SCOM 2012 R2 Agent installation guide for Windows

The below are the deferent type of the SCOM agent deployment/installations.
SCOM 2012 R2 Agents Supported Operating System:
Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 SP2, Windows Server 2008 R2, Windows Server 2003 SP2, Windows 8, Windows 8.1, Windows Embedded POSReady 2009, Windows Embedded Standard 7 SP1.
File system: %SYSTEMDRIVE% must be formatted with the NTFS file system.

  • Processor Architectures: x64, x86.
  • Microsoft Core XML Services (MSXML) version: Microsoft Core XML Services 6.0 is required when installing on Windows Server 2003.
  • Windows PowerShell 2.0 or Windows PowerShell 3.0 — > required to run OpsMgr MPs that use PowerShell Scripts.
  • Microsoft .NET Framework 3.5 or later.

Agent Push
Agent push can only be performed for computers located in the same domain as the Management Servers or in fully trusted domains (bi-directional).
Note that agent push from the console are automatically updated if the Management Servers has been updated.

Open the console with a SCOM administrator account. Go to the Administration panel, right-click on Device Management and select Discovery Wizard.

Select Windows computers then click next.

Check Advanced discovery, select Servers Only or Client Only or both and select the Management Server or Gateway on which the agent(s) will be attached.

Check Browse for, or type-in computer names and enter the list of computers (FQDN) you want to deploy agent on.

Enter the information of an account that has administrator privileges on the target machines and click on Discover.

Select the agent that have passed the discovery checks and select Agent as Management Mode.

Leave the default parameters and click on Finish.

Agent has been successfully installed.

Agent manual installation
The following steps have to be done locally with an administrator account. The agent’s sources are available.
MSXML 6.0 installation steps if you install on Windows 2003 if not please skip.

Double-click on msxml6.msi. This is the version for x64 servers; there is also an x86 version available of msxml6 on the SCOM media if needed.

This pop-up may appear, click on Yes.

Leave the welcome screen.

Select I agree the terms in the license agreement.

Enter a Name and a Company name.

Click on Install.

Once installation is finished, close the wizard.

Agent Installation steps

First, make sure the agent can resolve the gateway FQDN. If not you will need to modify the %WINDIR%\System32\Drivers\etc\hosts file as follow. This example is for an agent on workgroup.

Run CMD as Administrator.

Type cd <Source location>, type MOMAgent.msi This is the x64 version of the msi, there is also a x86 version available on the gateway.

Leave the welcome screen.

Click I agree.

Use the default parameters.

Check Specify Management Group information.

Enter the Management Group Name, SCOM-MG, the Management Server name, GW001 and validate.

Use Local System as the Action Account.

Click on Install.

Once installation is complete, close the wizard.

Certificates configuration

At this time the agent is not able to communicate with its Gateway. Please refer to this link for certificates configuration.

Agent approval

Once certificates are configured and the agent is able to communicate with its parent, we need to approve it.

An entry should appear in the SCOM console for our agent in the Administration pane in the Pending Management folder. Right-click on it and select Approve.

Click on Approve.

Agent act as proxy configuration
Most of the SCOM Management packs need to enable agent act as proxy.

On the agent Properties check the allow agent to act as proxy option then click ok.

Agent failover configuration

To configure agent failover, connect to the Management Server using a SCOM administrator account and launch the Operations Manager Command Shell. Run the following commands (The agent must already have its primary server configured with the right one:

Open OpsMgr PowerShell as administrator, run the PS command.

$primaryMS = Get-SCOMManagementServer | where {$_.Name –eq ‘GW001’}

$failoverMS = Get-SCOMManagementServer | where {$_.Name –eq ‘MS003’}

$agent = Get-SCOMAgent | where {$_.Name -eq ‘RS007’}

Set-SCOMParentManagementServer -Agent: $agent -PrimaryServer: $primaryMS

Set-SCOMParentManagementServer -Agent: $agent -FailoverServer: $failoverMS

Verify the configuration PS command

$Agents = Get-SCOMAgent | where {$_.PrimaryManagementServerName -eq ‘GW001’}

$Agents | sort | foreach {

Write-Host “”;

“Agent :: ” + $_.Name;

“–Primary MS :: ” + ($_.GetPrimaryManagementServer()).ComputerName;

$failoverServers = $_.getFailoverManagementServers();

foreach ($managementServer in $failoverServers) {

“–Failover MS :: ” + ($managementServer.ComputerName);



Write-Host “”;

Active Directory Management Pack Helper Object
If the agent is installed on a domain controller, we need to install the Active Directory Helper Object.

Right-click on OOMADs.msi, then install, This is the x64 version of the tool. An x86 version is available in the SupportTools folder on the SCOM media.

Once installation is over close the window.

7 thoughts on “SCOM 2012 R2 Agent installation guide for Windows

  1. Great tuto ! Maybe you have the answer of my problem.

    Everything works and i updated the scom agent last week. So all servers in the LAN have been updated but the workgroup servers are still in the pending management to get the agent update.
    When i click on “Approve” RPC not available”.

    So i guess i can install the update manually from the *msp file maybe. I don’t have any gateway to be connected with my workgroups servers, i use a certificat only. And again, everything works but the agent update doesn’t.

    Do you have the solution ? :)


  2. Yes you can install the update manually from the *msp file Or open the needed ports for the Automatic Installation and use account with local admin rights on the Workgroup Servers.
    Please let me know if you need more information :)


  3. Hi Waleed, thank you for you quick reply !

    In fact, that’s what i did about the ports. The port tcp port 5723 is open between my workgroup servers and my scom server. The communication is establish and the monitoring works.
    And currently, i have 29 workgroup servers in my pending management with “Type: Agent Requires Update)”. When i select them and i click on “Approve” – Check the box “Other user account” – type the local administrator account – Check the box “This is a local computer account, not a domain account” then an warning popup box appears to prevent me that “The credentials you have provided could not be validated. Do you want to continue ?”, i click yes and the process failed systematically with the following errors “the RPC server is unavailable” or “Access Denied”. The second error has nonsense.

    Thank you for your help !


  4. Yes but all ports mentioned are open excepted the 137/UDP and 138/UDP.

    I will ask the security team to open it but i’m not confident.. maybe it will fix the problem.

    Thanks again,


  5. For sure, but not needed because all windows firewall are urned off already..

    I’ll keep you informed when i found how fix it,

    Thank you.


Leave a Reply Please

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s