Configuring SUP address for IBCM Clients

Similar Messages

• Configure SUP location for IBCM (Internet Only) Clients

  I'm using ConfigMgr 2012 R2 with a single primary site.   I have a second site server deployed in the DMZ configured
  for Internet  clients.  I have a Internet MP and DP configured with SSL and they are working well. 
  I have a question about how to configure the SUP for internet only clients.   I configured my internet facing SUP to require SSL and configured it for Internet and Intranet clients.
  I installed the ConfigMgr 2012 client on my test machines with the CCMALWAYSINF=1 option to be connected internet only.  
  The clients are not getting a local policy to connect to the SUP and if I add the internet SUP in the local group policy myself it doesn't do anything.  If I run the "windows updates" cycle from the Windows Update client (NOT
  ConfigMgr) it seems to connect and sync with the SUP (WindowsUpdate.log) but ConfigMgr does not appear to recognize the SUP and doesn't point the clients to connect to it and upload the results.  
  Any Ideas how to force my clients to connect to the internet facing (IBCM) SUP to scan for required updates?  Anybody deploy a internet SUP lately that can provide some guidance?  Thank you very much

  Check the log file(s) on the Internet facing site system. The easiest method to check the sync status is by going to the monitoring workspace in the console and then look at the
  Software Update Point Synchronization Status node.
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Is there Ready Made Configuration Packs available for Lync Client ( Client on end user computer ) and Server

  Hi,
  is there  Ready Made Configuration Packs available for Lync Client ( Client on end user computer ) and Server ... to check the configuration, services,compliance, functionality of all the features etc at end user level
  and server configuration packs
  Regards
  Tanoj
  OSLM ENGINEER - SCCM 2007 & 2012

  No, there is not something available for Lync. What's available can be found here (and it's all not recent):
  https://www.microsoft.com/en-us/search/DownloadsDrillInResults.aspx?q=SCCM+%22configuration+pack%22&cateorder=2_5_1&site=
  My Blog: http://www.petervanderwoude.nl/
  Follow me on twitter: pvanderwoude

• Can WLC's built-in DHCP provide IP addresses for wired client?

  Hi,
  We've got a WLC running on 7.0.98.0. It's providing IP addresses for the Guest Wireless users. Now we'd like to put a couple of wired workstations for those customers who don't bring laptops. I'm wondering if I put these workstations on the same guest wireless vlan, they can still get IPs from the WLC. If not, I have set static IPs on these workstations.
  Thanks in advance.
  Robert

  Rob:
  The answer is simply "No". WLC can not provide wired clients on same wireless VLAN with IP addresses if the DHCP is configured on WLC.
  The case metnioned by fbarboza above is a "very" special configuraiton on WLANs where the WLC is configured to take care of some wired clients and it needs you to have two WLCs  (The featured is called wired guest).This special case does not apply at your situation.
  With your situation my answer above applies.
  Note A internal DHCP server pool will only serve the wireless clients of that controller, not clients of other controllers. Also, internal DHCP server can only serve wireless clients and not wired clients.
  Reference: http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70wlan.html
  HTH
  Amjad

• Configure Logical Address for Web Applications-Hyperion 11.1.2

  Hello,
  I have f5 load balancer infront of two foundation servers and I have not yet configured the Logical address for web applications with Loadbalancer DNS name/hostnmae. I can access all of web applications through Load Balanced URL. Do I Still need to configure Logical Web Address for web applications ?
  Thank you so much !

  To add to this part of the reason for load balancing is usually to support high availability (in addition to scalability). Without that logic address being setup you will find certain configuration items are pointed to one server or another and if that one server is brought down it impacts key functionality of the whole environment.
  You should consider a test of the infrastructure by purposely bringing down services and/or servers to ensure you still have a fully working environment with the other redundant components. This test may take half a day to several days to really go through a full regression test of key features while taking key pieces down.
  Regards,
  John A. Booth
  http://www.metavero.com

• How to configure IP address for FTA (Nova's nFusion) PVR IP recording...

  Greetings Peers,
  I just got my Time Capsule (TC) yesterday and absolutely have very limited experience with Airport Utility or networking - that said I somehow figured out how to setup a new secured wireless network and it is up & running!
  I'm testing this absolute great Free-to-Air (FTA) satellite receiver called *Nova nFusion* where there is a functionality option to record your personal video (PVR) on a IP address.
  Here's my dilemma, I have tried punching in IP address from what AirPort Utility (AU) displays for Time Capsule (TC) several times but receiver *would fail* to record anything!
  I have tried to tweak general settings like enabling sharing in the manual setup for TC under AU but like I said I'm not an expert and it didn't work.
  Wondering:
  1) If anyone has success setting up similar PVR over IP?
  2) Is this even feasible? Honestly, I don't see why not? Cause I'm also planning to have move my iTunes library folder on TC so I could access it from my Mac Mini, iBook, AppleTV, etc. etc.
  I have high hopes specially since I care less and actually do not want to utilize Time Machine feature at all! I'm sure you geniuses have already figured this out. Please HELP!!!
  Any feedback would be greatly appreciated-
  Cheers!

  Tapori wrote:
  I've been trying the IP address which shows up on the welcome screen of AirPort Utility but that could be very much TC's Router Address cause it's showing up in AirPort Utility?
  How can I acquire IP address for TC's language 1TB Hard Drive? It can't be this difficult!
  well, as i'm digging deeper, finding the ip address isn't the issue, it's getting your software to record to it, maybe a permissions issue?
  is this open source? can i check it out and see if i can help you this way? if i can get my hands on it i'm pretty sure i'd be more help. if the software just needs an ip address, you got it... so there's another issue. it's in your internal network right? so internal ip's should be fine, no need to port forward...
  just brainstorming out loud.
  Good suggestion but how do you assign a static IP to a Mac Mini which is on the same network (both wiredly and wirelessly connected to TC)?
  open network prefs, select your ethernet connection, configure: using dhcp with manual address, enter ip address (even if it's the same as your DHCP address, this simply assigns it permantly), click apply.
  if you wanted to do this over the wireless network you'd choose the airport from the left, advanced, tcp/ip tab, configure IPv4: using dhcp with manual address, enter ip address (even if it's the same as your DHCP address, this simply assigns it permantly), configure IPv6: automatically, click apply.
  the ethernet connection would have a different IP than your wireless connection to give you the option to switch back and forth while maintaining assigned connectivity elsewhere in your network (ie. pvr ip recording).
  i'm just curious what permissions the pvr ip recorder would have, and where exactly it would record to... (as in which folder... as what user?)
  Message was edited by: BKRonline

• Configuring Listen Address for a machine / node manager

  Hi,
  If I give the localhost as value for the Listen Address for the machine (and this the Node Manager), I can start/stop any managed server belonging to the domain
  and related machine.
  When I change this address to the value of the IP address I get from "ping hostname" (that is to be found in /etc/hosts), or the corresponding host name found in /etc/hosts,
  I get the following Warning from the Console:
  - For server <managed server>, the Node Manager associated with machine MyMachine02 is not reachable.
  - All of the servers selected are currently in a state which is incompatible with this operation or are not associated with a running Node Manager or you are not authorized to perform the action requested. No action will be performed.
  Can someone explain me how can a machine and the node manager be configured with another value than localhost for the Listen Address?
  Is there maybe a configuration that must be done at physical server level?
  Having this functionality will be a necessity for a cluster.
  Thanks by advance for sharing your experience.

  Actually the cert is coming from your Dev machine but it is sending the Prod cert.
  What cert is used by your admin server ? It should match the host name.
  So your Dev machine is apparently using a copy of the prod cert / keystore rather than using its own DEV cert. It's not clear from your post whether this is the nodemanager using the wrong cert, or the managed server. So both should be checked.
  The managed servers need to be using a cert that matches their host name. If you have a managed server on VM-BEA-DEV, then the cert needs to be CN=VM-BEA-DEV. You can also use a load-balancer CN name in the cert if you have the cluster's HTTP values set to match.
  In your nodemanager.properties, are you explicitly accessing keystores, such as with:
  KeyStores=CustomIdentityAndJavaStandardTrust
  CustomIdentityAlias=some_alias
  CustomIdentityKeyStoreFileName=some_path_to_keystore
  CustomIdentityKeyStorePassPhrase={3DES}...
  CustomIdentityKeyStoreType=jks
  CustomIdentityPrivateKeyPassPhrase={3DES}
  In my multi-machine clusters, I have multiple certificates such as:
  admin machine1:
  has a cert for use by the admin server and NM that matches the host name ( with node manager.properties entries such as the above )
  has a 2nd cert that matches the load-balancer name for the cluster - used by the managed servers
  all other machines:
  has a cert for use by NM that matches the host name ( with node manager.properties entries such as the above )
  has a 2nd cert that matches the load-balancer name for the cluster - used by the managed servers

• Configure PDC domain for windows Client

  Hello,
  Forgive my approximate English.
  I need help to install a server Mac with a domain Activate directory ( PDC) so clients Windows connect to it.
  I installed th server Mac Os to create a master Open Directory.
  Mac OS Server has to configure the DNS with host's name.
  The customers Windows 8.1 see the server on the network.
  They indeed answer Ping.
  NSlookup does not return error.
  But when I attempt to configure the domain on the client Windows, it does not find the server. (An error DNS returned?)
  Thank you for your help.

  foossile wrote:
  Thx for your response.
  t is possible then for the Mac Server to supply the following services for clients Windows:
  - File sharing with rights.
  - Management of group user.
  - Possibility of imposing a police of security of password.
  Thank you, it will be everything.
  Yes a Mac server can provide file sharing to Windows users, yes it can set permissions for those files and folders being shared
  No it cannot do the equivalent of Group Policies as used to manage Windows systems
  Yes it can define rules for passwords such as length, how long before it must be changed, how often it can be reused, etc.

• Reserved ip address for vpn client ?

  I need to find a way to have the 10.8 server vpn service   give the same ip address when a vpn client connects, is this possible?
  By default, every time a client connects, then disconnects and connects again they will get the next incremental ip address in the ip address pool set in the vpn server configuration

  If you eliminate the pool and use just one IP address, technically that should work however, only one client at a time can connect to the VPN server. Would that work for you?

• WDS CONFIGURATION IN 2008R2 FOR XP CLIENT

  I CANNOT FIND install image and boot image IN WINDOWS XP CD, MAY I KNOW HOW TO CREATE THIS TO DEPLOYE WINDOW XP IN WDS SERVER.
  Many Thanks & Best Regards, K.SURESH

  Can you please briefly explain how to create capture image, i am not able to follow the above URL
  There is a step-by-step reference here:
  http://technet.microsoft.com/en-us/library/cc766320(WS.10).aspx
  Your "capture" image is only used to perform "capture" an image of the reference machine - when you "capture" an image of the reference machine, this "capture" process produces the "install" image.
  The "capture" OS is not required to be the same OS, e.g. you "capture" WinXP" but use Win7 to perform the "capture'.
  (WinVista and later OS versions are natively able to create and extract WIM, so they are simpler to use for that task.)
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• Same client's address for DDR and Dedicated Line

  I need a help with client's access and routing.
  On my side there is a 3845 router with Async module.
  Clients are of 2 types: dial-up clients and dedicated line clients. All them are authenticated on Radius (chap).
  Dial-up client has a computer, they dial on Group-Async (ip unnumbered GigabitEthernet0/0) and receive ip address from pool, configured on cisco (not on Radius). Thats' work perfect.
  Now about leased (dedicated) line clients. They access from cisco (mostly 2610).
  On my side they have configured ip on LL interface and static routing to that ip.
  If this LL connection is broken, they have DDR access (call from their cisco to my Group-Async interface, same as for dial-up_only users).
  What I need is to set one (only) ip address to clients with leased line access thus, that it would work for DDR-connection as well as for LL connection.
  What I tried and it was successfull is:
  interface Async1/0
  description DDR
  ip unnumbered GigabitEthernet0/0
  encapsulation ppp
  async mode dedicated
  ppp authentication chap
  interface Async1/5
  description LL
  ip address 192.168.1.134 255.255.255.252
  encapsulation ppp
  async mode dedicated
  no peer default ip address
  In this case I could ping 192.168.1.133 in both LL and DDR connection.
  But if only I configure Async1/0 as a member of Group-Async0, I cannot ping 192.168.1.133 (client's side), interface comes to up though.
  interface Group-Async0
  ip unnumbered GigabitEthernet0/0
  encapsulation ppp
  async mode dedicated
  peer default ip address pool POOL1
  ppp authentication chap
  group-range 1/0 1/1
  ip local pool POOL1 192.168.1.1 192.168.1.11
  Because cisco3845 give to client ip from pool:
  *Apr 23 13:22:09.201: As1/0 IPCP: I CONFREQ [REQsent] id 42 len 10
  *Apr 23 13:22:09.201: As1/0 IPCP: Address 192.168.1.133 (0x0306C0A80185)
  *Apr 23 13:22:09.201: As1/0 IPCP: O CONFNAK [REQsent] id 42 len 10
  *Apr 23 13:22:09.201: As1/0 IPCP: Address 192.168.1.1 (0x0306C0A80101)
  *Apr 23 13:22:09.201: As1/0 IPCP: I CONFNAK [REQsent] id 1 len 10
  *Apr 23 13:22:09.201: As1/0 IPCP: Address 192.168.1.134 (0x0306C0A80186)
  *Apr 23 13:22:09.201: As1/0 IPCP: O CONFREQ [REQsent] id 2 len 4
  *Apr 23 13:22:09.301: As1/0 IPCP: I CONFREQ [REQsent] id 43 len 4
  *Apr 23 13:22:09.301: As1/0 IPCP: O CONFACK [REQsent] id 43 len 4
  *Apr 23 13:22:09.309: As1/0 IPCP: I CONFACK [ACKsent] id 2 len 4
  *Apr 23 13:22:09.309: As1/0 IPCP: State is Open
  *Apr 23 13:22:09.309: As1/0 IPCP: Install route to 192.168.1.1
  *Apr 23 13:22:10.077: %LINEPROTO-5-UPDOWN: Line protocol on Interface Async1/0, changed state to up
  One important thing is that I need to configure ip addressing for client without involving RADIUS (it will only check username and password).
  Or explain me someone that its impossible and stop my sufferings...

  I cannot agree more with your comments! What a way to frustrate your customers!
  I have been having an issue with iCloud on Mac where it kept asking me for my password and sometimes would, sometimes would not continue to access my iCloud mail. Today it just refused to connect to iCloud mail.
  I looked in the Mail, Contacts and Calendars in my MacBook Pro settings and discovered that 2 iCloud accounts were present. One with my original Apple ID (a gmail address) and a second with my new iCloud email ( an @me.com address). Having deleted the second account, using the new @me.com address everything is working fine.
  So from my viewpoint when I moved over to iCloud I was asked to sign in with my Apple ID (the gmail address) then to create an @me.com address. However, as far as I can see all sign ins to the new @me.com account on Macbook, iPhone and iPad need to be done through the old Apple ID (the gmail address). Is that confusing and just plain crazy???
  Further, after creating the new @me.com address I soon found out that this is apparently now forever bound to my old Apple ID and cannot be changed. I mean why can't I delete the iCloud account and start anew with a different @me.com address??? Also, as everybody using iCloud must create an @me.com address why on earth can I not get rid of my old gmail address and have my entire Apple ID accessed through the new @me.com address? Creating a whole new Apple ID will not solve this as we are unable to transfer purchases between accounts.
  Apple products are great IMHO, but they do seem to not think things through in a very big way sometimes......

• ChaRM configuration issue for 2 Clients...

  Dear Friends,
  I have configured ChaRM in Solution Manager 7.0 EhP1 system. It is working fine without any issues. But now I came across a new requirement and finding trouble in configuring the required scenario.
  Currently there is only single client in DEV, QA and PRD system for which ChaRM is configured. Now, I want to configure the ChaRM for 2 clients in each system.
  For example,
  <ZCHARM_1> -- SOL:001 -- > DEV : 100 --> QAS : 200 --> PRD1 : 300
  <ZCHARM_2> -- SOL:001 -- > DEV : 500 --> QAS : 600 --> PRD2 : 700
  (Please note, ZCHARM_X is a project and SOL-001 is a Solution Manager ChaRM client).
  First up all, I would like to understand, is it possible? is it supported by SAP ?
  If yes, how can we configure client specific route for SAP standard transport layer (SAP)? What are the other concerns in using above system landscape in ChaRM?
  Please note, we do not want to use separate hardware for either DEV or QA system.
  Please can someone guide in this case?
  Rajesh Narkhede

  Rajesh,
  I am not aware if you have searched on this issue, but You may want to take a look at this thread.
  Change Request Management for multiple production clients
  This configuration should work fine, because in essence, its a 3 system landscape, so there should not be major issues on the way.
  From the TMS Standpoint you need to define a transport layer for each development client.
  You can create a single project with the logical components or you can create multiple projects with each set of systems. Remember to do the TMS configuration right and you should be set.
  Cheers!
  Edited by: Banerjee Vivek on Mar 29, 2011 1:02 PM

• Maintain 2 or 3 more different delivery address for Client and Vendor

  Hi Experts,
  How to Maintain 2 or 3 different address for one client ...without partner function and without contact..
  Regards,
  Anthyodaya.

  still pending..

• How to setup IP address for DC&ADC

  Hello ,
  I have DC server and ADC server I need to configure IP address for both server
  correctly ,kindly tell me  how do that.
  because I have problem : on DC server computer container is empty all computer in my network
  appear in ADC however if you search for any computer in DC I can find it
  Note: If you have created any user in the server immediately user appear on the other server
  thanks

  I see, you are worried about what would happen with your Exchange server if one of your DCs go down.
  That's not an easy question to answer. It's a very complex question because there are multiple components at play.
  First, let's discuss the client side resolver. Each operating system has one no matter if it's a DC, server, workstation, Apple, Unix, Linux, Android, etc. The way they work is based on the industry standard RFCs that explain how they work.
  The client side resolver will only look at the second DNS entry if the first entry returns a NULL response (no response) after a time out period. However, if the client side resolver already has the record cached (you can see the cache by running ipconfig
  /displaydns) for the TTL of the record, and the DC goes down, well the client side resolver will not query again because it sees it already has it in cache.
  Exchange will automatically look for another LDAP, Config and GC if the one it's using goes down. However, Outlook isn't so forgiving. It locks on to a GC and a DSProxy for the Exchange server. If the GC goes down, you have to restart Outlook. That's going
  to be difficult if you have lots of users.
  And if Exchange is on a DC, that doesn't work that way because it *locks* on to the DC/GC it's installed on. I hope your Exchange server is not on a DC.
  Here's more specifics on how the whole process works - and note that this applies to all operating systems, Windows, Linux, Unix, BEOS..... because they all follow the RFCs defining how client side resolvers work.
  This blog discusses:
  WINS NetBIOS, Browser Service, Disabling NetBIOS, & Direct Hosted SMB (DirectSMB). Troubleshooting the browser service.
  Client side resolution process chart.
  The DNS Client Side Resolver algorithm.
  If one DC or DNS goes down, does a client logon to another DC or use the other DNS server in the NIC?
  DNS Forwarders Algorithm and multiple DNS addresses (if you've configured more than one forwarders or more than one IP in the NIC's DNS list)
  Client side resolution process chart
  Published by Ace Fekay, MCT, MVP DS on Nov 29, 2009 at 10:28 PM  1764  1
  http://msmvps.com/blogs/acefekay/archive/2009/11/29/dns-wins-netbios-amp-the-client-side-resolver-browser-service-disabling-netbios-direct-hosted-smb-directsmb-if-one-dc-is-down-does-a-client-logon-to-another-dc-and-dns-forwarders-algorithm.aspx
  DNS Clients and Timeouts (Part 1 & Part 2), karammasri [MSFT] Dec 2011 6:18 AM
  http://blogs.technet.com/b/stdqry/archive/2011/12/02/dns-clients-and-timeouts-part-1.aspx
  http://blogs.technet.com/b/stdqry/archive/2011/12/15/dns-clients-and-timeouts-part-2.aspx
  DOMAIN NAMES - CONCEPTS AND FACILITIES - Dicusses local resolvers.
  http://tools.ietf.org/html/rfc882
  Ace Fekay
  MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
  This posting is provided AS-IS with no warranties or guarantees and confers no rights.

• Recording internal IP addresses using Microsoft Client

  Hello
  Some of my users are using the Microsoft built in Client in Windows to intiate VPN connections into a 3015 Concentrator.
  However, using this Client I do not seem to be able to get the 3015 to log the internal IP address the 3015 has issued from the configured pool. I need this in order to fulfil audit trail requirements but only log the username and their external (ISP) address.
  I notice that with the Cisco Client both the internal and the external IP address is recorded fine, providing an audit trail.
  The environment I work in does not allow me to specify a client type to use as this would be restricting users!
  Can anybody help me find a way to record the assigned internal IP addresses for users using non-Cisco Clients? The data I need is available in real-time from the Concentrator, but I cannot find a way to send it to a syslog server.
  thanks
  Bryn

  Try a ping broadcast - for example if your network were 192.168.1.xxx (netmask of 255.255.255.0) try this from a Termnal.app window (located in /Applications/Utilities):
       ping 192.168.1.255
  If you have a different type netmask, you need to put 255's where the 0's are in your netmask.
  Everyone on the local network (the 192.168.1.xxx network) should reply that is up and running unless you have them setup to not respond to pings (the WAN port on your TC should not reply cause it's in a different network) and you have your list of clients on the network. If you setup the TC to dedicate a range of addresses for WiFi clients you can even identify which of them are wired and which are wireless.
  good luck.