SCCM client push requirement
Disable firewall or open the necessary ports:
Disable firewall or open the necessary ports:
Port
|
Remark
|
||
80
|
TCP
|
||
443
|
TCP
|
native
mode management point
|
|
445
|
TCP
|
||
135
|
TCP
|
UDP
|
In addition, the following needs to be open as well:
o
ICMP (ping) from server to client.
o
BITS service needs to
enable.
o
Add the following as exceptions to the Windows
Firewall:
Outbound and inbound: File and Printer Sharing
Inbound: Windows Management Instrumentation (WMI)
Outbound and inbound: File and Printer Sharing
Inbound: Windows Management Instrumentation (WMI)
For complete list of ports used by the
client:
Ports Used
During Configuration Manager Client Deployment
Windows Firewall and Port Settings for Client Computers in Configuration Manager
Windows Firewall and Port Settings for Client Computers in Configuration Manager
·
Add Client Push
Installation Account to local administrators group on the target machine (group
policy is preferred method for that).
·
Make sure administrative
shares available on the target machine (C$, Admin$ ect.):
Troubleshoot administrative shares
Troubleshoot administrative shares
·
SCCM client require 500 MB
available disk space, with 5 GB recommended for the Configuration Manager Client
cache.
Computer Client Hardware Requirements
Computer Client Hardware Requirements
Configure Client Push Installation
The following settings need to be configured for Client Push Installation.
The following settings need to be configured for Client Push Installation.
Go to Administration node -> Site Configuration -> Sites -> on
the ribbon bar go to settings -> Client Installation Settings -> Client
Push Installation:
On General tab of Client Push Installation Properties, enable automatic
Site-wide client push installation and check the system type you like the
client to be installed:
On Account tab, add Client Push Installation account. As mentioned before,
this account needs to be member of local administrators group on target
computers:
You can leave Installation properties as default – it needs to be set as
SMSSITECODE=YourSiteCode
SCCM client push troubleshooting
- First, make sure all client push requirements were meet.
- Boundary and boundary group were created and the workstation fall into it. Make sure the site code appear next to the client name:
- When client push installation request start, the request can be view in CCM.log on the SCCM server (locate under %programfiles%\Microsoft Configuration Manager\Logs). This is the place to look for errors if there is any communication issue between the SCCM server and the target workstation:
- Next ccmsetup program runs as a service by default (you can see it in Services console) and downloads all the necessary files to complete the client installation from a specified management point or from a specified source location to C:\Windows\ccmsetup folder.
- Check that ccmsetup folder was created under C:\Windows.
- Open ccmsetup.log and client.msi.log under C:\Windows\ccmsetup\Logs with CMTrace.exe (located in %programfiles%\Microsoft Configuration Manager\tools) and look for any errors in the installation process.
- On the client go to control panel and open the Configuration Manager applet. Go to Actions tab and make sure you see all the below actions:
- Go to client logs which located in C:\Windoes\CCM\Logs.
- search for:
o
Clientlocation.log - Records
tasks that are related to client site assignment.
o
Locationservices.log - Records
the client activity for locating management points, software update points, and
distribution points.
Other SCCM client logs
Testing WMI service for remote computer
- In case SCCM server fail to contact or start installation process, it will try install the client every 1 hour for 7 days.
The following test needs to be done first on local machine (were client failed to be installed), then remotely from SCCM server:
Rebuilding WMI
Rebuilding WMI can sometimes "fix" WMI issues but in most cases this is a workaround and not really fix the real issue, and as a result, the issue can be back shortly.
In addition, rebuilding WMI can lead to other issues with already installed application that useing WMI.
So in short, rebuilding WMI should be (in any) the last step for troubleshoot WMI issues.
Other WMI useful links:
- From Run, type WMIMGMT.MSC
- Right click WMI Control (Local) and click Connect to another computer.
- On Change managed computer, click Another computer and type the remote computer name and click OK.
- Right click WMI Control (Remote computer name) and click properties.
- On WMI Control (Remote computer name) properties page you should see the remote computer information:
Any other message suggests you have trouble access local\remote computer WMI service.
Troubleshoot WMI
Ensure COM security settings are configured correctly:
- From Run type DCOMCNFG, navigate to Component Services -> Computers -> My Computers -> Properties.
- Go to COM Security tab.
- In Launch and Activation Permissions press on Edit Defaults and make sure SYSTEM, Administrators and INTERACTIVE have the following permissions:
In addition, the WMI DCOM settings should also be checked:
- From Run type DCOMCNFG, navigate to Component Services -> Computers -> My Computers -> Windows Management and Instrumentation -> Properties.
- Make sure Authentication level set to Default.
Rebuilding WMI
Rebuilding WMI can sometimes "fix" WMI issues but in most cases this is a workaround and not really fix the real issue, and as a result, the issue can be back shortly.
In addition, rebuilding WMI can lead to other issues with already installed application that useing WMI.
So in short, rebuilding WMI should be (in any) the last step for troubleshoot WMI issues.
Other WMI useful links:
No comments:
Post a Comment