https://www.facebook.com/pages/System-Center-2012/233309080195571?fref=ts
Tuesday, May 20, 2014
Sunday, May 18, 2014
SQL Query To Return Microsoft Licensed Product Information For A Specified Machine
This SQL query can be easily adapted to be used as an SMS web report to allow you to see Microsoft Licensed Product information for a specified machine.
It will include the following information: Microsoft Family Name, Licensed Product Name, Version, License Type and the Last Update timestamp as in the example below:
Microsoft Family Name: Office Professional
Licensed Product Name: Office Professional 2003
Version: 2003
License Type: Microsoft Volume License
Last Update: 2007-04-20 12:35:31.007
SQL :
Select Distinct
LIC.MlsFamilyName 'Microsoft Family Name',
LIC.MlsProductName 'Licensed Product Name',
LIC.VersionCode Version,
LIC.LicenseTypeName 'License Type',
LIC.LastUpdated 'Last Update'
From v_R_System SD
Join v_Gs_Installed_Software_Ms SW On SD.ResourceID = SW.ResourceID
Join v_Lu_MsProd LIC On SW.MPC0 = LIC.MPC
Where SD.Name0 = 'Machine_Name'
Group By LIC.MlsFamilyName, LIC.MlsProductName,
LIC.VersionCode, LIC.LicenseTypeName, LIC.LastUpdated
Order By LIC.MlsFamilyName
SMS Web Report To Get Current Site System Status
SQL :
Select Distinct
SiteCode,
Role,
'Status' = Case
When Status = 0 Then 'OK'
When Status = 1 Then 'Warning'
When Status = 2 Then 'Critical'
Else ' '
End
From v_SiteSystemSummarizer
Select Distinct
SiteCode,
Role,
'Status' = Case
When Status = 0 Then 'OK'
When Status = 1 Then 'Warning'
When Status = 2 Then 'Critical'
Else ' '
End
From v_SiteSystemSummarizer
SMS Client Machines With Less Than 300 MB Free Disk Space On Their Primary Partition
This SQL script will return all of the SMS client machine names and their last logged on user name where their primary C: partition has less than 300 MB of remaining free disk space.
SQL Script:
Select
SD.Name0 ‘Machine Name’,
SD.User_Name0 ‘User Name’,
LD.FreeSpace0 ‘Free Space’
From v_R_System SD
Join v_Gs_Logical_Disk LD on SD.ResourceId = LD.ResourceId
Where LD.DeviceId0 = ‘C:’
And LD.FreeSpace0 < 300
And SD.Client0 = 1
SQL Query To List Excluded Servers With RegRead
This SQL query will allow you to retrieve or list the machines in the excluded Servers list for your SMS server exclusions using the extended procedure RegRead.
SQL Query:
Exec Master..Xp_RegRead
‘HKEY_LOCAL_MACHINE’,
‘Software\Microsoft\Sms\Components\Sms_Discovery_Data_Manager’,
‘ExcludeServers’
Count Number Of Machines With Specified Application Installed
SQL :
Select Distinct
Count(SoftwareFile.FileName) as 'Total Count:'
From System_Disc
Join vSms_G_System_SoftwareFile as SoftwareFile
On SoftwareFile.ClientId = System_Disc.ItemKey
Where SoftwareFile.FileName = 'WinWord.Exe'
And SoftwareFile.FileVersion = '14'
Select Distinct
Count(SoftwareFile.FileName) as 'Total Count:'
From System_Disc
Join vSms_G_System_SoftwareFile as SoftwareFile
On SoftwareFile.ClientId = System_Disc.ItemKey
Where SoftwareFile.FileName = 'WinWord.Exe'
And SoftwareFile.FileVersion = '14'
SQL Query Add And Removed Programs For A Collection
SQL :
Select
SD.Name0 'Machine Name',
PF.DisplayName0 'Display Name',
PF.ProdID0 'Product ID',
PF.Publisher0 Publisher,
PF.Version0 Version
From v_R_System SD
Join v_FullCollectionMembership FCM on SD.ResourceID = FCM.ResourceID
Join v_Collection COL on FCM.CollectionID = COL.CollectionID
Join v_Add_Remove_Programs PF on SD.ResourceID = PF.ResourceID
Where COL.Name = 'All Systems'
Group By SD.Name0, COL.CollectionID, COL.Name, PF.DisplayName0,
PF.ProdID0, PF.Publisher0, PF.Version0
Order By SD.Name0
Select
SD.Name0 'Machine Name',
PF.DisplayName0 'Display Name',
PF.ProdID0 'Product ID',
PF.Publisher0 Publisher,
PF.Version0 Version
From v_R_System SD
Join v_FullCollectionMembership FCM on SD.ResourceID = FCM.ResourceID
Join v_Collection COL on FCM.CollectionID = COL.CollectionID
Join v_Add_Remove_Programs PF on SD.ResourceID = PF.ResourceID
Where COL.Name = 'All Systems'
Group By SD.Name0, COL.CollectionID, COL.Name, PF.DisplayName0,
PF.ProdID0, PF.Publisher0, PF.Version0
Order By SD.Name0
SQL Query To Count Computer Types For A Specified Collection Name
SQL:
Select
CN.Name 'Collection Name',
Case SE.ChassisTypes0
When 1 Then 'Other'
When 2 Then 'Unknown'
When 3 Then 'Desktop'
When 4 Then 'Low Profile Desktop'
When 5 Then 'PizzaBox'
When 6 Then 'Mini-Tower'
When 7 Then 'Tower'
When 8 Then 'Portable'
When 9 Then 'Laptop'
When 10 Then 'Notebook'
When 11 Then 'Handheld Device'
When 12 Then 'Docking Station'
When 13 Then 'All-In-One'
When 14 Then 'Sub-Notebook'
When 15 Then 'Space Saving'
When 16 Then 'Lunch Box'
When 17 Then 'Main System Chassis'
When 18 Then 'Expansion Chassis'
When 19 Then 'Sub-Chassis'
When 20 Then 'Bus Expansion Chassis'
When 21 Then 'Peripheral Chassis'
When 22 Then 'Storage Chassis'
When 23 Then 'Rack-Mount Chassis'
When 24 Then 'Sealed PC'
Else 'Unknown'
End 'Chassis Type',
Count(*) 'Chassis Count'
From v_Collection CN
Join v_FullCollectionMembership CM on CN.CollectionID = CM.CollectionID
Join v_R_System SD on CM.ResourceID = SD.ResourceID
Join v_Gs_System_Enclosure SE on SD.ResourceID = SE.ResourceID
Where CN.Name = 'All Systems'
Group By CN.Name, SE.ChassisTypes0
Order By CN.Name
Select
CN.Name 'Collection Name',
Case SE.ChassisTypes0
When 1 Then 'Other'
When 2 Then 'Unknown'
When 3 Then 'Desktop'
When 4 Then 'Low Profile Desktop'
When 5 Then 'PizzaBox'
When 6 Then 'Mini-Tower'
When 7 Then 'Tower'
When 8 Then 'Portable'
When 9 Then 'Laptop'
When 10 Then 'Notebook'
When 11 Then 'Handheld Device'
When 12 Then 'Docking Station'
When 13 Then 'All-In-One'
When 14 Then 'Sub-Notebook'
When 15 Then 'Space Saving'
When 16 Then 'Lunch Box'
When 17 Then 'Main System Chassis'
When 18 Then 'Expansion Chassis'
When 19 Then 'Sub-Chassis'
When 20 Then 'Bus Expansion Chassis'
When 21 Then 'Peripheral Chassis'
When 22 Then 'Storage Chassis'
When 23 Then 'Rack-Mount Chassis'
When 24 Then 'Sealed PC'
Else 'Unknown'
End 'Chassis Type',
Count(*) 'Chassis Count'
From v_Collection CN
Join v_FullCollectionMembership CM on CN.CollectionID = CM.CollectionID
Join v_R_System SD on CM.ResourceID = SD.ResourceID
Join v_Gs_System_Enclosure SE on SD.ResourceID = SE.ResourceID
Where CN.Name = 'All Systems'
Group By CN.Name, SE.ChassisTypes0
Order By CN.Name
SQL Query To Count Microsoft Office Versions From Add And Remove Programs
SQL :
Select
Count(ResourceID) Counts,
DisplayName0,
Publisher0,
Version0
From v_Add_Remove_Programs
Where Publisher0 = 'Microsoft Corporation'
And DisplayName0 Like 'Microsoft Office%'
Group By DisplayName0, Publisher0, version0
Order By Counts Desc
Select
Count(ResourceID) Counts,
DisplayName0,
Publisher0,
Version0
From v_Add_Remove_Programs
Where Publisher0 = 'Microsoft Corporation'
And DisplayName0 Like 'Microsoft Office%'
Group By DisplayName0, Publisher0, version0
Order By Counts Desc
SQL Query To Find Machines In A Specified Collection Having A Specified Application Installed
SQL :
Select
SD.Name0 'Machine Name',
SD.Resource_Domain_OR_Workgr0 'Resource Domain',
SD.User_Name0 'Login ID',
SD.User_Domain0 'Account Domain',
USR.Full_User_Name0 'Full Name',
ARP.DisplayName0 'Display Name'
From v_R_System SD
Join v_FullCollectionMembership FCM on SD.ResourceID = FCM.ResourceID
Join v_Collection CN on FCM.CollectionID = CN.CollectionID
Join v_R_User USR on SD.User_Name0 = USR.User_Name0
Join v_Add_Remove_Programs ARP on SD.ResourceID = ARP.ResourceID
Where CN.Name = 'All Systems'
And ARP.DisplayName0 Like '%Your program name like outlook%'
Select
SD.Name0 'Machine Name',
SD.Resource_Domain_OR_Workgr0 'Resource Domain',
SD.User_Name0 'Login ID',
SD.User_Domain0 'Account Domain',
USR.Full_User_Name0 'Full Name',
ARP.DisplayName0 'Display Name'
From v_R_System SD
Join v_FullCollectionMembership FCM on SD.ResourceID = FCM.ResourceID
Join v_Collection CN on FCM.CollectionID = CN.CollectionID
Join v_R_User USR on SD.User_Name0 = USR.User_Name0
Join v_Add_Remove_Programs ARP on SD.ResourceID = ARP.ResourceID
Where CN.Name = 'All Systems'
And ARP.DisplayName0 Like '%Your program name like outlook%'
SQL Query To Count The Number Of Client Machines With McAfee Virus Scan Installed
SQL :
Select
Count(SD.Name0) Counts,
PF.DisplayName0,
PF.Version0
From v_Add_Remove_Programs PF
Join v_R_System SD on PF.ResourceID = SD.ResourceID
Where PF.DisplayName0 = 'McAfee VirusScan Enterprise'
Group By PF.DisplayName0, PF.Version0
Order By Counts, PF.Version0
Select
Count(SD.Name0) Counts,
PF.DisplayName0,
PF.Version0
From v_Add_Remove_Programs PF
Join v_R_System SD on PF.ResourceID = SD.ResourceID
Where PF.DisplayName0 = 'McAfee VirusScan Enterprise'
Group By PF.DisplayName0, PF.Version0
Order By Counts, PF.Version0
SQL Query To List Machines With IIS , FTP Or Telnet Installed
SQL :
Select
SD.Name0 'Machine Name',
SD.Operating_System_Name_and0 NOS,
SS.Name0 'Service Name',
SS.DisplayName0 'Display Name',
SS.StartMode0 'Start Type',
SS.Started0 Started,
SS.State0 State,
SS.Status0 Status
From System_DISC SD
Join Services_DATA SS
on SS.MachineID = SD.ItemKey
Where SS.Name0 In ('W3SVC', 'MsFtpSvc', 'TlntSvr')
Order By 'Machine Name'
Select
SD.Name0 'Machine Name',
SD.Operating_System_Name_and0 NOS,
SS.Name0 'Service Name',
SS.DisplayName0 'Display Name',
SS.StartMode0 'Start Type',
SS.Started0 Started,
SS.State0 State,
SS.Status0 Status
From System_DISC SD
Join Services_DATA SS
on SS.MachineID = SD.ItemKey
Where SS.Name0 In ('W3SVC', 'MsFtpSvc', 'TlntSvr')
Order By 'Machine Name'
SQL Query To Retrieve Clients Last Boot up Date
SQl :
Select
SD.Name0 'Machine Name',
SD.User_Name0 'Last Logged on User Name',
Convert(VarChar(10), OS.LastBootUpTime0, 101) 'Last Boot Date'
From v_R_System SD
Join v_Gs_Operating_System OS on SD.ResourceID = OS.ResourceID
Order By 'Machine Name'
Select
SD.Name0 'Machine Name',
SD.User_Name0 'Last Logged on User Name',
Convert(VarChar(10), OS.LastBootUpTime0, 101) 'Last Boot Date'
From v_R_System SD
Join v_Gs_Operating_System OS on SD.ResourceID = OS.ResourceID
Order By 'Machine Name'
SQL Query Get Machine and User Information From A Specified Collection
SQL:
Select
SD.Name0 'Machine Name',
SD.Resource_Domain_OR_Workgr0 'Resource Domain',
SD.User_Name0 'Login ID',
SD.User_Domain0 'Account Domain',
USR.Full_User_Name0 'Full Name',
PCB.SerialNumber0 'Serial Number',
CS.Manufacturer0 Manufacturer,
CS.Model0 Model,
SAS.SMS_Assigned_Sites0 'Assigned Site Code'
From v_R_System SD
Join v_FullCollectionMembership FCM on SD.ResourceID = FCM.ResourceID
Join v_Collection COL on FCM.CollectionID = COL.CollectionID
Join v_R_User USR on SD.User_Name0 = USR.User_Name0
Join v_GS_PC_BIOS PCB on SD.ResourceID = PCB.ResourceID
Join v_GS_COMPUTER_SYSTEM CS on SD.ResourceID = CS.ResourceID
Join v_RA_System_SMSAssignedSites SAS on SD.ResourceID = SAS.ResourceID
Where COL.Name = 'All Systems'
Select
SD.Name0 'Machine Name',
SD.Resource_Domain_OR_Workgr0 'Resource Domain',
SD.User_Name0 'Login ID',
SD.User_Domain0 'Account Domain',
USR.Full_User_Name0 'Full Name',
PCB.SerialNumber0 'Serial Number',
CS.Manufacturer0 Manufacturer,
CS.Model0 Model,
SAS.SMS_Assigned_Sites0 'Assigned Site Code'
From v_R_System SD
Join v_FullCollectionMembership FCM on SD.ResourceID = FCM.ResourceID
Join v_Collection COL on FCM.CollectionID = COL.CollectionID
Join v_R_User USR on SD.User_Name0 = USR.User_Name0
Join v_GS_PC_BIOS PCB on SD.ResourceID = PCB.ResourceID
Join v_GS_COMPUTER_SYSTEM CS on SD.ResourceID = CS.ResourceID
Join v_RA_System_SMSAssignedSites SAS on SD.ResourceID = SAS.ResourceID
Where COL.Name = 'All Systems'
SQL user Information From A Specified OU
SQL :
Select Distinct
CS.Name0 'Machine Name',
CS.UserName0 'User Name',
RU.Full_User_Name0 'Full Name',
UOU.User_OU_Name0 'Users OU',
RA.IP_Subnets0 'Subnet'
From v_Gs_Computer_System CS
Join v_RA_System_IPSubnets RA on RA.ResourceID = CS.ResourceID
Join v_R_User RU on RU.Unique_User_Name0 = CS.UserName0
Join v_RA_User_UserOUName UOU on UOU.ResourceID = RU.ResourceID
Where UOU.User_OU_Name0 = 'DomainName.COM/OuName'
Order by CS.Name0, CS.Username0, RU.Full_User_Name0, RA.IP_Subnets0
Select Distinct
CS.Name0 'Machine Name',
CS.UserName0 'User Name',
RU.Full_User_Name0 'Full Name',
UOU.User_OU_Name0 'Users OU',
RA.IP_Subnets0 'Subnet'
From v_Gs_Computer_System CS
Join v_RA_System_IPSubnets RA on RA.ResourceID = CS.ResourceID
Join v_R_User RU on RU.Unique_User_Name0 = CS.UserName0
Join v_RA_User_UserOUName UOU on UOU.ResourceID = RU.ResourceID
Where UOU.User_OU_Name0 = 'DomainName.COM/OuName'
Order by CS.Name0, CS.Username0, RU.Full_User_Name0, RA.IP_Subnets0
SQL To collect collections Were Last Updated
Select
CC.CollectionID,CN.CollectionName, CC.TimeUpdated
From Collection_MemberChg_Notif CC
Join Collections CN on CC.CollectionID = CN.SiteID
Order By CollectionName
SQL Query To Gather Video Card Memory Information
SQL :
Select
SD.Name0 'Machine Name',
VC.Name0 'Video Card',
Convert(VarChar, VC.AdapterRam0 / 1024) + ' MB'
From v_R_System SD
Join v_Gs_Video_Controller VC on SD.ResourceID = VC.ResourceID
Where VC.Name0 <> 'ConfigMgr Remote Control Driver'
Order By SD.Name0
Select
SD.Name0 'Machine Name',
VC.Name0 'Video Card',
Convert(VarChar, VC.AdapterRam0 / 1024) + ' MB'
From v_R_System SD
Join v_Gs_Video_Controller VC on SD.ResourceID = VC.ResourceID
Where VC.Name0 <> 'ConfigMgr Remote Control Driver'
Order By SD.Name0
SQL Query To Retrieve Advanced Clients Assigned Site Code And Client Version
SQL :
Select
SD.Name0 'Machine Name',
SC.SMS_Assigned_Sites0 'Assigned Site',
SD.Client_Version0 Version
From v_R_System SD
Join v_RA_System_SmsAssignedSites SC on SD.ResourceID = SC.ResourceID
Join v_GS_Operating_System OS on SD.ResourceID = OS.ResourceID
Where SD.Client0 = 1
And SD.Client_Type0 = 1
Order By 'Machine Name'
Saturday, May 17, 2014
Thursday, May 15, 2014
Ports Used by Configuration Manager
For More information :
http://technet.microsoft.com/en-us/library/bb632618.aspx#feedback
Port Details
The port listings that follow are used by Configuration Manager 2007 and do not include information for standard Windows services, such as Group Policy settings for Active Directory and Kerberos authentication. For information about Windows Server services and ports, see http://go.microsoft.com/fwlink/?LinkID=123652.
The following diagram indicates connections between Configuration Manager 2007 computers. The number for the link corresponds to the table that lists the ports for that link. The arrows between the computers represent the direction of the communication.
- -- > indicates one computer initiates and the other computer always responds
- < -- > indicates that either computer can initiate
1. Site Server < -- > Site Server
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
Point to Point Tunneling Protocol (PPTP)
|
--
|
1723 (See note 3, RAS Sender)
|
2. Primary Site Server -- > Domain Controller
| Description | UDP | TCP |
|---|---|---|
Lightweight Directory Access Protocol (LDAP)
|
--
|
389
|
LDAP (Secure Sockets Layer [SSL] connection)
|
636
|
636
|
Global Catalog LDAP
|
--
|
3268
|
Global Catalog LDAP SSL
|
--
|
3269
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
3. Site Server < -- > Software Update Point
(See note 6, Communication between the site server and site systems)
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 or 8530 (See note 4, Windows Server Update Services)
|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 or 8531 (See note 4, Windows Server Update Services)
|
4. Software Update Point -- > Internet
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 1, Proxy Server port)
|
5. Site Server < -- > State Migration Point
(See note 6, Communication between the site server and site systems)
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
6. Client -- > Software Update Point
| Description | UDP | TCP | |
|---|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 or 8530 (See note 4, Windows Server Update Services)
| |
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 or 8531 (See note 4, Windows Server Update Services)
| |
7. Client -- > State Migration Point
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 2, Alternate Port Available)
|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 (See note 2, Alternate Port Available)
|
Server Message Block (SMB)
|
--
|
445
|
8. Client -- > PXE Service Point
| Description | UDP | TCP |
|---|---|---|
Dynamic Host Configuration Protocol (DHCP)
|
67 and 68
|
--
|
Trivial File Transfer Protocol (TFTP)
|
69 (See note 5, Trivial FTP (TFTP) Daemon)
|
--
|
Boot Information Negotiation Layer (BINL)
|
4011
|
--
|
9. Site Server < -- > PXE Service Point
(See note 6, Communication between the site server and site systems)
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
10. Site Server < -- > System Health Validator
(See note 6, Communication between the site server and site systems)
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
11. Client -- > System Health Validator
The client requires the ports established by the Windows Network Access Protection client, which is dependent upon the enforcement client being used. For example, DHCP enforcement will use ports UDP 67 and 68. IPsec enforcement will use ports TCP 80 or 443 to the Health Registration Authority, port UDP 500 for IPsec negotiation and the additional ports needed for the IPsec filters. For more information, see the Windows Network Access Protection documentation. For help with configuring firewalls for IPsec, seehttp://go.microsoft.com/fwlink/?LinkId=109499.
12. Site Server < -- > Fallback Status Point
(See note 6, Communication between the site server and site systems)
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
13. Client -- > Fallback Status Point
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 2, Alternate Port Available)
|
14. Site Server -- > Distribution Point
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
15. Client -- > Distribution Point
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 2, Alternate Port Available)
|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 (See note 2, Alternate Port Available)
|
Server Message Block (SMB)
|
--
|
445
|
Multicast Protocol
|
63000-64000
|
--
|
16. Client -- > Branch Distribution Point
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
17. Client -- > Management Point
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 2, Alternate Port Available)
|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 (See note 2, Alternate Port Available)
|
18. Client -- > Server Locator Point
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 2, Alternate Port Available)
|
19. Branch Distribution Point -- > Distribution Point
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 2, Alternate Port Available)
|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 (See note 2, Alternate Port Available)
|
20. Site Server -- > Provider
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
21. Server Locator Point -- > Microsoft SQL Server
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
22. Management Point -- > SQL Server
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
23. Provider -- > SQL Server
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
24. Reporting Point -- > SQL Server / Reporting Services Point -- > SQL Server
The reporting point and the Reporting Services point use the same ports. The Reporting Services point is applicable to Configuration Manager 2007 R2 only.
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
25. Configuration Manager Console -- > Reporting Point
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 2, Alternate Port Available)
|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 (See note 2, Alternate Port Available)
|
26. Configuration Manager Console -- > Provider
| Description | UDP | TCP |
|---|---|---|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
27. Configuration Manager Console -- > Internet
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80
|
28. Primary Site Server -- > SQL Server
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
29. Management Point -- > Domain Controller
| Description | UDP | TCP |
|---|---|---|
Lightweight Directory Access Protocol (LDAP)
|
--
|
389
|
LDAP (Secure Sockets Layer [SSL] connection)
|
636
|
636
|
Global Catalog LDAP
|
--
|
3268
|
Global Catalog LDAP SSL
|
--
|
3269
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
30. Site Server -- > Reporting Point / Site Server -- > Reporting Services Point
The reporting point and the Reporting Services point use the same ports. The Reporting Services point is in Configuration Manager 2007 R2 only.
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
31. Site Server -- > Server Locator Point
(See note 6, Communication between the site server and site systems)
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
32. Configuration Manager Console -- > Site Server
| Description | UDP | TCP |
|---|---|---|
RPC (initial connection to WMI to locate provider system)
|
--
|
135
|
33. Software Update Point -- > WSUS Synchronization Server
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 or 8530 (See note 4, Windows Server Update Services)
|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 or 8531 (See note 4, Windows Server Update Services)
|
34. Configuration Manager Console -- > Client
| Description | UDP | TCP |
|---|---|---|
Remote Control (control)
|
2701
|
2701
|
Remote Control (data)
|
2702
|
2702
|
Remote Control (RPC Endpoint Mapper)
|
--
|
135
|
Remote Assistance (RDP and RTC)
|
--
|
3389
|
35. Management Point < -- > Site Server
(See note 6, Communication between the site server and site systems)
| Description | UDP | TCP |
|---|---|---|
RPC Endpoint mapper
|
--
|
135
|
RPC
|
--
|
DYNAMIC
|
Server Message Block (SMB)
|
--
|
445
|
36. Site Server -- > Client
| Description | UDP | TCP |
|---|---|---|
Wake on LAN
|
9 (See note 2, Alternate Port Available)
|
--
|
37. Configuration Manager Client -- > Global Catalog Domain Controller
A Configuration Manager client does not contact a global catalog server when it is a workgroup computer or when it is configured for Internet-only communication.
| Description | UDP | TCP |
|---|---|---|
Global Catalog LDAP
|
--
|
3268
|
Global Catalog LDAP SSL
|
--
|
3269
|
38. PXE Service Point -- > SQL Server
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
39. Site Server < -- > Asset Intelligence Synchronization Point
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
40. Asset Intelligence Synchronization Point -- > System Center Online
| Description | UDP | TCP |
|---|---|---|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443
|
41. Multicast Distribution Point -- > SQL Server (Configuration Manager 2007 R2)
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
42. Client status reporting host --> Client (Configuration Manager 2007 R2)
| Description | UDP | TCP |
|---|---|---|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
ICMPv4 Type 8 (Echo) or
ICMPv6 Type 128 (Echo Request)
|
n/a
|
n/a
|
43. Client status reporting host --> Management Point (Configuration Manager 2007 R2)
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
NetBIOS Session Service
|
--
|
139
|
44. Client status reporting host --> SQL Server (Configuration Manager 2007 R2)
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
45. Site Server < -- > Reporting Services Point (Configuration Manager 2007 R2)
(See note 6, Communication between the site server and site systems)
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
46. Configuration Manager Console -- > Reporting Services Point (Configuration Manager 2007 R2)
| Description | UDP | TCP |
|---|---|---|
Hypertext Transfer Protocol (HTTP)
|
--
|
80 (See note 2, Alternate Port Available)
|
Secure Hypertext Transfer Protocol (HTTPS)
|
--
|
443 (See note 2, Alternate Port Available)
|
47. Reporting Services Point -- > SQL Server (Configuration Manager 2007 R2)
| Description | UDP | TCP |
|---|---|---|
SQL over TCP
|
--
|
1433
|
Notes
1 Proxy Server port This port cannot be configured but can be routed through a configured proxy server.
2 Alternate Port Available An alternate port can be defined within Configuration Manager for this value. If a custom port has been defined, substitute that custom port when defining the IP filter information for IPsec policies or for configuring firewalls.
3 RAS Sender Configuration Manager 2007 can also use the RAS Sender with Point to Point Tunneling Protocol (PPTP) to send and receive Configuration Manager 2007 site, client, and administrative information through a firewall. Under these circumstances, the PPTP TCP 1723 port is used.
4 Windows Server Update Services WSUS can be installed either on the default Web site (port 80) or a custom Web site (port 8530).
After installation, the port can be changed. You do not have to use the same port number throughout the site hierarchy.
If the HTTP port is 80, the HTTPS port must be 443.
If the HTTP port is anything else, the HTTPS port must be 1 higher—for example, 8530 and 8531.
5 Trivial FTP (TFTP) Daemon The Trivial FTP (TFTP) Daemon system service does not require a user name or password and is an integral part of the Windows Deployment Services (WDS). The Trivial FTP Daemon service implements support for the TFTP protocol defined by the following RFCs:
- RFC 350—TFTP
- RFC 2347—Option extension
- RFC 2348—Block size option
- RFC 2349—Time-out interval, and transfer size options
Trivial File Transfer Protocol is designed to support diskless boot environments. TFTP Daemons listen on UDP port 69 but respond from a dynamically allocated high port. Therefore, enabling this port will allow the TFTP service to receive incoming TFTP requests but will not allow the selected server to respond to those requests. Allowing the selected server to respond to inbound TFTP requests cannot be accomplished unless the TFTP server is configured to respond from port 69.
6 Communication between the site server and site systems By default, communication between the site server and site systems is bi-directional. The site server initiates communication to configure the site system, and then most site systems connect back to the site server to send back status information. Reporting points and distribution points do not send back status information. If you select Allow only site server initiated data transfers from this site system on the site system properties, the site system will never initiate communication back to the site server.
7 Ports used by distribution points for application virtualization streaming A distribution point enabled to support application virtualization can be configured to use either HTTP or HTTPS. This feature is available in Configuration Manager 2007 R2 only.
Configuration Manager Remote Control Ports
When you use NetBIOS over TCP/IP for Configuration Manager 2007 Remote Control, the ports described in the following table are used.
| Description | UDP | TCP |
|---|---|---|
RPC Endpoint Mapping
|
--
|
135
|
Name resolution
|
137
|
--
|
Messaging
|
138
|
--
|
Client Sessions
|
--
|
139
|
AMT Out of Band Management Ports (Configuration Manager 2007 SP1)
When you use the out of band management feature in Configuration Manager 2007 SP1, the following ports are used.
A. Site Server <--> Out of Band Service Point
| Description | UDP | TCP |
|---|---|---|
Server Message Block (SMB)
|
--
|
445
|
RPC Endpoint Mapper
|
135
|
135
|
RPC
|
--
|
DYNAMIC
|
B. AMT Management Controller --> Out of Band Service Point
| Description | UDP | TCP |
|---|---|---|
Provisioning out of band (not applicable to in-band provisioning)
|
--
|
9971 (configurable)
|
C. Out of Band Service Point --> AMT Management Controller
| Description | UDP | TCP |
|---|---|---|
Discovery
|
--
|
16992
|
Power control, provisioning, and discovery
|
--
|
16993
|
D. Out of Band Management Console --> AMT Management Controller
| Description | UDP | TCP |
|---|---|---|
General management tasks
|
--
|
16993
|
Serial over LAN and IDE redirection
|
--
|
16995
|
Ports Used by Configuration Manager Client Installation
The ports that are using during client installation depend on the client deployment method. See Ports Used During Configuration Manager Client Deployment for a list of ports for each client deployment method. For information about how to configure Windows Firewall on the client for client installation and post-installation communication, seeWindows Firewall Settings for Configuration Manager Clients.
Ports Used by Windows Server
The following table lists some of the key ports that Windows Server uses and their respective functions. For a more complete list of Windows Server services and network ports requirements, see http://go.microsoft.com/fwlink/?LinkID=123652.
| Description | UDP | TCP |
|---|---|---|
Domain Name System (DNS)
|
53
|
53
|
Dynamic Host Configuration Protocol (DHCP)
|
67 and 68
|
--
|
NetBIOS Name Resolution
|
137
|
--
|
NetBIOS Datagram Service
|
138
|
--
|
NetBIOS Session Service
|
--
|
139
|
Connecting with Microsoft SQL Server
If you use the TCP/IP Net-Library, enable port 1433 on the firewall. Use the Hosts file or an advanced connection string for host name resolution.
If you use named pipes over TCP/IP, enable port 139 for NetBIOS functions. NetBIOS should be used only for troubleshooting Kerberos issues.
 Note |
|---|
| TCP/IP is required for network communications to allow Kerberos authentication. Named pipes communication is not required for Configuration Manager 2007 site database operations and should be used only to troubleshoot Kerberos authentication issues. |
The default instance of SQL Server uses TCP port 1433 for network communications. When you use a named instance, the port number is dynamically assigned. Configuration Manager does not support manually changing or defining the port number for either the default instance or named instances of SQL Server.
We do not recommend that you enable UDP ports 137 and 138 for NetBIOS name resolution by using B-node broadcasts. Instead, you can use a WINS server or an LMHOSTS file for name resolution.
Installation Requirements for Internet-Based Site Systems
The Internet-based management point, software update point, and fallback status point use the following ports for installation and repair:
- Site server --> site system: RPC endpoint mapper using UDP and TCP port 135.
- Site server --> site system: RPC dynamic TCP ports.
- Site server < --> site system: Server message blocks (SMB) using TCP port 445.
Distribution points do not install until the first package is targeted to them. Package installations on distribution points require the following RPC ports:
- Site server --> distribution point: RPC endpoint mapper using UDP and TCP port 135.
- Site server --> distribution point: RPC dynamic TCP ports.
For More information :
Subscribe to:
Posts (Atom)