Solved

SCCM Client Installation Failed

Posted on 2009-05-15
6
2,137 Views
Last Modified: 2013-11-21
I have installed SCCM 2007 in out environmnet. SCCM discovered all resourses in the network. I pushed client via Client Push. After some time it shows me iin SCCM console that on some machines client couldnt be installed. I did some reasearch and I came to know that firewall is protecting the installation. I turned of windows firewall on one machine to test and after that client installed perfactly.
As per the company's policy we cannot turn of firewall on some machines.
So if someone can tell me which specifically which port's expection I should add to install client and how can i push that setting thru GPO to all clients.
0
Comment
Question by:didba
  • 3
  • 3
6 Comments
 
LVL 8

Assisted Solution

by:U_Mansson
U_Mansson earned 250 total points
ID: 24411534
Hi

you need to create exceptions for WMI and File/Print.

http://technet.microsoft.com/en-ca/library/bb680737.aspx

Another option is to install the client with GPO instead.

Regards

Ulf M.
0
 

Author Comment

by:didba
ID: 24411754
Thank you for your reply!
 File and Printer Sharing exception already there in firewall setting but I am not sure how to add WMI to that list. What is the exe for WMI or which ports I need to add in exceptions. Thanks in advance.
0
 
LVL 8

Assisted Solution

by:U_Mansson
U_Mansson earned 250 total points
ID: 24411814
I think you have to use the WMI exception in the firewall.

On a single Vista machine:
1.In the Control Panel, click Security and then click Windows Firewall.
2.Click Change Settings and then click the Exceptions tab.
3.In the Exceptions window, select the check box for Windows Management Instrumentation (WMI) to enable WMI traffic through the firewall

I don't have access to my labserver right now so I can't check the settings in the GPO.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 

Author Comment

by:didba
ID: 24412466
We have XP SP3 clients.

In XP I cannot see WMI in exceptions list in windows firewall setting.
I google it to check which ports WMI uses but it looks like WMI use random port for communication.
So how to add WMI as a program to that list.
Thanks.
0
 

Author Comment

by:didba
ID: 24425813
I am still stuck on this issue. Please help.
0
 
LVL 8

Accepted Solution

by:
U_Mansson earned 250 total points
ID: 24428960

WMI uses TCP ports 135 and 445 as well as dynamicallyassigned ports above 1024.
To handle this, you need to enable "Allow remote administration exception" for the firewall.

Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile
Windows Firewall: Allow remote administration exception
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every system administrator encounters once in while in a problem where the solution seems to be a needle in haystack.  My needle was an anti-virus version causing problems with my Exchange server. I have an HP DL350 with Windows Server 2008 Stand…
The environment that this is running in is SCCM 2007 R2 running on a Windows 2008 R2 server. The PXE Distribution point is running on its own Windows 2008 R2 box. This is what Event viewer showed after trying to start the WDS service:  An erro…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question