Hello, I have integrated SCOM 2012 RTM and SCVMM 2012 RTM and am having lots of issues that were not present with 2007/2008 family integration. For starters, my SCOM environment manages multiple untrusted domains, etc. When enabling VMM integration
I now get hundreds of alerts about "Unable to verify Run As Account", stating that is cannot login as the VMM service account for all clients that don't live in same domain as SCVMM server. For starters why do my physical servers, and all VMs need
to be distributed with this account? The alert is also expected logically, because this is impossible to distribute a Run As account to every agent in a multi-domain untrusted environment. Also according to this configuration, the Virtual
Machine Manager Connection Account created in SCOM is set to less secure (distributed to all agents), which is why the alert is coming up; additionally less secure setting is typically bad practice. Why does SCVMM do this by default? Can it be
changed? What are options here? It seems to me only the SCOM management server should need this Run As account, not every agent? Thoughts on this? Thanks!
↧