Manualshelf

System information

ManualsBrandsParallels ManualsSoftwareManagement Suite SCCM
21222324252627282930
25
Deploying Parallels Mac Management for Microsoft SCCM 2012
The certificate is used to authenticate the distribution point to an HTTPS-enabled management
point before the distribution point sends status messages.
When the Enable PXE support for clients distribution point option is selected, the certificate
is sent to PXE boot servers so that they can connect to an HTTPS-enabled management point
during the deployment of the operating system.
This procedure consists of the following steps:
1 Create and issue a custom workstation authentication certificate template on the Certification
Authority computer.
2 Install the custom workstation authentication certificate.
3 Export the client certificate to be used on the distribution point computers.
Creating Custom Workstation Authentication Certificate Template
This section describes how to create a custom certificate template for distribution points that allows
the private key to be exported, and adds the certificate template to the certification authority:
On the member server:
1 In Windows, click Start > Administrative Tools > Certification Authority.
2 Expand the Certificate Templates in Certification Authority (Local) / <ca-name> node.
3 Right-click Certificate Templates and click Manage.
4 In the template list, find the Workstation Authentication template, right-click it, and then click
Duplicate Template in the context menu.
5 In the Duplicate Template dialog, select Windows Server 2003 Enterprise (do NOT select
Windows Server 2008 Enterprise).
6 The Properties of New Template dialog opens.
7 On the General tab page, type the template name (e.g. ConfigMgr Client Distribution Point
Certificate).
8 Click the Request Handling tab and select the Allow private key to be exported option.
9 Click the Security tab, select the Enterprise Admins group and clear the Enroll permissions
(i.e. both Allow and Deny options are cleared).
10 Click the Add button and then add the ConfigMgr IIS Servers group that you created earlier.
11 Select the ConfigMgr IIS Servers group and then select Allow for the Enroll permission.
12 Click OK.
13 Close the Certificate Template Console.
14 In the certi
ficate snap-in, right-click Certificate Templates and click New > Certificate
Template to Issue.
15 In the template list, select the ConfigMgr Client Distribution Point Certificate template that
you created earlier and click OK.