Thursday, April 14, 2016

Office 365 MP & Proxy: The One & Only Solution For ‘Connection to EndPoint Service failed’ Alert

Issue
Even though the Office 365 MP isn’t that good (duh!), there are still some organizations who require this MP in their SCOM environment. The import and configuration of this MP is straight forward and quickly the Alerts (AKA noise?) come in…

However, when there is a proxy required for internet access, it can be a challenge to make sure all works fine. Otherwise the Office 365 MP can’t connect to the Office 365 Endpoint, resulting in an Alert like this one:
image

Cause
Even when the proxy is correctly configured in IE for the correct account used by the Office 365 MP Run As Profile, on the SCOM Management Servers participating in the Resource Pool used by the Office 365 MP, it doesn’t work.

Underwater the HealthService.exe process spawns a new MonitoringHost.exe process, under the credentials defined in the Office 365 MP Run As Profile. But it doesn’t pick up the proxy settings defined in IE for the same account.

Instead it doesn’t use a proxy at all, resulting the previous mentioned Alert.

Solution
First an foremost, ascertain there is a working internet connection on the MS servers who are member of the Resource Pool used by the Office 365 MP:

  1. Log on to the related MS server(s), open IE and configure the proxy as required;
  2. Try to open this website:https://office365servicehealthcommunications.cloudapp.net/
  3. When all is okay, you’ll get an 403 - Forbidden: Access is denied message:
    image
  4. Repeat these steps on ALL SCOM Management Servers participating in the Resource Pool used by the Office 365 MP.

At least you know now the internet connection to the Office 365 Endpoint is functional. Time to move on to the next phase, editing the MonitoringHost.exe.config file, found on the Management Server in folder C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server.

Mind you, even though these actions could be limited to only the SCOM Management Servers participating in the Resource Pool used by the Office 365 MP, it’s Best Practice to modify ALL SCOM Management Servers of the related SCOM Management Group. This way all your SCOM Management Servers are configured in the same manner. Also Change Management should be applied here. So make sure to log this change and to follow the change procedures required by the company you’re working for.

Action PER SCOM Management Server:

  1. Start a RDP session and log on with local admin permissions;
  2. Locate the file MonitoringHost.exe.config (on a SCOM 2012 R2 MS server: C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server), make a copy of it and store it in a safe place. This way there is always a way back;
  3. Open the file in an editor like Notepad++, and add these lines just below the element <configuration>:
    image
  4.   <system.net>
        <defaultProxy enabled="true" useDefaultCredentials="true">
          <proxy      
            proxyaddress="http://proxyaddress:8080"
            bypassonlocal="true"
          />
          <bypasslist>       
          </bypasslist>
        </defaultProxy>
      </system.net>

  5. Modify the entry http://proxyaddress:8080 as required by your proxy configuration. Now the file looks like this:
    image
  6. Save the file;
  7. Restart the Health Service;
  8. Repeat these steps on ALL SCOM Management Servers.

Now the Office 365 MP will be able to connect to the Office 365 Endpoint.

Used sources
Based on these sources I found the solution as described:

  1. TechNet Forum, comment posted by MMF1971. So all credits should go to him/her.
  2. KB3026285, which didn’t help at all Smile.

No comments: