SCOM Agent Push Installation Failure

To monitor servers using SCOM 2012 R2 Microsoft Operations Manager Agent should be installed in the servers. But sometimes you may have noticed agent installation via push installation/automatic discovery fails.

I’ve setup SCOM 2012 R2 in a customer environment which has below setup.

  • 2 SCOM Servers in a child domain (i.e
  • 10 Windows Servers in the same child domain need to monitored
  • 5 Windows Servers in the parent domain (i.e need to be monitored

The push installation was successful for the servers in the child domain but not in the parent domain. When I took a closer look I noticed that inbound ports except port 5723 has restrictions in the parent domain servers.

SCOM Management servers use below ports to communicate with MOM Agent. All these are inbound on the servers that has MOM agent installed.

Service Port Protocol
RPC endpoint mapper 135 TCP/UDP
RPC/DCOM High ports (2000/2003 OS 1024 – 5000 TCP/UDP
RPC/DCOM High ports (2008 OS) 49152-65535 TCP/UDP
NetBIOS name service 137 TCP/UDP
NetBIOS session service 139 TCP/UDP
SMB over IP 445 TCP
MOM Channel 5723 TCP/UDP

SCOM uses RPC & SMB to copy the agent installation setup files to the server that needs to be monitored. Therefore TCP/UDP ports 135, 137 & 445 needs to be opened.

In my case these ports are not opened in the root domain. Therefore I proceeded with manual agent installation of the failed servers. Although the agent installation was successful still those servers was not visible on the management server.

If you are doing manual agent installation you need to configure the security settings of the management server in the Operations Console by visiting Administration > Settings > Security > Tick Review new manual agent installations in pending management view radio button.

Approve Manual SCOM AgentThis will list the manually installed agents in the Pending Management section so that you can review and approve. Also if you want to automatically approve the agents tick the Automatically approve new manually agent installed agents check box.


  • Ishant Upadhyay

    I am having the same problem i can do it manually but cannot do it through push.
    Do we have to open the above mentioned port on agent side or SCOM client side or both side. And do we have to open it in the Inbound rule or outbond rule in Advance wirewall seting