Is there an onboarding process for Endpoint Management?

Tags Intune mecm

This article provides an overview of the Endpoint Management onboarding process for MECM, Intune, and Jamf.
 

1. Provisioning request form is filled out by department.

NOTE: Each service offering needs to be requested. They can be requested together or separately.

2. Department is notified when site has been configured.

 

Additional steps for MECM:

3. Distribution point server obtained and configured(requirements listed below).

  • Create Windows Server 2016/2019 machine. 
  • Assign MECM server and Primary site computer objects to local admin group 
  • IIS Certs installed
  • Powershell 3.0+
  • Microsoft Visual C++ 2013 Redistributable Package
  • The IIS, Remote Differential Compression Role, and WDS Role for PXE boot
  • Firewall configuration  (Inbound Connections)
Dynamic Host Configuration Protocol (DHCP) UDP 67 and 68
Trivial File Transfer Protocol (TFTP) UDP 69
Boot Information Negotiation Layer (BINL) UDP 4011
Server Message Block (SMB) TCP 445
RPC Endpoint Manager TCP 135, UDP 135
RPC Dynamic Ports  
  • Firewall Configuration (outbound connections)
Hypertext Transfer Protocol (HTTP) 80 
Secure Hypertext Transfer Protocol (HTTPS) 443


4. Send distribution point IP address via our web form, to configure a static public NAT. 

NOTE:  Once NAT is configured.  Edit the IPV4 settings on the distribution point to not register itself automatically in DNS.

5. Distribution point role is installed.

NOTE:  When configuring the distribution point in MECM, *DO NOT* check "Enable this distribution point for prestaged content".

Details

Article ID: 704
Created
Fri 1/15/21 6:02 PM
Modified
Sat 2/6/21 3:44 AM