SCOM Management Pack for Azure Stack

Question

Hello,

I am testing the Operations Manager Management Pack for Azure Stack:

https://www.microsoft.com/en-us/download/details.aspx?id=55184

According to the deployment guide, it appears that this should work with the Azure Stack Developer Kit.  I'm not sure if this is the appropriate forum for issues on the management pack, but I thought I would give it a try.

In my first attempt to add my ASDK deployment to the management pack configuration screen in OM Administration, I received the SSL certificate validation error as noted in the guide.  After a reboot, I was able to re-add my ASDK, and the credentials were validated successfully - no errors in the Add Deployment wizard.  However, in the Microsoft Azure Stack Monitoring View under Deployments, my ASDK still continues to display a Critical State.

Might someone be able to add some insight?

Thanks,

Mike

Answer 1

Hi Mike

Can you please try to remove the ASDK deployment in the configuration wizard. Restart the OM Services including the console. 

Than add it back and see if that does resolve the issue?

We had seen some corner cases with that specific issue why we have added this as a known issue into the mp documentation.

By the way which OM version are you running?

Thomas

---

Regards, Thomas

Answer 2

Hi Thomas,

I tried your suggestion but still run into the same problem.

In case it's pertinent, I am connected to the Development Kit on the OM server via the VPN connection.

Also, I am using OM 2016 version 7.2.11719.0.

Thanks,

Mike

Answer 3

Sorry to ask you some more standard questions:

1. You imported the Certificates (There are two) from the ASDK in your OM Server (Trusted Root?)

2. You can browse the Admin Portal without any certificate issues from the OM Server?

3. Did you try Force Update for the deployment?

---

Regards, Thomas

Answer 4

Hi Thomas,

1.  Yes, both the AzureStackCertificationAuthority and AzureStackSelfSignedRootCert certificates are both in the Trusted Root CA on the OM server.

2.  Yes, I can browse the Admin Portal fine without any certificate issues on the OM server.

3.  Yes, I did try the Force Update task.

I think my next course of action is build another OM server, take a snapshot of the VM, and then attempt to add the Azure Stack environment successfully on the first try.  Then, at least we'll know if there's some caching issue or if something is stuck on the first OM server due to the first unsuccessful attempt to add the deployment.

Thanks,

Mike

Answer 5

Update from my earlier post on this.

I built an entirely new OM 2016 instance and get the same results.  I step through the wizard and successfully add the Azure Stack deployment from the first try.  In the Active Alerts, I see the deployment is unavailable.  "The underlying connection was closed:  Could not establish trust relationship for the SSL/TSL secure channel."  This is even with both the certificates I mentioned above in the Trusted Root CA on the OM server.  Is there another certificate I would be considering?

Thanks,

Mike

Answer 6

Following up with Mike

The certificates from the ADSK need to be imported at the SCOM Server into cert:localmachine\root .

If you choose to import the certificate into current user you need to be logged on with the SCOM Service Account

Thomas

---

Regards, Thomas

Answer 7

Hi Lamiam,

I have same issue and solved 

this issue because the certificate imported on Current user not on Local Computer.

so i just export AzureStackCertificationAuthority and AzureStackSelfSignedRootCert certificate from Current user and then import again to trust Root Local computer :

 

After import certificate to local computer, the server Scom can monitor Azure Stack