SCCM Client Checklist for Windows 7

Similar documents
Creating and Issuing the Workstation Authentication Certificate Template on the Certification Authority

Windows Firewall Exceptions Configuring Windows Firewall Exceptions for Docusnap

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

RSA Security Analytics

Create, Link, or Edit a GPO with Active Directory Users and Computers

Windows XP Service Pack 2 Windows Firewall Group Policy Setup for Executive Software Products

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...

Lab - Configure a Windows 7 Firewall

LAB 1: Installing Active Directory Federation Services

Install the Production Treasury Root Certificate (Vista / Win 7)

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

To install the SMTP service:

The Windows Server 2003 Environment. Introduction. Computer Roles. Introduction to Administering Accounts and Resources. Lab 2

Windows Firewall must be enabled on each host to allow Remote Administration. This option is not enabled by default

Promap V4 ActiveX MSI File

Microsoft IAS Configuration for RADIUS Authorization

Wavecrest Certificate

SystemTools Software Inc. Hyena Installation Guide

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Parallels Mac Management for Microsoft SCCM 2012

TROUBLESHOOTING INCORRECT REPORTING OF THE WHO CHANGED PARAMETER

ILTA HANDS ON Securing Windows 7

Distributing SMS v2.0

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

ACTIVE DIRECTORY DEPLOYMENT

Releasing blocked in Data Security

The Zenoss Enablement Series:

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Using Group Policy to Manage and Enforce ACL on VNX for File P/N REV A01 February 2011

Setting Up Peak Performance Group Policies

Troubleshooting File and Printer Sharing in Microsoft Windows XP

Using LifeSize systems with Microsoft Office Communications Server Server Setup

Active Directory Software Deployment

HTTP Server Setup for McAfee Endpoint Encryption (Formerly SafeBoot) Table of Contents

Lab - Configure a Windows Vista Firewall

4cast Client Specification and Installation

Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft Windows Server 2003 to Make a Secure Network

HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery

6421B: How to Install and Configure DirectAccess

How to Configure Terminal Services for Pro-Watch in Remote Administration Mode (Windows 2000)

CA NetQoS Performance Center

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

Parallels Mac Management for Microsoft SCCM

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

How to install Small Business Server 2003 in an existing Active

WHITE PAPER Citrix Secure Gateway Startup Guide

CANON FAX L360 SOFTWARE MANUAL

Troubleshooting Guide

SystemTools Software Inc. White Paper Series Hyena Installation Requirements

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

This document details the following four steps in setting up a Web Server (aka Internet Information Services -IIS) on Windows XP:

How To Install And Configure Windows Server 2003 On A Student Computer

Wireless Installation Checklist for Novell GroupWise Environments

Connection and Printer Setup Guide

APNS Certificate generating and installation

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

Freshservice Discovery Probe User Guide

How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG)

Instructions for Configuring a SAS Metadata Server for Use with JMP Clinical

Sophos Anti-Virus for NetApp Storage Systems startup guide

Step-by-Step Guide for Setting Up VPN-based Remote Access in a

Windows Clients and GoPrint Print Queues

2. Using Notepad, create a file called c:\demote.txt containing the following information:

Click Studios. Passwordstate. Password Discovery, Reset and Validation. Requirements

Alpha High Level Description

XStream Remote Control: Configuring DCOM Connectivity

Microsoft Exchange 2010 and 2007

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Step By Step Guide: Demonstrate DirectAccess in a Test Lab

Lab A: Deploying and Managing Software by Using Group Policy Answer Key

LifeSize Control Installation Guide

OrgPublisher EChart Server Setup Guide

Administration Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

Reference and Troubleshooting: FTP, IIS, and Firewall Information

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Course 2277: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure: Network Services

Web-Access Security Solution

NetIQ Advanced Authentication Framework - Administrative Tools. Installation Guide. Version 5.1.0

Course: WIN310. Student Lab Setup Guide. Summer Microsoft Windows Server 2003 Network Infrastructure (70-291)

Converting Prospects to Purchasers.

Important Notes for WinConnect Server VS Software Installation:

Prestige 314 Read Me First

Nagios XI Monitoring Windows Using WMI

Advanced Event Viewer Manual

IIS, FTP Server and Windows

Building the SAP Business One Cloud Landscape Part of the SAP Business One Cloud Landscape Workshop

Aspera Connect User Guide

Browser-based Support Console

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

Generating an Apple Push Notification Service Certificate for use with GO!Enterprise MDM. This guide provides information on...

SQL Server 2008 and SSL Secure Connection

Active Directory integration with CloudByte ElastiStor

October, Install/Uninstall Xerox Print Drivers & Apps Best Practices for Windows 8, 8.1, and 10 Customer Tip

CONFIGURING TARGET ACTIVE DIRECTORY DOMAIN FOR AUDIT BY NETWRIX AUDITOR

Nagios XI Mass Deploy NSClient++

Transcription:

SCCM Client Checklist for Windows 7 1. The client workstation must have a supported operating system. Supported operating systems include Windows 7. To view information about the operating system version: a. Open a Command Shell b. Enter winver at the command prompt 2. The client workstation must be joined to the enterprise Active Directory ad.louisville.edu To view information about the domain: a. Click on Start b. Right-click on Computer c. Click on Properties d. Click the Advanced system settings link in the left navigation panel 1

e. Click on the Computer Name tab 3. The client workstation account in Active Directory must be in a departmental OU. Computers in the default Computers OU are not targeted for the client push. Review the recommended workstation naming convention. See Appendix 3: Install the Active Directory Management Tools See Appendix 2: Enable ADUC Advanced Features Use the Active Directory Users and Computers (ADUC) administrative tool to search for the computer name and view the Object tab. a. Click on Start b. Click on Control Panel c. Double-click on Administrative Tools d. Double-click on Active Directory Users and Computer e. Click on the Find icon in the toolbar 2

f. Select Computers in the Find drop-down list. g. Select Entire Directory in the In drop-down list. h. Enter the name of the computer in the Computer Name text box. i. Click the Find Now button. j. Right-click on the computer in the results pane and select Properties. k. Click on the Object tab. 3

The Canonical name of object should: a. Begin with ad.louisville.edu/ul/users/active/ b. End with the name of the computer. c. Contain your departmental path in the middle. In this example, the departmental path is /admin/it, which is correct. 4. The client workstation must successfully register the fully qualified domain name (FQDN) with the Active Directory DNS servers. From a command shell, enter: ping computername -4 Verify that the computer name resolves to the correct FQDN and to the correct IP address. In the 4

above example, it-mt109e14-7 correctly resolves to IT-MT109E14-7.ad.louisville.edu and 136.165.99.204. 5. The client workstation must have the File and Printer Sharing for Microsoft Networks service installed for the active network adapter. a. Click on Start b. Click on Control Panel c. Double-click on Network and Sharing Center d. Click on Change adapter settings in the left navigation panel e. Right-click on Local Area Connection and select Properties f. Verify that the File and Printer Sharing for Microsoft Networks service is installed: 6. If the Windows firewall is turned on, the client workstation must have firewall exceptions to allow the SCCM servers to access the workstation s admin shares. Access should include the 136.165.230.0/24 range. 5

a. From a command shell, enter: gpresult /R /SCOPE COMPUTER more Verify that the IP-OPEN SCCM Ports GPO has been applied. 7. The client workstation must have the group AD\Domain Admins as a member of the local administrators group. SCCM needs access to \\computer\admin$. a. From a command shell, enter: net localgroup Administrators b. Verify that AD\Admin Admins is a member 8. The client workstation must allow Remote Administration for the SCCM subnet 136.165.230.0/24. SCCM needs to be able to use RPC, WMI, and/or DCOM remotely. 6

a. Click on Start b. Click on Control Panel c. Click on Windows Firewall d. Click on Advanced settings in the left navigation panel e. Click on Inbound Rules f. Scroll to the Remote Administration rules g. Ensure that the domain profiles include 136.165.230.0/24. The remote address could include Any (All IP addresses), 136.165.224.0/20 (the IT datacenter), or 136.165.230/24 (the SCCM servers). 9. The client workstation must be able to autoenroll ConfigMgr Client Certificate certificates. a. On the Start menu, type mmc in the Search programs and files text box and press the Enter key. This starts the Microsoft Management Console (MMC). b. In the console, click the File menu and then click Add/Remove Snap-in. c. In the Add/Remove Snap-ins window, click Certificates and then click the Add button. d. In the Certificates Snap-in window, select Computer account, and then click Next. e. In the Select Computer window, select Local computer, and then click Finish. This adds the Certificates Snap-in to the list. f. In the Add/Remove snap-ins window, click OK. This adds the Certificates snap-in to the mmc console. g. Expand Certificates (Local Computer) Personal Certificates h. Verify that a certificate has been issued to the client workstation, that it is not expired, and that it uses the ConfigMgr Client Certificate certificate template. 7

Appendix 1: Open a Command Shell 1. Click on Start 2. Enter CMD in the text box labeled Search for programs and files 3. Press the Enter key Appendix 2: Enable ADUC Advanced Features 1. Click on Start 2. Click on Control Panel 3. Double-click on Administrative Tools 4. Double-click on Active Directory Users and Computer 5. Click on View in the menu bar 8

6. Make sure Advanced Features is checked. Appendix 3: Install the Active Directory Management Tools 1. Click on Start 2. Click on Control Panel 3. Click on Programs and Features 4. Click on Turn Windows features on or off in the left navigation panel 5. Expand Remote Server Administration Tools 6. Expand Role Administration Tools 7. Check the category AD DS and AD LDS Tools 9

8. Click OK 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information