Have a lot of 26004 events on SCOM server (all about DHCP).
I’ve added SCOM Action Account to “Event log readers” group on all dhcp servers (as per https://jurelab.wordpress.com/2015/02/18/failed-accessing-windows-event-log-on-management-server-warning-state-event-id-26004/) but it didn’t help. Maybe somebody knows how to resolve this issue.
The Windows Event Log Provider is still unable to open the DhcpAdminEvents event log on computer 'dhcp.domain.com. The Provider has been unable to open the DhcpAdminEvents event log for 3600 seconds.
Most recent error details: Access is denied.
One or more workflows were affected by this.
Workflow name: Microsoft.Windows.DHCPServer.2012.FailoverServerWatcher.UnitMonitor.LostCommunicationWithfailoverPartnerServer
Instance name: dhcp1.domain.com-dhcp2.domain.com
Instance ID: {someID}
Management group: MGGROUPname