Tuesday, July 6, 2010

Installation error when installing a SCOM R2 Management Server: ‘Error validating current user and server’

Bumped into this issue today at a customers site. SQL, RMS and Reporting were already in place and fully functional. Time to install a SCOM R2 MS.

All seemed to running just fine until I had entered the credentials for the SDK Account. Setup stalled too long and threw this error:
image

? What?!

Time to check the OpsMgr event log of the RMS:
image

EventID 26319? But that event is mostly to be found in old Windows Active Directory environments (Windows 2000 environments or Mixed Mode environments) and not in a AD domain which is more modern. In those days one had to add the SDK account to a special Global Group. But that is not the case here. Also, the SDK account is just fine. Otherwise the other SCOM R2 Servers would not have been installed without any glitch.

Also, the server to become a MS has not a SCOM R2 Agent installed, nor does it host the SCOM R2 Gateway Server role. Nor is it Agentless Managed. This server is totally new and up to specs. So what is happening here? It can’t be any authorization issue either since the installation is run under my special installation account which has all the needed permissions.

No matter what I tried, the same error kept coming back biting me. So I cancelled the installation and examined the logfile (%temp%, MOMxxx.log). But nothing there to be found. Only that the SDK account could not be verified. Nothing new. No more details.

Checked the firewall settings, the RMS (again), the SDK account, the account of the server to become the MS. But nothing at all. All seemed just fine. Nothing exceptional. AD replication was running smoothly as well. So I was running out of options…

Now it was time for a different approach. Like I already blogged about when installing the RMS and testing the Web Console afterwards, many times it throws an error. But after a reboot, all is well. Could it help here as well?

So I rebooted the server and ran setup again. Same error! Hmm. Before taking a real deep dive I decided to reboot the RMS. Easily to be done since SCOM R2 is still under construction.

After that the installation just ran fine! It still puzzles me though. Perhaps did the reboot reregister some accounts/services which were not too happy before the reboot took place.

Being a SCOM consultant is never ever dull. Always something new to experience :).

12 comments:

Lt.Ripley said...

I'm having the same problem. We had an RMS problem and we thought we had it fixed by reinstalling all of the .NET components. After that time however, we noticed one of the failover management servers couldn't launch the console. In the course of troubleshooting, we removed SCOM entirely. I have not been able to reinstall it since that time. Rebooting this server, along with the RMS had no effect. Can you think of anything on the RMS that might be causing this? I'm now able to replicate the problem on other new servers (just trying to install SCOM). The user account has the required permissions in SQL and is the same account that we used to install the other management servers. All ideas/suggestions are welcome.

Marnix Wolf said...

Hi.

Thanks for visiting my blog.

About the issue you are experiencing, do I understand it correctly that you have removed SCOM entirly? The DBs as well?

Or do you mean you removed a single SCOM Management Server while leaving the SCOM Management Group in tact?

And are you having issues now with reinstalling the SCOM Management Server?

Cheers,
Marnix

Lt.Ripley said...

Thank you for replying so quickly. You're right - I meant to say that I removed SCOM from a single SCOM Mgmt Server while leaving the SCOM Mgmt Group in tact. So we have the RMS and one other Mgmt Server that appear to be working. The server that I removed SCOM from entirely was just another failover/backup MS. I have been unable to reinstall SCOM on it since that time. I removed the server from the Mgmt Servers list in SCOM and have ensured it is not in Agent Managed or Agentless Managed. We queried the SQL database to try and remove all instances of that server, but I still get this error on install. I reproduced it on a brand new server as well so I thought the problem must be with the RMS or SQL. I just tried this again today though on a different server and the install worked. I'm going to try again on the original server and will post my results.

Lt.Ripley said...

Reinstalling SCOM on the original server didn't work for me (but an installation on a test server DID work). I'm going to rebuild the original server today and then try again from scratch. If I'm unable to reinstall SCOM on this server even after a new OS installation, I'll be officially stumped. I will post the results. Thanks again for the response. Your blog is excellent.

Marnix Wolf said...

Hi Lt.Ripley.

Thanks for your comments. Much appreciated. Please let me know the results.

Cheers,
Marnix

Sam said...

I notice I had installed the agent on the MS SERVER, Which is not require, I uninstall all system center config components, I deleted the agent in the agent managed section of the root mangement server.
rebooted server I reinstalled management server and it worked.

Marnix Wolf said...

Hi Sam.

Never ever install a SCOM Agent on any SCOM Server (RMS, MS or Gateway Server).

Cheers,
Marnix

Lt.Ripley said...

I'm happy to report that after rebuilding the MS with a new OS install, the SCOM install finally completed. The only "new" behaviour was that after the OS install, the prerequisite check failed with "Microsoft.interop.security.azroles.dll is not registered in the global assembly cache". I hadn't seen that before, but I registered the dll and the pre-req check passed. Installed fine this time.

Marnix, thanks so much for your prompt replies. Your blog is one of the best on SCOM and we follow it closely. I was compelled to write to you when I got that same error you did as I had never seen it before, in all the installs I'd done. I'll no doubt have more questions for you in the future, but take care for now!

Marnix Wolf said...

Hi Lt.Ripley.

Good to hear all is well again. Sometimes the road the success with SCOM is a bit rough and challenging! :)

But you faced it! A job well done. You can always contact me. Not that I know it all (is impossible) but I do have my contacts...

Thanks for your nice comments on my blog. Blogging consumes a lot of my time but all hobbies do that. And comments like yours keep me going.

Cheers,
Marnix

michael said...

Hi there-

I too am having a problem, only it's with the RMS. We lost the server and I'm re-installing the RMS on a new server. We used log shipping for the OperationsManager DB and that is fine, data is all there. When I try and install the RMS I get the validation error dialog box when inputting the SDK Config user account credentials (I checked everything and it's fine) The SDK user has the appropriate rights on the DB. The Action account worked just fine.

I'm sure I'm missing a critical step here, thankfully this is our dev environment ;) I do have the encryption key backed up. Any ideas? -Michael

Marnix Wolf said...

Hi Micheal.

Thanks for visiting my blog.

There could be many causes at play here. Check out the file momx.log (where x is a number, starting at zero, you have to check out the latest one).

This file is located in the folder %temp% and check it for value 3. This will tell you more where it went wrong.

Cheers,
Marnix

gokul said...

Hi,

I had the same problem,restarting the server worked fine for me........