Approval applies to mixed mode sites in Configuration Manager 2007 and provides additional security to help protect the site from unauthenticated clients when they join a site. It is required for clients that require policy that might contain sensitive data, for example with operating system deployments.
For more information about approval, see About Client Approval in Configuration Manager.
A mixed mode site is configured for one of three approval methods:
- Manually approve each computer
- Automatically approve computers in trusted
domains
- Automatically approve all computers
The default setting is to automatically approve computers in trusted domains. With this configuration, the management point must be configured with an intranet fully qualified domain name (FQDN) if clients are not in the same domain as the site server.
Use the following procedures to configure the approval method for the site, and to manually approve client computers if this is required.
 Note |
|---|
| You do not need to approve Configuration Manager 2007 clients in native mode environments, or mobile client devices in either site mode. |
To approve clients using the site approval configuration:
-
Open the Configuration Manager console in the primary site in which you need to configure the approval method, and navigate to System Center Configuration Manager / Site Database / Site Management.
-
Right-click <site code> - <site name>, and then click Properties.
-
On the Site Mode tab in the site properties dialog box, select one of the following approval settings:
- Manually approve each computer
- Automatically approve computers in trusted
domains
- Automatically approve all
computers
- Manually approve each computer
-
Click OK.
NoteChanging the site approval method will not automatically reset the approval status of clients already assigned to the site. The new setting will take affect for newly assigned clients only.For more information about the options on this dialog box, see Site Properties: Site Mode Tab
To approve clients manually:
-
Open the Configuration Manager console in the primary site in which the client is assigned, and navigate to System Center Configuration Manager / Site Database / Computer Management / Collections.
NoteYou must approve clients from their assigned site, and cannot approve them from sites higher in the hierarchy. -
Locate the Configuration Manager Client to be approved, right-click the client, and then click Approve.
-
In the Confirm Approval dialog box, click Yes to approve the client.