How to install SCCM2012 Agent with System Center Endpoint Client on Workgroup Computer.

Jacky Chua 20:36
Before you start you must do below step only you can sucessfully install SCCM 2012 Agent with System Center Endpoint Client on your Workgroup Computer. Now with my Batch file it will help you save some time.
Step 1:-
· Add SCCM Server IP Address into Wins
clip_image002
Step2 :-
· Add SCCM Server IP address into Hosts files.
C:\windows\system32\drivers\etc\hosts
Ip address SCCM server name SCCMservername with FQDN.
clip_image004
Step 3:-
· Enable the File and Print Sharing & Windows Management Instrumentation (WMI) in your firewall Rules.
clip_image005
clip_image007
Step 4:-
And go to command prompt and Run as Administrator.
cccmsetup SMSSITECODE=xx1 SMSSLP=sccmservername /mp:sccmservername
Now I am Created a Batch files to make your life easiers...
With this Automatically batch file will do all setting for you with automatically.
To Automatically add SCCM IP into wins with batch file command line at below:-
clip_image008
To Automatically add SCCM Server IP address into Hosts files with batch file command line at below :-
clip_image010
To Automcatically Enable the File and Print Sharing & Windows Management Instrumentation (WMI) in your firewall Rules with batch file command line at below :-
clip_image012
To Automatically install SCCM Agent 2012 with System Center Endpoint Protection command line with below :-
clip_image014
This is the finally batch file when put it into one.
@Echo Off
Echo. Adding the SCCM 2012 server to wins...
netsh interface ip set wins "Local Area Connection" static 192.168.90.135
Echo. Adding SCCM ip address to Host files....
set hostspath=%windir%\System32\drivers\etc\hosts
echo 192.168.90.135 SCCM01.staff.dir SCCM01 >> %hostspath%
Echo. Enable WMI and File and Print sharing at firewall rules....
netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=yes
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable =yes
Echo. Installing SCCM Agent 2012 ...... Please wait...
cd\
c:\SCCM\ccmsetup SMSSITECODE=xx1 SMSSLP=SCCM01 /mp:SCCM01
Copy and save it as Auto install SCCM2012.bat and copy into C:\SCCM folder.
clip_image016
· Always check the c:\windows\ccmsetup\ccmsetup.log file for the progress.
· Run the Machine policy & user Policy under configuration manager.
· Remember go to SCCM Server to Approve your workgroup computer after run the install.
· To Remote control to your Workgroup computer ,remember to add your workgroup computer ip address into your SCCM Server hosts file in order for SCCM Server to remote control to workgroup computer.Key in the administrator id and password for
Example :- Workgroup computername\administrator and password.
Jacky Chua

Posted by Jacky Chua

Jacky Chua has more than 17 years of IT industry experience. He specializes in SCCM,MDT, Windows Intune and others System Center products.Please feel free to leave a comment or email to [email protected].

Post a Comment

11 Comments

  1. Jiggawhut17 June 2012 at 16:11

    Thank you Jacky,

    How can I use the script to install on multiple computers
    Thanks

    ReplyDelete
    Replies
    1. Jacky Chua18 June 2012 at 08:47

      Dear Jiggawhut,
      1)you can put my script into GPO and deploy to all the computers.
      2 you can go one by one computer and manually install.

      Delete
    2. Jiggawhut19 June 2012 at 01:14

      Thanks Jacky,

      How can I install it lets say for instance from a unc path

      Delete
    3. Jacky Chua19 June 2012 at 22:32

      hi Jiggawhut, what you try to do is you can copy the script file to notepad and save it to *.Bat , and then if your GPO have the login script then you can copy your bat file in to your AD.
      For UNC path you can either change my login script from
      c:\SCCM\ccmsetup SMSSITECODE=xx1 SMSSLP=SCCM01 /mp:SCCM01
      to \\server name\ccmsetup SMSSITECODE=xx1 SMSSLP=SCCM01 /mp:SCCM01
      and then share it to everyone permission. Make sure you try on one computer first before you put it into GPO. Hope i answer your question.

      Delete
  2. Cyberguy11 August 2012 at 00:29

    Thnx for your article, but could you tell me how I can configure the workgroup client in order to receive updates for the endpoint definitions? In other computers that are in my domain I added a GPO in the domain policy so I changed the win update url to my WSUS-SUP server. How can I do the same for the workgroup machines? cant sccm send the definition updates with any other methods?

    ReplyDelete
    Replies
    1. Jacky Chua21 August 2012 at 21:05

      Hi Cyberguy,
      you can try using Create Antimalware Policy to deploy. you can refer to http://www.windows-noob.com/forums/index.php?/topic/6106-using-system-center-2012-configuration-manager-part-6-adding-the-endpoint-protection-role-configure-alerts-and-custom-antimalware-policies/
      Guideline.

      Delete
  3. Dcherry16 November 2012 at 00:31

    Do you know if there is a way to stop FEP client from installing. A dept was recently outsourced to an outside company. They have provided their own PC from the corporation, but we are asked to remote into from time to time. I only want the client in so that we can utilize Remote control. No software updates/installations, etc.

    ReplyDelete
    Replies
    1. Jacky Chua18 November 2012 at 08:04

      I Suggest you use custom client device settings so that u can choose only .
      \Administration\Overview\Client Settings --> Create custom client device settings then choose remote control only.
      then you can deploy the client device policy to collection .
      PS:- create a new collection and group those computer into one collection then deploy it.

      Delete
    2. Dcherry20 November 2012 at 00:22

      Maybe I've misunderstood the mechanics of it, but wouldn't the default device policy apply itself to anything not controlled by the custom policy i create and distribute to these workgroup machines. Since I used default policy to set my FEP, power management, hardware inventory, etc. Wouldn't the the PCs grab that too?

      Delete
  4. pentiumclix30 January 2013 at 02:33

    Dear friend,

    Im in a process of installing sccm agent on client pcs. unfortunately im getting the below error when trying to install. please advise what needs to be done.

    OS = Server 2008r2 with sp1

    SCCM 2012 with sp 1

    SQL 2008 R2 With sp 2

    ---> Connected to administrative share on machine DE-PC-024 using account 'SANJEDE\smsadmin' SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)
    ---> Attempting to make IPC connection to share <\\DE-PC-024\IPC$> SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)
    ---> Searching for SMSClientInstall.* under '\\DE-PC-024\admin$\' SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)
    ---> Unable to connect to WMI on remote machine "DE-PC-024", error = 0x800706ba. SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)
    ---> Deleting SMS Client Install Lock File '\\DE-PC-024\admin$\SMSClientInstall.P01' SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)
    Execute query exec [sp_CP_SetLastErrorCode] 2097152050, -2147023174 SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)
    Stored request "2097152050", machine name "DE-PC-024", in queue "Retry". SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)
    Execute query exec [sp_CP_SetPushRequestMachineStatus] 2097152050, 2 SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)
    Execute query exec [sp_CP_SetLatest] 2097152050, N'01/24/2013 17:47:18', 2 SMS_CLIENT_CONFIG_MANAGER 1/24/2013 9:47:18 AM 6360 (0x18D8)

    thank you

    Mahesh

    ReplyDelete
    Replies
    1. Jacky Chua7 February 2013 at 23:36

      hi Mahesh,
      you are deploy sccm client on workgroup machine ?
      base on your ccmsetup.log is saying either your target machine WMI and file and print sharing is not enable or admin$ c$ IPC$ do not share out
      you can always go to command prompt and type in net share. see isn't got the admin$ share or not

      Delete