ConfigMgr Client Push

Problem:  How do I get the ConfigMgr client onto my endpoints?

Solution:  There are many ways in which you can do this.  Most are well documented and for most this will be nothing new but here’s a summary of my findings.

Before you begin
Start by configuring the client push installation properties. These properties are replicated using Active Directory.  In the ConfigMgr console navigate to Administration / Site Configurations / Sites select your site then from the ribbon select Settings / Client Installation Settings / Client Push Settings, then select the Accounts tab.  From here you can configure multiple client push accounts, each one will be tried in sequence and if no connection is successful, the site server computer account will be used. Generally you are required to create a separate account for servers and one for workstations, but not always. 
Once your accounts are set up we are ready to begin.

Method 1 – Start Up Script / Log on Script
Because a Start Up script will run as Local System it often bypasses any security that may be in place on a corporate network such as firewalls.  It is preferred over a log on script for reasons explained shortly.  A  Start Up script is a simple manner of placing the script in a network location accessible to the clients you are targeting and then using Group Policy to push it out (Computer Configuration>Policies>Windows Settings>Scripts (Startup/Shutdown)).   You can use the Group Policy MMC Snap-In on Server 2012 to Group Policy Update any live machines on the network so that after you make the changes they will be then applied at next boot.  For trouble shooting you can use the ConfigMgr log (see logs section) or simply look in the Event Viewer for any obvious reasons for group policy failure errors.
Ref: Please check out Jason Sandy’s Start Up Script here: 
http://blog.configmgrftw.com/?page_id=349 – Comes highly recommended.
Even though you can use Log On scripts, it is ill-advised unless your users are administrator (which is highly unlikely) as the script would need high privileges to run. However should you chose this option anyway simply add the script into GPO (User Configuration>Policies>Windows Settings>Scripts (Logon/Logoff).  Similarly you would need to have the script in a network location accessible by the clients and then wait for the group policy to refresh and the user to log off and back on again.

Method 2 – Group Policy MSI Push
The client install also comes in .MSI flavour so you can push it out using a computer targeted GPO on your domain.  Within the Group Policy MMC, navigate through Computer Configuration>Policies>Software Settings and add the MSI into the GPO targeting it to computer objects.

Method 3 – WSUS Update
Supposing you have a robust WSUS setup and it is working efficiently and properly in your environment you have the option to add the client install as an update into WSUS, authorise it and sit back and wait for the clients to install the update.

Method 4 – Manual Install
A last resort really but you could manually install the client on troublesome PC’s if you require.  You can launch the program by browsing to the location of the ccmsetup.exe file and throwing a command of ccmsetup.exe SMSSITECODE=XXX /MP:{FQDN of Management Point} from your chosen prompt.  You could also use the switch /ExcludeFeatures:ClientUI to disable the Software Centre from being installed, should you wish to do so.  This method is often used when clients are in a workgroup environment.

Method 5 – Push the client from the console
This can be initiated from the ConfigMgr console.  This method requires an account with local admin privileges on the client.  File and Printer Sharing needs to be enabled on the local firewall too.  From the console navigate through Assets and compliance / Overview / Devices and supposing your discovery has succeeded the devices will be listed here, thereafter you simply right click and chose Install Client

Useful ConfigMgr Log Files
1. ccmsetup.log -  Located on the client at %windir%\ccmsetup\log and contains information about the client download, any prerequisite installs and installing the client.
2. client.msi.log – Located on the client at %windir%\ccmsetup\log and contains information about any WMI related errors in the installation.

Upgrading the ConfigMgr Client
For major releases like a new service pack or R2 upgrade you can use automatic client upgrade options on the site properties (Administration / Site Configurations / Site then on the ribbon select Hierarchy Settings and select the 'Automatic Client Upgrade' tab).

Jonathan.