Updates deployment for DMZ Workgroup Servers from SCCM 2012 SP2 RRS feed

  • Question

  • Hi,

    I have 2-3 DMZ Servers  in Workgroup, on which i want to deploy updates and applications only from SCCM 2012 SP2..

    I have Primary and its child secondary site servers , for these DMZ Servers i want to configure the Content location & MP as Secondary Site Server. I need below details:

    1.Which network ports i have to open against SCCM Primary and Secondary Site Servers ?

    2. which Site Server FQDN i have to use in host file and lmhost file ?

    3. Which Site Server`s MP and Site Code i have to use during sccm agent installation ?

    ccmsetup.exe /mp:abc.com SMSSITECODE=P02

    4.is all the required network ports should be open only from DMZ servers to Site Servers only or from both end ?

    5. Is any Windows Firewall Exception required on DMZ Servers ?

    Shailendra Dev

    Thursday, December 15, 2016 8:02 PM

All replies

  • #1: https://technet.microsoft.com/en-us/library/hh427328.aspx

    #2: primary and secondary at least plus all site systems that need to be accessed

    #3: Primary

    #4: see #1

    #5: see #4

    Torsten Meringer | http://www.mssccmfaq.de

    Friday, December 16, 2016 7:30 AM
  • I got it i have one more ask here

    is all the required network ports should be open from DMZ Server to Primary site server or DMZ Server to Secondary site Server as i want to use secondary site server for the content..

    Shailendra Dev

    Friday, December 16, 2016 11:27 AM
  • See Reply #2. A Client has to reach both the MP on the Primary and secondary site.

    Torsten Meringer | http://www.mssccmfaq.de

    Friday, December 16, 2016 12:33 PM
  • thanks Torsten .

    Due to security reason i can`t open the Port 80,10123,8530 from DMZ Servers to Primary Site Server but i can open the same port from DMZ Servers to nearest Secondary Site Server ..

    in this Scenario,

    1. Can we use application & Software updates deployment?

    2. What would be the lmhost file configuration and sccm client installation switches?

    3. can we use MP and Site code of Secondary site Server as below during sccm client installation ?

          ccmsetup.exe SMSSITECODE=SE1 SMSMP=SE1SCCM.domain.com

    Shailendra Dev

    Sunday, December 18, 2016 10:48 AM