When a SCOM Management Group (MG) is already in place for some time and an additional SCOM Management Server is added to it later on, there are quite a few steps you need to do in order to get it working properly. When forgetting one of those steps it might result in a SCOM MG showing erratic behaviour.
Take these steps AFTER the new SCOM Management Server is installed. This To Do List is based on OM12 SP1
Please make sure the new SCOM Management Server uses the same AV policy as the other SCOM Management Server. So the correct folders and processes are excluded from AV scans. Check KB975931 for more information.
When using Gateway Servers and/or monitoring servers using certificates, make sure the new SCOM Management Server gets a valid certificate as well. And don’t forget to configure it properly.
Make sure all the firewalls, either running on your Windows Server hosting the new SCOM Management Server role and the dedicated network firewalls, accept the traffic coming from the new SCOM Management Server.
Make sure the new SCOM Management Server is added to the proper Resource Pools so it adheres to the original design.
When monitoring UNIX/Linux systems and the new SCOM Management Server will become a member of that Resource Pool, make sure it has the proper certificates in place. Not only its own certificate but also the certificates of all the other Resource Pool members. Also the other Resource Pool members must get the certificate of the new SCOM Management Server as well.
Sometimes special MPs are in place, requiring additional actions on the new SCOM Management Servers. Examples are the NetApp MP, SharePoint 2013 MP.
Some third party tools extend the SCOM Console, like Savision Live Maps. So install those Console extensions on the new SCOM Management Servers as well.
Registry and/or config file modifications
If you have implemented custom registry or config file settings on your management servers, don’t forget to implement those as well. Often it is advisable or required to have these settings the same on all management servers in the resource pool or management group.
Run As Accounts & their related Run As Profiles
It could be that certain runas accounts are set to more secure distribution and you had selected the initial Management Server(s). If so make sure you add the new Management Server as well to the distribution of such accounts.
Custom scripts modifications
If you are using custom scripts running on management servers for custom monitoring or command based notification channels, remember to copy those to the new management servers.
Custom MP modifications
You could have custom management packs, such as Backup Unsealed MP’s, which are set to backup to a directory on disk. In these kind of cases confirm that files and directories exist and that overrides which were set to target specific management servers are also applied to the new management servers if applicable. There could be some overrides you have made in management packs which target specific management servers. These need to be evaluated if those are needed on the new Management Server as well.
Custom monitoring modifications
Check other custom monitoring you have implemented that uses certain management servers as monitoring agents, such as web page checks. Of course only in case you want the new server to do the same kind of workflows, or if a new management server is eventually going to replace an existing one.
This should enable you to successfully add an additional SCOM Management Server to an existing MG without bumping into issues after it.