error: :FATAL ACTION: RunStandardScripts
[11:49:27]: Error: :FATAL ACTION: DatabaseActions
[11:49:27]: Error: :ProcessInstalls: Running the PostProcessDelegate returned false.
[11:49:27]: Always: :SetErrorType: Setting VitalFailure. currentInstallItem: Database Configuration
[11:49:27]: Error: :ProcessInstalls: Running the PostProcessDelegate for OMDATABASE failed.... This is a fatal item. Setting rollback.
2.5.1 Solution
This error is common when the SQL Server version is not supported for the current SCOM version, ensure that the SQL Server version hosting the SCOM instance is supported by the currently used SCOM version.
| SQL Version | SQL 2012 | SQL 2014 | SQL 2016 | SQL 2017 | SQL 2019 |
| SCOM 2016 | Yes | Yes | Yes | No | No |
| SCOM 1801 | No | No | Yes | No | No |
| SCOM 1807 | No | No | Yes | Yes | No |
| SCOM 2019 | No | No | Yes | Yes | No |
For more information, see SQL Server requirements
2.6 Error - Setup cannot be completed (Operational database configuration error)
When attempting to install a the first SCOM management server, the setup fails on the Operational database configuration and all below steps after the setup has run for a short while.
To get a better understanding of why the installation is failing, we'll need to check the OpsMgrSetupWizard.txt log which is located at %LocalAppData%\SCOM\Logs:
[17:32:35]: Error:
:PopulateUserRoles: failed : Threw Exception.Type: System.ArgumentException, Exception Error Code: 0x80070057, Exception.Message: Value does not fall within the expected range.
[17:32:35]: Error:
:StackTrace: at Microsoft.Mom.Sdk.UserRoleSetup.SetupProgram.populateUserRoles(String adminRoleGroup, String sdkAccount, InstallTypes installType, String installDirectory, Boolean overwriteExistingUsers)
at Microsoft.EnterpriseManagement.OperationsManager.Setup.ServerConfiguration.PopulateUserRoles(String adminRoleGroup, String sdkAccount, String installDirPath)
[17:32:35]: Error:
:FATAL ACTION: PopulateUserRoles
[17:32:35]: Error:
:FATAL ACTION: DatabaseActions
[17:32:35]: Error:
:ProcessInstalls: Running the PostProcessDelegate returned false.
[17:32:35]: Always:
:SetErrorType: Setting VitalFailure. currentInstallItem: Database Configuration
[17:32:35]: Error:
:ProcessInstalls: Running the PostProcessDelegate for OMDATABASE failed.... This is a fatal item. Setting rollback.
[17:32:35]: Info:
:SetProgressScreen: FinishMinorStep.
[17:32:35]: Always:
:!***** Installing: OMSERVER ***
[17:32:35]: Info:
:ProcessInstalls: Rollback is set and we are not doing an uninstall so we will stop processing installs
2.6.1 Solution
This error is caused when TLS 1.0 is disabled on the SCOM management server, and when the TLS 1.2 prerequisites are missing.
To enable TLS 1.0, see Transport Layer Security (TLS) registry settings
For the TLS 1.2 prerequisites, see TLS 1.2 Protocol Support Deployment Guide for System Center 2016 & Implementing TLS 1.2 enforcement with SCOM
2.7 Error - Setup cannot be completed (Operational database configuration error)
When attempting to install a the first SCOM management server, the setup fails on the Operational database configuration and all below steps after the setup has run for a short while.
To get a better understanding why the installation is failing, we'll need to check the OpsMgrSetupWizard.txt log which is located at %LocalAppData%\SCOM\Logs:
Always: :ImportManagementPack: Loading management pack C:\System Center Operations Manager 2019\Setup\AMD64\..\..\ManagementPacks\System.Library.mp. 12:12:53
Error: :ImportManagementPack: Error: Unable to load management pack C:\System Center Operations Manager 2019\Setup\AMD64\..\..\ManagementPacks\System.Library.mp
Error: :: Database error. MPInfra_p_ManagementPackInstall failed with exception:
<MP ID: 01c8b236-3bce-9dba-6f1c-c119bcdc2972><MP Version: 7.5.8501.0><MP PKT: 31bf3856ad364e35> Database error. MPInfra_p_ManagementPackInstall failed with exception:
Maximum stored procedure, function, trigger, or view nesting level exceeded (limit 32).
Error: :ImportManagementPack: Unknown Error. System.ArgumentException : The requested management pack is not valid. See inner exception for details.
Parameter name: managementPack
Always: :FirstManagementServer: Failed to load MP C:\System Center Operations Manager 2019\Setup\AMD64\..\..\ManagementPacks\System.Library.mp. We will retry.
Always: :ImportManagementPack: Loading management pack C:\System Center Operations Manager 2019\Setup\AMD64\..\..\ManagementPacks\System.Library.mp. 12:12:58
Error: :ImportManagementPack: Error: Unable to load management pack C:\System Center Operations Manager 2019\Setup\AMD64\..\..\ManagementPacks\System.Library.mp
Error: :: Database error. MPInfra_p_ManagementPackInstall failed with exception:
<MP ID: 01c8b236-3bce-9dba-6f1c-c119bcdc2972><MP Version: 7.5.8501.0><MP PKT: 31bf3856ad364e35> Database error. MPInfra_p_ManagementPackInstall failed with exception:
Maximum stored procedure, function, trigger, or view nesting level exceeded (limit 32).
2.7.1 Solution
This error is caused when attempting to install SCOM 2019 on SQL Server 2019, which is as of writing this (2019-12-11) not supported, therefore the SCOM 2019 installation will fail. To install SCOM 2019 we will need either SQL Server 2016 or SQL Server 2017, refer to the supported SQL Server versions in the beginning of this article.
2.8 Error - One or more accounts provided could not be validated. Please provide valid user names and passwords.
While installing the first management server, when you get to point, where you need to specify your service accounts, the following error is displayed, and you are unable to proceed with installation (The option “Next” in the installation wizard is greyed out):
“One or more accounts provided could not be validated. Please provide valid user names and passwords.”
When you open the “OpsMgrSetupWizard.log” the related entries look like this:
Always: :Entering Page: AccountsInformationPage<br>Info: :Info:AccountsInformationPage: In OnNextFinalValidationsDoWork to validate account access.<br>Error: :Error:Failed to log in with account DOMAIN\MSA_ACCOUNT<br>Error: :Error:Failed to log in with account DOMAIN\SDK_ACCOUNT<br>Info: :Info:AccountsInformationPage: Async account validation thread returned to UI thread.<br>Error: :Error:Failed to log in with account DOMAIN\SDK_ACCOUNT<br>Info: :Info:AccountsInformationPage: Async account validation thread returned to UI thread.<br>Error: :UserName format is incorrect. It should contain one and only one \as a separator character.<br>Info: :Info:AccountsInformationPage: In OnNextFinalValidationsDoWork to validate account access.<br>Error: :GetCrackNameResult() DS_NAME_RESULT_ITEM crack failed with error = DS_NAME_ERROR_NOT_FOUND<br>Error: :ValidateEssentialsAdministratorAccount() failed to crack NT4 format.<br>Info: :ValidateEssentialsAdministratorAccount() Try to crack account with directory searcher.<br>Error: :Error:Failed to log in with account DOMAIN\MSA_ACCOUNT<br>Error: :GetCrackNameResult() DS_NAME_RESULT_ITEM crack failed with error = DS_NAME_ERROR_NOT_FOUND<br>Error: :ValidateEssentialsAdministratorAccount() failed to crack NT4 format.<br>Info: :ValidateEssentialsAdministratorAccount() Try to crack account with directory searcher.
2.8.1 Solution
Temporary enable RC4 for Kerberos until the last management server is installed. You can do this by setting the following registry key to allow RC4:
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters\
Value Name: SupportedEncryptionTypes
or configure the Group Policy Settings, described here:
Network security: Configure encryption types allowed for Kerberos
There is one more thing you need to be aware of. Depending on configuration of your environment, you may have to set this policy at the domain level to apply to the OU, where your SCOM server are located or, you may have to set this policy at the organizational unit (OU) of the domain controllers in your domain.