Is there an onboarding process for Endpoint Management?

This article provides an overview of the Endpoint Management onboarding process for SCCM and Jamf.

1. Provisioning request form is filled out by department.

NOTE: Each service offering needs to be requested. They can be requested together or separately.

2. Department is notified when site has been configured.

Additional steps for SCCM:

3. Distribution point server obtained and configured(requirements listed below).

  • Create Windows Server 2016/2019 machine. 
  • Assign SCCM server and Primary site computer objects to local admin group 
  • IIS Certs installed
  • Powershell 3.0+
  • Microsoft Visual C++ 2013 Redistributable Package
  • The IIS, Remote Differential Compression Role, and WDS Role for PXE boot
  • Firewall configuration  (Inbound Connections)
Dynamic Host Configuration Protocol (DHCP) UDP 67 and 68
Trivial File Transfer Protocol (TFTP) UDP 69
Boot Information Negotiation Layer (BINL) UDP 4011
Server Message Block (SMB) TCP 445
RPC Endpoint Manager TCP 135, UDP 135
RPC Dynamic Ports  
  • Firewall Configuration (outbound connections)
Hypertext Transfer Protocol (HTTP) 80 
Secure Hypertext Transfer Protocol (HTTPS) 443

4. Send distribution point IP address to, if not included in original request form, to configure a static public NAT . 

NOTE:  Once NAT is configured.  Edit the IPV4 settings on the distribution point to not register itself automatically in DNS.

5. Distribution point role is installed.

NOTE:  When configuring the distribution point in SCCM, *DO NOT* check "Enable this distribution point for prestaged content".

Keywords:sccm, firewall, distribution, configuration, jamf   Doc ID:91309
Owner:Teresa B.Group:University of Illinois Chicago Technology Solutions
Created:2019-04-24 17:04 CDTUpdated:2020-10-14 14:47 CDT
Sites:University of Illinois Chicago Technology Solutions
Feedback:  0   0