You want to monitor an agent in the DMZ and you are sure you implemented everything correctly but the agent just does not turn green. The agent just stays in a “Not Monitored” state.
I checked EVERYTHING…
- Checked certificate template
- Checked certificates itself
- Compared the certificate serial number in the registry of the agent and management servers to the serial number on the certificates
- Checked DNS resolution
- Checked firewall port TCP 5723
- Checked MOMCertImport.exe
- Checked agent settings
- Checked “Pending Management” settings on the management server
BUT the agent stayed in a “Not Monitored” state…
After some frustrated times I started digging on the internet for the specific event id 20071. Luckily I found a hint on Michel Kamp’s blog …
Make sure you have FQDN set in the server’s registry where you have the agent installed. In my case there was just e.g. server1 instead of server1.domain.com set.
After changing these entries everything worked well.
I hope this saves you some hours of searching!