Deploying SMS Clients

You can deploy the SMS client by using methods that are built into SMS 2003, or you can use other means to distribute the core SMS client components. For example, some organizations might use a software distribution method. Others might install the SMS client on a master computer image that is applied to computers when they are prepared for use in the production environment. The technique you use depends on a number of factors that are specific to your environment.

SMS client installation techniques include:

  • Installing the SMS client by using a push installation method in the SMS Administrator console.

  • Initiating a program file at the client with one of the following:

    • Logon script

    • Manually running program file

    • Windows Group Policy

    • SMS software distribution or other software distribution mechanism

  • Installing the Advanced Client on a computer master image.

For more information about the SMS 2003 client installation methods, see Chapter 4, "Understanding SMS Clients."

Do not enable any features in your SMS site, such as discovery method, installation method, inventory, or software metering, until you have a thorough client deployment plan in place.

On This Page

Overview
Installing the SMS Client on International Clients
Installing Legacy Clients on Computers Running Terminal Services
Installing Legacy Clients on Domain Controllers in Active Directory Domains

Overview

For each site in the SMS hierarchy, determine and document which technique you plan to use to deploy SMS client software components to client computers.

See Table 10.6 for the available methods for deploying the Advanced Client software by using the SMS Administrator console or by initiating a program file at the client computer. For more information about other techniques for deploying the Advanced Client software, including using Windows Group Policy, see the "Software distribution of the Advanced Client" section later in this chapter. If your IT department plans to install the Advanced Client on a computer master image, see the "Installing the Advanced Client on a computer master image" section later in this chapter.

See Table 10.7 for the available methods for deploying the Legacy Client software by using the SMS Administrator console or by initiating a program file at the client computer.

Note:

  • SMS does not support installing the Legacy Client over a slow network link. Such computers should be installed on a network that is well connected to a CAP.

Table 10.6 Planning for SMS 2003 Advanced Client Installation

Automated installation using SMS Administrator console

Installation by initiating program file at client

 

Logon script

Manual

Windows Group Policy

Other software distribution mechanism

Client Push Installation method

Logon Script-initiated Client Installation (Capinst.exe)

Advanced Client Installer (Ccmsetup.exe)

Client.msi

Ccmsetup.exe

Table 10.7 Planning for SMS 2003 Legacy Client Installation

Automated installation using SMS Administrator console

Installation by initiating program file at client

 

Logon script

Manual

Windows Group Policy

Other software distribution mechanism

Client Push Installation method

Logon Script-initiated Client Installation (Capinst.exe)

Manual Client Installation (Smsman.exe)

N/A

N/A

If you want to install SMS clients automatically, use Client Push Installation. If you have run a discovery method and want to deploy the SMS client to the discovered resources, use the Client Push Installation Wizard. If you want to install clients without discovering them, you can run a program file on the client through logon scripts, Windows Group Policy, manually at the client workstation, or by using another software distribution mechanism.

Installing the SMS client by using the SMS Administrator console

SMS 2003 provides support for installing the SMS Advanced Client remotely from the SMS site server by using Client Push Installation. Client Push Installation (or the Client Push Installation Wizard) must be used with an SMS discovery method because it requires clients to be discovered before the SMS client software is installed.

Client Push Installation Client Push Installation is useful for installing the Advanced Client or Legacy Client software on computers that:

  • Have been discovered by SMS but do not have the SMS client software.

  • Rarely log on to the network because the users lock their Windows sessions instead of logging out.

  • Log on with a user account that does not run a logon script or does not have administrative permissions on the computer.

  • Are servers that users might not log on to for a long period of time.

Important:

  • If you enable site-wide Client Push Installation, any compatible resource that is discovered within the site boundaries or roaming boundaries of the site is installed as an SMS client.

Use Client Push Installation to install the SMS client on SMS site systems. Site systems are automatically discovered by using site system discovery. By default, when site systems are discovered, SMS does not trigger Client Push Installation, even if it is enabled. However, you can configure the Client Push Installation Properties to install the SMS client on site systems.

If you want to install the SMS client automatically to specific groups of computers, or to computers that have been discovered but not yet installed as SMS 2003 clients, use the Client Push Installation Wizard.

If you have many computers in one SMS site, you might choose to use Client Push Installation to install the SMS client automatically. If SMS installs many clients at the same time, your network or SMS site systems might become overloaded. To avoid this, plan to throttle the client installation using the resource-based or collection-based Client Push Installation Wizard.

SMS site preparation for Client Push Installation Client Push Installation requires that you grant to all chosen client computers, administrator rights and permissions to either the SMS Service account (if the site is running in standard security mode) or Client Push Installation accounts that you create in the Client Push Installation Properties dialog box in the SMS Administrator console. For more information, see Chapter 5, "Understanding SMS Security."

To prepare the SMS site to deploy the SMS client software by using Client Push Installation, you must do the following:

  • Depending on whether you are installing the Advanced Client or the Legacy Client, ensure that you do the following:

    • For Advanced Client installation, from Component Configuration, specify an Advanced Client Network Access Account on the General tab in the Software Distribution Properties dialog box.

    • For Legacy Client installation, from Connection Accounts, specify a Windows User Account for the client connection.

  • Specify a valid account on the Accounts tab of the Client Push Installation Properties dialog box, accessible from Client Installation Methods in the SMS Administrator console. This account must have administrative credentials on the client computers that you want to install the Advanced Client on.

  • Configure an SMS site system as a management point, from Site Systems, and ensure that a default management point is specified for the site.

To troubleshoot Client Push Installation problems during Advanced Client installation, review the Ccm.log file on the SMS site server, which is located in the SMS\Logs folder. On the client, review the Ccmsetup.log and Client.msi.log file, which is located in %Windir%\System32\Ccmsetup.

If you want to install the SMS client on specific resources or collections in SMS, you can do this through the SMS Administrator console by using the Client Push Installation Wizard. Client Push Installation must be configured for the Client Push Installation Wizard to work, but it does not have to be enabled.

Initiating a program file at the client

You can initiate a program file at the client through

  • Logon Script-initiated Client Installation.

  • Manual installation of the SMS client.

  • Software distribution of the Advanced Client.

Logon Script-initiated Client Installation If you choose to deploy the SMS client by using logon scripts, plan to use Logon Script-initiated Client Installation.

If a logon script is run when your users log on to their computers, one of the easiest ways to discover their computers and install the SMS client is to set up the logon script to include SMS client installation. You do this by using Logon Script-initiated Client Installation (Capinst.exe) and copying the program file (Capinst.exe) to a shared folder from which you run the installation.

If your logon scripts are shared across the organization or multiple business units, consider how you will organize the changes to the scripts. SMS administrators at multiple sites might require changes to the logon scripts to enable client installation, but to avoid confusion, you should plan and perform this task in a coordinated manner. For more information about modifying logon scripts to support client installation, see Chapter 17, "Discovering Resources and Deploying Clients."

To use Logon Script-initiated Client Installation, you must have a server locator point available, and you must have access to the program file Capinst.exe. When using Logon Script-initiated Client Installation to install Advanced Clients, a management point is also required. When you use Logon Script-initiated Client Installation to install Legacy Clients, a CAP is also required.

Capinst.exe is included with SMS 2003. By default, Capinst.exe does not install the SMS client software on domain controllers. For more information, see Chapter 17, "Discovering Resources and Deploying Clients."

Important:

  • As a best practice, avoid installing the Legacy Client on domain controllers, especially domain controllers on slow network links.

If your environment does not have Active Directory, or if it does not have multiple server locator points registered in Active Directory, you should always specify the server locator point when you run Capinst.exe. You should specify the server locator point every time you use Logon Script-initiated Client Installation, and you should avoid the excess network traffic that is required to find the server locator point. Similarly, if your clients cannot use Active Directory, you should specify the server locator point when you use Capinst.exe.

Be aware of the requirements for Logon Script-initiated Client Installation on clients that are running Windows NT 4.0 and Windows 98. Also, if the SMS site has only Active Directory site boundaries, then computers that cannot use Active Directory cannot become SMS clients with this method.

Manual installation of the SMS client There are two manual installation methods:

  • Manual Client Installation (Smsman.exe)

  • Advanced Client Installer (Ccmsetup.exe)

Manual Client Installation uses CAPs to install the Legacy Client. Plan for the user or administrator to initiate Manual Client Installation at the computer. Use this method when you do not want to use an automated client installation method, for example, when you are testing SMS in your test lab environment. You can run Smsman.exe from a hard disk, a shared folder, a Web page, an e-mail message, or a floppy disk. Manual Client Installation can be run silently, and you can use it only to discover, not to install, clients.

Advanced Clients can be manually installed by using Advanced Client Installer (Ccmsetup.exe). Advanced Client Installer is useful on computers that might not have a network session connected long enough to download the Advanced Client files. If the computer can download the small program file (Ccmsetup.exe) in one session, then the computer can download the remainder of the required Advanced Client Installer files over several network sessions.

The advantages of using Advanced Client Installer are:

  • If the network connection becomes unavailable while Advanced Client Installer is downloading the Advanced Client files to the client computer, the Advanced Client Installer resumes the file download where it was stopped before the network connection was restored.

  • When you apply an international client pack (ICP) to the SMS site server, the Advanced Client Installer applies the correct localization transform to Client.msi before the Advanced Client is installed.

  • Because Client.msi is available on the destination computer's hard disk, you can repair the SMS client installation or apply patches to the Advanced Client software efficiently and completely.

Note:

  • Efficient completion of repair is not guaranteed for a mobile computer performing a repair while it is offline and unable to connect to the Netlogon folder, the management point, or the distribution point if Client.msi is not local.

Software distribution of the Advanced Client You can install the Advanced Client by using the same software distribution techniques that you use when you install any application software. You advertise Advanced Client components to collections that contain SMS Legacy Clients that you want to replace with the Advanced Client. Or, software distribution techniques other than SMS can be used, such as distribution of CDs containing the installation program, or Windows Group Policy using the Client.msi file that is installed on the site server during SMS Setup.

For more information about using this technique, see Chapter 17, "Discovering Resources and Deploying Clients."

Installing the Advanced Client on a computer master image

You can load Advanced Client software components on the computer when it is originally prepared for service in your organization. Typically, computer preparation work is done by an IT team in a staging area. The Advanced Client is installed on a client computer master image by installing core SMS client components without specifying an SMS site code for assignment. The computer is ready to be assigned to a site when it arrives at the location where it is used in production.

The master image with the SMS Advanced Client is automatically configured with an SMS GUID when SMS is installed. The Advanced Client detects that the computer has been prepared from a master image and creates a new GUID. This prevents duplication of SMS GUIDs on client computers when the Advanced Client software is loaded on computers before the computers are put into service in your organization.

Important:

  • Because a Legacy Client installation to a master image cannot detect that the computer was prepared from a master image, the SMS GUID must be removed from the Legacy Client before the computer is removed from the staging area and placed in service. This can be done manually, preferably in the master image, or it can be done by the Windows System Preparation tool (Sysprep.exe).

For information about computer imaging and Advanced Client installation, see Chapter 17, "Discovering Resources and Deploying Clients."

Installing the SMS Client on International Clients

When you install an SMS site, the site software includes interface elements in the language that you have purchased. This includes the client components whose interface elements are in the same language. If you have some users at the site that use a different language, you can apply an ICP to the site.

ICPs are usually available at http://www.microsoft.com/smserver/default.asp, through TechNet, and other channels.

Installing Legacy Clients on Computers Running Terminal Services

Computers that are running Terminal Services require an additional procedure to install the SMS Legacy Client software. Client Push Installation cannot be used with computers that are running Terminal Services because the installation method does not configure Terminal Services clients for Installation mode before it attempts to install the SMS client software. You must install the Legacy Client manually on computers that are running Terminal Services, or you must use a script that runs the procedure. For more information, see Chapter 17, "Discovering Resources and Deploying Clients."

Installing Legacy Clients on Domain Controllers in Active Directory Domains

When installing the Legacy Client, the SMS Client Services and Client User Token accounts are created in the local account database. Domain controllers do not have local account databases. So, when you install the Legacy Client on domain controllers, these accounts must be created in the domain's account database. In large Active Directory domains, the replication that is incurred when you create accounts can take an extended period time. Large replications can consume substantial network bandwidth. The Legacy Client installation might not wait long enough for the accounts to replicate, and then the installation can fail. Client Push Installation repeatedly retries the installation, potentially resulting in additional replication traffic.

If you have these issues in your environment, here are some options to eliminate or minimize them:

  • Install the Advanced Client, not the Legacy Client, on domain controllers. This reduces the potential for problems, because the Advanced Client software does not use user accounts. By default, Logon Script-initiated Client Installation does not install an SMS client on domain controllers. Client Push Installation does not install an SMS client on domain controllers if you have cleared the Domain controllers option in the Client Push Installation Properties dialog box.

  • If you install SMS site systems on domain controllers, Client Push Installation does not install the Legacy Client on domain controllers when you have not selected the Enable Client Push Installation to site systems option in the Client Push Installation Properties dialog box.

  • On the primary domain controller (or primary domain controller emulator), create a REG_DWORD registry value named Enable Domain User Group Membership under the subkey HKLM\SOFTWARE\Microsoft\SMS\Client\Configuration\Domain Controllers. Set it to a non-zero value. SMS does not attempt to remove the client accounts from the Domain Users group, which reduces network traffic.

  • On the primary domain controller (or primary domain controller emulator), create a REG_DWORD registry value named Account Synchronization Max Wait (minutes) under HKLM\SOFTWARE\Microsoft\SMS\Client\Configuration\Domain Controller. Set it to a value larger than the default of 60. The SMS client installation waits this period of time for the account replication to complete.

For More Information

Did you find this information useful? Please send your suggestions and comments about the documentation to smsdocs@microsoft.com.