Monday, October 5, 2009

OpsMgr R2, Notifications – Setting up Instant Message (IM) Channel

Setting up the IM-Channel in OpsMgr can be a bit tedious before it starts to work. However, when one follows these steps there is a big change everything will work pretty fast.
  1. Notification Action Account
    Many times will e-mail / sms notifications work without configuring this account and profile. However, IM needs it. And not just that, the domain account being used here needs to be configured as well in AD for using IM ((Live) Communications tab of the AD account properties in ADUC). So be sure to configure this AD correctly including the users SIP URI and Office Communications Server (OCS Server) or Pool Name.

    Create a new Run As Account in OpsMgr (Notification Action Account), select the AD account you have just made and target this account to the RMS. Select as distribution mechanism Most Secure here.

    For the Run As Profile (Notification Account) select the earlier created Run As Account. Target it at the Class Alert Notification Subscription Server and save it. An exclamation mark will be shown. Use the link to open the Run As Account screen and close it. Now all is well. Close all open screens.


  2. Create the IM Notification Channel
    Use the wizard to create the IM Channel. The second screen of this wizard is the most important one. Use only the FQDN for the IM Server. As Return Address the sip address of the Notification Action Account has to be used. This has to be a valid sip address. The format of a sip address is: sip:marnix.wolf@scom.com (for instance).

    Now another important part: the Protocol Option. When Office Communications Server R2 is being used, TLS is default. Also the used IM Port is important here. When the Protocol Option and IM Port do not match, the IM Channel won’t work. The wizard already tells you what the most common combinations are: Protocol Option/IM Port: TCP/5060 or TLS/5061.

    Last but not least: the Authentication Method. Mostly NTLM will suffice.

Setting up the rest (subscriber and subscriptions) is done the normal way so I won’t write about it. In order to test, make a subscription (use a valid sip address for the receiver) and select nothing for the criteria. Even when an Alert is closed, an IM Notification will be sent. This way one can test it the fast way whether all is well.

Trial & Error.
When OpsMgr raises an error about not getting out the IM notification, start with checking/changing the Protocol Option/Port. Change only one thing at a time in order to keep track of it.

7 comments:

Scott Robinson said...

I am having difficulty setting up the im notification to communicate with OCS 2007 R2 via tls. I have gone through your list of instructions as well as those in the manual. I keep recieving the following error.


Alert: Failed to send notification using server/device
Source: Microsoft.SystemCenter.NotificationServer
Path: GLNOM.CompanyXXX.com
Last modified by: System
Last modified time: 10/7/2009 8:00:58 PM Alert description: Notification subsystem failed to send notification using device/server 'glncomm.companyXXX.com' over 'sip' protocol to 'sip:srobinson@companyXXX.com'. Microsoft.Collaboration.SignalingException: Transport error occurred while sending.: Sip response: (0x0). Rule id: Subscription0edc4e2c_0c44_4914_9b34_70f4fc41ec38

Marnix Wolf said...

Hi Scott.

Thanks for visiting my blog. The issue you report sounds very familiar. I bumped into the same issue and it took me some hours to figure it out.

Finally there were two reasons why it didn't work: the Notification Action Account wasn't configured correctly in AD to use OCS and the mix Protocol Option/IM Port weren't set right.

After having adjusted these, all started to work.

When I look at the error you get I would say there is an issue with the latter.

It took me some hours to get it right so keep on trying.

Best regards,
Marnix Wolf

Johan said...

Hi Marnix,

Tried the steps in your blog but my IM notification does not work. My IM (OCS) server is in another domain (srv.z.dir) while my SCOM MS is in its own domain (scom.dom). The users belong to their own domain (usr.z.dir(

I get this alert:

Notification subsystem failed to send notification using device/server 'ocs.srv.z.dir' over 'sip' protocol to 'sip:jane@usr.z.dir'. System.InvalidOperationException: Endpoint should be in Unregistered state to Register.. Rule id: Microsoft.SystemCenter.Notifications.Testing.ChannelTesting.SipChannelTest5893

No IM messages are received. Is this a workable scenario ?

Johan

Marnix Wolf said...

Hi Johan.

Thanks for visiting my blog. Normally I respond quicker to a comment but I have been on a holiday.

Your problem could be related to a communication issue between the RMS and the LCS server.

Could you check that out? Also see this thread: http://social.technet.microsoft.com/Forums/en-US/systemcenter/thread/e6140b38-ac12-465d-bf7f-41807fddc5b6

Perhaps it can help you as well.

Best regards,
Marnix

Joey said...

Have you successfully got this working with OCS 2007 R2

Marnix Wolf said...

Hi Joey.

Appologies for the late answer. I have been on holiday :).

Yes, I got it running under OCS R2.

Cheers,
Marnix

Joey said...

Thats good to know you have OCS 2007 R2 working with SCOM 2007 R2. That means there is hope.

On the IM Notification Channel are you using the fqdn of the pool or of one of the Front End servers?

Did you need to add your SCOM server to the Authorized Hosts tab in the Front End pool properties of OCS?

Does your notification account need to be in any specific group or have special permissions