What is basically required to have SMP 7.5.x CEM functionality working via HTTPs using self-signed or non self-signed certificates
Probably this information will be useful to know, if you're going to setup CEM in your environment.
All description steps in attached doc were done in SMP 7.5 SP1 release build!
In attached "CEM - Basic to install CEM functionality.docx" you will see following areas with screenshots and description, like:
Also you can check another link to see some CEM troubleshoot cases:
Thanks Igor!
I have a few more questions coming up, i will post it as new question.
Thanks again
Thanks Igor!.
I have some CEM questions about Site Servers and Agents, I will articulate the question and post it up. I'll let you know when I submit it.
Hi JeanWilson!
Yes, this doc also works for 8.1.x !
Best regards,
IP.
Can I use this document for 8.1?
Yes, you can. This functionality is valid for all 7.5+ versions.
I havent started yet but can I use this article for SMP 7.6.1 as well?
Thanks
You are welcome! :- )
Thanks .....helpful artice...
Excellent article!
If you have more than one Package Server in CEM mode, then you have a handler of failover, because CEM clients will try to download from 2nd Package Server in CEM mode as well if 1st one is down.
ah ok, so they will not download from SMP at all? Also we will have few sites like that and each of those site will have a PS and those clients will be manully assigned to their prospective PS.
If you will have only single Package Server in CEM mode for all managed endpoints, which are in CEM mode, then remember about failovers, because if you will set manual assignment to serve only CEM clients and this Package Server in CEM mode will not respond, etc, then all clients in CEM mode will unable to download packages.
Thank you so much. I will give it a shot.
Hi skhs,
thank you for feedback!
I see this way, how it will looks like:
1st: Need to generate "CEM Offline" package ⇒ deliver it to future Package Server computer (because this computer doesn't have access to company network) ⇒ install "CEM Offline" package ⇒ this computer will register with SMP Server via CEM Gateway.
2nd: There is a mention, that Package Server can be set on computer, which is in CEM mode (with CEM Settings policy applied) on Site Server Management page
(Note: Do not forget about setting a IIS HTTPs binding for this Package Server). (Note: You will not be able to set "Task Server" as Site Server for computer, which has "CEM Settings" policy applied).
(Note: Do not forget about setting a IIS HTTPs binding for this Package Server).
(Note: You will not be able to set "Task Server" as Site Server for computer, which has "CEM Settings" policy applied).
3rd: After that you will have Package Server which is in CEM mode and you will need to set appropriate manual assignment/or/Site assignment on this Package Server to serve CEM clients only.
Other client computers, which are in CEM mode as well as this Package Server, should profile network speed of this Package Server address ⇒ receive package codebases from SMP Server via CEM gateway ⇒ then CEM client will determine, whether they are able to download packages directly from this CEM PS or not.
(Note: CEM Client and CEM package server shouldn't have network problems, like resolving failure of each other by hostname/fqdn/IPv4 or other problems like SSL handshake error, etc).
Pay attention on these cases:
Thanks,
Thank you Igor, great document. Wonder if you would know if we can have a site server that only connects via gateway? use case is if we have a site that is not connected to the company network and clients are connected via CEM but we would like clients to download packages from the same location where they are. (so only PS downloads packages from smp via gateway and clients download from that.)