SCOM Gateway server re installation steps 

As Gateway server in SCOM is a bridge server which allows the servers in DMZ(servers behind firewall zone) and servers which are part of an enterprise domain (workgroup) communicate and download Management Packs for the clients in DMZ / workgroup effectively get monitored in SCOM Tool.

Since the clients or servers which are in DMZ/workgroup servers, they need authentication of some sort communicate with the SCOM servers which are usually are deployed in a domain.

There are scenarios where you need to deploy the Gateway servers using different methods and security permissions.

Gateway with Agent-managed Workgroup Servers

In this implementation monitoring of a remote, untrusted AD domain is desired. Some servers desired for management by the Gateway Server are members of a workgroup. In this scenario, certificate authentication will be required not only between the management server and gateway server, but also between the Gateway Server and agent-managed computers. 

Requirement of this setup: Machines requiring certificates: Management Server, Gateway Server, agent-managed workgroup servers.

Please note: 1.Please create a new Gateway server to migrate all the existing agents. 2.And also ensure new Gateway server is communication with the Management you are connecting.3. Ensure that your new Gateway server has the CA or PK certificate installed with event id: 20053 received on that server.

         Steps to follow:

• You need to remove all the old gateway entries on the client machines in control Panel.
• Delete all agents appearing grey under old gateway server on Console.
• Goto Management server and run the Gateway Approval with "Delete" attribute for the old Gateway server.
• Run the Gateway Approval with the new Gateway Server name with attribute "Create".
• Goto new Gateway server uninstall the Gateway role, and reinstall with Management Server.
• Restart the Gateway Server and wait until it comes back
• You will see the turned Gateway Server turned healthy under Management Server on console
• All the client servers will be in Pending Management on Console.

Please note: This article is for those with less gateway clients and they can very efficiently do it without any hazzle.

I have written this article to contribute to the SCOM community.