locked
Internet Based Client Management + Apple Macs RRS feed

  • Question

  • Hello,

    We currently use SCCM 2012 R2 CU5 though we plan to upgrade to the latest release (currently R2 SP1 CU1) in October. This time of year is busy for us and we can't afford to risk our production env to any downtime. After we do this we are going to seriously look at implementing internet based client management/internet based DP so we can patch off site laptops and also add our estate of around 500 mac computers into SCCM.

    We currently have 1 primary site and 5 on premises distribution points. We are using HTTPS but our MP and DP configuration only allows intranet traffic. I understand to manage the macs we will need to have an MP and DP that allow internet traffic.

    This leads me to my first question. Can we setup a site system in our DMZ with a static route back through to our main site server which has an Internet only management point and an Internet only distribution point? I also assume we will need to install the enrollment point and the enrollment proxy point on this internet based site system? Our macs will then talk to this management point whilst our on site windows workstations will use the current management intranet only point?

    Any help here would be great. I have read the guide for installing the client on the mac and we did a PoC yesterday which appeared to work out fine. We got the mac client cert template and enrolled a mac successfully. This was only in a very limited test environment though which is nowhere near as complex as our live environment.

    Are there any other things i should be considering to help us move forward with this?

    Many Thanks in advance for any help.

    Thursday, August 13, 2015 9:49 AM

Answers

  • Hi,

    You should first have a look at this article before installing site system roles for MACs. It lists the ports are used by Configuration Manager, especially the ports for MAC clients, Enrollment point and Enrollment Proxy point.

    Technical Reference for Ports Used in Configuration Manager 


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Joyce L Wednesday, August 26, 2015 8:56 AM
    • Marked as answer by Joyce L Wednesday, September 2, 2015 8:08 AM
    Friday, August 14, 2015 7:18 AM