Hi,
Monitoring an untrusted domain member in SCOM can be challenging due to the lack of Kerberos authentication. The errors you're encountering suggest issues with mutual authentication and the SPN registration.
Here are some steps and considerations that might help resolve the issues:
-Certificate Installation: Ensure that the certificate imported into the untrusted domain member has the correct permissions and is properly installed. The certificate should be for both client and server authentication.
-Host Files: Double-check the host files on both the untrusted domain member and the SCOM management server to ensure they resolve correctly.
-Service Principal Name (SPN): Verify that the SPN for the SCOM Management server is correctly set. The SPN is crucial for mutual authentication.
-Gateway Server: If you're using a Gateway server, ensure that it's correctly configured to communicate with the untrusted domain member.
-Agent Installation: The agent on the untrusted domain member should be installed and configured correctly. You might need to use the MomCertImport tool to import the certificate for the agent.
-Firewall and Ports: Check that the necessary ports are open and the firewall settings allow communication between the untrusted domain member and the SCOM management server.