SCCM – Install Distribution Point on Workgroup Member Server

email me

These steps detail how to add a DP role to a workgroup, a non-domain, non-trusted computer.

NOTE: Microsoft said this could not be done.


From Microsoft…

 

From MVP…

 

Microsoft Training Session…

I was even in a SCCM training session with Microsoft and they said, no, a distribution point would not operate in a workgroup. If that was true, then explain this workgroup computer (server) set up with the DP role, receiving packages, and having the ability to service local workstations at the site. And, just note, I moved this out of the lab and have implemented it in production; it works fine.

1 – The machine named workgroup…in the workgroup of workgroup.

2 – Showing the content was successfully distributed to workgroup.

3 – The device’s IP address with time stamp.


moving on…

 

The Steps


On Workgroup Computer

Create and Add local sccm service account to local admin group (my example): SCCMAdmin

 

Update Local Resolution Files

At c:\windows\system32\drivers\etc

hosts
10.1.0.99 YourSCCMServer.DOMAIN.com
10.1.0.99 YourSCCMServer

lmhosts (required to set up the SLP)
10.1.0.99 YourSCCMServer #PRE
10.1.0.99 “SMS_SLP \0x1A” #PRE
10.1.0.99 “MP_001 \0x1A” #PRE

 

Install CM Client

Copy CM setup files to c:\Windows\ccmsetup

C:\Windows\ccmsetup\ccmsetup.exe /SOURCE:C:\Windows\CCMSetup SMSSITECODE=001 /MP:YourSCCMServer.DOMAIN.COM

For testing, make sure firewall is off. You will eventually want to open ports 135 and 445.


On the SCCM Server

At c:\windows\system32\drivers\etc

update hosts file
workgroup_computer_IP       computer_name

 

On the Workgroup Computer

Wait until the CM client has installed successfully.

Verify this reg key exists and populated with your SCCM server:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CCM
string SMSSLP   value YourSCCMServer.DOMAIN.com

For features, verify or install IIS, BITS, BranchCache, WDS, RDC
—just use defaults to continue and install

Reboot if required.

 

On the SCCM Server

Create and Add local sccm service account to local admin group (my example): SCCMAdmin

Open SCCM Console, navigate to Administration > Site Configuration > Servers and Site System Roles

Create Site System Server

Enter IP Address for FQDN

Select site code from the drop down

Use %computername%\SCCMAdmin for account (literally type in %computername%—with %)

Add Distribution Point

Select Install and configure IIS if required by configuration manager

Select Enable and configure BranchCache for this DP

Enter Description: Server name

Select Allow clients to connect anonymously

Do not enable pull content (not supported with untrusted/workgroups)

Add respective local boundary group per site

While logged in as SCCMAdmin on SCCM server, navigate to \\IP_Address\ADMIN$, if prompted, enter and save credentials.

SCCM will set up the DP. It will take time; several hours, depending upon the connection. MS uses pauses, waits, and drizzle time, meaning…it isn’t fast. Note, BITS can be modified on the Client Settings in SCCM, but you really need to know what you’re doing.

Monitor distmgr.log and PkgXferMgr.log…wait for the successes to roll in.

After success messages stop appearing (this usually means the content has been synced), verify the SCCM content library is populated on the Workgroup computer.

Then, test a package deploy and/or portal package pull. View deployments under monitoring.

Bask in the glory of doing the impossible…