disclaimer:
In this blog post, I will share a possible solution for a problem that I encountered in my work. However, I want to make it clear that this solution is not officially supported by Microsoft, and it may have some risks or side effects that I am not aware of. Therefore, use this solution at your own discretion and responsibility.
(I repeat, this is NOT SUPPORTED !!!)
In this blog post, I will show you how to reconfigure your gateway server to point to a different management server in your network. This can be useful if you want to switch between different environments, such as testing and production, or if you need to migrate your data to a new server.
A gateway server is a device that acts as a bridge between your local network and a remote network, such as the internet or a cloud service. A management server is a device that controls and monitors the gateway server and other devices in your network. By changing the settings of your gateway server, you can change which management server it communicates with.
1. First check the certificate on Gateway server and old management server.
a. For that, first go to the following registry and check if any certificate bind with Health service or not.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Machine Settings
b. Now cross verify the certificate in MMC under certificate in personnel store.
c. Now check the serial number and make sure it is matching with the serial number we have in the registry. It would be in reverse order.
d. Now note down the certification path. Make sure for both MS and gateway, it is similar. It can be different as well however for that, you need to make sure all the certificate chain are exchanged between the servers (MS & GW).
e. Now, login to the new Management server which is going to be your primary management server for that gateway. Follow the steps a-d.
2. If you didn’t find the certificate under the following registry for the new management server, then run MomCertImport.exe tool to bind the certificate with health service.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Machine Settings
3. Once done, now, on Gateway server, update the following registry keys with the new management server name.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Agent Management Groups\SCOM2019\Parent Health Services\0\AuthenticationName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Agent Management Groups\SCOM2019\Parent Health Services\0\NetworkName
– Now Flush the health service on the Gateway server.
– Now run the following PowerShell command to set the Primary management server for the Gateway server.
$Gateway = Get-SCOMManagementServer | where {$_.Name –eq "GatewayserverFQDN"}
$Primary = Get-SCOMManagementServer | where {$_.Name –eq "NEWManagementServerFQDN"}
Set-SCOMParentManagementServer -GatewayServer $Gateway -PrimaryServer $Primary– Once done, run the following Command to make failover as well.
$Gateway = Get-SCOMManagementServer | where {$_.Name –eq “GatewayserverFQDN”}
$Failover = Get-SCOMManagementServer | where {$_.Name –eq “FailoverManagementServerFQDN”}
Set-SCOMParentManagementServer -GatewayServer $Gateway -FailoverServer $Failover