SCCM-004 General Settings

7 months ago
Ruian Ding
2 minutes

Configure Discovery Methods

Discovery methods – Configuration Manager | Microsoft Learn

Discovers computers in your organization from specified locations in Active Directory. In order to push the SCCM client to the computers, the resources must be discovered first. You can specify to discover only computers that have logged on to the domain in a given period of time. This option is useful to exclude obsolete computer accounts from Active Directory. You also have the option to fetch custom Active Directory Attributes.

Click on the Sun☀ icon and select the Active Directory container that you want to include in the discovery process

Install Client

Although the task was successfully created, I was unable to observe the installation of the SCCM client on the targeted client machine. Upon further investigation into the CCM.log file, I encountered the following errors:

It appears that the SCCM machine account is attempting to authenticate against the target machine but is failing due to permission issues. To address this, I granted the SCCM machine account full control over the domain container and set advanced permissions to apply to all descendant objects. This step is likely necessary to fulfill prerequisite checks.

Granting the machine account full control over my domain container did not completely resolve the issue. When I initiated another client installation request, I still encountered an error related to ‘NetUseAdd’:

Upon research, it appears that this error is linked to account permissions. The Client Push Installation account needs to be a member of the built-in local administrators group on the computers.

Client Installation Settings

Subsequently, I discovered that I hadn’t configured the client installation settings, meaning that my Client Push Installation account was not customized. Therefore, I attempted to reconfigure the client installation to observe the outcome:

I also attempted to ping my client machines and found that the domain firewall was active, which contributed to the issue when accessing the administrative share named admin$.

After resolving the connection issue between SCCM and the client, I confirmed that the CCMSETUP was successfully deployed to the client machine, as evident from the following path.

After waiting for some time, I found that all the powered-on machines have successfully installed the client:

From the Entra ID, I can now see that the status of MDM has changed to Microsoft Configuration Manger