All things SMS, System Center Configuration Manager, Active Directory, Group Policy, Virtualization, Security, Gadgets, Technology, and the Daily Thoughts of an SMS Engineer named Anthony Clendenen.

The Daily Ramblings of an SMS Engineer

Preventing The SMS Client From Installing

April 05, 2007

Yesterday Kevin C. asked a question on the SMS email list that I get several times a year.

"I have a group of servers that a vendor has banned the SMS client from being installed on.  We are auto-pushing the client to all servers that are discovered.  I do not have the ability to change the OU the servers are in to prevent AD discovery. "

There were several responses and if you have thought about doing this or think you might want to do this here is a summary of the options available to accomplish this task.

From Sherry Kissinger:

"Officially:  http://support.microsoft.com/kb/207729

Unofficially, I've heard of putting a file, readonly/system called ccmsetup  in %windir%\system32.  Since the SMS Client install cannot then create the folder "ccmsetup", the installation cannot occur.  You'll probably get lots of errors at the console about this unofficial method, but I believe it works (never tried it myself--everyone gets the client)"

From Roland Janus:

"create a reg_multi_SZ value here (if not there):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Components\SMS_DISCOVERY_DATA_MANAGER\

and add all the systems you don't want to have sms on.

the server will by itself exclude those when discovered.

We have a tool to manage those exceptions and a service on all servers which inserts all those automatically in there.

Those entries are all entered into that key on all servers by that."

Also from Sherry, and the best response:

"Start "marketing" SMS--particularly the web reports.  If you can get the right group of people to see the reports of knowing something like "how many servers have the IIS services started", etc.; the resistance will fade."

The registry key is the best way to go.  I would go along with Sherry's logic that the client should be on each and every system.  You can use other methods to keep servers from being impacted and I not sure what Kevin means when he says a vendor has banned them from installing the client.  My guess would be something like a FedEx computer that is used for shipping or something along those lines.  If the system is in their infrastructure then their company policies should apply, not the vendors, after all it will be there network and computer that would be impacted if those machines got hit with the I Love You virus.

Regards,

Anthony

Anthony Clendenen | Senior Technical Consultant | Microsoft Practices | Dimension Data

Dimension Data is Microsoft’s 2006 Global Advanced Infrastructure Technology Innovation

Partner of the Year… for the Dynamic Desktop Deployment Solution


Support your community. Donate to myITforum

Tags:

Filed under: , , ,

Comments

Recent Posts

News


Send me an email

View Anthony Clendenen's profile on LinkedIn


I Recommend These Books !

Ron Crumbaker's Book
SMS 2003 Administrator's Reference: Systems Management Server 2003

Andy Dominey's MOM Book
MOM 2005 Field Guide

Greg Ramsey and Warren Byle's Book
SMS 2003 Recipes: A Problem-Solution Approach

Rod Trent's Book
Microsoft SMS Installer (Book/CD-ROM package)

Pro SMS 2003

Professional MOM 2005, SMS 2003, and WSUS

Start to Finish Guide to Distributing Software With Systems Management Server 2003

Microsoft Systems Management Server 2003 Administrator's Companion

Support your community. Donate to myITforum

Add to Technorati Favorites MSN Alerts

Subscribe in NewsGator Online
Google Reader or Homepage
Add to My Yahoo!
Subscribe with Bloglines

Add to My AOL
Add to Technorati Favorites!

Add to Plusmo
Add to flurry
Subscribe in Bloglines
Subscribe in FeedLounge
 Subscribe in a reader
Uniquie Visitors
web statistics
All information is provided "as-is" no warranty is expressed or implied. The information, comments, images, and opinions expressed here are not those of my current or former employers and neither I nor they can be held liable for any content here. Some rights reserved.


Locations of visitors to this page

SMS

Scripting

Other

System Center Configuration Manager 2007

Great Blogs

Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Valid CSS & XHTML
Skin adapted from Arcsin by Kyle Beyer