Site system roles are roles that can be installed on Configuration Manager 2012 site servers. Depending on the size of your site and hardware, you can assign multiple roles to one site system server. Some site system roles are installed while installing Configuration Manager 2012 or when adding a secondary site to the Configuration Manager 2012 infrastructure. Others can be installed in the Configuration Manager console.
The following list provides an overview (in alphabetical order) of all the site roles and what
they are used for.
Application Catalog Web Service Point The Application Catalog web service point publishes software information from the software library to the Application Catalog website. This site role is available hierarchy wide.
Application Catalog Website Point The Application Catalog website point publishes the available software for a user, depending on the user rights. The Application Catalog website allows users with mobile devices to remotely wipe their device or request software that is available for distribution but not without approval from the system administrator. This site role is available hierarchy wide.
Asset Intelligence Synchronization Point The Asset Intelligence synchronization point synchronizes the Asset Intelligence Catalog information with the System Center online service. This site system role can only be installed on the Central Administration Site server in a hierarchy or a stand-alone primary site server. Synchronization of the Asset Intelligence information can be scheduled or run manually. This site role is available hierarchy wide.
Certificate Registration Point The certificate registration point communicates with the server that runs the Network Device Enrollment Service of Active Directory Certificate Services to manage device certificate requests that use the Simple Certificate Enrollment Protocol (SCEP).
Component Server A component server is automatically installed with all site system roles except the distribution point and is used to run Configuration Manager services.
Distribution Point Distribution point is the Configuration Manager role that stages packages such as application content, software packages, software updates, operating system images, and boot images to clients. The distribution point role in Configuration Manager 2012 also supports PXE, scheduling, bandwidth throttling, multicast, and content validation. This site role is available only in the site.
Endpoint Protection Point The Endpoint Protection role integrates the former Forefront Endpoint Protection with Configuration Manager 2012. The role is configured at the Central Administration Site or a stand-alone primary site. With the System Center Endpoint Protection role you can secure your clients and servers from viruses and malware. To be able to use the Endpoint Protection point, you need to accept the license terms and configure the default membership for the Microsoft Active Protection Service.
Enrollment Point When implementing mobile device management or secure out-of-band management, an enrollment point is needed. Public key infrastructure (PKI) certificates are required to complete the enrollment of the mobile device, and the device will provision AMTbased clients. This site role is available only in the site.
Enrollment Proxy Point When implementing mobile device management, an enrollment proxy point is needed to manage enrollment requests from mobile devices. Mobile device enrollment will need a PKI to secure the over-the-air communication with the mobile devices.
This site role is available only in the site.
Fallback Status Point When a client becomes unmanaged or the management point is unable to communicate with the client, a fallback status point will point out unmanaged clients and helps you monitor the client installation. This site role is available hierarchy wide.
Management Point The management point provides policy and content location information to Configuration Manager clients. It also receives configuration data from Configuration Manager clients.
The server locator point functionality as it is known in Configuration Manager 2007 is moved to the management point. If the Configuration Manager client is no longer able to retrieve site information from Active Directory or WINS, the management point is used to provide this information.
This site role is available only in the site.
Out-of-Band Service Point The out-of-band service point is used for provisioning and configuring AMT-based computers for out-of-band management. This site role is available only in the site.
Reporting Services Point For reporting you need a Reporting Services point; this role integrates with SQL Server Reporting Services. You can create and manage reports for Configuration Manager. This site role is available hierarchy wide.
Site Database Server The site database server hosts the Microsoft SQL Server database. This database is used to store information about assets and site data.
SMS Provider This is installed automatically when you install a Central Administration Site and when you install a primary site. The SMS provider is the interface between the Configuration Manager 2012 console and the Configuration Manager 2012 database. Secondary sites do not install SMS providers.
Software Update Point The software update point is used for integration with Windows Server Update Services so that software updates can be deployed and managed with Configuration Manager. This site role is available only in the site.
State Migration Point When a computer receives a new operating system, the user state will be stored at the state migration point. The state migration point receives the user state from User State Migration Toolkit 4.0, which is executed in an operating system deployment task sequence. This site role is available only in the site.
System Health Validator Point When implementing Network Access Protection (NAP) a system health validator point validates the Configuration Manager NAP policies. The role needs to be installed on the NAP health policy server. This site role is available hierarchy wide.
Windows Intune Connector When managing mobile devices via Windows Intune you need to install the Windows Intune connector to be able to retrieve status messages and inventory messages from the mobile devices that are enrolled in Windows Intune.
The following list provides an overview (in alphabetical order) of all the site roles and what
they are used for.
Application Catalog Web Service Point The Application Catalog web service point publishes software information from the software library to the Application Catalog website. This site role is available hierarchy wide.
Application Catalog Website Point The Application Catalog website point publishes the available software for a user, depending on the user rights. The Application Catalog website allows users with mobile devices to remotely wipe their device or request software that is available for distribution but not without approval from the system administrator. This site role is available hierarchy wide.
Asset Intelligence Synchronization Point The Asset Intelligence synchronization point synchronizes the Asset Intelligence Catalog information with the System Center online service. This site system role can only be installed on the Central Administration Site server in a hierarchy or a stand-alone primary site server. Synchronization of the Asset Intelligence information can be scheduled or run manually. This site role is available hierarchy wide.
Certificate Registration Point The certificate registration point communicates with the server that runs the Network Device Enrollment Service of Active Directory Certificate Services to manage device certificate requests that use the Simple Certificate Enrollment Protocol (SCEP).
Component Server A component server is automatically installed with all site system roles except the distribution point and is used to run Configuration Manager services.
Distribution Point Distribution point is the Configuration Manager role that stages packages such as application content, software packages, software updates, operating system images, and boot images to clients. The distribution point role in Configuration Manager 2012 also supports PXE, scheduling, bandwidth throttling, multicast, and content validation. This site role is available only in the site.
Endpoint Protection Point The Endpoint Protection role integrates the former Forefront Endpoint Protection with Configuration Manager 2012. The role is configured at the Central Administration Site or a stand-alone primary site. With the System Center Endpoint Protection role you can secure your clients and servers from viruses and malware. To be able to use the Endpoint Protection point, you need to accept the license terms and configure the default membership for the Microsoft Active Protection Service.
Enrollment Point When implementing mobile device management or secure out-of-band management, an enrollment point is needed. Public key infrastructure (PKI) certificates are required to complete the enrollment of the mobile device, and the device will provision AMTbased clients. This site role is available only in the site.
Enrollment Proxy Point When implementing mobile device management, an enrollment proxy point is needed to manage enrollment requests from mobile devices. Mobile device enrollment will need a PKI to secure the over-the-air communication with the mobile devices.
This site role is available only in the site.
Fallback Status Point When a client becomes unmanaged or the management point is unable to communicate with the client, a fallback status point will point out unmanaged clients and helps you monitor the client installation. This site role is available hierarchy wide.
Management Point The management point provides policy and content location information to Configuration Manager clients. It also receives configuration data from Configuration Manager clients.
The server locator point functionality as it is known in Configuration Manager 2007 is moved to the management point. If the Configuration Manager client is no longer able to retrieve site information from Active Directory or WINS, the management point is used to provide this information.
This site role is available only in the site.
Out-of-Band Service Point The out-of-band service point is used for provisioning and configuring AMT-based computers for out-of-band management. This site role is available only in the site.
Reporting Services Point For reporting you need a Reporting Services point; this role integrates with SQL Server Reporting Services. You can create and manage reports for Configuration Manager. This site role is available hierarchy wide.
Site Database Server The site database server hosts the Microsoft SQL Server database. This database is used to store information about assets and site data.
SMS Provider This is installed automatically when you install a Central Administration Site and when you install a primary site. The SMS provider is the interface between the Configuration Manager 2012 console and the Configuration Manager 2012 database. Secondary sites do not install SMS providers.
Software Update Point The software update point is used for integration with Windows Server Update Services so that software updates can be deployed and managed with Configuration Manager. This site role is available only in the site.
State Migration Point When a computer receives a new operating system, the user state will be stored at the state migration point. The state migration point receives the user state from User State Migration Toolkit 4.0, which is executed in an operating system deployment task sequence. This site role is available only in the site.
System Health Validator Point When implementing Network Access Protection (NAP) a system health validator point validates the Configuration Manager NAP policies. The role needs to be installed on the NAP health policy server. This site role is available hierarchy wide.
Windows Intune Connector When managing mobile devices via Windows Intune you need to install the Windows Intune connector to be able to retrieve status messages and inventory messages from the mobile devices that are enrolled in Windows Intune.
No comments:
Post a Comment