SCCM Client Installation Failed

I have installed SCCM 2007 in out environmnet. SCCM discovered all resourses in the network. I pushed client via Client Push. After some time it shows me iin SCCM console that on some machines client couldnt be installed. I did some reasearch and I came to know that firewall is protecting the installation. I turned of windows firewall on one machine to test and after that client installed perfactly.
As per the company's policy we cannot turn of firewall on some machines.
So if someone can tell me which specifically which port's expection I should add to install client and how can i push that setting thru GPO to all clients.
Who is Participating?

WMI uses TCP ports 135 and 445 as well as dynamicallyassigned ports above 1024.
To handle this, you need to enable "Allow remote administration exception" for the firewall.

Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile
Windows Firewall: Allow remote administration exception

you need to create exceptions for WMI and File/Print.

Another option is to install the client with GPO instead.


Ulf M.
didbaAuthor Commented:
Thank you for your reply!
 File and Printer Sharing exception already there in firewall setting but I am not sure how to add WMI to that list. What is the exe for WMI or which ports I need to add in exceptions. Thanks in advance.
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

I think you have to use the WMI exception in the firewall.

On a single Vista machine:
1.In the Control Panel, click Security and then click Windows Firewall.
2.Click Change Settings and then click the Exceptions tab.
3.In the Exceptions window, select the check box for Windows Management Instrumentation (WMI) to enable WMI traffic through the firewall

I don't have access to my labserver right now so I can't check the settings in the GPO.
didbaAuthor Commented:
We have XP SP3 clients.

In XP I cannot see WMI in exceptions list in windows firewall setting.
I google it to check which ports WMI uses but it looks like WMI use random port for communication.
So how to add WMI as a program to that list.
didbaAuthor Commented:
I am still stuck on this issue. Please help.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.