Why we require Group Policy For various tasks such as communicating with Active Directory Discovery, Remote administration and WMI connectivity, we require these policies.
There are 3 types of settings we require:
- To Ping Client Workstations (By default this communication is blocked if Firewall is enabled) - To connect to Clients Admin$ Share - To connect to clients WMI ( as SCCM heavily relies on WMI repository to store all policies, deployments and other tasks)
Default Behavior of client ( before creating Group Policy) a. By default, we cannot ping the client workstations in case the firewall is enabled. Even though the machine is switched on and connected on the same network, we will not receive the Ping response.
b. We are not able to connect to the admin$ share of the client (ie clients “c:\windows” directory). This is required for various tasks including SCCM client push installation was setup files over the network copies under client’s c:\windows directory.
c. Inbound remote administration is disabled by default, which means we cannot connect to clients WMI repository remotely. This is mandatory to install SCCM client and to download and save several SCCM policies, deployments & tasks. If we try connecting to clients WMI by using wettest (inbuilt tool on Windows), we will get error “0x800706ba“
Thanks in Advance
... View more