Book Image

Microsoft System Center Configuration Manager

By : Marius Sandbu
Book Image

Microsoft System Center Configuration Manager

By: Marius Sandbu

Overview of this book

Microsoft Configuration Manager is both extensive and complex, and for many, it is the primary tool for Enterprise management. With each new release, Configuration Manager continually proves itself to be the ultimate solution for managing both clients and mobile devices.This book covers in detailed and easy-to-understand steps how to set up highly available Configuration Manager roles and backend services such as SQL, DNS, and AD. You will learn how to plan for high availability, what kind of roles there are, and how they scale.The book starts by examining what needs to be taken into account when planning for high availability before moving on to focus on the different roles and how they can be set up. The book will also go through different scenarios as well as various backup and recovery procedures. You will learn how to identify bottlenecks within the different components and create sample design scenarios for high availability on Configuration Manager. The book will also look at the different high availability options and how to deploy them.
Table of Contents (12 chapters)

Network flow


In a moment, you will see how the different roles and clients communicate with each other. This information will be useful when setting up or planning firewall rules between servers and clients, and roles that can be load balanced.

Network communication flow is described in the following table:

Description

Protocol

Client/Server

Ports

Client DHCP to PXE point

UDP

Distribution point with PXE

67, 68 69 (TFTP)

Client to Distribution point

TCP

Distribution point

80 or 443

Client to Fallback Status point

TCP

Fallback Status point

80

Client to Management point

TCP

Management point

80 or 443, 10123(Client Notification)

Client to Software Update Point

TCP

Software Update point

80 & 8530 or 443 & 8531

Client to Cloud Distribution point

TCP

Azure Distribution point

443

Client to State Migration point

TCP

State Migration point

80 or 443 and 445

Client to Application catalog

TCP

Application catalog

80 or 443

Client to Global Catalog Domain Controller

TCP

Domain Controller I Active Directory

3268 or 3269

Configuration Manager Console to Client (Remote tools)

TCP

Clients

2701 for Remote Control and 3389 for Remote Assistance

Management point to Site Server

TCP

Management point to Site Server

135, 445 and Dynamic ports in RCP range

Management point to Global Catalog Domain Controller

TCP

Active Directory

3268 or 3269, 135, 445 and Dynamic ports in RCP range

Management point to SQL Server

TCP

SQL Server

1433

Site Server to SQL Server

TCP

SQL Server

1433

SQL Server to SQL Server

TCP

SQL Server

1433 and 4022 SQL Service Broker

Application Catalog Web Service point to SQL Server

TCP

SQL Server

1433

Application Catalog Website point to Application Catalog Service point

TCP

Catalog website to Catalog Service point

80 or 443

Site Server to server roles

TCP/UDP

Site Server connects to another server role

445 (TCP) 135 (TCP/UDP) and Dynamic Ports in RPC range

Software Update point to Internet

TCP

Software Update point to connect to Microsoft

80

Software Update point to Upstream WSUS Server

TCP

Software Update point to internal WSUS server

80 and 8530 or 443 and 8531

Exchange Server Connector to Exchange Online

TCP

Site Server to Exchange Online, for instance, Office365

5986

Exchange Server Connector to Exchange on premise

TCP

Site Server to Exchange server

5985

Some important factors regarding port usage within Configuration Manager are as follows:

  • Most of the traffic is either based upon HTTP (port 80) or HTTPS (port 443) depending on whether you have deployed a PKI infrastructure or not.

  • Some roles require the use of port 445 based on SMB traffic (regular file transfer protocol).

  • Some roles also require the use of a dynamic range of ports from the RPC protocol. The range for RPC is between port 49152 and 65535.

  • RPC also uses port 135.

  • Most SQL connections use port 1433, which is the standard SQL port for SQL to SQL connections. SQL also use port 4022, which is used by the SQL function service broker, which is used to replicate between parent and child SQL Server.

  • Different client installation methods use different ports, where manual installation can use either HTTP/HTTPS 80 or 443 and SMB 445. Client push installation uses a combination of the previous ports and dynamic RPC ones.