; Configuring SMS 2003 to work on workgroup computers - myITforum
Learning Center
Plans & pricing Sign in
Sign Out
Your Federal Quarterly Tax Payments are due April 15th Get Help Now >>

Configuring SMS 2003 to work on workgroup computers - myITforum


  • pg 1
									Configuring SMS 2003 to work on workgroup computers
SMS advanced agents install relatively easy on normal desktop computers – that is, computers which are
Active Directory domain members and have common security, with DNS and WINS. But take away the
common user accounts, ability to use AD discovery, and name resolution, and the whole process
becomes a bit more complicated. It can still be made to work smoothly if you know what to configure.
This is a step-by-step checklist to get things started.

Common starting point
This article was developed under the environment which follows. Not all these factors may be
necessary, but results may differ if your configuration varies from this:

       SMS 2003 SP2 running on Windows Server 2003 SP1, on Active Directory
       Windows XP SP2 clients with:
           o No DNS or WINS specified
           o NetBIOS over TCP enabled, and LMHOSTS lookup enabled
           o Workgroup, not domain, members
           o Common admin account name and password on each client (i.e. johnadmin and

Server Configuration
       Single SMS server is running all roles
       Server Properties – Fully Qualified Name is enabled and specified
       Subnets of clients included in Site Boundaries
       Connection Account is configured (i.e. DOMAIN\SMSInstall)
       Software Distribution properties configured with Legacy and Advanced Client Software
        Installation account (i.e. DOMAIN\SMSInstall)
     NetCrawler is installed and configured with local account credentials, i.e.:
            o %COMPUTERNAME%\johnadmin
     Client Push Installation configured with installation account %COMPUTERNAME%\johnadmin
     Client Push Installation is enabled
     Configure DCOM permissions:
            o Run DCOMCNFG
            o Go to Component Services > My Computer > DCOM Config
            o Right-click >properties on SMS_SERVER_LOCATOR_POINT > Security tab
            o Click Edit for Launch and Activation Permissions
            o Add the Internet Guest Account (IUSR_COMPUTERNAME) and give it Local Launch and
                 Local Activation rights
http://support.microsoft.com/default.aspx/kb/913666 - DCOM permissions above explained.
Client Configuration
Add the SMS information to an LMHOSTS file, which you can copy to each client. Use the following as a
guide (WS03DC01 is the SMS server name), and TST is the site name:              ws03dc01      #PRE              "SMS_SLP             \0x1A"         #PRE              "MP_TST              \0x1A"         #PRE
#                         "12345678901234567890"
(note that there are 20 characters between the quote marks on each line, and the last line is just to help
with spacing – it is not needed)

If you can run a command on the remote systems and want to do that instead of rebooting, run:

nbtstat –R

that will purge and reload the NetBIOS name cache.

HOSTS file:
Enter the FQDN of the SMS server in the HOSTS file, the client uses this to find the management point:    ws03dc01.test.lab

This will take effect immediately without a reboot.

[Author’s Note: This entry may not be necessary after all, further validation needs to be done here.]

Additional Notes
This document does not take Windows Firewall into account. It was disabled on the test client and

There was no firewall between the clients and the SMS server in this scenario, so a DMZ-type
deployment would have to take that factor into account.

To top