SCORCH 2016 + SCOM 2016 IP + TLS 1.2

If you happen to use Microsoft System Center Orchestrator (SCORCH) 2016 & the System Center Operations Manager (SCOM) Integration Pack and disable TLS 1.0 on SCORCH and SCOM, you will get the following error when testing the IP connection to SCOM:

“Failed to connect.  Please verify your settings”.

If you re-enable TLS 1.0 on SCORCH and SCOM, the SCOM IP will connect successfully.  I currently have a ticket open with Microsoft Support and they have acknowledged this bug.  I will update this post with any updates as I get them.

(8/6/18) The fix:

  1. Go into Local Group Policy Editor.  Go to Computer Configuration>Windows Settings>Security Settings>Local Policies>Security Options
  2. Set System cryptography: Use FIPS compliant algorithms for encryption, hashing and signed to Enabled
  3. Reboot SCOM/SCORCH servers after you make this change.  This change needs to be done on all SCORCH management and runbook servers and all SCOM servers.
  4. Re-test connection from SCOM 2016 IP.  It should succeed this time.

Another fun error I was getting while testing the SCOM IP connection was:

“Missing sdk binaries.  Install System Center 2016 Operations Manager Console first”

After messing around with installing the SCOM 2012 console and uninstalling and re-installing the SCOM 2016 console several times and publishing DLLs to the GAC folder, the fix for this was:

1.  Uninstall SCOM console from management server and all runbook servers.

2. Uninstall SCOM IP and confirm it from Add/Remove program on all management and runbook servers.

3. Register and deploy the latest SCOM IP.

4. Install SCOM console only if you need to use OperationsManager Module commands in PowerShell scripts

  • Soli Deo Gloria

Leave a Reply

Your email address will not be published. Required fields are marked *