DCM to check Bits and WEBDAV on a SCCM DP
Recently the agency I work for had a SCCM health check run on our main consolidated site.
Note: I Highly recommend having one of these done even if you think everything is running perfect. As I learned even though it was running great there are always things that can be tweaked to make things run even better.
Anyway the one thing that I was shocked to be gigged on was that several of my Protected DP’s were missing BITS and WEBDAV. Now this really peeved me because I built all those sites myself and I knew for a fact that it was setup correctly. Which means that someone went behind me and removed BITS and WEBDAV and in some cases disabled them. My best guess is that some server admin thought he was following “best security practices” and turned them off to make the server more secure, not realizing that they just broke part of SCCM.
So after calming down about getting gigged on something that I never should have I setout on a quest to create a DP health DCM to ensure that this doesn’t happen again.
I’ve imported the updated SCCM DCM checks (already had the original checks imported) and i created 4 checks that will check for BITS and WEBDAV.
Then setup a baseline that contains the following:
The baseline and configuration items are attached. All you have to do is import the cab.
Note: The BITS and WEBDAV scripts check to see if they are installed. I also have a second script to ensure that they are enabled.
Please let me know if you find any issues. I’ve fully tested this in production on the following setup:
Server 2003 SP2
SCCM 2007 SP1 R2
It has NOT been tested on Server 2008.
Note: If you ever need to setup a DCM using a script simply follow Steve Thompson’s directions for creating a DCM with a script to get them setup.
If anybody else has anything else that they think needs to be checked on PDP’s please feel free to share.