Jump to content


Sign in to follow this  
drewz99

Internet Based Client Management MP in DMZ

Recommended Posts

Hello All,

I am wondering if anybody has a step-by-step for implementing the IBCM for CM? I've read a lot of different articles, but none of them seemed to have all the pieces? Basic idea is to obtain the ability to manage portable devices (laptops) while those devices are off of the domain. EX. teacher laptops that need to be managed via CM while on summer break. There is NO AD in the DMZ. I can open needed ports on the firewall for communication between Primary site server/MP and MP in DMZ.

 

We've got CM1511 fully functional within the domain. Client checks, dns, OSD, WSUS, etc all work great while on the domain. I am looking to put a MP in the DMZ to manage these portable devices, but I am lacking the knowledge to fully implement this solution.

 

Any pointers to a complete guide would be VERY much appreciated.

Share this post


Link to post
Share on other sites


I implemented IBCM a couple years ago. In a highly managed environment it was a lot of work to setup. The best solution today would be to implement Direct Access instead. This way the laptops will not only communicate to SCCM, process GPO's, and remove the need for VPN clients.

 

There is a lot of good information and walkthroughs out there for Direct Access.

Share this post


Link to post
Share on other sites

I think this will go one of two ways:

Add the MP to AD, configure as needed. MOve the machine to the dmz and open only the ports needed for the dmz MP to communicate with the internal site

 

or

 

Purchase a third party ucc ssl cert and install on each MP/DP for authentication

 

Any other thoughts regarding this issue? Anybody actually got this feature to work as advertised?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...