I have been noticing these two Event Ids (1220 and/or 7022) on my domain controllers on Operations Manager event log. Turn out to be it is an easy one to fix.  I following Method B on this MSKB: The Health Service does not process configuration files, and events 7022 and 1220 are logged every 30 minutes on a domain controller on which you installed the Operations Manager 2007 agent 

Even though we specify action account is a domain admin, SCOM agent uses local system account for collecting privileged information. I preferred to run HSLockdown tool to enable local system account on domain controllers.

Only negative thing is you have to run this on all domain controllers on your enterprise.

Method 2: Run HSLockdown.exe to configure permissions

Run HSLockdown.exe on the affected domain controllers to remove NT Authority\SYSTEM from the Denied list. To do this, follow these steps:

1. On the domain controller, open a command prompt, and then open the folder where the agent software is installed. By default, the agent is installed in the following folder:

   C:\Program Files\System Center Operations Manager 2007

2. Type the following command, and then press ENTER:

   hslockdown “Management_Group _Name” /R “NT AUTHORITY\SYSTEM”

   In this command, Management_Group _Name is the name of the Operations Manager 2007 management group of which the agent is a member. Use quotation marks if the name contains spaces.

3. Restart the OpsMgr Health Service.
4. Repeat step 1 through step 3 on each domain controller that is affected.