When the Configuration Manager 2007 site is configured for native mode on the intranet, you must decide whether to enable the option Allow HTTP communication for roaming and site assignment.
Note |
---|
This option is not used with Internet-based client management, or with mobile device clients. |
This setting configures the roaming behavior of client computers and determines whether clients can communicate with a server locator point for site assignment and to locate a network load balancing management point.
For more information about roaming, see About Client Roaming in Configuration Manager.
For more information about the server locator point, see Determine If You Need a Server Locator Point for Configuration Manager Clients.
If the Configuration Manager 2007 site hierarchy contains some sites that are configured for mixed mode, and clients roam between sites in different modes, you must determine the roaming behavior you require.
Do not enable this option if the following condition applies:
- The security risk of a native-mode roaming
client downloading content over HTTP (data is unencrypted) has a
higher priority than the roaming client downloading remote content
using HTTPS (data is encrypted) from the client's assigned site. If
the remote content is over a low bandwidth connection, remote
content retrieval will be considerably slower than if it is
downloaded locally.
Enable this option if the following condition applies:
- The security risk of a native-mode roaming
client downloading content over HTTP (data is unencrypted) has a
lower priority than the roaming client downloading remote content
using HTTPS (data is encrypted) from the client's assigned site. If
the remote content is over a low bandwidth connection, local
content retrieval will be considerably faster than if it is
downloaded remotely.
Additionally, this option is required for the following scenario:
- The Active Directory schema is not
extended for Configuration Manager 2007, or the native-mode site
manages clients on the intranet from workgroups or another Active
Directory forest.