SCCM | Intune | Windows 365 | Windows 11 Forums

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members. Please post your questions in the correct category.

SOLVED Is it possible to use SCCM to deploy windows update on workgroup computers

Status
Not open for further replies.

Manuel

Well-Known Member
Messages
301
Points
18
Hi

I just having problem running an update to a bunch of Workgroup machines. Is it possible to use SCCM to deploy windows update on workgroup computers

I think the problem is the network account so I just want to know which is the sintax or format of the currect account user that I have to use in order to use to deploy windows updates

I mean, do I have to type IP\local administrator user account or do I use .\Local administrator user account

Thanks in advanced


Manuel
 
To support workgroup clients, the following requirements must be met:

  • During client installation, the logged-on user must possess local administrator rights on the workgroup system. The only account that Configuration Manager 2007 can use to perform activities that require local administrator privileges is the account of the user that is logged on to the computer.
  • The Configuration Manager client must be installed from a local source on each client machine. This requirement ensures that a local source for repair and client update application will be available for the client.
  • Workgroup clients must be able to locate a server locator point for site assignment because they cannot query Active Directory Domain Services. The server locator point can be manually published in Windows Internet Name Service (WINS), or it can be specified in the CCMSetup.exe installation command-line parameters.
  • Workgroup clients must use the Network Access Account to access package source files on distribution points. If a Network Access Account is not configured, clients cannot access content on the distribution point. For more information, see Example Package Access Scenarios.
Although workgroup computers can be Configuration Manager 2007 clients, there are inherent limitations in supporting workgroup computers, including the following:

See More details:
http://technet.microsoft.com/en-us/library/dd547071.aspx
 
To support workgroup clients, the following requirements must be met:
  • Using a workgroup client as a branch distribution point is not supported. Configuration Manager 2007 requires that all site systems, including branch distribution point computers, are members of an Active Directory domain.

While I understand what Microsoft says they support...how do we make a workgroup, non-domain, machine work as a DP anyways?

I am very close to solving it...as I'm not receiving errors with the workgroup DP. However, when pulling content from my primary site DP to the workgroup DP, the files...the content in replication...just stays "In Progress" forever. The only message I see that may help us is: package does not have a preferred sender.
 
Last edited:
Well, I did not make it work with workgroup computers.

MrNetTek, Did you apply patch to any Windows computers in workgroup?
and did you think is necesay to make a boundary to any workgroup computer?

Thanks in advanced

Manuel
 
Well, I did not make it work with workgroup computers.

MrNetTek, Did you apply patch to any Windows computers in workgroup?
and did you think is necesay to make a boundary to any workgroup computer?

Thanks in advanced

Manuel


I started by doing this: http://eddiejackson.net/wp/?p=14669

That is my website...

Then, I made sure I only used %computername%\Administrator on the creation of the DP itself. Getting workgroup computers to report in wasn't all that difficult...getting a workgroup computer to work as a DP has remained elusive, for now.

I think Microsoft has created the SMS class in WMI to only work with a domain account----BUT, because WMI security can be changed, that will be my next test. Just because Microsoft doesn't support something, doesn't mean it can't be done. I spend my days and nights doing the impossible. This is just my latest challenge.

Note, I 'did' create boundaries for all workgroup computers.
 
Last edited:
I figured it out guys. A Workgroup can indeed run the DP role. I will be posting a full write up at my site.

This was the basic config...

1 Editing files for name resolution

2 Using %computername%\service account

3 Using IP address for FQDN name

4 Do not use PullDP

After setup, I tested software deployment and the software portal; both worked.
 
Last edited:
Status
Not open for further replies.

Trending content

Forum statistics

Threads
6,513
Messages
25,460
Members
15,655
Latest member
athomaz
Back
Top