One potential work around could be to setup the Mac management point as internet facing only and MP/DP. Your current situation where clients prefer HTTPS MP is by design.
Thanks, Justin Chalfant Premier Field Engineer - Configuration Manager Public Sector Microsoft Services Tel : (303) 846-2701 Email: [email protected]<mailto:[email protected]> If you have any feedback about my work, please let either myself or my manager Ron Hill know at [email protected]<mailto:[email protected]> From: [email protected] [mailto:[email protected]] On Behalf Of Eswar Koneti Sent: Monday, July 14, 2014 6:32 PM To: [email protected] Subject: [mssms] clients connecting to https mp Running on CM12 R2 CU1. Hierarchy is running on http with couple of management points. recently we had requirement to manage mac machines using cm12 and for this,we setup additional site system role with mp and other required roles running on https. Mac machines are able communicate with https mp and all running good. After couple of days ,end users started complaining that, there see nothing in software center ,no apps nothing. when i looked at one of the client,it was assigned to https MP instead of http and further troubleshooting, identified that, PKI team has enabled the GPO for 'Auto enrollment Certification' on all windows clients for different purpose. PKI Team denied to disable the GPO as it is required for other functions to work properly. I have below things to try but: 1) disable the GPO for auto enrollment certificate---Not possible to do it 2) convert the entire hierarchy to https from http ---requires some testing and at this moment,not willing to go for it. 3) block port 443 (https) from windows clients to https mp-- not sure how will this work ,requires testing any other possible solutions ? Thanks, Eswar Koneti www.eskonr.com<http://www.eskonr.com>
