I have covered the installation of SCCM/ConfigMgr 1702 infrastructure in the previous post here. In this post, we are going to see the following SCCM AD Discovery & SCCM Client installation.
- 1. How can we perform SCCM CB AD discovery – discover the devices and users from on-prem Active Directory? and
- 2. How can we manage the devices which are discovered from AD? Discovery Methods: Configure the methods to discover resources. Client Push installation requires that resources must first be discovered.
NOTE! – I normally use Active Directory System Discovery and Active Directory User Discovery to find the resources (users and systems) from Active Directory.
How to Perform SCCM CB AD Discovery?
We need to enable Active Directory System Discovery to discover all the devices from on Prem AD. SCCM will collect all the system records from AD and create a record in SCCM CB. SCCM will create the system record only when the SCCM server can find an IP to the DNS record of that system and is able to ping the system.
SCCM 2007 AD system discovery Flowchart here. Adsysdis.log is the log file where you can find more details about the discovery. In the video tutorial above, you can see the troubleshooting details when AD system discovery is getting failed.
SCCM AD User Discovery should be enabled when you want to deploy apps and policies to user-based collections. Adusrdis.log is the log file where you can find more details about SCCM AD User Discovery.
Another Discovery which I enabled in my SCCM LAB environment is “Active Directory Forest Discovery” to create the SCCM CB boundaries in your CB environment.
Pre Requisites Before Installing SCCM CB clients on devices?
So, now you can discover the devices, users, and AD Site Boundaries from on-prem AD. The next step is to manage these devices using SCCM infra.
The first thing I would perform is to create SCCM “Boundary Group” and add required boundaries to that particular boundary group. More details about the creation and assignment of Boundary groups are discussed in the above video tutorial.
Another important configuration that we need to take care of before trying to install SCCM CB clients on a discovered system is setting up “Network Access Account” and “Client Push Installation Account”.
SCCM Client Installation to manage AD Discovered Systems
To manage discovered systems from AD, we need to install SCCM Client software. There are loads of options to install the client on the discovered devices. You can use the AD Group policy to install SCCM CB clients; a client can be installed as part of the OSD process, Client can be installed using the Client Push method. The client push installation is explained in the above video tutorial.
The client push method has some drawbacks, and it needs Admin$ access, etc… The best option is to use the AD group policy client installation method.
- More about discovery methods for SCCM ConfigMgr CB here
- Client installation methods in SCCM/ConfigMgr CB here
Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is a blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. E writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…