Un-trusted domain and DMZ monitoring Guide update
Getting a lot of requests bringing the un-trusted domain monitoring and DMZ Monitoring guide back online after Stefan Stranger moved his weblog to the new location on Technet Blogs, “Weblog Stranger”. Stefan did already put the guide back for download but this is a good moment for an update.
The previous guide was for Server 2003 and un-trusted domain or workgroup servers with a standalone CA. I’ve added the scenarios for Server 2008 with an Enterprise Root CA for both un-trusted domains and DMZ servers.
One thing I missed when requesting a certificate on Server 2008 was the “Store certificate in the local computer certificate store” option to make the process a few steps shorter. In addition to the Server 2003 Enterprise CA you don’t have to create your own template for the client, server authentication. In the Server 2003 Enterprise CA a predefined Gateway server template is present which just have to be activated to use when for client and gateway authentication. The SCOM Gateway client, server certificate can be used for both DMZ and Gateway server scenarios.
To download the DMZ or un-trusted monitoring guide open the public skydive web folder!
Update: The OpsMgs product team just published a complete scripting guide to automate the Certificate request and installation process.