locked
Installing and managing DMZ clients RRS feed

  • Question

  • Just wondering if there’s any changes when managing DMZ clients in CM12. In ConfigMgr 2007 we’ve opened the appropriate firewall ports and I’ve always installed the client after configuring the hosts and lmhosts file. Is this process still the same?

    Lmhosts:

    192.168.1.70        siteserver                        #PRE

    192.168.1.70        "SMS_SLP        \0X1A"        #PRE

    192.168.1.70        "MP_P01         \0X1A"        #PRE

    I’ve also added sitserver to hosts so it can be resolved. Have run a nbtstat –R. Looking at the firewall I’m not getting any blocks so it’s not even attempting to contact the MP. I’m thinking lmhosts is misconfigured? (it worked ok for ConfigMgr 2007).
    Sunday, July 14, 2013 6:18 AM

Answers

  • So why not use the DNS servers in the DMZ of the hosts file?

    Also, /MP does *not* and never, ever did (sorry a rant but I'm baffled as to why folks use it instead of the correct property) set the MP to use by the client; SMSMP does this (and always did).

    How about those log files?


    Jason | http://blog.configmgrftw.com

    Sunday, July 14, 2013 10:37 PM

All replies

  • First, there is no SLP in 2012 so that entry is useless.

    Next, why wouldn't you use DNS for this: http://technet.microsoft.com/en-us/library/gg682055.aspx?

    How are you installing the clients?

    Have you reviewed any log files like clientlocation.log?


    Jason | http://blog.configmgrftw.com

    Sunday, July 14, 2013 1:51 PM
  • They're in the DMZ so they can't contact the internal DNS server. I installed the client using the following command:

    ccmsetup.exe SMSSITECODE=P01 /MP=siteserver /skipprereq=Silverlight.exe

    Sunday, July 14, 2013 10:19 PM
  • So why not use the DNS servers in the DMZ of the hosts file?

    Also, /MP does *not* and never, ever did (sorry a rant but I'm baffled as to why folks use it instead of the correct property) set the MP to use by the client; SMSMP does this (and always did).

    How about those log files?


    Jason | http://blog.configmgrftw.com

    Sunday, July 14, 2013 10:37 PM
  • ClientLocation.log:

    I'm noticing there are references in the locationservices.log to the old 2007 site server which i've marked in the image. the rest of the references are to the new site server. LocationServices.log:

    Sunday, July 14, 2013 11:53 PM
  • First, it looks like you've had the 2007 client installed before so that's why it's getting things from the registry.

    Next, as noted, /MP does *not* set the MP for the client to use. Thus, add the SMSMP property to your command-line.

    Finally, also add the SMSSITECODE property to your command-line also -- never rely on auto-site assignment if you can avoid it.


    Jason | http://blog.configmgrftw.com

    Monday, July 15, 2013 1:12 PM