Comments on: Best Guide to Configure SCCM 2012 Firewall Exceptions

By: Rajendra

Rajendra

Hi PD sir , I rajendra, i have a problem on my system…

when ever i install sql server on windows server 2016. It shows domain controlling warning message. In that warning message was Installing sql server on a domain controller is not recommended….what can i do… please solve my problem…Due to this effect my MECM doesn’t configured….
thank you

By: Akram

Akram

please cloud you tell my the steppes in order to Configuring Firewall for Client installation on windows 8.1 ?
thank you

By: Akram

Akram

what steps for Configuring Firewall for Client installation on windows 8.1 ?
thank you

By: Prajwal Desai

Prajwal Desai

In reply to Akram. The firewall exceptions must be configured through a group policy. It's done on a domain controller and the policy is created at the domain level so that all the domain computers are enforced with this policy.

By: Akram

Akram

can i make all this firewall rules in sccm2012 server only or must be put in group policy ? why?
and if group policy what ou does the sccm 2012 server hosted and the client machine also what ou they will be hosted and if this group policy applied also in ou hosted client machine
thank you

By: Art

Art

I have configured updates with SCCM, here is my problem:

1) Clients not getting updates
2) SCCM is not getting updates from Microsoft. Sync failing.

How can I determined whether the problem is the WSUS server (not configured correctly, writes issue, incorrect ports used, group policy wrong etc…..) or the Clients ?

Background: I am a tech (responsible only for pc’s in my company) I did not setup the WSUS or SCCM server. I need to prove to our Network Admin that the problem is with the server not my pc’s. I have verified that SCCM is setup for updates correctly. Your help appreciated.

By: Prajwal Desai

Prajwal Desai

In reply to raj. I don't think you can generate reports of windows updates installed on client computers through SCCM if the updates have been pushed through WSUS server and not through SCCM server. There is a way to check whether a specific update has been installed on client computer and that is through creating a DCM rule (SCCM 2007) or configuration baseline in SCCM 2012. Let me try this in my lab setup and i will get back to you soon..

By: raj

raj

we have a test lab where we have only one primary server and and windos 8 client now my requirement is
Requirements
1. As part of patching, we will not create a package for windows updates and deploy it to collections.
2. Also we didn’t want to download the updates and save it locally in our WSUS Server. Windows clients will download the updates from Microsoft directly, but we have to keep track/record of updates installed to client machines using SCCM server.

By: Prajwal Desai

Prajwal Desai

In reply to Zak. I would recommend to open the ports using group policy for entire domain. SQL replication ports TCP 1433 and 4022 must be opened because these are required to access SQL and for SQL to replicate to other SQL servers. WMI and File and Print sharing services must be enabled. Both the steps are shown in the post.

By: Zak

Zak

Does port 1433 and 4022 need to be open for the entire domain? Or just for the SCCM/SQL server? I see the need for WMI and File and Print sharing but not the SQL replication ports.