Share via

System Center Operations Manager Troubleshooting: Discovery

  • Article

When you run the Discovery Wizard in Operations Manager and a computer that you expect to be discovered is not discovered, try the following troubleshooting steps.

Computer in AD

Verification

  • Make sure the computer is listed in Active Directory.
    1. Open Active Directory Users and Computers.
    2. Right-click the Saved Queries folder and click New query.
    3. Enter a name for the query.
    4. Click Define Query.
    5. Click the Find drop-down list and select Computers.
    6. Enter the name or search prefix, such as "pacer0", and click OK.
    7. Click OK again.
    8. Verify that the computer appears in the list of results.

Fix

If the computer does not appear in the list of results:

Add the computer to Active Directory.

Make sure the DNSHostname property is set correctly for the computer; this property can be viewed on the General tab of the computer’s property dialog in the Active Directory Users and Computers management console.

Network

  • Make sure you can contact the computer in the network.
    1. Use the ping command to try and reach the computer using the same name provided to the discovery wizard.
    2. If the machine responds to a ping command, use the IP address to run ping with the "-a" switch and the IP address, e.g. "ping -a <IP address>". This will display the DNS name of the machine; it should match what was used in the original ping command.

Use "nbtstat -a <computer name>" to see the registered NetBIOS name and domain for the computer, "nbtstat -A <IP address>" will accomplish the same task with the IP address of the machine.

Fixes

Firewall

If the machine does not respond to a ping request or fails a remote agent install with "RPC Service Unavailable", the Windows Firewall is turned on. Turn off the firewall or set exceptions to allow for "File and Printer Sharing" and, optionally, ICMP Echo.

DNS

If the NetBIOS and FQDN names do not match, then the DNS records for the machine must be corrected.

If the agent installs but, fails to contact the OpgMgr Server, connect via Terminal Services or Remote Desktop to the agent computer and use the ping and nbtstat commands to verify that the agent can resolve the NetBIOS and FQDN names of the OpsMgr server that will manage it.

Permissions

  • Make sure that the account used for discovery has the correct permissions on the computer.
    1. Open a command window with the "Run As" option using the account used for discovery, normally this is the MOM server action account.
    2. Use the command "net view ComputerName” to verify that the account can connect using the API NetworkStationGetInfo. This command may return the result, "There are no entries in the list." This simply means that the machine does not have any publicly visible shares.
    3. If the result is "Access denied.", then the account used does not have permission to contact the machine.
    4. If the result is “The command completed successfully.” then the computer is properly configured for discovery.

Fixes

GPO or Local Policy

Through Group or Local Policy, grant the OpsMgr server action account the permission to access this computer from the network. By default, members of the local Administrators and Power Users groups should have this permission.

Agent install

If the failure occurs during agent install, add the OpsMgr server action account to the local Administrators group. If this is not possible due to security policy restrictions then: 

  1. Reject the pending install from the "Pending Management" view./li>
  2.  Run the discovery wizard again.
  3.  On the "Administrator Account" step select "Other" and provide an account (domain or local) that has administrator privilege on the computer.
  4.  If the account is a local account or does not have rights to access Active Directory then check the box to use the MOM server action account for the discovery task.
  5.  Discover the computer and push an agent to it.