 Note |
| The information in this topic applies only to System Center
2012 Configuration Manager SP1. |
Before you can manage a Linux or UNIX server with Configuration
Manager, you must install the Configuration Manager client for
Linux and UNIX on each Linux or UNIX computer. You can accomplish
this manually or by use of a shell script that installs the client
remotely. Configuration Manager does not support the use of client
push installation for Linux or UNIX servers. Optionally you can
configure a Runbook for System Center 2012 Orchestrator to
automate the install of the client on the Linux or UNIX server.
The install script for the Configuration Manager client for
Linux and UNIX supports command line properties. Some command line
properties are required, while others are optional. For example,
when you install the client, you must specify a management point
from the site that is used by the Linux or UNIX server for its
initial contact with the site. For the complete list of command
line properties, see Command Line Properties for
Installing the Client on Linux and UNIX Servers.
After you install the client, you specify Client Settings in the
Configuration Manager console to configure the client agent in the
same way you would windows-based clients. For more information, see
the
Client Settings for Linux and UNIX Servers section in the
Operations for Linux and UNIX Servers for Configuration
Manager topic.
Install the Client on Linux and UNIX
Servers
To install the client for Linux and UNIX, you run a
script on each Linux or UNIX computer. The script is named
install and supports command line properties that modify the
installation behavior and reference the client installation
package. The install script and client installation package must be
located on the client. The client installation package contains the
Configuration Manager client files for a specific Linux or UNIX
operating system:
The client installation package contains all the
necessary files to complete the client installation and unlike
Windows-based computers, does not download additional files from a
management point or other source location.
After you install the Configuration Manager client for
Linux and UNIX, you do not need to reboot the computer. As soon as
the software installation is complete, the client is operational.
If you reboot the computer, the Configuration Manager client
restarts automatically.
Following is the command format: ./install -mp
<computer> -sitecode <sitecode> <property #1>
<property #2> <client installation package>
| Command line |
Actions |
|
./install –mp smsmp.contoso.com sitecode S01
ccm-RHEL5x86.tar
|
- install is the name of the script file
that installs the client for Linux and UNIX. This file is provided
with the client software.
- -mp smsmp.contoso.com specifies the
initial management point that is used by the client.
- -sitecode S01 specifies the client is
assigned to the site with the site code of S01.
- ccm-RHEL5x86.tar is the name of the
client installation .tar package for this computer operating
system, version, and CPU architecture.
|
You can insert additional command line properties
before the command line property that specifies the client
installation .tar file. The client installation .tar file must be
specified last.
For a list of command line options, see Command Line Properties for
Installing the Client on Linux and UNIX Servers.
Use the following procedure as an example of how to
install the client for Linux and UNIX.
| Note |
| The following example procedure installs the client for Linux
and UNIX on a Red Hat Enterprise Linux 5 (RHEL5) x86
computer. To adjust this procedure for the operating systems that
you use, replace the client installation file
(ccm-RHEL5x86.tar) with the appropriate file each operating
system. Also plan to use additional command line properties to meet
your requirements. |
To install the Configuration Manager
Client on Linux and UNIX servers
-
Copy the install script and the client
installation .tar file to a folder on the RHEL 5 x86
based computer.
-
On the RHEL5 computer, use root credentials to
run the following command to enable the script to run as a program:
chmod +x install
-
Next, with root credentials, run the following
command to install the Configuration Manager client: ./install
–mp <hostname> -sitecode <code> ccmRHEL5x86.tar
When you enter this command, use additional
command-line properties you require.
-
After the script runs, validate the install by
reviewing the /var/opt/microsoft/scxcm.log file.
Additionally, you can confirm that the client is installed and
communicating with the site by viewing details for the client in
the Devices node of the Assets and Compliance
workspace in the Configuration Manager console.
Command Line Properties for Installing
the Client on Linux and UNIX Servers
When you install the client for Linux and UNIX on a
Linux or UNIX computer, you run the install script with
command-line properties that specify the following:
- The client’s assigned site.
- The management point with which the client
initially communicates
- The client installation .tar file for the
computer’s operating system
- Additional configurations you require
The properties described in the following table are
available to modify the installation behavior.
| Note |
| Use the property -h to display this list of supported
properties. |
| Property |
Required or optional |
More information |
|
-mp <server FQDN>
|
Required
|
Specifies by FQDN, the management point server that the client
will use as an initial point of contact.
 Important |
| This property does not specify the management point to which
the client will become assigned after installation. |
| Note |
| When you use the -mp property to specify a management
point that is configured to accept only HTTPS client connections,
you must also use the -UsePKICert property. |
Specify the management point by FQDN.
|
|
-sitecode <sitecode>
|
Required
|
Specifies the Configuration Manager primary site to assign the
Configuration Manager client to.
Example: -sitecode S01
|
|
-dir <directory>
|
Optional
|
Specifies an alternate location to install the Configuration
Manager client files.
By default, the client installs to the following location:
/opt/microsoft.
|
|
-nostart
|
Optional
|
Prevents the automatic start of the Configuration Manager client
service, ccmexec.bin, after the client installation
completes.
After the client installs, you must start the client service
manually.
By default, the client service starts after the client
installation completes, and each time the computer restarts.
|
|
-clean
|
Optional
|
Specifies the removal of all client files and data from a
previously installed client for Linux and UNIX, before the new
installation starts. This removes the client’s database and
certificate store.
|
|
-keepdb
|
Optional
|
Specifies that the local client database is retained, and reused
when you reinstall a client. By default, when you reinstall a
client this database is deleted.
|
|
-UsePKICert <parameter>
|
Optional
|
Specifies the full path and file name to a X.509 PKI certificate
in the Public Key Certificate Standard (PKCS#12) format. This
certificate is used for client authentication.
When you use -UsePKICert, you must also supply the
password associated with the PKCS#12 file by use of the
-certpw command line parameter.
If the certificate is not valid, or cannot be found, the client
falls back to use HTTP and a self-signed certificate.
If you do not use this property to specify a PKI certificate,
the client uses a self-signed certificate and all communications to
site systems are over HTTP.
| Note |
| You must specify this property when you install a client and
use the -mp property to specify a management point that is
configured to accept only HTTPS client connections. |
Example: -UsePKICert <Full path and filename> -certpw
<password>
|
|
-certpw <parameter>
|
Optional
|
Specifies the password associated with the PKCS#12 file that you
specified by use of the -UsePKICert property.
Example: -UsePKICert <Full path and filename> -certpw
<password>
|
|
-NoCRLCheck
|
Optional
|
Specifies that a client should not check the certificate
revocation list (CRL) when it communicates over HTTPS by use of a
PKI certificate. When this option is not specified, the client
checks the CRL before establishing an HTTPS connection by use of
PKI certificates. For more information about client CRL checking,
see Planning for PKI Certificate Revocation.
Example: -UsePKICert <Full path and filename> -certpw
<password> -NoCRLCheck
|
|
-rootkeypath <file location>
|
Optional
|
Specifies the full path and file name to the Configuration
Manager trusted root key. This property applies to clients that use
HTTP and HTTPS client communication. For more information, see
Planning for the Trusted Root Key.
Example: -rootkeypath <Full path and filename>
|
|
-httpport
|
Optional
|
Specifies the port that is configured on management points that
the client uses when communicating to management points over HTTP.
If the port is not specified, the default value of 80 is used.
Example: -httpport 80
|
|
-httpsport
|
Optional
|
Specifies the port that is configured on management points that
the client uses when communicating to management points over HTTPS.
If the port is not specified, the default value of 443 is used.
Example: -UsePKICert <Full path and certificate name>
-httpsport 443
|
|
-ignoreSHA256validation
|
Optional
|
Specifies that client installation skips SHA-256 validation. Use
this option when installing the client on operating systems that
did not release with a version of OpenSSL that supports SHA-256.
For more information, see the About
Linux and UNIX Operating Systems That do not Support SHA-256
section in the Planning for Client
Deployment for Linux and UNIX Servers topic.
|
|
-signcertpath <file location>
|
Optional
|
Specifies the full path and .cer file name of the
exported self-signed certificate on the site server. This
certificate is stored in the SMS certificate store and has
the Subject name Site Server and the friendly name Site
Server Signing Certificate.
This certificate is used by the client for all HTTP and HTTPS
communications with management points and distribution points.
Example: -signcertpath=<Full path and file
name>
|
|
-rootcerts
|
Optional
|
If multiple root certificates exist in the Configuration Manager
environment, you can specify additional root certificates that the
client might need to validate site system servers.
Example: -rootcerts=<Full path and file name>,<Full
path and file name>
|
Uninstalling the Client from Linux and
UNIX Servers
To uninstall the Configuration Manager client for Linux
and UNIX you use the uninstall utility, uninstall. By
default, this file is located in the
/opt/microsoft/configmgr/bin/ folder on the client computer.
This file does not support any command line parameters and will
remove all files related to the client software from the
server.
To uninstall the client, use the following command
line: /opt/microsoft/configmgr/bin/uninstall
You do not have to reboot the computer after you
uninstall the Configuration Manager client for Linux and UNIX.
Configure Request Ports for the
Client for Linux and UNIX
Similar to Windows-based clients, the Configuration
Manager client for Linux and UNIX uses HTTP and HTTPS to
communicate with Configuration Manager site systems. The ports that
the Configuration Manager client uses to communicate are referred
to as a request ports.
When you install the Configuration Manager client for
Linux and UNIX, you can change the clients default request ports by
specifying the -httpport and -httpsport installation
properties. When you do not specify the installation property and a
custom value, the client uses the default values. The default
values are 80 for HTTP traffic and 443 for HTTPS
traffic.
After you install the client, you cannot change its
request port configuration. Instead, to change the port
configuration you must reinstall the client and specify the new
port configuration. When you reinstall the client to change the
request port numbers, run the install command similar to the
new client install, but use the additional command line property of
-keepdb. This switch instructs the installation to retain
the client database and files including the clients GUID and
certificate store.
For more information about client communication port
numbers, see How
to Configure Client Communication Port Numbers in Configuration
Manager.
Configure the Client for Linux and
UNIX to Locate Management Points
When you install the Configuration Manager client for
Linux and UNIX, you must specify a management point to use as an
initial point of contact.
The Configuration Manager client for Linux and UNIX
contacts this management point at the time the client installs. If
the client fails to contact the management point, the client
software continues to retry until successful.
For more information about how clients locate
management points, see the section Locating
Management Points section in the How to Assign Clients to
a Site in Configuration Manager topic.
