Use the following procedure to configure the Windows Firewall Group Policy settings to enable the management of computers from the Operations Manager 2007 Operations console. For more information about Group Policy, see http://go.microsoft.com/fwlink/?LinkId=70168.

To enable and configure Windows Firewall policy settings for Operations Manager 2007 agent deployment

  1. Start the Group Policy Object Editor (gpedit.msc) for the domain or local computer, and go to Administrative Templates/Network/Network Connections/Windows Firewall.

  2. Enable the following policy settings, and configure them as described:

    1. For "Windows Firewall: Allow remote administration exception", set Allow unsolicited incoming messages from: to the IP addresses and subnets of the toot management server and secondary management server for the agent.

    2. For "Windows Firewall: Allow file and printer sharing exception", set Allow unsolicited incoming messages from: to the IP addresses and subnets of the root management server and secondary management server for the agent.

    3. For "Windows Firewall: Define port exceptions", click Show, click Add, and then type the following "<The port the agent uses to communicate with the management servers, the default is 5723>:TCP:<the IP address of root management server>,<subnet>:enabled:SCOMAgent” (for example - "5723:TCP:10.0.0.1:enabled:SCOMAgent").

See Also


Did you find this information useful? Please send your suggestions and comments about the documentation.