1E Platform module requirements

Information that will help you design and plan the implementation of 1E Content Distribution in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with the 1E Content Distribution client enabled.

1E Content Distribution infrastructure dependencies

For a full understanding of 1E Content Distribution features and their configuration, refer to 1E Content Distribution features.

In addition to deploying 1E Client (with 1E Content Distribution client module enabled) on all computers and on Configuration Manager Distribution Points, the following are also required:

• 1E Content Distribution tools installed on Configuration Manager sites and SMS Providers.

• 1E Content Distribution Configuration Manager Console extensions on Configuration Manager site servers, any other computer that has the Configuration Manager Console installed.

Downloading client content and 1E Content Distribution integration

1E Client downloads content from the 1E Background Channel. Content is mainly scripts and other files required by instructions. It also includes client resources such as extensible modules, providers, and other dependencies to maintain the 1E Client. In most cases, client resources are version controlled to prevent repeated downloads. 1E instructions always request a download even if they have run an instruction before, unless the content for that instruction has been cached in memory.

1E Content Distribution is an optionally licensed component of the 1E Client. It makes software deployment, patching and downloading content more efficient and reduces the impact on the network. It removes the need for remote Distribution Point servers in Microsoft System Center Configuration Manager systems. When 1E Content Distribution is installed on computers, it automatically elects a peer to download content from a server over the WAN and then peer-shares the content with other PCs at the same location. The downloaded content is cached locally on each PC in case it is needed again.

1E Platform can optionally use 1E Content Distribution to download content from servers irrespective of whether it is integrated with Configuration Manager or not, and also uses advanced 1E Content Distribution features.

1E Platform client integration with 1E Content Distribution

1E Platform client integration with Content Distribution allows clients to make use of 1E Content Distribution features for more efficient downloading of content from different HTTP sources, including the 1E Background Channel. Using this feature needs the following settings enabled, you can do this during the 1E Client installation:

• 1E Content Distribution client module - enabled (off by default)

• 1E Platform integration with 1E Content Distribution - enabled (on by default)

With the 1E integration setting enabled, the client will automatically detect if the 1E Content Distribution client module is enabled and use it to download content from HTTP sources when requested. 1E Platform use of 1E Content Distribution works irrespective of whether 1E Content Distribution is integrated with Microsoft Configuration Manager, or using 1E ActiveEfficiency or 1E Content Distribution features. The 1E Content Distribution client is included in 1E Client and requires 1E Platform with Content Distribution features enabled. Content Distribution is the replacement for ActiveEfficiency.

Configuration Manager is not a prerequisite for 1E Platform integration with 1E Content Distribution, but you will need to consider the following:

1E Platform client integration with 1E Content Distribution disabled

If 1E Content Distribution integration is not used, the following applies:

• 1E Platform client waits a randomized stagger period defined by its DefaultStaggerRangeSeconds setting, and then downloads content from the specified Background Channel.

• 1E Platform client retains modules and extensible that it has downloaded but does not retain instruction scripts after they have been run. Any instruction that requires a script or other file will download the latest version each time the instruction is run.

1E Client integration with 1E Content Distribution enabled

1E Content Distribution integration is available on Windows PC devices and is enabled by default, but can be disabled during installation of the 1E Client.

With the 1E Content Distribution integration feature enabled, 1E Client will detect if a supported version of 1E Content Distribution is running on the device.

• 1E Client immediately requests 1E Content Distribution to download content from the specified HTTP source, such as the Background Channel. 1E Content Distribution behaves in the same way as it does with Configuration Manager by ensuring the latest version of content is obtained and electing a master to perform the actual download.

• 1E Content Distribution maintains its own cache of downloaded content which avoids the need for repeat downloads over the WAN, and provides content to peers that require the same resources which avoids peer devices having to download over the WAN.

• If the 1E Content Distribution integration feature is enabled, and requested content is not provided within the timeout period, the 1E Client will fall back to downloading directly from the HTTP source. The most likely reason for a timeout is if 1E Content Distribution is busy downloading other content.

The Background Channel is a web application on the 1E Server which uses HTTPS and default port is 443. The URL for the Background Channel is defined in the 1E Client configuration file and is specified during installation of the 1E Client if 1E features are enabled. The 1E Client passes this URL to Content Distribution when it requests content to be downloaded. Instructions can also specify other HTTP sources.

1E Content Distribution does not need to be configured to use certificates in order to communicate with the Background Channel (the 1E Content Distribution CertIssuer and CertSubject settings are used only with Configuration Manager Distribution Points that are configured to validate device certificates).

The Single-Site Download (SSD) feature, which uses Microsoft content distribution, further reduces the impact of downloading content over the WAN.

Firewall ports

Refer to Firewall ports.

Information that will help you design and plan the implementation of PXE Everywhere in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with the PXE Everywhere Agent client module enabled.

For a full understanding of PXE Everywhere features and their configuration, refer to PXE Everywhere.

PXE Everywhere infrastructure dependencies

PXE Everywhere helps with OS Deployment. The PXE Everywhere Agent is a lightweight PXE service deployed throughout the network, responding to PXE requests on local subnets. Local Agents elect which one will respond to the original PXE request, and communicate with PXE Everywhere Central to determine what to do next, by asking Configuration Manager. If the original PXE client has been assigned a Task Sequence, then the Agent provides the associated boot image to the local PXE client, which can then start the Task Sequence. Boot images will have been previously deployed to Agents, providing the reassurance there will always be a local Agent capable of quickly responding with the relevant boot image. It also means you can deploy a PXE solution without needing to configure routers to support DHCP forwarding to a central PXE server.

PXE Everywhere does not depend on Content Distribution but is often used with Content Distribution, which helps with the distribution of PXE boot images via Configuration Manager, which further reduces the impact of network traffic on the WAN.

The Client Deployment Assistant is the recommended method of using Configuration Manager to deploy 1E Client to client computers. CDA is necessary if you want to include a boot image in the same deployment as the 1E Client. Refer to Client Deployment Assistant.

PXE Everywhere also works in environments that use DHCP Snooping, as described in DHCP Snooping. This requires the following configuration changes:

• Install one or more PXE Everywhere Responders, typically on server OS in the central network - Responders only communicate with Agents, they do not communicate with the PXE Everywhere Central server or with Configuration Manager.

• Authorize the Responders to respond to PXE requests.

• Configure DHCP Relays (IP helpers) on routers to forward DHCP/PXE request packets to the PXE Everywhere Responder(s) in addition to any DHCP Relays you already have configured for the DHCP server(s).

• Configure PXE Everywhere Agents to listen on port 2067 (default) instead of port 67.

Firewall ports

Refer to Communication ports.

Information that will help you design and plan the implementation of Shopping in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with Shopping client enabled.

For a full understanding of Shopping features and their configuration refer to Shopping.

Shopping infrastructure dependencies

Shopping requires an ActiveEfficiency Server, and ActiveEfficiency Scout to import data from Configuration Manager into ActiveEfficiency.

A Shopping solution requires a Shopping Central server on a web server, and a Shopping Receiver installed on each Configuration Manager Site server that has a client reporting to it, and on a CAS if using Shopping for OS Deployment.

Loopback feature

If users are using Edge or Metro browsers, then you must enable the loopback feature. This feature implements a mechanism for passing information between the Shopping client, the browser's secure sandboxed environment and the local machine. This mechanism affects these browsers as a whole and is not just restricted for use by Shopping.

Checking loopback exemption on Microsoft Edge and Metro Internet Explorer browsers

The following is valid only for Windows 8.1 and Windows 10.

Open a command-prompt as administrator on the computer you want to check, then run the following command to verify that loopback exemption was enabled during the installation of the 1E Client.

CheckNetIsolation LoopbackExempt -s

Output should be:

If either of these items is missing, you can manually add them by executing the following commands. Quotes may be required around the name of the app.

For IE: 

CheckNetIsolation LoopbackExempt -a -n=windows_ie_ac_001

For Edge:

CheckNetIsolation LoopbackExempt -a -n=Microsoft.MicrosoftEdge_8wekyb3d8bbwe

Removing

The exemption from loopback restrictions can also be removed for all apps installed by using the following command:

CheckNetIsolation LoopbackExempt –c

More information

For more information from Microsoft about CheckNetIsolation refer to How to enable loopback and troubleshoot network isolation (Windows Runtime apps).

Information provided by the Shopping client

The following details are provided by the Shopping client, when a user browses to the Shopping Web Portal, and the website uses the loopback feature to query the local computer.

You can confirm Shopping is able to get these "Probe details" via your browser by going to the Shopping portal and navigating to Preferences > Diagnostics page, or using the URL https://<shopping>/Shopping/context

The diagnostics page also displays the timezone of the browser (as minutes ahead of UTC), and does not display the SccmVersion. It also shows Identity details stored in the Shopping database that Shopping has obtained from Active Directory about your user account and machine details.

Firewall ports

Refer to Shopping Communication ports.

Information that will help you design and plan the implementation of WakeUp client in your organization. This includes all the prerequisites and dependencies, which are necessary to install 1E Client with WakeUp client enabled.

NightWatchman and WakeUp infrastructure dependencies

For a full understanding of WakeUp and NightWatchman features and their configuration, refer to NightWatchman Enterprise 7.4.

If implementing WakeUp, or Content Distribution integration with WakeUp, then you require at least one WakeUp Server. If you have Configuration Manager, you require a WakeUp Server on each Site server that has clients reporting to it. If you do not have Configuration Manager, you require one or more independent WakeUp Servers.

A NightWatchman Management Center server is required when implementing a WakeUp solution. Your 1E Account Team will explain whether your license also includes NightWatchman client features. 1E NightWatchman Agent is a separately installed client agent, that can optionally be used to help with power management of computers. It is not included in 1E Client, but is included in the Client Deployment Assistant which assists with deploying Windows versions of 1E Client via Configuration Manager. As well as providing power management features, when 1E NightWatchman Agent is installed alongside the WakeUp client, it will optionally manage the computer returning to its original power state after being woken using 1E WakeUp and the computer is not busy, for example, installing patches.

Web WakeUp is an optional server component that is typically installed on the NightWatchman Management Center server. It is a web portal for users and administrators to search for computers to wake. It optionally provides a remote desktop link to the woken computer.

Client hardware requirements for Wake-On-LAN (WoL)

To utilize Wake-On-LAN (WoL) technology, you need the following hardware configurations.

A quick way to tell if a system is Wake-On-LAN ready is to power down the system and then look at the network adapter display LED's. If the lights are still on, then chances are that the system is OK. Windows must have been powered down gracefully (either off or asleep) in order for it to prepare the network card for WOL.

1E NightWatchman Agent

If you are deploying WakeUp as part of a NightWatchman Enterprise power management solution, then you will also need to consider the 1E NightWatchman Agent requirements. Refer to Detailed requirements.

Firewall Ports

Refer to NightWatchman Enterprise Communication ports.