none
SCCM push Client install

    Pergunta

  • Hi,

    I need to know which ports in the firewall on local Client I need to add or open for the SCCM client to be installed on the client.

    If i activate inbound rules > File And Printer Sharing * > enable

    The SCCM client will install, but i will get issue with GPO connection after enabling these ports. GPO won't connect while these ports are enabled.

    What should i try? any idea?

    • Editado SilenceIbo segunda-feira, 29 de janeiro de 2018 14:25
    segunda-feira, 29 de janeiro de 2018 14:14

Todas as Respostas

  • Hi,

    Ports that are used with client push installation

    In addition to the ports listed in the following table, client push installation also uses Internet Control Message Protocol (ICMP) echo request messages from the site server to the client computer to confirm whether the client computer is available on the network. ICMP is sometimes referred to as TCP/IP ping commands. ICMP does not have a UDP or TCP protocol number, and so it is not listed in the following table. However, any intervening network devices, such as firewalls, must permit ICMP traffic for client push installation to succeed.

    Description

    UDP

    TCP

    Server Message Block (SMB) between the site server and client computer.

    --

    445

    RPC endpoint mapper between the site server and the client computer.

    135

    135

    RPC dynamic ports between the site server and the client computer.

    --

    DYNAMIC

    Hypertext Transfer Protocol (HTTP) from the client computer to a management point when the connection is over HTTP.

    --

    80 (See note 1, Alternate Port Available)

    Secure Hypertext Transfer Protocol (HTTPS) from the client computer to a management point when the connection is over HTTPS.

    --

    443 (See note 1, Alternate Port Available)

    Client Push Installation

    To use client push to install the System Center 2012 Configuration Manager client, add the following as exceptions to the Windows Firewall:

    • Outbound and inbound: File and Printer Sharing

    • Inbound: Windows Management Instrumentation (WMI)

    https://technet.microsoft.com/en-us/library/gg682180.aspx

    Please also refer to the link below:

    Configuring Firewall Settings For Configuration Manager 2012 R2

    https://prajwaldesai.com/configuring-firewall-settings-for-configuration-manager-2012-r2/


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    terça-feira, 30 de janeiro de 2018 02:19
  • "Client Push Installation

    To use client push to install the System Center 2012 Configuration Manager client, add the following as exceptions to the Windows Firewall:

    • Outbound and inbound: File and Printer Sharing

    • Inbound: Windows Management Instrumentation (WMI)"

    -----

    Thank you for taking the time to answer my thread. 

    1. I have tried this solution and Client Push install and works fine on TEST machine.

    2. I configured and saved the settings on master image template

    3. Made new client from master image template.

    4. But it gives me another issue as explained in this thread. After the new client is installed and SCCM is installed correctly i found that GPO not completed the task as planned. 

    5. I reset the Firewall Inbound and Outbound settings in firewall on master image template.

    6. Install new client from master image template.

    7. GPO task worked, but SCCM not working like before. 

    Client: Windows 10

    Server: Windows Server 2012 standard



    • Editado SilenceIbo terça-feira, 30 de janeiro de 2018 08:54
    terça-feira, 30 de janeiro de 2018 08:50