The MDM distribution point

imageThis blog post will be about the MDM distribution point. The MDM distribution point is the distribution point that’s added after completing the Microsoft Intune integration. To be honest, I didn’t even know that the distribution point was named MDM distribution point. Also, I don’t know if it’s the official name, but I do know that it’s being referenced like that in every related log file.

In the rest of this blog post I’ll describe the high level flow of a package to the MDM distribution point.

SMS_DISTRIBUTION_MANAGER

The SMS_DISTRIBUTION_MANAGER is the default component for handling all the content notifications. Once a distribution point is added to a package, the SMS_DATABASE_NOTIFICATION_MONITOR drops a notification file in the distmgr.box and by that triggers the SMS_DISTRIBUTION_MANAGER to start processing the package. So far nothing different from a normal distribution point.

What makes it different is what follows now. The SMS_DISTRIBUTION_MANAGER detects that the package is targeted to the MDM distribution point. This triggers the SMS_DISTRIBUTION_MANAGER to copy the package to the DMP connector share instead of going the normal route to a (remote) distribution point. The DMP connector share is a shared folder named SMS_OCM_DATACACHE and is located on the site server in the installation directory of ConfigMgr. After that the SMS_DISTRIBUTION_MANAGER is done with its work for this package.

SMS_OUTGOING_CONTENT_MANAGER

The SMS_OUTGOING_CONTENT_MANAGER is the component for sending the packages targeted to the MDM distribution point. Just like with a normal cloud distribution point this action is not performed before encrypting the files. The SMS_OUTGOING_CONTENT_MANAGER picks up the content in the SMS_OCM_DATACACHE and uses it as the content source directory of the package. The next thing the SMS_OUTGOING_CONTENT_MANAGER does is encrypting the content files and for that it uses a temporary folder named SoftwarePublishing located, by default, in C:\Windows\TEMP\. When the content files are encrypted they’re uploaded to the MDM distribution point and, like all the connections with Microsoft Intune, for connecting to the MDM distribution point the certificate issued by SC_Online_Issuing is used. This certificate is generated during the completion of the Microsoft Intune integration.

When its all done the SMS_OUTGOING_CONTENT_MANAGER drops a state message in auth\statesys.box\incoming that will be picked-up by the normal process for state messages.

More information

Read the smsdbmon.log, the statesys.log, the distmgr.log and the outgoingcontentmanager.log for all the information about this whole process. For more information about all the log files see: https://technet.microsoft.com/en-us/library/hh427342.aspx

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.