Use the following procedure to configure the Windows Firewall Group Policy settings to enable the management of computers from the Operations Manager 2007 Operations console. For more information about Group Policy, see http://go.microsoft.com/fwlink/?LinkId=70168.
To enable and configure Windows Firewall policy settings for Operations Manager 2007 agent deployment
-
Start the Group Policy Object Editor (gpedit.msc) for the domain or local computer, and go to Administrative Templates/Network/Network Connections/Windows Firewall.
-
Enable the following policy settings, and configure them as described:
- For "Windows Firewall: Allow remote administration exception",
set Allow unsolicited incoming messages from: to the IP
addresses and subnets of the toot management server and secondary
management server for the agent.
- For "Windows Firewall: Allow file and printer sharing
exception", set Allow unsolicited incoming messages from: to
the IP addresses and subnets of the root management server and
secondary management server for the agent.
- For "Windows Firewall: Define port exceptions", click
Show, click Add, and then type the following
"<The port the agent uses to communicate with the management
servers, the default is 5723>:TCP:<the IP address of root
management server>,<subnet>:enabled:SCOMAgent” (for
example - "5723:TCP:10.0.0.1:enabled:SCOMAgent").
- For "Windows Firewall: Allow remote administration exception",
set Allow unsolicited incoming messages from: to the IP
addresses and subnets of the toot management server and secondary
management server for the agent.
See Also
Did you find this information useful? Please send your suggestions and comments about the documentation.