none
SCCM push Client install

    질문

  • Hi,

    I need to know which ports in the firewall on local Client I need to add or open for the SCCM client to be installed on the client.

    If i activate inbound rules > File And Printer Sharing * > enable

    The SCCM client will install, but i will get issue with GPO connection after enabling these ports. GPO won't connect while these ports are enabled.

    What should i try? any idea?

    • 편집됨 SilenceIbo 2018년 1월 29일 월요일 오후 2:25
    2018년 1월 29일 월요일 오후 2:14

모든 응답

  • Hi,

    Ports that are used with client push installation

    In addition to the ports listed in the following table, client push installation also uses Internet Control Message Protocol (ICMP) echo request messages from the site server to the client computer to confirm whether the client computer is available on the network. ICMP is sometimes referred to as TCP/IP ping commands. ICMP does not have a UDP or TCP protocol number, and so it is not listed in the following table. However, any intervening network devices, such as firewalls, must permit ICMP traffic for client push installation to succeed.

    Description

    UDP

    TCP

    Server Message Block (SMB) between the site server and client computer.

    --

    445

    RPC endpoint mapper between the site server and the client computer.

    135

    135

    RPC dynamic ports between the site server and the client computer.

    --

    DYNAMIC

    Hypertext Transfer Protocol (HTTP) from the client computer to a management point when the connection is over HTTP.

    --

    80 (See note 1, Alternate Port Available)

    Secure Hypertext Transfer Protocol (HTTPS) from the client computer to a management point when the connection is over HTTPS.

    --

    443 (See note 1, Alternate Port Available)

    Client Push Installation

    To use client push to install the System Center 2012 Configuration Manager client, add the following as exceptions to the Windows Firewall:

    • Outbound and inbound: File and Printer Sharing

    • Inbound: Windows Management Instrumentation (WMI)

    https://technet.microsoft.com/en-us/library/gg682180.aspx

    Please also refer to the link below:

    Configuring Firewall Settings For Configuration Manager 2012 R2

    https://prajwaldesai.com/configuring-firewall-settings-for-configuration-manager-2012-r2/


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    2018년 1월 30일 화요일 오전 2:19
  • "Client Push Installation

    To use client push to install the System Center 2012 Configuration Manager client, add the following as exceptions to the Windows Firewall:

    • Outbound and inbound: File and Printer Sharing

    • Inbound: Windows Management Instrumentation (WMI)"

    -----

    Thank you for taking the time to answer my thread. 

    1. I have tried this solution and Client Push install and works fine on TEST machine.

    2. I configured and saved the settings on master image template

    3. Made new client from master image template.

    4. But it gives me another issue as explained in this thread. After the new client is installed and SCCM is installed correctly i found that GPO not completed the task as planned. 

    5. I reset the Firewall Inbound and Outbound settings in firewall on master image template.

    6. Install new client from master image template.

    7. GPO task worked, but SCCM not working like before. 

    Client: Windows 10

    Server: Windows Server 2012 standard



    • 편집됨 SilenceIbo 2018년 1월 30일 화요일 오전 8:54
    2018년 1월 30일 화요일 오전 8:50