When a management point receives a content location request from a client, it identifies distribution points that host the content requested by clients. For requested advertisements, the package ID and version number is used to identify the requested content. For software updates, the software update configuration item UniqueID value and configuration item version is used to identify the requested content.

The distribution points searched first will be the distribution points in the client's current site. The current site might be the client's assigned site, or a secondary site attached to its assigned site, or another site into which the client has roamed. If the content is not available in the client's current site, distribution points are searched in the client's assigned site. In this way, clients can access content only from distribution points from their current site, or their assigned site.

The management point then sorts the list of identified distribution points in relation to the client's current boundary location.

First, the management point looks for protection distribution points:

• If the content is on protected distribution points, and the client's current boundary location is included in the protected boundary configuration on protected distribution points, these distribution points only are returned to the client.
  
  
• If the content is not on protected distribution points, but the client's current boundary location is included in the protected boundary configuration, by default management points continue to provide the client with a list of non-protected distribution points that do host the content. However, when the following option is deselected on the advertisement or software update deployment setting, no distributions points are returned to clients and the client will not be able to download the content until it is added to the protected distribution points: Allow clients to fallback to unprotected distribution points when the content is not available on the protected distribution point.
  
  

For more information about protected distribution points, see About Protected Distribution Points.

Next, the management point sorts the distribution points according to whether the client is currently in a fast network boundary that is configured for the management point's site:

• If the client is on a fast network boundary, the management point identifies the distribution points from its own site and marks them as "local".
  
  
• The remaining distribution points are marked as "remote".
  
  
• If there are both local and remote distribution points, the local distribution points are ordered before the remote distribution points.
  
  

The list of available distribution points is returned to the client after the filtering process (for protected distribution points) and sorting process (local and remote).

Clients receive the list of distribution points, perform their own selection criteria, and then attempt to connect with the first distribution point. In most scenarios, if that connection fails (for example, the distribution point computer is down or the name fails to resolve), clients retry that distribution point for 8 hours before trying the next distribution point on the list. Clients retry with exponentially increasing delays, starting with 30 seconds, then 1 minute, then 2 minutes, and so on, until they try once an hour. An exception to the 8-hour retry behavior is if the client has attempted to connect to a branch distribution point on a workstation computer that has reached the maximum number of concurrent sessions. When this happens, clients retry once before immediately trying the next distribution point in the list.

The order in which clients try to connect to distributions point is the following, first for distribution points marked local (if any) and then for distribution points marked remote:

• Distribution points on the same IP subnet as the client
  
  
• Distribution points in the same Active Directory site as the client
  
  
• Remaining distribution points
  
  

Within each sorting category, the client prefers distribution points that are enabled with the option Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS. Without this option enabled, client connections to distribution points are over server message blocks (SMB).

As an example, a client will choose a distribution point with this option enabled located on the same IP subnet over a distribution point without this option enabled. However, the client will choose a distribution point that is not enabled with this option and that is located on the same IP subnet as the client over a distribution point that is enabled with this option but located on a different IP subnet as the client.

Within each sorting category, the order of distribution points is nondeterministic, which provides a level of load-balancing for the servers. So, a client would attempt to connect to any of the distribution points that are enabled with the option Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS on the same IP subnet as the client, and then attempt to connect to any of the distribution points that are not enabled with this option when they are on the same IP subnet as the client.

When the client is being managed over the Internet, and requesting content from a site configured for Internet-based client management, all Internet-based distribution points in that site will be returned to the client if they contain the content requested by the client.

In this scenario, distribution points must be configured with the option Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS, and the selection of a distribution point by the client is nondeterministic.

When clients successfully connect to a distribution point on the intranet to access content, the content will always be available to clients that are located within fast network boundaries for the site on which the distribution point is located.

For clients that are not located within fast network boundaries for the site (they are located within slow network boundaries, or within boundaries defined for another site, or outside all configured boundaries on the intranet), the availability of the content depends on the configuration of the advertisement or software update deployment. In this scenario, the default configuration is to prevent access to the content, in order to preserve network bandwidth.

You can change this default setting so that advertisements and software update deployments download and install locally when the client is connected over a slow network boundary. This will ensure that clients can always install the content, but at the expense of network bandwidth over potentially slow and expensive WAN links.

These settings are configurable in the following places:

• For an advertisement: When a client is connected within a slow or unreliable network boundary: Do not run program on the Advertisement Name Properties: Distribution Points Tab.
  
  
• For a software update deployment: When a client is connected within a slow or unreliable network boundary: Do not install software updates on the Deployment Name Properties: Download Settings Tab and When no distribution point is available locally: Do not run update installation on the Deployment Name Properties: SMS 2003 Settings Tab.
  
  

For more information about how clients find management points and content when they move from one location in the hierarchy to another, see About Client Roaming in Configuration Manager.

For example scenarios of how clients access content according to boundary configuration, their network location, and the configuration of advertisements and software update deployments, see Example Roaming Scenarios for Configuration Manager: Complex.

Concepts

Other Resources