Additional Distribution Points can be deployed on remote sites. They can provide content locally to clients and reduce the need for excessive traffic to be transferred over the WAN links.
A good "rule of thumb" is to install a DP in locations of 20 users or more.
Supported Operating Systems
The matrix of supported operating systems can be found on the TechNet Library here
You can use a client (Windows Vista & later) or a server (Windows 2003 SP2 or later) OS - however the client OS will not support PXE or mulitcast.
There are also some other caveats that you should be aware of.
Pre-requisites
Add Primary Site Server computer account to be local administrator on the remote server.
Disable the Windows Firewall on the remote server (or configure the firewall - see here for ConfigMgr and firewall ports reference).
Add NO_SMS_ON_DRIVE.SMS file to all drives that you do not want ConfigMgr to use as a DP.
Add the required Windows Features - specifically IIS and Remote Differential Compression. Note that BITS is not required on the DP (BITS is installed on the ConfigMgr clients).
Add the DP
Navigate to Administration > Site Configuration.
Right click "Servers and Site System Roles" and choose "Create Site System Server"
Verify the server name and select the site code. Click Next.
No proxy required in my case.
Select "Distribution Point".
We have already installed IIS on the remote server - however it doesn't hurt to select the IIS box. We want HTTP.
Accept the defaults. Remember we have already configured NO_SMS_ON_DIVE.SMS
This will not be a Pull DP.
You can enable PXE now or later (this will install Windows Deployment Services). I like to do this later so that I can see WDS installing and I'm able to control the reboot).
Multicast not required.
Boundary Groups can be added now or later.
Click Next to deploy the DP.
Click Close to finish.
Monitor progress using the distmgr.log file.
See DP Content Library created.
DP successfully added
Gerry, so all the DP config is done on the primary SCCM server?
ReplyDeleteSorry for the late response Marques. I've been on vacation. Mostly. The pre-requisites have to be carried out on the remote DP.
DeleteHi Gerry, can I create the SCCM DP's on the same remote servers that have my current SMS DP's? Do I need to remove the SMS DP's first? I am going to retire SMS, but need to get SCCM up and running first.
ReplyDeleteThanks!
No, you won't be able to share SMS and SCCM 2012 DPs Matt.
DeleteHi Gerry,
ReplyDeletethanks for this great blog post. I have a question depending remote Distribution Points. Is it necessary to use encryption between the main site and a remote Distribution Point? Especially when both sites are secured over VPN?
What would you suggest?
Thanks in advance!
Sorry for the late response Patrick. No. Although some organization configure their DPs to communicate via HTTPS only, it's not necessary. It is necessary, however, when implementing Internet Based Client Management (IBCM).
DeleteHi Gerry,
ReplyDeleteInteresting information.
What about the network infrastructure in order to deploy a remote DP, IPs or boundary adjustment?
Assuming we have Primary site in CITY_1 and want to have a RDP at CITY_2.
Thanks a bunch in advance.
I'm not quite sure what you are asking. You need to create a boundary group for the remote site and add the new DP and the remote site boundaries to this BG. Boundaries can be IP ranges, IP Subnets or Active Directory sites.
DeleteHi Gerry,
ReplyDeleteI asked in terms of site-to-site link.
How to make connectivity between remote site (DP) and primary site?
You have to create a site-to-site VPN.
DeleteExactly, this is what I meant.
ReplyDeleteBut question is I cant found step-by-step guide or example scenario to do so.
All I have is a live /static IP.
You should talk to your networking guys for this. The method for setting up a Site-to-Site VPN depends on the network equipment you have. Your firewall/routers on each site must be able to support his feature.
DeleteThanks Gerry,
ReplyDeleteI am trying to build my lab (learning by doing).
And its pretty strange there is no relevant information on web to consult with.
Your blogs gives much clear and to the point information that's why were asking you.
As I said I have one static line and nothing more, I can buy equipment if I have an example scenario or guide in hand.
Seems like not everyone has configured RDP if so one should be able to find on web.
Thanks Gerry so far!
Thanks Gerry Hampson
ReplyDeleteHi Gerry,
ReplyDeleteReally admire your posts and guides, follow them all the time.
It helps a lot :)
Have a situation here.
Our Company is a small organization ( 600 clients Max )
SCCM single site is implemented.
We have some remote sites across South East Asia and New Zealand
( They have minimum 10 Mbps link upto 40 Mbps )
Company don't want to setup any Distribution Point on the those remote sites.
So all the remote sites will be contacting the Primary Site DP for content.
Do you recommend any WAN optimization solution or Caching COntent on local NAS ( If possible )
Really Appreciate your help, Mate
Cheers!!
Generally Configuration Manager and WAN Optimisation solutions do not play well together so I don't recommend using them. I normally recommend installing a DP in locations with 20 or more users but it really depends on what you will be doing (are you doing remote OSD for example?).
DeleteThank very much for your reply :)
ReplyDeleteEach site have less than 20 users and 40 Mbps link minimum ( Got an update on this today)
Company requires to do OSD, App Deployment, Patching on the clients at remote sites from the HeadOffice.
Much appreciate your help !
It's quite common to start without a DP in remote locations and to monitor bandwidth usage and performance when carrying out operating system deployments. You can add one afterwards if you really need to.
DeletePerfect :)
ReplyDeleteThank you very much , Mate.
Have a great Weekend n Keep rocking !!!!!
Gerry great Guide and Site. Is there a "Best Practices to removing/Retiring a DP?
ReplyDeleteThanks in advance.
There isn't. Just right click the DP and remove the role. Monitor the distmgr.log file for progress.
DeleteHI ALL,
ReplyDeleteAfter installed DP am not able to install patch. In client machine software center patch is there but not installing its showing Failed. Please help me .
We have 2 office Bangalore and Mysore ( In mysore i installed DP)
Hi Gerry,
ReplyDeleteIf i install additional DP,how to i configure it to deploy only to certain collections or certain computers. Not a lot of information about this online. Thanks in advance
Create a boundary group. Add the DP and the subnets it is allowed to serve.
DeleteHi Gerry:
ReplyDeleteUntil SCCM 1511 I was able to install DP in Windows 2008 R2 Server with no problem. Recently one of my DP had a hardware problem and I had to reinstall everything. During the installation of the DP now I am receiving this error:
Failed to install ISAPI on SERVER01, failed to copy D:\Microsoft Configuration Manager\bin\x64\..\x64\smsfileisapi.dll to \\SERVER01\ADMIN$\system32\inetsrv\smsfileisapi.dll, Win32 error = 5
All the prerequisites are installed. I can access the share folder in the DP from the site manager, the Site Manager's computer is part of the administrators group in the DP. What could be missing?
In order to test I was able to install the DP in a windows 10 client with no problem at all, but in windows 2008 R2 the problem is present.
Do you have any idea?
Error 5 = Access denied
DeleteHi Gerry thanks for the great articles. I have installed some site system servers and added the distribution point role to these. During the initial create site system server wizard i left the "Allow fallback source location for content" check box ticked. I want to now change this setting, is this possible?
ReplyDeleteThanks in advance
Sure, it's optional.
DeleteSorry for the confusion but i set this during the initial setup wizard. How do I reverse this setting once the site system server and dp has been added?
DeleteThanks again
Hi Gerry , thanks for this great article..,
ReplyDeleteI have site with multiple remote DPs , DO I have to install WDS on all DPs if I have enable OSD on my site ?
Rgds
taj
You shouldn't need to install WDS at all. When you enable PXE on a DP it should be installed automatically. But yes, if you want to image computers over the network on a site you need to have WDS on the DP.
DeleteHi Gerry,
ReplyDeleteWe have 3 office location in different cities, all connected by MPLS link. (Bangalore, Chennai & Mumbai)
One site has the SCCM primary site (Bangalore) installed and configure. On our AD we have subnet configured for each site.
My question here is, do I need to install SCCM on the other site to manage the clients. Or can i have the DP configured for each site to push the windows updates?
Please let me know how to proceed.
Thanks & Regards,
Don Bosco