Admin Service question – ConfigMan 2010
Question
Hi!!
I need to configure Admin Service in Configuration Manager 2010.
I understand that starting in 2010 release, we don’t need to enable IIS on the SMS Provider for the administration service, but I am trying to find whether do I still need to enable either E-HTTP or PKI? Or I don’t need to worry about Certificate at all, since I am running 2010?
Answers ( 4 )
Thanks for your response, Anoop.
But I am confused with what is mentioned in the first Note section on this link –
https://docs.microsoft.com/en-us/mem/configmgr/develop/adminservice/set-up
Enable Enhanced HTTP
Note
The configuration in this section applies to version 1910 and earlier.
Starting in version 2002, the administration service automatically uses the site’s self-signed certificate. The Enhanced HTTP site setting to Use Configuration Manager-generated certificates for HTTP site systems only controls whether site systems use it or not. Now the administration service ignores this site setting, as it always uses the site’s certificate even if no other site system is using Enhanced HTTP.
that make sense then … I think it’s worth testing this feature without ehttp … hopefully you will get the details
Alright, will try!
Thanks for your inputs, Anoop.
You still need EHTTP if not PKI in place as per Microsoft docs
1. In version 2006 and earlier, enable the Windows server role Web Server (IIS). Starting in version 2010, this role is no longer required.
2.Install the .NET Framework version 4.5 or later.
3. Enable secure HTTPS communication with a trusted certificate. For more information, see Enable secure HTTPS communication.
https://docs.microsoft.com/en-us/mem/configmgr/develop/adminservice/overview#prerequisites