I have covered the installation of SCCM/ConfigMgr 1702 infrastructure in the previous post here. In this post, we are going 1. How can we perform SCCM CB AD discovery – discover the devices and users from on-prem Active Directory? and 2. How can we manage the devices which are discovered from AD? Discovery Methods: Configure the methods to discover resources. Client Push installation requires that resources must first be discovered. I normally use Active Directory System Discovery and Active Directory User Discovery to find the resources (users and systems) from Active Directory.
How to Perform SCCM CB AD Discovery?
We need to enable Active Directory System Discovery to discover all the devices from on Prem AD. SCCM will collect all the system records from AD and create a record in SCCM CB. SCCM will create the system record only when SCCM server can find an IP to the DNS record of that system and able to ping the system. SCCM 2007 AD system discovery Flow-chart here. Adsysdis.log is the log file where you can find more details about the discovery. In the video tutorial above, you can see the troubleshooting details when AD system discovery is getting failed.
SCCM CB 1702 AD User Discovery should be enabled when you want to deploy apps and policies to user based collections. Adusrdis.log is the log file where you can find more details about SCCM AD User Discovery. Another Discovery which I enabled in my SCCM CB LAB environment is “Active Directory Forest Discovery” to create the SCCM CB boundaries in your CB environment.
Pre Requisites Before Installing SCCM CB clients on devices ?
So, now you can discover the devices, users and AD Site Boundaries from on-prem AD. The next step is to manage these devices using SCCM CB 1702 infra. The first thing I would perform is to create SCCM “Boundary Group” and add required boundaries to that particular boundary group. More details about creation and assignment of Boundary groups are discussed in the above video tutorial.
Another important configuration which we need to take care before trying to install SCCM CB clients on a discovered system is setting up “Network Access Account” and “Client Push Installation Account”.
SCCM CB Client Installation to manage AD Discovered Systems
To manage discovered systems from AD, we need to install SCCM Client software. There are loads of options to install the client on the discovered devices. You can use AD Group policy to install SCCM CB clients; a client can be installed as part of OSD process, Client can be installed using Client Push method. The client push installation is explained in the above video tutorial.
Client push method has some draw backs, and it needs Admin$ access etc… The best option is to use AD group policy client installation method.