1E Platform module requirements

1E Platform module requirements for the 1E Client.

Content Distribution client requirements

Information that will help you design and plan the implementation of Content Distribution in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with Content Distribution client enabled.

Content Distribution client features are not required if the 1E Client is being installed only to support 1E, Shopping, or WakeUp. However, Content Distribution can be used to help platform clients download content from the Background Channel and other sources. For more detail, please refer to 1E Platform client integration with Content Distribution.

Content Distribution infrastructure dependencies

For a full understanding of Content Distribution features and their configuration, please refer to 1E Content Distribution features.

In addition to deploying 1E Client (with Content Distribution client module enabled) on all computers and on Configuration Manager Distribution Points, the following are also required:

  • Content Distribution tools installed on Configuration Manager sites and SMS Providers.

  • Content Distribution Configuration Manager Console extensions on Configuration Manager site servers, any other computer that has the Configuration Manager Console installed.

Content Distribution can be used for downloading content for 1E clients, as well as Configuration Manager clients.

Downloading client content and Content Distribution integration

1E Client downloads content from the 1E Background Channel. Content is mainly scripts and other files required by instructions. It also includes client resources such as extensible modules, providers, and other dependencies to maintain the 1E Client. In most cases, client resources are version controlled to prevent repeated downloads. 1E instructions always request a download even if they have run an instruction before, unless the content for that instruction has been cached in memory.

You may need to consider the impact on the network if there is a large amount of content included in an instruction. This is more of an operational consideration instead of a design consideration.

Content Distribution is an optionally licensed component of the 1E Client. It makes software deployment, patching and downloading content more efficient and reduces the impact on the network. It removes the need for remote Distribution Point servers in Microsoft System Center Configuration Manager systems. When Content Distribution is installed on computers, it automatically elects a peer to download content from a server over the WAN and then peer-shares the content with other PCs at the same location. The downloaded content is cached locally on each PC in case it is needed again.

1E can optionally use Content Distribution to download content from servers irrespective of whether Content Distribution is integrated with Configuration Manager or not, and also uses advanced Content Distribution features.

1E Platform client integration with Content Distribution disabled

If Content Distribution integration is not used, the following applies:

  • 1E Platform client waits a randomized stagger period defined by its DefaultStaggerRangeSeconds setting, and then downloads content from the specified Background Channel.

  • 1E Platform client retains modules and extensible that it has downloaded but does not retain instruction scripts after they have been run. Any instruction that requires a script or other file will download the latest version each time the instruction is run.

1E Client integration with Content Distribution enabled

Content Distribution integration is available on Windows PC devices and is enabled by default, but can be disabled during installation of the 1E Client.

With the Content Distribution integration feature enabled, 1E Client will detect if a supported version of Content Distribution is running on the device.

  • 1E Client immediately requests Content Distribution to download content from the specified HTTP source, such as the Background Channel. Content Distribution behaves in the same way as it does with Configuration Manager by ensuring the latest version of content is obtained and electing a master to perform the actual download.

  • Content Distribution maintains its own cache of downloaded content which avoids the need for repeat downloads over the WAN, and provides content to peers that require the same resources which avoids peer devices having to download over the WAN.

  • If the Content Distribution integration feature is enabled, and requested content is not provided within the timeout period, the 1E Client will fall back to downloading directly from the HTTP source. The most likely reason for a timeout is if Content Distribution is busy downloading other content.

To use Content Distribution, there is no special configuration of 1E Servers unless you want to use server-based features provided by the Content Distribution and Content Distribution, which requires the reverse proxy feature to be configured on Background Channels.

The Background Channel is a web application on the 1E Server which uses HTTPS and default port is 443. The URL for the Background Channel is defined in the 1E Client configuration file and is specified during installation of the 1E Client if 1E features are enabled. The 1E Client passes this URL to Content Distribution when it requests content to be downloaded. Instructions can also specify other HTTP sources.

Content Distribution does not need to be configured to use certificates in order to communicate with the Background Channel (the Content Distribution CertIssuer and CertSubject settings are used only with Configuration Manager Distribution Points that are configured to validate device certificates).

The Nomad Single-Site Download (SSD) feature, which uses Content Distribution, further reduces the impact of downloading content over the WAN.

Firewall ports

Refer to Firewall ports.

PXE Everywhere client requirements

Information that will help you design and plan the implementation of PXE Everywhere in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with the PXE Everywhere Agent client module enabled.

For a full understanding of PXE Everywhere features and their configuration, please refer to Introducing PXE Everywhere.

PXE Everywhere infrastructure dependencies

PXE Everywhere helps with OS Deployment. The PXE Everywhere Agent is a lightweight PXE service deployed throughout the network, responding to PXE requests on local subnets. Local Agents elect which one will respond to the original PXE request, and communicate with PXE Everywhere Central to determine what to do next, by asking Configuration Manager. If the original PXE client has been assigned a Task Sequence, then the Agent provides the associated boot image to the local PXE client, which can then start the Task Sequence. Boot images will have been previously deployed to Agents, providing the reassurance there will always be a local Agent capable of quickly responding with the relevant boot image. It also means you can deploy a PXE solution without needing to configure routers to support DHCP forwarding to a central PXE server.

PXE Everywhere does not depend on Content Distribution but is often used with Content Distribution, which helps with the distribution of PXE boot images via Configuration Manager, which further reduces the impact of network traffic on the WAN.

The Client Deployment Assistant is the recommended method of using Configuration Manager to deploy 1E Client to client computers. CDA is necessary if you want to include a boot image in the same deployment as the 1E Client. Refer to Client Deployment Assistant.

PXE Everywhere also works in environments that use DHCP Snooping, as described in DHCP Snooping. This requires the following configuration changes:

  • Install one or more PXE Everywhere Responders, typically on server OS in the central network - Responders only communicate with Agents, they do not communicate with the PXE Everywhere Central server or with Configuration Manager.

  • Authorize the Responders to respond to PXE requests.

  • Configure DHCP Relays (IP helpers) on routers to forward DHCP/PXE request packets to the PXE Everywhere Responder(s) in addition to any DHCP Relays you already have configured for the DHCP server(s).

  • Configure PXE Everywhere Agents to listen on port 2067 (default) instead of port 67.

Firewall ports

Please refer to PXE Communication ports.

Shopping client requirements

Information that will help you design and plan the implementation of Shopping in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with Shopping client enabled.

For a full understanding of Shopping features and their configuration refer to Shopping.

Shopping client features are not required if the 1E Client is being installed only to support 1E, Content Distribution, or WakeUp.

Shopping infrastructure dependencies

Shopping requires an ActiveEfficiency Server, and ActiveEfficiency Scout to import data from Configuration Manager into ActiveEfficiency.

A Shopping solution requires a Shopping Central server on a web server, and a Shopping Receiver installed on each Configuration Manager Site server that has a client reporting to it, and on a CAS if using Shopping for OS Deployment.

Loopback feature

If users are using Edge or Metro browsers, then you must enable the loopback feature. This feature implements a mechanism for passing information between the Shopping client, the browser's secure sandboxed environment and the local machine. This mechanism affects these browsers as a whole and is not just restricted for use by Shopping.

Before enabling the loopback feature, check your security policy on enabling loopback and be aware of the implications of allowing access between browsers and the local machine.

Checking loopback exemption on Microsoft Edge and Metro Internet Explorer browsers

The following is valid only for Windows 8.1 and Windows 10.

Open a command-prompt as administrator on the computer you want to check, then run the following command to verify that loopback exemption was enabled during the installation of the 1E Client.

Copy
CheckNetIsolation LoopbackExempt -s

Output should be:

If either of these items is missing, you can manually add them by executing the following commands. Quotes may be required around the name of the app.

For IE: 

Copy
CheckNetIsolation LoopbackExempt -a -n=windows_ie_ac_001

For Edge:

Copy
CheckNetIsolation LoopbackExempt -a -n=Microsoft.MicrosoftEdge_8wekyb3d8bbwe

Removing

The exemption from loopback restrictions can also be removed for all apps installed by using the following command:

Copy
CheckNetIsolation LoopbackExempt –c

More information

For more information from Microsoft about CheckNetIsolation please refer to: https://docs.microsoft.com/en-us/previous-versions/windows/apps/hh780593(v=win.10).

Information provided by the Shopping client

The following details are provided by the Shopping client, when a user browses to the Shopping Web Portal, and the website uses the loopback feature to query the local computer.

Attribute

Description

Example

UniqueId

Configuration Manager client GUID

GUID:04804aed-922c-4a4b-9f41-eab6592e7d83

AssignedSite

Configuration Manager client Site code

CM1

MacAddress

Computer's MAC Address

20-68-9D-5B-EB-73

HostName

Computername

1EUKCOL1184

HostDomainName

Computer's NetBIOS Domain Name

1E

OSVersion

OS Version

6.3.9600

OSArchitecture

OS Architecture

64-bit

OSRole

Workstation or Server

1

SccmVersion

Configuration Manager client version

5.00.8239.1203

You can confirm Shopping is able to get these "Probe details" via your browser by going to the Shopping portal and navigating to Preferences > Diagnostics page, or using the URL https://<shopping>/Shopping/context

The diagnostics page also displays the Timezone of the browser (as minutes ahead of UTC), and does not display the SccmVersion. It also shows Identity details stored in the Shopping database that Shopping has obtained from Active Directory about your user account and machine details.

Firewall ports

Please refer to Shopping - Communications Ports.

WakeUp client requirements

Information that will help you design and plan the implementation of WakeUp client in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with WakeUp client enabled.

WakeUp client features are not required if the 1E Client is being installed only to support 1E, Content Distribution, or Shopping.

NightWatchman and WakeUp infrastructure dependencies

For a full understanding of WakeUp and NightWatchman features and their configuration, please refer to NightWatchman Enterprise.

If implementing WakeUp, or Content Distribution integration with WakeUp, then you require at least one WakeUp Server. If you have Configuration Manager, you require a WakeUp Server on each Site server that has clients reporting to it. If you do not have Configuration Manager, you require one or more independent WakeUp Servers.

A NightWatchman Management Center server is required when implementing a WakeUp solution. Your 1E Account Team will explain whether your license also includes NightWatchman client features. 1E NightWatchman Agent is a separately installed client agent, that can optionally be used to help with power management of computers. It is not included in 1E Client, but is included in the Client Deployment Assistant which assists with deploying Windows versions of 1E Client via Configuration Manager. As well as providing power management features, when 1E NightWatchman Agent is installed alongside the WakeUp client, it will optionally manage the computer returning to its original power state after being woken using 1E WakeUp and the computer is not busy, for example, installing patches.

Web WakeUp is an optional server component that is typically installed on the NightWatchman Management Center server. It is a web portal for users and administrators to search for computers to wake. It optionally provides a remote desktop link to the woken computer.

Client hardware requirements for WoL

To utilize Wake-On-LAN (WoL) technology, you need the following hardware configurations:

Hardware

Configuration

Network card

A network card that can support Wake-On-LAN. Your network card vendor can tell you if your network adapter supports Wake-On-LAN. If it does, it must be configured to enable remote wake-up. Some adapter drivers are disabled by default within the operating system.

System BIOS

Wake-On-LAN must be enabled in the system BIOS. This option can usually be found in the Boot menu of the BIOS configuration program. Some BIOS have a 'Maximum Power Savings' or 'Low Power S5' option, which should be disabled in order to allow some power to the network card.

Power management

APM or ACPI should be enabled, otherwise, the user of the machine should ensure that it is powered off by hitting the off button after shutdown.

A quick way to tell if a system is Wake-On-LAN ready is to power down the system and then look at the network adapter display LED's. If the lights are still on, then chances are that the system is OK. Windows must have been powered down gracefully (either off or asleep) in order for it to prepare the network card for WOL.

Please contact 1E if you require guidance with WoL configuration on Windows operating systems and enterprise vendor hardware including Dell, HP and Lenovo computers.

1E NightWatchman Agent

If you are deploying WakeUp as part of a NightWatchman Enterprise power management solution, then you will also need to consider the 1E NightWatchman Agent requirements. Refer to Detailed requirements.

Firewall Ports

Please refer to NightWatchman Enterprise Communication ports.