locked
Client Installation Properties for Internal and External Management (IBCM) RRS feed

  • Question

  • Hello All,
    I am not new to SCCM 2012 however I am new to the idea of clients roaming between the intranet and the internet. I am getting ready to migrate 6,000+ clients to CM12 and was wondering if I could use the Client Push method to specify client installation properties that would allow roaming. The certs have already been created. There are already 20 clients that have been upgraded to CM12. I am trying to figure out what methods I can use to let the client use an MP on the intranet when inside the network and a IBCM MP when on the outside. To complicate things it was decided by Senior Management to use a reverse proxy (Netscaler) and keep the proposed DMZ server on the inside of the network. Any help would be greatly appreciated. Thanks in advance.

    Current Config:
    1 CAS
    3 PRI
    3 SEC
    2 MP's/DP's for High Availability

    Thursday, September 19, 2013 1:37 PM

Answers

  • Okay so this is what I have found so far. Which was shown as an example on Technet under Client.msi Properties .

    CCMSetup.exe /MP:mpserver.contoso.com /UsePKICert SMSSITECODE=ABC CCMHOSTNAME=server05.contoso.com CCMFIRSTCERT=1 FSP=server06.constoso.com

    Can the following be used as part of the Client Installation Properties?

    /MP:mpserver.contoso.com /UsePKICert /NoCRLCheck SMSSITECODE=ABC CCMHOSTNAME=server05.contoso.com CCMFIRSTCERT=1 FSP=server06.constoso.com

    Specifying the MP and Site Code are primarily for first communication correct?

    When inside another Boundary Group the MP and Site Code are not bound to the ones specified in the installation properties are they?

    I am guessing here but to me it seems like I could use the first one for manually installs and hopefully the second one for the client push. It took me a second to see that the .exe and .msi have different tasks and that both of their switch options can be used in the same command line. As long as the ccmsetup switches are called first.

    Thursday, September 19, 2013 2:30 PM

All replies

  • 1 CAS and  3 primaries for 6k clients only? Why haven't you just used a standalone primary site?

    Torsten Meringer | http://www.mssccmfaq.de

    Thursday, September 19, 2013 2:24 PM
  • Okay so this is what I have found so far. Which was shown as an example on Technet under Client.msi Properties .

    CCMSetup.exe /MP:mpserver.contoso.com /UsePKICert SMSSITECODE=ABC CCMHOSTNAME=server05.contoso.com CCMFIRSTCERT=1 FSP=server06.constoso.com

    Can the following be used as part of the Client Installation Properties?

    /MP:mpserver.contoso.com /UsePKICert /NoCRLCheck SMSSITECODE=ABC CCMHOSTNAME=server05.contoso.com CCMFIRSTCERT=1 FSP=server06.constoso.com

    Specifying the MP and Site Code are primarily for first communication correct?

    When inside another Boundary Group the MP and Site Code are not bound to the ones specified in the installation properties are they?

    I am guessing here but to me it seems like I could use the first one for manually installs and hopefully the second one for the client push. It took me a second to see that the .exe and .msi have different tasks and that both of their switch options can be used in the same command line. As long as the ccmsetup switches are called first.

    Thursday, September 19, 2013 2:30 PM
  • I have been asked the same question about a dozen times. Originally that is what I was going for however the client choosing a Management Point through randomization would have been a problem when it came to machines across the pond. The client also wanted to have room for the mass integration of another company coming down the line in the future.
    Thursday, September 19, 2013 3:17 PM
  • Hi CM12 Enthusiast.

    Where you able to get IBCM to work with Citrix Netscaler?

    I'm currently looking into support my internet based clients tru reverse proxy / Citrix Netscaler.


    Monday, March 23, 2015 11:59 AM