This week my post will be about using the Client Push Installation on WORKGROUP systems. We all know that a manual installation will work on WORKGROUP systems, but wouldn’t it be easier to just use the Client Push Installation? In my opinion the answer would be, YES! And as long as the WORKGROUP systems are configured the same, the configuration is actually quite easy.
Prerequisites
Before it is possible to use the Client Push Installation on WORKGROUP systems, there are a few things to keep in mind. The following points are a prerequisite and are not further explained in this post:
- The FQDN of the Management Point system can be resolved on the WORKGROUP system.
- The Network Discovery is enabled to find the WORKGROUP systems.
- The Client Push Installation Account has administrative rights.
Configuration
Now let’s start with the configuration! It is possible to configure the Client Push Installation for WORKGROUP systems, because it is possible to use a variable in the accounts used for a Client Push Installation. So this makes it possible to also configure local accounts. To configure Client Push Installation for WORKGROUP systems follow, at least, the following steps:
Navigate to Administration > Overview > Site Configuration > Sites and select the site.
- In the Home tab, click Settings > Client Installation Settings > Client Push Installation and the Client Push Installation Properties will show.
- On the Accounts tab, click <YellowStar> > New Account and the Windows user Account popup will show.
- Fill in with User name %COMPUTERNAME%\<USERNAME> with the corresponding password in the appropriate fields and click OK.
- On the Installation Properties tab, fill in as Installation Properties, at least, SMSSITECODE=XXX SMSMP=<FQDN_MP>.
Results
After the configuration is done it is time to take a look at the results. The best place to look at the results is in the CCM.log after a Client Push Installation on a WORKGROUP system is performed. This log shows that it first tried my domain credentials. After the domain credentials failed it used the local credentials, which are configured via the COMPUTERNAME variable, as second. After the installation was successful the client will show up in the console as an active client with as Domain WORKGROUP.
Discover more from All about Microsoft Intune
Subscribe to get the latest posts sent to your email.
In the past I’ve always used “BUILTIN\” when specifying local machine accounts; would ConfigMgr 2012 have any problems with this form of credential?
It should be possible with one of the builtin accounts.
Hi 🙂 How and when will client computer in workgroup showup in device collection so that I’am able to right click and choose deploy client ? Should I made some mumbo jumbo with lmhosts file on workgroup client ?
Hi Nenad,
The device need to be discovered first.
Regards,
Peter
Also I’ve have already written in installation properties TAB SMSSITECODE=ABC and added only in same line after SMSSITECODE=ABC SMSMP=mpservername.fqdn.tld Should mpservername.fqdn.tld be close in or left alone ? Thank you and best regards. Nenad.
Hi Nenad,
SMSMP should be part of the installation properties.
Regards,
Peter
Hi 🙂 If I run install sccm client from client computer in workgroup client show up in sccm console and then should be approved but then that is no client push install in workgroup 🙁
True, that’s why they should be discovered first. Make sure the resolving for those workgroup clients is in-place and that all the correct ports are open in the firewall(s).
What about software update deployment on WG server? There is sccm agent on the servers but software center is empty. What are the prerequistes for software update deployment on WG system?
The prerequisites are no different from normal clients.