This is part 2 in the series of scenarios regarding Azure Automation Hybrid worker and things you need to be aware of.
Case: SCOM, OMS and Hybrid Worker
If you have SCOM (System Center Operations Manager) and want to configure OMS (Microsoft Operations Management Suite) you need to be carefull about how you configure it since it might affect your Hybrid Worker(s).
In the SCOM Management Console we are able to connect SCOM to OMS workspace. (This is not covered in this article)
Depending on your infrastruce design you might want the traffic to be directed to a proxy. This is done in the connection part. Notice the description. (Web Proxy Server: Define how the management server communicates with the service). What actually happens is covered below.
By setting the proxy settings. Yes the traffic will be directed from management servers to the proxy server defined. BUT what you will figure out is that also any agents (Included in the Managed Computers) will have this setting configured at the local agent.
Since the SCOM agent is upgraded in order to serve as Hybrid Worker it will have a set of new features enabled. Please see below.
(OLD) SCOM Agent features:
(New) SCOM Agent features:
So now we have features for Azure Log Analytics (OMS) and Proxy Settings.
With the Proxy setting configuren in SCOM and if the agent is included in the manged computers (as mentioned above) – the proxy setting will be inherited from SCOM. (this cannot be disabled at the local agent).
Be aware that with the proxy setting enabled, all traffic from the Hybrid Worker (Azure Runbooks executed at the Hybrid worker) will be directed to the proxy. (also internal traffic to e.g.. an internal web service).
The solution depends on how your infrastructure is configured and you need to carefully consider how you configure you SCOM/OMS Connection.