locked
SCCM 2012 - Non domain client without SSL RRS feed

  • Question

  • Hi everyone,

    I am over my head in a project that I want to start with.
    Have never worked with SCCM 2012 but I got it all working in a domain environment.
    However, I want to push myself forward and use SCCM with VPN tunnels to my customers.

    To spare your time I will summarize my environment and my question.

    Environment:
    SCCM2012 SP1
    MYSQL 2012
    Clients Windows 7 Pro

    Question:
    Do you know of a manual, howto or some instruction to allow non domain clients to connect to a SCCM server ( NO SSL ).

    Additional information:
    I want my customers who have their own AD to connect through the VPN Tunnel to my SCCM server and get their applications.
    I am aware of the fact that it will be manual installations. I don't want SSL as my VPN tunnel is secure enough and this will be my second step ( 1 step at the time and learn the basics ).

    Any help would be much appreciated.


    Andre

    Tuesday, July 30, 2013 7:20 AM

Answers

All replies

  • Hi,

    There is no requirement for SSL when working with Workgroup computers. It is described on TechNet here how to install the client on a workgroup computer and what feature works and what not: http://technet.microsoft.com/en-us/library/gg712298.aspx

    Workgroup computer are not approved by default, you will have to change the Site Settings for Client Approval if you wan't the workgroup computers to be approved automatically. http://technet.microsoft.com/en-us/library/hh427330.aspx

    in your list above your wrote MYSQL 2012 I assume you mean MS SQL server 2012 as MYSQL is not supported.

    Regards,
    Jörgen


    -- My System Center blog ccmexec.com -- Twitter @ccmexec

    • Marked as answer by dre2008 Tuesday, July 30, 2013 7:57 AM
    Tuesday, July 30, 2013 7:50 AM
  • Have never worked with SCCM 2012 but I got it all working in a domain environment.
    However, I want to push myself forward and use SCCM with VPN tunnels to my customers.
    [...]

    Question:

    Do you know of a manual, howto or some instruction to allow non domain clients to connect to a SCCM server ( NO SSL ).

    Additional information:
    I want my customers who have their own AD to connect through the VPN Tunnel to my SCCM server and get their applications.


    You have no experience with ConfigMgr and want to use/sell it to customers? I'd start with ConfigMgr basics first before having a look at multi-tenancy. It's a complex and powerful enterprise product. Don't get me wrong, but there's potential for breaking all of the clients unintentionally.
    Do you want to manage workgroup machine or domain-joined ones? That's a difference. Also have a look at http://technet.microsoft.com/en-us/library/gg712701.aspx#BKMK_Plan_Service_Location.


    Torsten Meringer | http://www.mssccmfaq.de

    Tuesday, July 30, 2013 7:51 AM
  • Hi Jörgen, thanks for providing me with the information this is much appreciated.

    Torsten, thanks for the heads up but I have it currently in a testing environment. After setting it all up I will go study the books and take classes only I think it is better to mess around in a test enviroment to get fammiliar a bit before going to the theory. So after having set this al up I will take the classes.

    After that I will make it live but once again thanks for the heads up :-)


    Andre

    Tuesday, July 30, 2013 7:57 AM

  • I want my customers who have their own AD to connect through the VPN Tunnel to my SCCM server and get their applications.


    VPN tunnel will provide you only a tcp/ip connection, that´s not enough. You probably will need set up HTTPS communication in SCCM, which will require few certificates. That´s a littble bit complex. Played around with this myself, never had to chance to make it work fully.
    Tuesday, July 30, 2013 9:13 AM
  • Hi Yannara, see the comment of Jörgen:

    Hi,

    There is no requirement for SSL when working with Workgroup computers. It is described on TechNet here how to install the client on a workgroup computer and what feature works and what not: http://technet.microsoft.com/en-us/library/gg712298.aspx

    So if the computer is in a workgroup or other domain this should also work. The VPN tunnel will be secure enough, for now. After that I will implement the SSL certs.


    Andre

    Tuesday, July 30, 2013 2:58 PM