System Center Mobile Device Manager TechCenter >
Mobility Forums
>
System Center Mobile Device Manager
>
Deploying SCMDM (Enrollment Server) on SBS 2008
Deploying SCMDM (Enrollment Server) on SBS 2008
- This might be a non-starter from the outset, but here's what I am trying to do. I want to install SCMDM on a Small Business Server (SBS2008). I am having trouble once I get to the point where I install the Enrollment Server, but here are the steps I have taken using this page as a reference http://technet.microsoft.com/en-us/library/dd261786.aspx :
- I followed steps 1a, 1b, and 1d (1c was optional and I believe was done while configuring the AD) to configure the Active Directory. The only error I encountered was in step 1a, #6 (/enablegpsecurity), but this step appears to be optional, so I ignored the error and proceeded the rest of the way error-free.
- When it comes time to install the Enrollment Server, I get the following Prerequisite error: "The TCP/IP port 443 is in use by another application. The Enrollment Server requires the TCP/IP port 443 for communication with clients. Stop the application currently using this port and restart the Setup wizard." This makes sense considering SBS 2008 has so many roles installed by default, and I use Outlook Web Access, which I believe also uses port 443.
So what do I do?
- Can the Enrollment Server coexist on port 443?
- Can I temporarily shut down any applications using port 443, install Enrollment Server, change its default port, and restart the other applications?
- Can I even continue installation of Enrollment Server on the SBS machine? or am I wasting my time?
- Other options?
A few other items to note:
- I use Windows Server 2008 R2 as my host, and I have SBS2008 running on a Hyper-V VM.
- SBS2008 is set up as the "heart and soul" of my network; it is the primary file server, AD controller, DHCP, DNS, Exchange 2007, etc...it is a typical SBS 2008 setup.
- I am behind a dynamic IP. My local domain is mydomain.local, and my internet domain which I use for OWA is mydomain.dyndns.org. When completing step 1 from the deployment guide (the AD configuration), I used mydomain.local as my FQDN.
- I've got OWA working fine, my mobile device synchronize quite nicely with Exchange, so on and so forth. I seem to have a solid, stable setup.
Thanks
All Replies
- I'd label installing SCMDM on SBS as a high-risk activity for a number of reasons:
- It is not recommended to install SCMDM on a DC. It should work for test purposes provided you perform some extra steps, but people have reported issues where it simply doesn't work even if the extra config steps were taken.
- SCMDM will only work running on Windows Server 2003. When I tried installing on Windows Server 2008 it refused to do so. SBS2008 is a special case though, so maybe the pre-install check is fooled in some way.
- SBS being a special case of Windows Server + Exchange ++ (thus MSFT breaking some of their own design guidelines) is probably not open for additional tweaks.
Enrollment Server needs to run on port 443 since the device does not allow you to connect to a different port. Technically multiple host names can run on the same IIS, but I don't know how the Exchange-vdirs are configured on SBS so I wouldn't be too comfortable doing this.
The IP address can only be bound to one SSL certificate, so if you're already using one cert for OWA you'd need an additional IP assigned to run enrollment, and in the same instance you'd solve the port conflict. If you connected your SBS directly to a DHCP assigned WAN IP this isn't really workable. (Being in Hyper-V you can add another virtual NIC, but you might see routing issues.)
So in short, no, don't go further with this unless you are prepared to spend time struggling to get it to work. Leave the SBS as it is, and setup a dedicated virtual server for SCMDM.- Proposed As Answer byWayne Phillips.MVP, ModeratorMonday, November 09, 2009 12:17 AM
