How to Configure Internet-Based Site Systems to Allow Only Site Server Initiated Data Transfers
Applies To: System Center Configuration Manager 2007, System Center Configuration Manager 2007 R2, System Center Configuration Manager 2007 R3, System Center Configuration Manager 2007 SP1, System Center Configuration Manager 2007 SP2
The default behavior of site systems in Configuration Manager 2007 is to initiate a connection to the site server in order to send status information to the site. However, you can configure the site server to initiate the connection to site systems that support Internet-based site systems. This configuration might introduce some latency in sending status messages, with a decrease in performance on the site server. You should therefore configure this option if both of these two conditions apply:
The Internet-based site systems are located in a perimeter network and the site server is located in the intranet.
Your network security policy prohibits Server Message Block (SMB) traffic that is initiated from the perimeter network to the intranet, but it allows SMB traffic that is initiated from the intranet to the perimeter network.
|To use this option, you must also specify the Site System Installation Account on the site system server.|
To configure the Internet-based site system so that it allows only site server initiated data transfers:
In the Configuration Manager console, navigate to System CenterConfiguration Manager / Site Database / Site Management / <site code> – <site name> / Site Settings / Site Systems.
Expand the site system servers, and then expand the first Internet-based site system server.
Right-click ConfigMgr Site System, and then click Properties.
On the General tab, select Allow only site server initiated data transfers from this site system.
Important When you select this option, you must also have configured a Windows user account to install and configure the site system (the option Use another account for installing this site system on this same tab), even if there is a trust relationship between the site server's domain and the Internet-based site system's domain.
Note For more information about the options in this dialog box, see Site System Properties: General Tab.
ConceptsDetermine Server Placement for Internet-Based Client Management
Administrator Workflow: Configuring a Site for Internet-Based Client Management
Site System Roles that Support Internet-Based Client Management
Configuration Manager in Multiple Active Directory Forests
Other ResourcesConfiguring Internet-Based Client Management
For additional information, see Configuration Manager 2007 Information and Support.
To contact the documentation team, email SMSdocs@microsoft.com.