Monitoring and managing an Ubuntu Linux server in System Center Operations Manager 2012 R2

First we need to make sure we have a “run-as” account setup in SCOM for Linux machines.  You can find this in Administration>UNIX/Linux account and “Create Run As Account”  This account does not need to be the same as the account you use to discover and install the agent however in a lab or simple environment you might choose to make it the same account.

Next we need to create a local account for SCOM to install deploy the agent and manage the Ubuntu machine.  This might be the same username and password you used for your “run-as” account but doesn’t have to be.  Log on to your Ubuntu server and run the following command and follow the on screen prompts to create a password.

sudo adduser scomaccount

Now we need to let this account use sudo with no password.  So do this run:

visudo

add this line to the very bottom of the file and then save and exit.

scomacc ALL=(ALL) NOPASSWD:ALL

Before running the discovery wizard in SCOM check both forward and reverse DNS lookups for your ubuntu server work correctly, for example the following commands run on your SCOM server should return the name and IP address.  You will get an error if these addresses are wrong.

nslookup linux server

nslookup 10.0.4.56

When running the discovery wizard enter the account details you setup above, but make sure to select the account is not privileged and that it needs sudo elevation but leave the password blank in the elevation section.

scom account 1

scom account 2

You should now be ready to click on discover tick the server and then click on manage.  If your Linux machine has only a single name host name you will likely see a certificate error.  To fix this either change the host name on your Linux box to be the correct FQDN or manually create a new certificate with the command below on your Ubuntu server:

/opt/microsoft/scx/bin/tools/scxsslconfig –h linuxserver01 –d yourdomain.com -f –v

where linusserver01 is your hostname and yourdomain.com is the fully qualified domain name that your Linux server resolves to in DNS.  Once this has been run you should be able to click back and then on manage again and it will retry.  If all is well you should see the below.

scom success