SCCM Software deployment + Windows defender firewall issue

Question

Hello Experts,

I am facing client communication issue also application deployment is getting failed / client keeps continue is unknown state with  Windows 10 system where Windows Defender firewall is enabled. (as a workaround i need to disabled the Windows Defender firewall to complete the deployments)

 

Would appreciate if could share the basic requirement and setting to deploy software’s on the client systems using SCCM.

Do i need to disabled windows defender firewall ?

Do i need default admin$ access of client system from SCCM server to deploy Office application packages ?

Do i need default admin$ access of client system from SCCM server to install software update ?

solved 0
krisyada1989 1 month 5 Answers 53 views Beginner 0

Answers ( 5 )

  1. No response hence closing the ticket.

  2. All the firewall rules required for client server communications are noted down here

    Does that help ?

    https://www.anoopcnair.com/sccm-firewall-ports-download-the-spreadsheet/

  3. This is really strange. Did you enable Endpoint Protection from ConfigMgr? Have you configured the client settings for it? Deployment applications with Endpoint Protection is not an issue and does not need to be disabled. It sounds like your configuration or networking protocols need to be reviewed.

    Best answer
    • Thank you for the responses.

      There is client setting for Endpoint manager as we don’t use it.

      Could you please help with the basic requirement ( Firewall ports and system services and accessibility , admin$ etc ) to deploy software’s on the client systems using SCCM.

      • Correcting the statement..

        Thank you for the responses.

        There is no client setting for Endpoint manager as we don’t use it.

        Could you please help with the basic requirement ( Firewall ports and system services and accessibility , admin$ etc ) to deploy software’s on the client systems using SCCM.

        I am not sure if software and patch deployment will work for the client systems where system default admin$ share is disabled considering security risk

Leave an answer

Sorry, you do not have a permission to answer to this question .