The System Center Operations Manager architecture for Hosted Messaging and Collaboration version 4.5 requires five Active Directory service accounts: OMAction, OMSDK, OMDataRead, OMDataWrite, and OMAdmin.

You must create these service accounts before installing System Center Operations Manager.

Tasks

  1. Create Operation Manager Active Directory Service Accounts (OMAction, OMSDK, OMDataRead, OMDataWrite, and OMAdmin)
  2. Add the OMAction Account to the Performance Monitor Users Group
  3. Add the OMAction Account to the Local Administrators group on OMSQL01 and OMMGR01
  4. Add the OMSDK Account to the Windows Authorization Access Group
  5. Add the OMSDK Account to the Local Administrators Group on OMMGR01
  6. Create the OMAdminAccts Global Security Group with the OMAdmin account as a member
  7. Add the OMAdminAccts Global Security Group to the Local Administrators Group on OMMGR01 and OMSQL01
  8. Add the OMAdmin Account to the Windows-based Hosting Service Accounts Group

Create Operation Manager Active Directory Service Accounts

Create five Active Directory service accounts: OMAction, OMSDK, OMDataRead, OMDataWrite, and OMAdmin.

Procedure W03-DWM.3: To create Operations Manager Active Directory service accounts

  1. On AD01, open Active Directory Users and Computers and expand your domain (fabrikam.com).

  2. Create five new user accounts OMAction, OMSDK, OMDataRead, OMDataWrite, and OMAdmin. Set their passwords to never expire.

    Note:
    The account cannot have a blank password or a password that will expire.

Add the OMAction Account to the Performance Monitor Users Groups

Add the OMAction account as a member of the Performance Monitor Users group on AD01.

Procedure W03-DWM.4: To add OMAction to the Performance Monitor Users group

  1. On AD01, open Active Directory Users and Computers and expand your domain (fabrikam.com).

  2. Navigate to Builtin. Add OMAction to the Performance Monitor Users group.

Add the OMAction Account to the Local Administrators group on OMSQL01 and OMMGR01

Add the OMAction account as a member of the local Administrators on OMSQL01 and OMMGR01.

Procedure W03-DWM.5: To add OMAction to the local Administrators group on OMSQL01 and OMMGR01

  1. On OMSQL01, open the Computer Management console and expand Local Users and Groups.

  2. Add OMAction to the Administrators group.

  3. Repeat the steps on OMMGR01.

Add the OMSDK Account to the Windows Authorization Access Group

Add the OMSDK account to the Windows Authorization Access Group on AD01.

Procedure W03-DWM.6: To add OMSDK to the Windows Authorization Access Group

  1. On AD01, open Active Directory Users and Computers and expand your domain (fabrikam.com).

  2. Navigate to Builtin. Add OMSDK to the Windows Authorization Access Group.

Add the OMSDK Account to the Local Administrators Group on OMMGR01

Add the OMSDK account as a member of the Administrators group on OMMGR01.

Procedure W03-DWM.7: To add OMSDK to the Local Administrators group on OMMGR01

  1. On OMMGR01, open the Computer Management console and expand Local Users and Groups.

  2. Add OMSDK as a member of the Administrators group.

Create the OMAdminAccts Global Security Group

Create a Global Security group in Active Directory called OMAdminAccts with the OMAdmin user as a member.

Procedure W03-DWM.8: To create the OMAdminAccts group

  1. On AD01, open Active Directory Users and Computers and expand your domain (fabrikam.com).

  2. Create a Global Security group called OMAdminAccts

  3. Add the OMAdmin user as a member of the OMAdminAccts group.

Add the OMAdminAccts Global Security Group to the Local Administrators Group on OMMGR01 and OMSQL01

Add the OMAdminAccts group as a member of the Administrators group on OMMGR01 and OMSQL01.

Procedure W03-DWM.9: To add OMAdminAccts to the Local Administrators group on OMMGR01 and OMSQL01

  1. On OMMGR01, open the Computer Management console and expand Local Users and Groups.

  2. Add OMAdminAccts to the Administrators group.

  3. Repeat the steps on OMSQL01.

Add the OMAdmin Account to the Windows-based Hosting Service Accounts Group

Add the OMAdmin account must be added to the Windows-based Hosting Service Accounts group.

Procedure W03-DWM.10: To add the OMAdmin account to the Windows-based Hosting Service Accounts group

  1. On AD01, open Active Directory Users and Computers and expand your domain (fabrikam.com).

  2. Add the OMAdmin account as a member of the Windows-based Hosting Service Accounts group.