SCCM Books
Friday, October 31, 2008
Thursday, October 30, 2008
Wednesday, October 29, 2008
Philosophy Hero Socrates
Ancient Greek philosophy is dominated by three very famous men: Socrates, Plato, and Aristotle. All three of these lived in Athens for most of their lives, and they knew each other. Socrates came first, and Plato was his student, around 400 BC. Socrates was killed in 399 BC, and Plato began his work by writing down what Socrates had taught, and then continued by writing down his own ideas and opening a school. Aristotle, who was younger, came to study at Plato's school, and ended up starting his own school as well.
In the years after Plato and Aristotle died, in the 200's BC, three famous kinds of philosophy started up in the schools that Plato and Aristotle had started. These are the Stoics, the Skeptics, and the Epicureans. Each of these continued to be important ways of thinking about the world all the way through the Roman Empire, until people converted to Christianity in the 300's AD, and even after that.
BOOKS
Philosophy and Science in Ancient Greece: The Pursuit of Knowledge, by Don Nardo (2004). For teenagers. Don Nardo has written many books for young people about the ancient Greeks.
The Cambridge Companion to Greek and Roman Philosophy, edited by David Sedley (1997).
and also
-------------------
Thanks,
http://paddymaddy.blogspot.com/
Saturday, October 25, 2008
Creating And Configuring The AD System Management Container For SMS
This document will walk you through the process of creating and
configuring the Active Directory System Management container for SMS.
This applies to SMS 2003 (either Service pack) on a Windows 2003
Server operating system.
Note: You must be a member of the Schema Administrator group to
successfully extend the schema.
Use the following steps to create the from the System Management container
Download the Windows Server 2003 Support Tools to get the AdsiEdit utility.
From a Windows 2003 Server DC logon as an account that is a member of
the Schema Administrator group.
From the "Start" - "Run" line type in Adsiedit.Msc then and click "OK".
Click the + sign next to your "Domain (ServerName.DomainName.Com\Net)"
Click the + sign to expand the "DC=DomainName,Dc= Com\Net"
Click the + sign to expand the "CN=System" container.
Right mouse click the "CN=System" container and from the context menu
select "New" and then select "Object" to begin the Create Object
wizard.
From the "Create Object" "Select A Class" dialog box select
"Container" then select "Next" to continue.
In the "Value:" line type in "System Management" and click "Next" to continue.
Select "Finish" to complete the System Management container creation process.
Verify that the "CN= System Management" object has been created successfully.
From the "Administrative Tools" program group select "Active
Directory Users And Computers"
From the "View" menu select "Advanced features" to allow the "System"
leaf to be displayed.
Click the + sign to expand the "Systems" leaf then select Right mouse
click on the "System Management" container and from the context menu
select "Properties".
From the "System Management Properties" dialog box select the "Security" leaf.
Select "Add" then select "Object Types" and make sure that both the
"Users" and "Computers" object types are checked then click "OK" to
close the window.
Select "Advanced" and the "Users, Computers, or Groups" dialog box
will be displayed.
Select "Find Now" and select your SMS Service account if you are
running in Standard Security Mode or your SMS server name if you are
running in Advanced Security Mode then click "OK" to continue.
Highlight the account that you are using (from the step above) and
grant the account the following rights:
Read
Write
Create All Child Objects
Delete All Child Objects
Click "OK" to complete the task.
Insert your SMS Installation CD-ROM media in the CD drive and from the
"Start" - "Run" line browse to the "SmsSetup\Bin\I386" directory
folder and select "Extadsch.Exe" and click "OK"
Click "OK" once again and the command prompt window opens and the
application begins.
When the process has completed open the ExtADSch.Log file located in
the root dive (C:\) of the server from which it was executed from and
verify that the last line states: "SMS Setup completed successfully!"
-------------------
Thanks,
http://paddymaddy.blogspot.com/
Friday, October 24, 2008
SMS_Def.Mof : Mcafee ePO Dat Version Hardware Inventory Mof File modify
Mof File modify:-
// //
// Mcafee ePO Plugins Enumeration //
// //
/////////////////////////////////////
#pragma namespace ("\\\\.\\root\\cimv2\\sms")
#pragma deleteclass("Win32Reg_Mcafee_ePO_Plugins", NOFAIL)
[ SMS_Report (TRUE),
SMS_Group_Name ("Mcafee ePO Plugins"),
SMS_Class_ID ("McAfee|ePO_Plugins|1.0") ]
class Win32Reg_Mcafee_ePO_Plugins : SMS_Class_Template
{
[SMS_Report (TRUE), key ] string SoftwareID;
[SMS_Report (TRUE) ] string Version;
[SMS_Report (TRUE) ] string ProductName;
[SMS_Report (FALSE) ] string PluginPath;
[SMS_Report (FALSE) ] string UninstallCommand;
[SMS_Report (FALSE) ] string InstallPath;
[SMS_Report (FALSE) ] string InstalledPath;
[SMS_Report (TRUE) ] string HotFixVersions;
[SMS_Report (TRUE) ] string HotFixInstallDate;
[SMS_Report (TRUE) ] string DatInstallDate;
[SMS_Report (TRUE) ] string DatVersion;
};
//Configuration.MOF
/////////////////////////////////////
// //
// Mcafee ePO Plugins Enumeration //
// //
/////////////////////////////////////
#pragma namespace ("\\\\.\\root\\cimv2")
#pragma deleteclass("Win32Reg_Mcafee_ePO_Plugins", NOFAIL)
[ dynamic,
provider("RegProv"),
ClassContext("local|HKEY_LOCAL_MACHINE\\SOFTWARE\\Network
Associates\\ePolicy Orchestrator\\Application Plugins")
]
class Win32Reg_Mcafee_ePO_Plugins
{
[PropertyContext("Software ID"), key] string SoftwareID;
[PropertyContext("Version")] string Version;
[PropertyContext("Product Name")] string ProductName;
[PropertyContext("Plugin Path")] string PluginPath;
[PropertyContext("Uninstall Command")] string
UninstallCommand;
[PropertyContext("Install Path")] string InstallPath;
[PropertyContext("Installed Path")] string InstalledPath;
[PropertyContext("HotFixVersions")] string HotFixVersions;
[PropertyContext("HotFixInstallDate")] string
HotFixInstallDate;
[PropertyContext("DatInstallDate")] string DatInstallDate;
[PropertyContext("DatVersion") ] string DatVersion;
};
-------------------
Thanks,
http://paddymaddy.blogspot.com/
Wednesday, October 15, 2008
Sccm 2007 DCM Web resources from Microsoft
Desired Configuraion Manager Web resources from Microsoft.com
Configuration Manager Configuration Pack Catalog
https://www.microsoft.com/technet/prodtechnol/scp/configmgr07.aspx
Technical Reference for Desired Configuration Management
http://technet.microsoft.com/en-us/library/bb680894.aspx
Configuration Pack Authoring Guide
http://technet.microsoft.com/en-us/library/bb680894.aspx
Configuration Manager Documentation Library
http://technet.microsoft.com/en-au/library/bb680651.aspx
Configuring Desired Configuration Management
http://technet.microsoft.com/en-au/library/bb680669.aspx
Desired Configuration Management on TechNet Forums
http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=1817&SiteID=17
DCM with SCCM 2007
The configuration Manager 2007 toolkit contains the following tools for DCM
DCM Model Verification - A tool used by desired configurationmanagement content administrators for the validation and testing of
configuration items and baselines authored externally from the
Configuration Manager console.
DCM Digest Conversion - A tool used by desired configurationmanagement content administrators to convert existing SMS 2003
Desired Configuration Management Solution templates to Desired
Configuration Management 2007 configuration items.
DCM Substitution Variables - A tool used by desired configurationmanagement content administrators for authoring desired
configuration management configuration items that use chained
setting and object discovery.
SCCM 2007 R2 Application Virtualization
http://weblog.bassq.nl/?p=157#more-157
Enjoy,
Paddy
Monday, October 13, 2008
SCCM 2007 Virtual Application all Packages Tools Pdf files and Scripts how to use them
Using the Virtual Application Package Tools
The following list of procedures describes how to use the tools that are available to help manage virtual application packages in your Configuration Manager 2007 environment. By default, the files are located in the following directory: <ConfigMgrInstallationPath> \ SMS \ Tools \ VirtualApp.
AppVirtMgmtClient.sms
Use the AppVirtMgmtClient.sms file to create a Configuration Manager 2007 package to distribute the Microsoft Application Virtualization (App-V) Client. For more information about installing the App-V client, see How to Install the Microsoft Application Virtualization Client.
Note
By default, the program created by AppVirtMgmtClient.sms file will restart the target computer because the App-V client setup needs to update files used by the operating system. When you upgrade from previous versions of the App-V client, you must use the setting ConfigMgr restarts computer. For new App-V client deployments, you can change this program setting to No action required. However, you should install the App-V client setup manually in a test environment to ensure the computer does not need to be restarted as part of the installation.
After the App-V client has been installed, software metering for virtual application packages will not be available until after you have restarted the target computer. You should choose the setting ConfigMgr restarts computer if you plan to run software metering for virtual application packages.
AppVirtMgmtSequencer.sms
Use the AppVirtMgmtSequencer.sms file to install the App-V sequencer into your Configuration Manager 2007 environment. For more information about installing an application using a program definition file, see How to Create a Package from a Package Definition File.
Using the ManageVAppPackage.vbs Script
You can use the ManageVAppPackage.vbs file to import new virtual applications and update existing virtual application packages in Configuration Manager 2007.
Use the following procedure to manage virtual application packages
To manage virtual application packages
Open a command prompt. Navigate to the directory containing the ManageVAppPackage.vbs. The default location is <ConfigMgrInstallationPath> \ SMS \ Tools \ VirtualApp \ ManageVAppPackage.vbs.
To update an existing virtual application package, or to import a new virtual application, type the applicable command.
To import a new virtual application, type the following command using your values:
cscript ManageVAppPackage.vbs /Action ADD /SGVAppSource VirtualApplicationSourceDirectory /SMSVAppSource \\Server\VappsourceDirectory\VirtualApplicationName [/DPList \\Server\Share] [/PackageName YourPackageName] [/PackageComment YourPackageComment] [/Manufacturer YourManufacturer] [/Language YourLanguage]
To update an existing virtual application package, type the following command using your values:
cscript ManageVAppPackage.vbs /Action UPDATE /PackageID YourPackageID /SGVAppSource VirtualApplicationSourceDirectory /PackageName YourPackageName [/PackageComment YourPackageComment] [/Manufacturer YourManufacturer] [/Language YourLanguage]
Use the value descriptions in the following table to help you determine the actual text you will use with the preceding commands.
Value Description
/Action
Specifies if a new virtual application will be imported or an existing package will be upgraded. To import a new virtual application, use the ADD parameter. To update an existing virtual application package, use the UPDATE parameter. If you are importing a new virtual application, do not specify an associated PackageID. If you are updating an existing virtual application package, do not use the /DPList parameter.
/SGVAppSource
Specifies the source location for the App-V virtual application. Configuration Manager 2007 will copy the contents from the specified directory. The directory specified can be a local folder or a folder specified by using UNC format.
/SMSVAppSource
Specifies the Configuration Manager 2007 source folder. You must specify this location using UNC format.
/Packagename
Specifies the package name for the virtual application package. If no name is specified, Configuration Manager 2007 will assign the name specified in the associated manifest file.
/DPList
Specifies the distribution points that the virtual application package will be added to. If you want to add the package to all distribution points, use an asterisk (*).
/PackageComment
Specifies the comment that will be associated with the virtual application package.
/PackageID
Specifies the Configuration Manager 2007 package associated with the virtual application.
/Manufacturer
Specifies the manufacturer that will be associated with the virtual application package.
/Language
Specifies the language that will be associated with the virtual application package.
Using the SetRetensionRules.vbs Script
You can configure retention rules for virtual application packages by using the SetRetentionRules.vbs file. This script can be used only on a primary Configuration Manager 2007 site.
Use the following procedure to set the retention rules for virtual application packages located on Configuration Manager 2007 distribution points.
To set virtual application package retention rules
Open a command prompt. Navigate to the directory containing SetRetentionRules.vbs. The default location is <ConfigMgrInstallationPath> \ SMS \ Tools \ VirtualApp \ SetRetentionRules.vbs.
To set the retention rules, type the following command, replacing the text in brackets with your values:
cscript SetRetentionRules.vbs [TransitionDays] [Max Versions]
Use the value descriptions in the following table to help you determine the actual text you will use in the preceding command.
Value Description
TransitionDays
Specifies the number of days virtual application packages will be saved.
Max Versions
Specifies the maximum number of versions that will be saved.
Simple steps for Configure Virtual Application Components in SCCM 2007 R2
- Configure the Client Agent Settings to Advertised Programs, and Run Virtual Applications
- On DP Enable Streaming for Virtual Application Packages
- Install the Microsoft Application Virtualization Client
Create Package for Microsoft Virtual Application Virtualization Desktop Client
Microsoft Virtual Application Virtualization Desktop Client
-
In the Configuration Manager console, navigate to System Center Configuration Manager / Site Database / Computer Management / Software Distribution.
-
If necessary, expand the Software Distribution node and select Packages. To open the Create Package from Definition Wizard, right-click Packages, and then click New / Package From Definition.
-
On the welcome page, click Next.
-
On the Package Definition page, to specify the publisher and definition for the new package, click Browse. Locate and select the AppVirtMgmtClient.sms file. The default location for the AppVirtMgmtClient.sms file is <ConfigMgrInstallationPath> \ SMS \ Tools \ VirtualApp \ AppVirtMgmtClient.sms. The Name, Version, and Language associated with the specified .sms file are displayed in the Package definition pane. Click Next.
-
On the Source Files page, select Always obtain files from a source directory to help ensure the latest version of the client software will be available, and then click Next.
-
On the Source Directory page, specify the directory that contains the source files for the package. This is the directory that contains the Microsoft Application Virtualization Desktop Client or the Microsoft Application Virtualization for Terminal Services installation file depending on the version of the client you are planning to install. Specify the source location by providing the UNC path. Alternatively, click Browse to specify the location that contains the setup files for the type of client you want to install. Click Next.
-
On the Summary page, review the Details for the package definition file. To create the package definition file and close the wizard, click Finish. To access the new package select the Packages node and the package will be available in the results pane.
-
If you installed the Microsoft Application Virtualization for Terminal Services client, after the package has been created, you should select the Packages node, right-click the package in the in the Results pane and select Properties. On the General tab, update the Name of the package so that it reflects that it is the terminal services version of the client.
Once SMS 2003 Upgraded you must delete these accounts ; SMS 2003 accounts delete
Always Delete
The following accounts should always be deleted because they are never used for Configuration Manager 2007.
- SMS Service account
- CCM Boot Loader (DC) (SMS#_dc)
- CCM Boot Loader (Non-DC)( SMSCCMBootAcct&)
- Client Services (DC) (SMS&_dc)
- Client Services (Non-DC) (SMSCliSvcAcct&)
- Client User Token (DC) (SMSCliToknAcct&)
- Client User Token (Non-DC) (SMSCliToknLocalAcct&)
- Client Connection (SMSClient_sitecode)
- Legacy Client Software Installation
- Internal client group (SMSInternalCliGrp)
- Site System Database (SMS_SQL_RX_sitecode)
- Server Connection (SMSServer_sitecode)
The Site System to SQL Server Connection (SMS_SiteSystemToSQLConnection_sitecode) group is not used after upgrade and can be deleted for Configuration Manager 2007 sites, but is still used for SMS 2003 site servers and site systems to connect to their site database servers.
Do Not Delete
Do not delete the following groups; even though they have SMS in their names, they are still used for Configuration Manager 2007.
- SMS Administrators (SMS Admins)
- Reporting Users (SMS Reporting Users)
- Site System to Site Server Connection (SMS_SiteSystemToSiteServerConnection_sitecode)
- Site to Site Connection (SMS_SiteToSiteConnection_sitecode)
Do not delete the Client Push Installation account or the Site Address account, if used in your environment. These accounts are still used in Configuration Manager 2007. The Advanced Client Network Access account can still be used in Configuration Manager 2007, but is called simply the Network Access account.
Windows Ports and protocols
Ports and protocols
The following table summarizes the information from the "System services ports" section. This table is sorted by port number instead of by the service name.Port | Protocol | Application protocol | System service name |
n/a | GRE | GRE (IP protocol 47) | Routing and Remote Access |
n/a | ESP | IPsec ESP (IP protocol 50) | Routing and Remote Access |
n/a | AH | IPsec AH (IP protocol 51) | Routing and Remote Access |
7 | TCP | Echo | Simple TCP/IP Services |
7 | UDP | Echo | Simple TCP/IP Services |
9 | TCP | Discard | Simple TCP/IP Services |
9 | UDP | Discard | Simple TCP/IP Services |
13 | TCP | Daytime | Simple TCP/IP Services |
13 | UDP | Daytime | Simple TCP/IP Services |
17 | TCP | Quotd | Simple TCP/IP Services |
17 | UDP | Quotd | Simple TCP/IP Services |
19 | TCP | Chargen | Simple TCP/IP Services |
19 | UDP | Chargen | Simple TCP/IP Services |
20 | TCP | FTP default data | FTP Publishing Service |
21 | TCP | FTP control | FTP Publishing Service |
21 | TCP | FTP control | Application Layer Gateway Service |
23 | TCP | Telnet | Telnet |
25 | TCP | SMTP | Simple Mail Transfer Protocol |
25 | TCP | SMTP | Exchange Server |
42 | TCP | WINS Replication | Windows Internet Name Service |
42 | UDP | WINS Replication | Windows Internet Name Service |
53 | TCP | DNS | DNS Server |
53 | UDP | DNS | DNS Server |
53 | TCP | DNS | Internet Connection Firewall/Internet Connection Sharing |
53 | UDP | DNS | Internet Connection Firewall/Internet Connection Sharing |
67 | UDP | DHCP Server | DHCP Server |
67 | UDP | DHCP Server | Internet Connection Firewall/Internet Connection Sharing |
69 | UDP | TFTP | Trivial FTP Daemon Service |
80 | TCP | HTTP | Windows Media Services |
80 | TCP | HTTP | World Wide Web Publishing Service |
80 | TCP | HTTP | SharePoint Portal Server |
88 | TCP | Kerberos | Kerberos Key Distribution Center |
88 | UDP | Kerberos | Kerberos Key Distribution Center |
102 | TCP | X.400 | Microsoft Exchange MTA Stacks |
110 | TCP | POP3 | Microsoft POP3 Service |
110 | TCP | POP3 | Exchange Server |
119 | TCP | NNTP | Network News Transfer Protocol |
123 | UDP | NTP | Windows Time |
123 | UDP | SNTP | Windows Time |
135 | TCP | RPC | Message Queuing |
135 | TCP | RPC | Remote Procedure Call |
135 | TCP | RPC | Exchange Server |
135 | TCP | RPC | Certificate Services |
135 | TCP | RPC | Cluster Service |
135 | TCP | RPC | Distributed File System |
135 | TCP | RPC | Distributed Link Tracking |
135 | TCP | RPC | Distributed Transaction Coordinator |
135 | TCP | RPC | Distributed File Replication Service |
135 | TCP | RPC | Fax Service |
135 | TCP | RPC | Microsoft Exchange Server |
135 | TCP | RPC | File Replication Service |
135 | TCP | RPC | Group Policy |
135 | TCP | RPC | Local Security Authority |
135 | TCP | RPC | Remote Storage Notification |
135 | TCP | RPC | Remote Storage Server |
135 | TCP | RPC | Systems Management Server 2.0 |
135 | TCP | RPC | Terminal Services Licensing |
135 | TCP | RPC | Terminal Services Session Directory |
137 | UDP | NetBIOS Name Resolution | Computer Browser |
137 | UDP | NetBIOS Name Resolution | Server |
137 | UDP | NetBIOS Name Resolution | Windows Internet Name Service |
137 | UDP | NetBIOS Name Resolution | Net Logon |
137 | UDP | NetBIOS Name Resolution | Systems Management Server 2.0 |
138 | UDP | NetBIOS Datagram Service | Computer Browser |
138 | UDP | NetBIOS Datagram Service | Messenger |
138 | UDP | NetBIOS Datagram Service | Server |
138 | UDP | NetBIOS Datagram Service | Net Logon |
138 | UDP | NetBIOS Datagram Service | Distributed File System |
138 | UDP | NetBIOS Datagram Service | Systems Management Server 2.0 |
138 | UDP | NetBIOS Datagram Service | License Logging Service |
139 | TCP | NetBIOS Session Service | Computer Browser |
139 | TCP | NetBIOS Session Service | Fax Service |
139 | TCP | NetBIOS Session Service | Performance Logs and Alerts |
139 | TCP | NetBIOS Session Service | Print Spooler |
139 | TCP | NetBIOS Session Service | Server |
139 | TCP | NetBIOS Session Service | Net Logon |
139 | TCP | NetBIOS Session Service | Remote Procedure Call Locator |
139 | TCP | NetBIOS Session Service | Distributed File System |
139 | TCP | NetBIOS Session Service | Systems Management Server 2.0 |
139 | TCP | NetBIOS Session Service | License Logging Service |
143 | TCP | IMAP | Exchange Server |
161 | UDP | SNMP | SNMP Service |
162 | UDP | SNMP Traps Outbound | SNMP Trap Service |
389 | TCP | LDAP Server | Local Security Authority |
389 | UDP | LDAP Server | Local Security Authority |
389 | TCP | LDAP Server | Distributed File System |
389 | UDP | LDAP Server | Distributed File System |
443 | TCP | HTTPS | HTTP SSL |
443 | TCP | HTTPS | World Wide Web Publishing Service |
443 | TCP | HTTPS | SharePoint Portal Server |
443 | TCP | RPC over HTTPS | Exchange Server 2003 |
445 | TCP | SMB | Fax Service |
445 | TCP | SMB | Print Spooler |
445 | TCP | SMB | Server |
445 | TCP | SMB | Remote Procedure Call Locator |
445 | TCP | SMB | Distributed File System |
445 | TCP | SMB | License Logging Service |
445 | TCP | SMB | Net Logon |
464 | TCP | Kerberos Password V5 | Net Logon |
500 | UDP | IPsec ISAKMP | Local Security Authority |
515 | TCP | LPD | TCP/IP Print Server |
548 | TCP | File Server for Macintosh | File Server for Macintosh |
554 | TCP | RTSP | Windows Media Services |
563 | TCP | NNTP over SSL | Network News Transfer Protocol |
593 | TCP | RPC over HTTPS endpoint mapper | Remote Procedure Call |
593 | TCP | RPC over HTTPS | Exchange Server |
636 | TCP | LDAP SSL | Local Security Authority |
636 | UDP | LDAP SSL | Local Security Authority |
993 | TCP | IMAP over SSL | Exchange Server |
995 | TCP | POP3 over SSL | Exchange Server |
1067 | TCP | Installation Bootstrap Service | Installation Bootstrap protocol server |
1068 | TCP | Installation Bootstrap Service | Installation Bootstrap protocol client |
1270 | TCP | MOM-Encrypted | Microsoft Operations Manager 2000 |
1433 | TCP | SQL over TCP | Microsoft SQL Server |
1433 | TCP | SQL over TCP | MSSQL$UDDI |
1434 | UDP | SQL Probe | Microsoft SQL Server |
1434 | UDP | SQL Probe | MSSQL$UDDI |
1645 | UDP | Legacy RADIUS | Internet Authentication Service |
1646 | UDP | Legacy RADIUS | Internet Authentication Service |
1701 | UDP | L2TP | Routing and Remote Access |
1723 | TCP | PPTP | Routing and Remote Access |
1755 | TCP | MMS | Windows Media Services |
1755 | UDP | MMS | Windows Media Services |
1801 | TCP | MSMQ | Message Queuing |
1801 | UDP | MSMQ | Message Queuing |
1812 | UDP | RADIUS Authentication | Internet Authentication Service |
1813 | UDP | RADIUS Accounting | Internet Authentication Service |
1900 | UDP | SSDP | SSDP Discovery Service |
2101 | TCP | MSMQ-DCs | Message Queuing |
2103 | TCP | MSMQ-RPC | Message Queuing |
2105 | TCP | MSMQ-RPC | Message Queuing |
2107 | TCP | MSMQ-Mgmt | Message Queuing |
2393 | TCP | OLAP Services 7.0 | SQL Server: Downlevel OLAP Client Support |
2394 | TCP | OLAP Services 7.0 | SQL Server: Downlevel OLAP Client Support |
2460 | UDP | MS Theater | Windows Media Services |
2535 | UDP | MADCAP | DHCP Server |
2701 | TCP | SMS Remote Control (control) | SMS Remote Control Agent |
2701 | UDP | SMS Remote Control (control) | SMS Remote Control Agent |
2702 | TCP | SMS Remote Control (data) | SMS Remote Control Agent |
2702 | UDP | SMS Remote Control (data) | SMS Remote Control Agent |
2703 | TCP | SMS Remote Chat | SMS Remote Control Agent |
2703 | UPD | SMS Remote Chat | SMS Remote Control Agent |
2704 | TCP | SMS Remote File Transfer | SMS Remote Control Agent |
2704 | UDP | SMS Remote File Transfer | SMS Remote Control Agent |
2725 | TCP | SQL Analysis Services | SQL Analysis Server |
2869 | TCP | UPNP | Universal Plug and Play Device Host |
2869 | TCP | SSDP event notification | SSDP Discovery Service |
3268 | TCP | Global Catalog Server | Local Security Authority |
3269 | TCP | Global Catalog Server | Local Security Authority |
3343 | UDP | Cluster Services | Cluster Service |
3389 | TCP | Terminal Services | NetMeeting Remote Desktop Sharing |
3389 | TCP | Terminal Services | Terminal Services |
3527 | UDP | MSMQ-Ping | Message Queuing |
4011 | UDP | BINL | Remote Installation |
4500 | UDP | NAT-T | Local Security Authority |
5000 | TCP | SSDP legacy event notification | SSDP Discovery Service |
5004 | UDP | RTP | Windows Media Services |
5005 | UDP | RTCP | Windows Media Services |
6001 | TCP | Information Store | Exchange Server 2003 |
6002 | TCP | Directory Referral | Exchange Server 2003 |
6004 | TCP | DSProxy/NSPI | Exchange Server 2003 |
42424 | TCP | ASP.Net Session State | ASP.NET State Service |
51515 | TCP | MOM-Clear | Microsoft Operations Manager 2000 |
1024-65535 | TCP | RPC | Randomly allocated high TCP ports |
Download the Port_Requirements_for_Microsoft_Windows_Server_System.xls package now. (http://download.microsoft.com/download/1/5/c/15c5287d-7a49-4c83-8ce0-aea7641b1835/Port_Requirements_for_Microsoft_Windows_Server_System.xls)
Active Directory port and protocol requirements
Application servers, client computers and domain controllers that are located in common or external forests have service dependencies so that user and computer initiated operations like domain join, logon authentication, remote administration, and Active Directory replication work correctly. Such services and operations require network connectivity over specific port and networking protocols.A summarized list of services, ports and protocols required for member computers and domain controllers to inter-operate with each other or for application servers to access Active Directory include but are not limited to the following.
Services on which Active Directory depends
• | Active Directory / LSA |
• | Computer Browser |
• | Distributed File System |
• | File Replication Service |
• | Kerberos Key Distribution Center |
• | Net Logon |
• | Remote Procedure Call (RPC) |
• | Server |
• | Simple Mail Transfer Protocol (SMTP) (if so configured) |
• | WINS (in Windows Server 2003 SP1 and later versions for backup Active Directory replication operations, if DNS is not working) |
• | Windows Time |
• | World Wide Web Publishing Service |
Services that require Active Directory services
• | Certificate Services (required for specific configurations) |
• | DHCP Server (if so configured) |
• | Distributed File System |
• | Distributed Link Tracking Server (optional but on by default on Windows 2000 computers) |
• | Distributed Transaction Coordinator |
• | DNS Server (if so configured) |
• | Fax Service (if so configured) |
• | File Replication Service |
• | File Server for Macintosh (if so configured) |
• | Internet Authentication Service (if so configured) |
• | License Logging (on by default) |
• | Net Logon |
• | Print Spooler |
• | Remote Installation (if so configured) |
• | Remote Procedure Call (RPC) Locator |
• | Remote Storage Notification |
• | Remote Storage Server |
• | Routing and Remote Access |
• | Server |
• | Simple Mail Transfer Protocol (SMTP) (if so configured) |
• | Terminal Services |
• | Terminal Services Licensing |
• | Terminal Services Session Directory |
-------------------
Thanks,
http://paddymaddy.blogspot.com/
SCCM It's Ports ; SCCM using Ports
Configurable Ports
Configuration Manager 2007 allows you to configure the ports for the following types of communication:
- Client to site system
- Client to Internet (as proxy server settings)
- Software update point to Internet (as proxy server settings)
- Software update point to WSUS server
- Client to reporting point
By default, the HTTP port used for client to site system communication is port 80 and the default HTTPS port is 443. Ports for client-to-site system communication over HTTP or HTTPS can be changed during Setup or in the Site Properties for your Configuration Manager site.
Reporting point site system roles have configurable port settings for HTTP and HTTPS communication defined on the reporting point site system role property page. By default, users connect to the reporting point using the HTTP port 80 and HTTPS port 443. These ports are defined during installation only. To redefine the reporting point communication port, the reporting point site system must be deleted and reinstalled.
Non-Configurable Ports
Configuration Manager does not allow you to configure ports for the following types of communication:
- Site to site (primary-to-primary or primary-to-secondary)
- Site server to site system
- Site server to site database server
- Site system to site database server
- Configuration Manager 2007 console to SMS Provider
- Configuration Manager 2007 console to the Internet
Port Details
The port listings that follow are used by Configuration Manager 2007 and do not include information for standard Windows services, such as Active Directory group policy and Kerberos authentication. For information about Windows Server services and ports, see http://go.microsoft.com/fwlink/?LinkID=123652.
The following diagram indicates connections between Configuration Manager 2007 computers. The number for the link corresponds to the table that lists the ports for that link. The arrows between the computers represent the direction of the communication.
- -- > indicates one computer initiates and the other computer always responds
- < -- > indicates that either computer can initiate
1. Site Server < -- > Site Server
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
Point to Point Tunneling Protocol (PPTP) | -- | 1723 (See note 3, RAS Sender) |
2. Primary Site Server -- > Domain Controller
Description | UDP | TCP |
---|---|---|
Lightweight Directory Access Protocol (LDAP) | -- | 389 |
LDAP (Secure Sockets Layer [SSL] connection) | 636 | 636 |
Global Catalog LDAP | -- | 3268 |
Global Catalog LDAP SSL | -- | 3269 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
3. Site Server < -- > Software Update Point
(See note 6, Communication between the site server and site systems)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
Hypertext Transfer Protocol (HTTP) | -- | 80 or 8530 (See note 4, Windows Server Update Services) |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 or 8531 (See note 4, Windows Server Update Services) |
4. Software Update Point -- > Internet
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 1, Proxy Server port) |
5. Site Server < -- > State Migration Point
(See note 6, Communication between the site server and site systems)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
6. Client -- > Software Update Point
Description | UDP | TCP | |
---|---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 or 8530 (See note 4, Windows Server Update Services) | |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 or 8531 (See note 4, Windows Server Update Services) |
7. Client -- > State Migration Point
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 2, Alternate Port Available) |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 (See note 2, Alternate Port Available) |
Server Message Block (SMB) | -- | 445 |
8. Client -- > PXE Service Point
Description | UDP | TCP |
---|---|---|
Dynamic Host Configuration Protocol (DHCP) | 67 and 68 | -- |
Trivial File Transfer Protocol (TFTP) | 69 (See note 5, Trivial FTP (TFTP) Daemon) | -- |
Boot Information Negotiation Layer (BINL) | 4011 | -- |
9. Site Server < -- > PXE Service Point
(See note 6, Communication between the site server and site systems)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
10. Site Server < -- > System Health Validator
(See note 6, Communication between the site server and site systems)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
11. Client -- > System Health Validator
The client requires the ports established by the Windows Network Access Protection client, which is dependent upon the enforcement client being used. For example, DHCP enforcement will use ports UDP 67 and 68. IPSec enforcement will use ports TCP 80 or 443 to the Health Registration Authority, port UDP 500 for IPsec negotiation and the additional ports needed for the IPsec filters. For more information, see the Windows Network Access Protection documentation. For help with configuring firewalls for IPsec, see http://go.microsoft.com/fwlink/?LinkId=109499.
12. Site Server < -- > Fallback Status Point
(See note 6, Communication between the site server and site systems)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
13. Client -- > Fallback Status Point
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 2, Alternate Port Available) |
14. Site Server -- > Distribution Point
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
15. Client -- > Distribution Point
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 2, Alternate Port Available) |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 (See note 2, Alternate Port Available) |
Server Message Block (SMB) | -- | 445 |
Multicast Protocol | 63000-64000 | -- |
16. Client -- > Branch Distribution Point
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
17. Client -- > Management Point
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 2, Alternate Port Available) |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 (See note 2, Alternate Port Available) |
18. Client -- > Server Locator Point
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 2, Alternate Port Available) |
19. Branch Distribution Point -- > Distribution Point
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 2, Alternate Port Available) |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 (See note 2, Alternate Port Available) |
20. Site Server -- > Provider
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
21. Server Locator Point -- > Microsoft SQL Server
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
22. Management Point -- > Microsoft SQL Server
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
23. Provider -- > SQL Server
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
24. Reporting Point -- > SQL Server / Reporting Services Point -- > SQL Server
The reporting point and the Reporting Services point use the same ports. The Reporting Services point is applicable to Configuration Manager 2007 R2 only.
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
25. Configuration Manager Console -- > Reporting Point
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 2, Alternate Port Available) |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 (See note 2, Alternate Port Available) |
26. Configuration Manager Console -- > Provider
Description | UDP | TCP |
---|---|---|
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
27. Configuration Manager Console -- > Internet
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 |
28. Primary Site Server -- > Microsoft SQL Server
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
29. Management Point -- > Domain Controller
Description | UDP | TCP |
---|---|---|
Lightweight Directory Access Protocol (LDAP) | -- | 389 |
LDAP (Secure Sockets Layer [SSL] connection) | 636 | 636 |
Global Catalog LDAP | -- | 3268 |
Global Catalog LDAP SSL | -- | 3269 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
30. Site Server -- > Reporting Point / Site Server -- > Reporting Services Point
The reporting point and the Reporting Services point use the same ports. The Reporting Services point is in Configuration Manager 2007 R2 only.
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
31. Site Server -- > Server Locator Point
(See note 6, Communication between the site server and site systems)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
32. Configuration Manager Console -- > Site Server
Description | UDP | TCP |
---|---|---|
RPC (initial connection to WMI to locate provider system) | -- | 135 |
33. Software Update Point -- > WSUS Synchronization Server
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 or 8530 (See note 4, Windows Server Update Services) |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 or 8531 (See note 4, Windows Server Update Services) |
34. Configuration Manager Console -- > Client
Description | UDP | TCP |
---|---|---|
Remote Control (control) | 2701 | 2701 |
Remote Control (data) | 2702 | 2702 |
Remote Control (RPC Endpoint Mapper) | -- | 135 |
Remote Assistance (RDP and RTC) | -- | 3389 |
35. Management Point < -- > Site Server
(See note 6, Communication between the site server and site systems)
Description | UDP | TCP |
---|---|---|
RPC Endpoint mapper | -- | 135 |
RPC | -- | DYNAMIC |
Server Message Block (SMB) | -- | 445 |
36. Site Server -- > Client
Description | UDP | TCP |
---|---|---|
Wake on LAN | 9 (See note 2, Alternate Port Available) | -- |
37. Configuration Manager client -- > Global Catalog Domain Controller
A Configuration Manager client does not contact a global catalog server when it is a workgroup computer or when it is configured for Internet-only communication.
Description | UDP | TCP |
---|---|---|
Global Catalog LDAP | -- | 3268 |
Global Catalog LDAP SSL | -- | 3269 |
38. PXE Service Point -- > Microsoft SQL Server
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
39. Site Server < -- > Asset Intelligence Synchronization Point (Configuration Manager 2007 SP1)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
40. Asset Intelligence Synchronization Point < -- > System Center Online (Configuration Manager 2007 SP1)
Description | UDP | TCP |
---|---|---|
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 |
41. Multicast Distribution Point -- > Microsoft SQL Server(Configuration Manager 2007 R2)
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
42. Client status reporting host --> Client (Configuration Manager 2007 R2)
Description | UDP | TCP |
---|---|---|
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
ICMPv4 Type 8 (Echo) or ICMPv6 Type 128 (Echo Request) | n/a | n/a |
43. Client status reporting host --> Management Point (Configuration Manager 2007 R2)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
NetBIOS Session Service | -- | 139 |
44. Client status reporting host --> Microsoft SQL Server (Configuration Manager 2007 R2)
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
45. Site Server < -- > Reporting Services Point (Configuration Manager 2007 R2)
(See note 6, Communication between the site server and site systems)
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
46. Configuration Manager Console -- > Reporting Services Point (Configuration Manager 2007 R2)
Description | UDP | TCP |
---|---|---|
Hypertext Transfer Protocol (HTTP) | -- | 80 (See note 2, Alternate Port Available) |
Secure Hypertext Transfer Protocol (HTTPS) | -- | 443 (See note 2, Alternate Port Available) |
47. Reporting Services Point -- > Microsoft SQL Server (Configuration Manager 2007 R2)
Description | UDP | TCP |
---|---|---|
SQL over TCP | -- | 1433 |
Notes
1 Proxy Server port This port cannot be configured but can be routed through a configured proxy server.
2 Alternate Port Available An alternate port can be defined within Configuration Manager for this value. If a custom port has been defined, substitute that custom port when defining the IP filter information for the IPsec policies.
3 RAS Sender Configuration Manager 2007 can also use the RAS Sender with Point to Point Tunneling Protocol (PPTP) to send and receive Configuration Manager 2007 site, client, and administrative information through a firewall. Under these circumstances, the PPTP TCP 1723 port is used.
4 Windows Server Update Services WSUS can be installed either on the default Web site (port 80) or a custom Web site (port 8530).
After installation, the port can be changed.
If the HTTP port is 80, the HTTPS port must be 443.
If the HTTP port is anything else, the HTTPS port must be 1 higher—for example 8530 and 8531.
5 Trivial FTP (TFTP) Daemon The Trivial FTP (TFTP) Daemon system service does not require a user name or password and is an integral part of the Windows Deployment Services (WDS). The Trivial FTP Daemon service implements support for the TFTP protocol defined by the following RFCs:
- • RFC 350—TFTP
- • RFC 2347—Option extension
- • RFC 2348—Block size option
- • RFC 2349—Time-out interval, and transfer size options
Trivial File Transfer Protocol is designed to support diskless boot environments. TFTP Daemons listen on UDP port 69 but respond from a dynamically allocated high port. Therefore, enabling this port will allow the TFTP service to receive incoming TFTP requests but will not allow the selected server to respond to those requests. Allowing the selected server to respond to inbound TFTP requests cannot be accomplished unless the TFTP server is configured to respond from port 69.
6 Communication between the site server and site systems By default, communication between the site server and site systems is bi-directional. The site server initiates communication to configure the site system, and then most site systems connect back to the site server to send back status information. Reporting points and distribution points do not send back status information. If you select Allow only site server initiated data transfers from this site system on the site system properties, the site system will never initiate communication back to the site server.
7 Ports used by distribution points for application virtualization streaming A distribution point enabled to support application virtualization can be configured to use either HTTP or HTTPS. This feature is available in Configuration Manager 2007 R2 only.
Configuration Manager Remote Control Ports
When you use NetBIOS over TCP/IP for Configuration Manager 2007 Remote Control, the ports described in the following table are used.
Description | UDP | TCP |
---|---|---|
RPC Endpoint Mapping | -- | 135 |
Name resolution | 137 | -- |
Messaging | 138 | -- |
Client Sessions | -- | 139 |
AMT Out of Band Management Ports (Configuration Manager 2007 SP1)
When you use the out of band management feature in Configuration Manager 2007 SP1, the following ports are used.
A. Site Server <--> Out of Band Service Point
Description | UDP | TCP |
---|---|---|
Server Message Block (SMB) | -- | 445 |
RPC Endpoint Mapper | 135 | 135 |
RPC | -- | DYNAMIC |
B. AMT Management Controller --> Out of Band Service Point
Description | UDP | TCP |
---|---|---|
Provisioning | -- | 9971 (configurable) |
C. Out of Band Service Point --> AMT Management Controller
Description | UDP | TCP |
---|---|---|
Discovery | -- | 16992 |
Power control, provisioning, and discovery | -- | 16993 |
D. Out of Band Management Console --> AMT Management Controller
Description | UDP | TCP |
---|---|---|
General management tasks | -- | 16993 |
Serial over LAN and IDE redirection | -- | 16995 |
Ports Used by Windows Servers
The following table lists some of the key ports that Windows Server uses and their respective functions. For a more complete list of Windows Server services and network ports requirements, see http://go.microsoft.com/fwlink/?LinkID=123652.
Description | UDP | TCP |
---|---|---|
Domain Name System (DNS) | 53 | -- |
Dynamic Host Configuration Protocol (DHCP) | 67 and 68 | -- |
Windows Internet Name Service (WINS) | 138 | -- |
NetBIOS datagrams | 138 | -- |
NetBIOS datagrams | -- | 139 |
Connecting with Microsoft SQL Server
If you use the TCP/IP Net-Library, enable port 1433 on the firewall. Use the Hosts file or an advanced connection string for host name resolution.
If you use named pipes over TCP/IP, enable port 139 for NetBIOS functions. NetBIOS should be used only for troubleshooting Kerberos issues.
Note |
---|
TCP/IP is required for network communications to allow Kerberos authentication. Named pipes communication is not required for Configuration Manager 2007 site database operations and should be used only to troubleshoot Kerberos authentication issues. |
By default, SQL Server uses TCP (not UDP) port 1433 to listen on TCP/IP. To change the port, run SQL Server Setup on the server, and then click Change Network Support. If SQL Server uses port 1433, the client Net-Library works. If SQL Server uses a custom port number, the client must specify that port in the Data Source Name (DSN).
Microsoft does not recommend that you enable UDP ports 137 and 138 for NetBIOS name resolution by using B-node broadcasts. Instead, you can use a WINS server or an LMHOSTS file for name resolution.
Installation Requirements for Internet-Based Site Systems
The Internet-based management point, software update point, and fallback status point use the following ports for installation and repair:
- Site server --> site system: RPC endpoint mapper using UDP and TCP port 135.
- Site server --> site system: RPC dynamic TCP ports.
- Site server < --> site system: Server message blocks (SMB) using TCP port 445.
Distribution points do not install until the first package is targeted to them. Package installations on distribution points require the following RPC ports:
- Site server --> distribution point: RPC endpoint mapper using UDP and TCP port 135.
- Site server --> distribution point: RPC dynamic TCP ports.
Sunday, October 12, 2008
Microsoft Deployment Toolkit 2008 Webcasts
http://deploymentforum.com/Portals/3/media/mdt.sccm.wmv
http://deploymentforum.com/Portals/3/media/bdd.lti/config.wmv
http://deploymentforum.com/Portals/3/media/bdd.lti/office.wmv
http://deploymentforum.com/Portals/3/media/bdd.lti/new.wmv
http://deploymentforum.com/Portals/3/media/bdd.lti/refresh.wmv
http://deploymentforum.com/Portals/3/media/bdd.zti/config.wmv
http://deploymentforum.com/Portals/3/media/bdd.zti/new.wmv
http://deploymentforum.com/Portals/3/media/bdd.zti/refresh.wmv
Source from http://deploymentforum.com
All SCCM 2007 logs at one Place
Client Log Files
The Configuration Manager 2007 client logs are located in one of the following locations: · On computers that serve as management points, the client logs are located in the SMS_CCM\Logs folder. · On all other computers, the client log files are located in the %Windir%\System32\CCM\Logs folder or the %Windir%\SysWOW64\CCM\Logs.The following table lists and describes the client log files.
Log File Name | Description |
CAS | Content Access service. Maintains the local package cache. |
CcmExec.log | Records activities of the client and the SMS Agent Host service. |
CertificateMaintenance.log | Maintains certificates for Active Directory directory service and management points. |
ClientIDManagerStartup.log | Creates and maintains the client GUID. |
ClientLocation.log | Site assignment tasks. |
ContentTransferManager.log | Schedules the Background Intelligent Transfer Service (BITS) or the Server Message Block (SMB) to download or to access SMS packages. |
DataTransferService.log | Records all BITS communication for policy or package access. |
Execmgr.log | Records advertisements that run. |
FileBITS.log | Records all SMB package access tasks. |
Fsinvprovider.log (renamed to FileSystemFile.log in all SMS 2003 Service Packs) | Windows Management Instrumentation (WMI) provider for software inventory and file collection. |
InventoryAgent.log | Creates discovery data records (DDRs) and hardware and software inventory records. |
LocationServices.log | Finds management points and distribution points. |
Mifprovider.log | The WMI provider for .MIF files. |
Mtrmgr.log | Monitors all software metering processes. |
PolicyAgent.log | Requests policies by using the Data Transfer service. |
PolicyAgentProvider.log | Records policy changes. |
PolicyEvaluator.log | Records new policy settings. |
Remctrl.log | Logs when the remote control component (WUSER32) starts. |
Scheduler.log | Records schedule tasks for all client operations. |
Smscliui.log | Records usage of the Systems Management tool in Control Panel. |
StatusAgent.log | Logs status messages that are created by the client components. |
SWMTRReportGen.log | Generates a usage data report that is collected by the metering agent. (This data is logged in Mtrmgr.log.) |
Site Server Log Files
Most Configuration Manager 2007 site server log files are located in the <InstallationPath>\LOGS folder. Because Configuration Manager 2007 relies heavily on Microsoft Internet Information Services (IIS), you can review the IIS log file for additional errors that relate to client access to the IIS server. The IIS log file is located in the %Windir%\System32\logfiles\W3SVC1 folder on the IIS server. The following table lists and describes the site server log files.
Log File Name | Description |
Ccm.log | Client Configuration Manager tasks. |
Cidm.log | Records changes to the client settings by the Client Install Data Manager (CIDM). |
Colleval.log | Logs when collections are created, changed, and deleted by the Collection Evaluator. |
Compsumm.log | Records Component Status Summarizer tasks. |
Cscnfsvc.log | Records Courier Sender confirmation service tasks. |
Dataldr.log | Processes Management Information Format (MIF) files and hardware inventory in the Configuration Manager 2007 database. |
Ddm.log | Saves DDR information to the Configuration Manager 2007 database by the Discovery Data Manager. |
Despool.log | Records incoming site-to-site communication transfers. |
Distmgr.log | Records package creation, compression, delta replication, and information updates. |
Hman.log | Records site configuration changes, and publishes site information in Active Directory Domain Services. |
Inboxast.log | Records files that are moved from the management point to the corresponding SMS\INBOXES folder. |
Inboxmgr.log | Records file maintenance. |
Invproc.log | Records the processing of delta MIF files for the Dataloader component from client inventory files. |
Mpcontrol.log | Records the registration of the management point with WINS. Records the availability of the management point every 10 minutes. |
Mpfdm.log | Management point component that moves client files to the corresponding SMS\INBOXES folder. |
MPMSI.log | Management point .msi installation log. |
MPSetup.log | Records the management point installation wrapper process. |
Ntsvrdis.log | Configuration Manager 2007 server discovery. |
Offermgr.log | Records advertisement updates. |
Offersum.log | Records summarization of advertisement status messages. |
Policypv.log | Records updates to the client policies to reflect changes to client settings or advertisements. |
Replmgr.log | Records the replication of files between the site server components and the Scheduler component. |
Rsetup.log | Reporting point setup log. |
Sched.log | Records site-to-site job and package replication. |
Sender.log | Records files that are sent to other child and parent sites. |
Sinvproc.log | Records client software inventory data processing to the site database in Microsoft SQL Server. |
Sitecomp.log | Records maintenance of the installed site components. |
Sitectrl.log | Records site setting changes to the Sitectrl.ct0 file. |
Sitestat.log | Records the monitoring process of all site systems. |
Smsdbmon.log | Records database changes. |
Smsexec.log | Records processing of all site server component threads. |
Smsprov.log | Records WMI provider access to the site database. |
SMSReportingInstall.log | Records the Reporting Point installation. This component starts the installation tasks and processes configuration changes. |
Srvacct.log | Records the maintenance of accounts when the site uses standard security. |
Statmgr.log | Writes all status messages to the database. |
Swmproc.log | Processes metering files and maintains settings. |
The Admin UI log files are located in <InstallationPath>\AdminUI\. The following table lists and describes the Admin UI log files.
Log File Name | Description |
RepairWizard.log | Records errors, warnings, and information about the process of running the Repair Wizard. |
ResourceExplorer.log | Records errors, warnings, and information about running the Resource Explorer. |
SMSAdminUI.log | Records the local Configuration Manager 2007 console tasks when you connect to Configuration Manager 2007 sites. |
Management Point Log Files
If management points are installed in the site hierarchy, management point log files are stored in the SMS_CCM\LOGS folder on the management point computer. The following table lists and describes the management point log files.
Log File Name | Description |
MP_Ddr.log | Records the conversion of XML.ddr records from clients, and copies them to the site server. |
MP_GetAuth.log | Records the status of the site management points. |
MP_GetPolicy.log | Records policy information. |
MP_Hinv.log | Converts XML hardware inventory records from clients and copies the files to the site server. |
MP_Location.log | Records location manager tasks. |
MP_Policy.log | Records policy communication. |
MP_Relay.log | Copies files that are collected from the client. |
MP_Retry.log | Records the hardware inventory retry processes. |
MP_Sinv.log | Converts XML hardware inventory records from clients and copies them to the site server. |
MP_Status.log | Converts XML.svf status message files from clients and copies them to the site server. |
Mobile Device Management Log Files
If mobile device management is enabled in the site hierarchy, mobile device management point log files are generally stored in the <ConfigMgrInstallPath>\LOGS folder on the mobile device management point computer. The following table lists and describes the mobile device management point log files.
Mobile Device Management Point Logs
Log File Name | Description |
DmClientHealth.log | Records the GUIDs of all the mobile device clients that are communicating with the Device Management Point. |
DmClientRegistration.log | Records registration requests from and responses to the mobile device client in Native mode. |
DmpDatastore.log | Records all the site database connections and queries made by the Device Management Point. |
DmpDiscovery.log | Records all the discovery data from the mobile device clients on the Device Management Point. |
DmpFileCollection.log | Records mobile device file collection data from mobile device clients on the Device Management Point. |
DmpHardware.log | Records hardware inventory data from mobile device clients on the Device Management Point. |
DmpIsapi.log | Records mobile device communication data from device clients on the Device Management Point. |
dmpMSI.log | Records the MSI data for Device Management Point setup. |
DMPSetup.log | Records the mobile device management setup process. |
DmpSoftware.log | Records mobile device software distribution data from mobile device clients on the Device Management Point. |
DmpStatus.log | Records mobile device status messages data from mobile device clients on the Device Management Point. |
FspIsapi.log | Records Fallback Status Point communication data from mobile device clients and client computers on the Fallback Status Point. |
Mobile Device Management Client Logs
For the locations of log files on managed mobile devices and on computers that are used to deploy the mobile device client, see How to Configure Logging for Windows Mobile and Windows CE Devices. The following table lists and describes the mobile device management client log files.
Log File Name | Description |
DmCertEnroll.log | Records certificate enrollment data on mobile device clients. |
DMCertResp.htm (in \temp) | Records HTML response from the certificate server when the mobile device Enroller program requests a client authentication certificate on mobile device clients. |
DmClientSetup.log | Records client setup data on mobile device clients. |
DmClientXfer.log | Records client transfer data for Windows Mobile Device Center and ActiveSync deployments. |
DmCommonInstaller.log | Records client transfer file installation for setting up mobile device client transfer files on client computers. |
DmInstaller.log | Records whether DMInstaller correctly calls DmClientSetup and whether DmClientSetup exits with success or failure on mobile device clients. |
DmInvExtension.log | Records Inventory Extension file installation for setting up Inventory Extension files on client computers. |
DmSvc.log | Records mobile device management service data on mobile device clients. |
Operating System Deployment Log Files
The following table lists and describes the operating system deployment log files.
Log File Name | Description | ||
CCMSetup.log | Provides information about client-based operating system actions. | ||
CreateTSMedia.log | Provides information about task sequence media when it is created. This log is generated on the computer running the Configuration Manager 2007 administrator console. | ||
DriverCatalog.log | Provides information about device drivers that have been imported into the driver catalog. | ||
MP_ClientIDManager.log | Provides information about the Configuration Manager 2007 management point when it responds to Configuration Manager 2007 client ID requests from boot media or PXE. This log is generated on the Configuration Manager 2007 management point. | ||
MP_DriverManager.log | Provides information about the Configuration Manager 2007 management point when it responds to a request from the Auto Apply Driver task sequence action. This log is generated on the Configuration Manager 2007 management point. | ||
MP_Location.log | Provides information about the Configuration Manager 2007 management point when it responds to request state store or release state store requests from the state migration point. This log is generated on the Configuration Manager 2007 management point. | ||
Pxecontrol.log | Provides information about the PXE Control Manager. | ||
PXEMsi.log | Provides information about the PXE service point and is generated when the PXE service point site server has been created. | ||
PXESetup.log | Provides information about the PXE service point and is generated when the PXE service point site server has been created. | ||
Setupact.log Setupapi.log Setuperr.log | Provide information about Windows Sysprep and setup logs. | ||
SmpIsapi.log | Provides information about the state migration point Configuration Manager 2007 client request responses. | ||
Smpmgr.log | Provides information about the results of state migration point health checks and configuration changes. | ||
SmpMSI.log | Provides information about the state migration point and is generated when the state migration point site server has been created. | ||
Smsprov.log | Provides information about the SMS provider. | ||
Smspxe.log | Provides information about the Configuration Manager 2007 PXE service point. | ||
SMSSMPSetup.log | Provides information about the state migration point and is generated when the state migration point site server has been created. | ||
Smsts.log | General location for all operating system deployment and task sequence log events.Log file location:· If task sequence completes when running in the full operating system with a Configuration Manager 2007 client installed on the computer: <CCM Install Dir>\logs· If task sequence completes when running in the full operating system with no Configuration Manager 2007 client installed on the computer: %temp%\SMSTSLOG· If task sequence completes when running in WindowsPE: <largest fixed partition>\SMSTSLOG
| ||
TaskSequenceProvider.log | Provides information about task sequences when they are imported, exported, or edited. | ||
USMT Log loadstate.log | Provides information about the User State Migration Tool (USMT) regarding the restore of user state data. | ||
USMT Log scanstate.log | Provides information about the USMT regarding the capture of user state data. |
Network Access Protection Log Files
By default, client log files related to Network Access Protection are found in %windir%\CCM\Logs. For client computers that are also management points, the log files are found in %ProgramFiles%\SMS_CCM\Logs.The following table lists and describes the Network Access Protection log files.
Log File Name | Description |
Ccmcca.log | Logs the processing of compliance evaluation based on Configuration Manager NAP policy processing and contains the processing of remediation for each software update required for compliance. |
CIAgent.log | Tracks the process of remediation and compliance. However, the software updates log file, Updateshandler.log, provides more informative details on installing the software updates required for compliance. |
locationservices.log | Used by other Configuration Manager features (for example, information about the client's assigned site) but also contains information specific to Network Access Protection when the client is in remediation. It records the names of the required remediation servers (management point, software update point, and distribution points that host content required for compliance), which are also sent in the client statement of health. |
SDMAgent.log | Shared with the Configuration Manager feature desired configuration management and contains the tracking process of remediation and compliance. However, the software updates log file, Updateshandler.log, provides more informative details about installing the software updates required for compliance. |
SMSSha.log | The main log file for the Configuration Manager Network Access Protection client and contains a merged statement of health information from the two Configuration Manager components: location services (LS) and the configuration compliance agent (CCA). This log file also contains information about the interactions between the Configuration Manager System Health Agent and the operating system NAP agent, and also between the Configuration Manager System Health Agent and both the configuration compliance agent and the location services. It provides information about whether the NAP agent successfully initialized, the statement of health data, and the statement of health response. |
The System Health Validator point log files are located in %systemdrive%\SMSSHV\SMS_SHV\Logs, and they are listed and described in the following table.
Log File Name | Description |
Ccmperf.log | Contains information about the initialization of the System Health Validator point performance counters. |
SmsSHV.log | The main log file for the System Health Validator point; logs the basic operations of the System Health Validator service, such as the initialization progress. |
SmsSHVADCacheClient.log | Contains information about retrieving Configuration Manager health state references from Active Directory Domain Services. |
SmsSHVCacheStore.log | Contains information about the cache store used to hold the Configuration Manager NAP health state references retrieved from Active Directory Domain Services, such as reading from the store and purging entries from the local cache store file. The cache store is not configurable. |
SmsSHVRegistrySettings.log | Records any dynamic changes to the System Health Validator component configuration while the service is running. |
SmsSHVQuarValidator.log | Records client statement of health information and processing operations. To obtain full information, change the registry key LogLevel from 1 to 0 in the following location:HKLM\SOFTWARE\Microsoft\SMSSHV\Logging\@GLOBAL |
Setup information for the System Health Validator point can be found in a setup log file, described in the following table, on the computer running the Network Policy Server.
Log File Name | Description |
<ConfigMgrInstallationPath>\Logs\SMSSHVSetup.log | Records the success or failure (with failure reason) of installing the System Health Validator point. |
Desired Configuration Management Log Files
By default, the Configuration Manager 2007 client computer log files are found in %windir%\System32\CCM\Logs or in %windir%\SysWOW64\CCM\Logs. For client computers that are also management points, the client log files are located in the SMS_CCM\Logs folder. The following table lists and describes these log files.
Log File Name | Description |
ciagent.log | Provides information about downloading, storing, and accessing assigned configuration baselines. |
dcmagent.log | Provides high-level information about the evaluation of assigned configuration baselines and desired configuration management processes. |
discovery.log | Provides detailed information about the Service Modeling Language (SML) processes. |
sdmagent.log | Provides information about downloading, storing, and accessing configuration item content. |
sdmdiscagent.log | Provides high-level information about the evaluation process for the objects and settings configured in the referenced configuration items. |
Wake On LAN Log Files
The Configuration Manager 2007 site server log files related to Wake On LAN are located in the folder <ConfigMgrInstallationPath>\Logs on the site server. There are no client-side log files for Wake On LAN. The following table lists and describes the Wake On LAN log files.
Log File Name | Description |
Wolmgr.log | Contains information about wake-up procedures such as when to wake up advertisements or deployments that are configured for Wake On LAN. |
WolCmgr.log | Contains information about which clients need to be sent wake-up packets, the number of wake-up packets sent, and the number of wake-up packets retried. |
Software Updates Site Server Log Files
The Configuration Manager 2007 site server log files are found, by default, in <InstallationPath>\Logs. The following table lists and describes the software updates site server log files.
Log File Name | Description | ||
ciamgr.log | Provides information about the addition, deletion, and modification of software update configuration items. | ||
distmgr.log | Provides information about the replication of software update deployment packages. | ||
objreplmgr.log | Provides information about the replication of software updates notification files from a parent to child sites. | ||
PatchDownloader.log | Provides information about the process for downloading software updates from the update source specified in the software updates metadata to the download destination on the site server.
| ||
replmgr.log | Provides information about the process for replicating files between sites. | ||
smsdbmon.log | Provides information about when software update configuration items are inserted, updated, or deleted from the site server database and creates notification files for software updates components. | ||
SUPSetup | Provides information about the software update point installation. When the software update point installation completes, Installation was successful is written to this log file. | ||
WCM.log | Provides information about the software update point configuration and connecting to the Windows Server Update Services (WSUS) server for subscribed update categories, classifications, and languages. | ||
WSUSCtrl.log | Provides information about the configuration, database connectivity, and health of the WSUS server for the site. | ||
wsyncmgr.log | Provides information about the software updates synchronization process. |
WSUS Server Log Files
By default, the log files for WSUS running on the software update point site system role are found in %ProgramFiles%\Update Services\LogFiles. The following table lists and describes the WSUS server log files.
Log File Name | Description |
Change.log | Provides information about the WSUS server database information that has changed. |
SoftwareDistribution.log | Provides information about the software updates that are synchronized from the configured update source to the WSUS server database. |
Software Updates Client Computer Log Files
By default, the Configuration Manager 2007 client computer log files are found in %windir%\CCM\Logs. For client computers that are also management points, the log files are found in %ProgramFiles%\SMS_CCM\Logs. The following table lists and describes the software updates client computer log files.
Log File Name | Description |
CAS.log | Provides information about the process of downloading software updates to the local cache and cache management. |
CIAgent.log | Provides information about processing configuration items, including software updates. |
LocationServices.log | Provides information about the location of the WSUS server when a scan is initiated on the client. |
PatchDownloader.log | Provides information about the process for downloading software updates from the update source to the download destination on the site server. This log is only on the client computer configured as the synchronization host for the Inventory Tool for Microsoft Updates. |
PolicyAgent.log | Provides information about the process for downloading, compiling, and deleting policies on client computers. |
PolicyEvaluator | Provides information about the process for evaluating policies on client computers, including policies from software updates. |
RebootCoordinator.log | Provides information about the process for coordinating system restarts on client computers after software update installations. |
ScanAgent.log | Provides information about the scan requests for software updates, what tool is requested for the scan, the WSUS location, and so on. |
ScanWrapper | Provides information about the prerequisite checks and the scan process initialization for the Inventory Tool for Microsoft Updates on Systems Management Server (SMS) 2003 clients. |
SdmAgent.log | Provides information about the process for verifying and decompressing packages that contain configuration item information for software updates. |
ServiceWindowManager.log | Provides information about the process for evaluating configured maintenance windows. |
smscliUI.log | Provides information about the Configuration Manager Control Panel user interactions, such as initiating a Software Updates Scan Cycle from the Configuration Manager Properties dialog box, opening the Program Download Monitor, and so on. |
SmsWusHandler | Provides information about the scan process for the Inventory Tool for Microsoft Updates on SMS 2003 client computers. |
StateMessage.log | Provides information about when software updates state messages are created and sent to the management point. |
UpdatesDeployment.log | Provides information about the deployment on the client, including software update activation, evaluation, and enforcement. Verbose logging shows additional information about the interaction with the client user interface. |
UpdatesHandler.log | Provides information about software update compliance scanning and about the download and installation of software updates on the client. |
UpdatesStore.log | Provides information about the compliance status for the software updates that were assessed during the compliance scan cycle. |
WUAHandler.log | Provides information about when the Windows Update Agent on the client searches for software updates. |
WUSSyncXML.log | Provides information about the Inventory Tool for the Microsoft Updates synchronization process. This log is only on the client computer configured as the synchronization host for the Inventory Tool for Microsoft Updates. |
Windows Update Agent Log File
By default, the Windows Update Agent log file is found on the Configuration Manager Client computer in %windir%. The following table provides the log file name and description.
Log File Name | Description |
WindowsUpdate.log | Provides information about when the Windows Update Agent connects to the WSUS server and retrieves the software updates for compliance assessment and whether there are updates to the agent components. |
-------------------
Thanks,
http://paddymaddy.blogspot.com/