Posted by Eswar Koneti on September 22nd, 2012
I was going through TechNet,thought of making it a side note on this Topic.
When you extend the Active Directory schema for SCCM 2012 and the site is published to Active Directory Domain Services and many client installation properties are published to Active Directory Domain Services.
If a computer can locate these client installation properties, it can use them during Configuration Manager client deployment. There are many Client deployment methods of which only few methods searches AD Domain services for client installation properties*.
Below are the client installation properties that are published by SCCM to Active Directory Domain Services when you extend Schema.
- The Configuration Manager site code.
- The site server signing certificate.
- The trusted root key.
- The client communication ports for HTTP and HTTPS.
- The fallback status point. If the site has multiple fallback status points, only the first one that was installed will be published to Active Directory Domain Services.
- A setting to indicate that the client must communicate by using HTTPS only.
- Settings related to PKI certificates:
- Whether to use a client PKI certificate.
- The selection criteria for certificate selection, if this is required because the client has more than one valid PKI certificate that can be used for Configuration Manager.
- A setting to determine which certificate to use if the client has multiple valid certificates after the certificate selection process.
- The certificate issuers list that contains a list of trusted root CA certificates.
Client.msi installation properties that are specified in the Client tab of the Client Push Installation Properties dialog box.
More info Refer http://technet.microsoft.com/en-us/library/gg682121.aspx