Jump to content


rrasco

AD Schema Extension: Endpoint Requires it?

Recommended Posts

Reading a few other posts online, I heard some people say to setup boundaries and boundary groups, so I did that as well. I still get the same errors about failing to get assigned site from AD.

 

Are you sure this is set up correctly? If this is set up correctly you will automatically know if you update the all systems collection and any system within this collection should have the unique site code associated with it regardless if they have not got the client installed! If they have no site code then im afraid you have not set up the boundaries correctly

 

OR

 

If SCCM has not published correctly to the Sys management container in AD then as Oneone has mentioned above you may not have delegated control properly.

 

 

What does the status of the forest discovery component in the console read....successful...error??

Share this post


Link to post
Share on other sites

also make sure you've spelled System Management container correctly, the Component Status Logs will reveal your issue,. right click on one that shows up as red, choose show all, then read the logs for the failure messages

 

see below

 

component status.png

 

as before, double check every part of my guide as you've made a mistake somewhere...

Share this post


Link to post
Share on other sites

Thanks for the guidance guys.

 

There were only green checks in the Component Status console.

 

Going off of Rocket Man's advice, I was looking for the Active Directory Forests status and discovered under the domain properties on the Publishing tab, there was an option 'Select the sites that will be published to this forest'. This is in addition to the check box on the Site properties dialog under the Publishing tab. Once I checked that box, the container immediately began populating.

 

Now to see if I can get my endpoint clients pushed out.

Share this post


Link to post
Share on other sites

I did.

 

I have a few updates, and in turn a few more questions...

 

The SCEP client was pushed out to one of the two computers in my managed endpoint desktop device collection. This was the collection I deployed the client settings to, which included the SCEP installation. There are two devices in this collection, one is listed as a client, one is not (the one it didn't install on). Why would one machine be listed as a client and the other not? All of the machines discovered that were pushed the client, also say 'Yes' in the client column. The other one says 'No'.

 

I was surprised to know that the configuration client was pushed out to all discovered devices automatically. I am attempting to remove the client from machines it was installed to, as I am not ready to deploy this just yet and wasn't aware the client was pushed upon discovery. I did not think ccmsetup would run until I applied client settings to a device collection; specifically the computer agent. These devices are not in a collection, just discovered. My current issue is after running ccmsetup /uninstall on the client machines, then delete it from the device list in SCCM, it re-appears a little later. I'm assuming this is because the client is communicating with SCCM, thus it's rediscovered. I have modified my discovery methods to only discover 2 machines in a test OU.

 

So, to summarize:

 

1. What is the criteria for a device to be a 'client' to SCCM? Specifically, showing a value of 'Yes' in the 'Client' column for devices?

2. How can I fully remove clients from SCCM (including uninstalling the client agent) once they have been discovered and pushed the client installation?

 

Lastly, I REALLY appreciate all of you guys' help.

Share this post


Link to post
Share on other sites

You have automatic site wide client configured, thus the reason as to why the client is installing automatically!

 

My current issue is after running ccmsetup /uninstall on the client machines, then delete it from the device list in SCCM, it re-appears a little later

 

They will always reappear as this is suppose to happen because if it didn't then your SCCM would not work..(forest discovery, system discovery etc looks after this).......they are however reappearing as non clients after you have done the above, right?

Share this post


Link to post
Share on other sites

Yesterday they kept showing up as a client after I uninstalled the client. It seems like it was pushing it back out to the clients, even after I disabled and restricted the discovery methods. It kept discovering them.

 

Today, all those machines had the client again. I ran the uninstall again, deleted all the ccmsetup files (and CCM folder) from Windows directory and then removed them from SCCM console. It appears to have worked. For now.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.