When you install a site, you automatically install the first SMS Provider for the site. Unless the server already has a PKI-based certificate, the site automatically uses the site's self-signed certificate. If your site uses PKI, you need to manually bind a PKI certificate in IIS on the SMS Provider. If you enable Enhanced HTTP, then the site binds that certificate using IIS APIs. This service has a dependency on IIS to bind that certificate to HTTPS port 443. Starting in version 2010, this role is no longer required.Įvery SMS Provider attempts to install the administration service, which requires a certificate. In version 2006 and earlier, enable the Windows server role Web Server (IIS). For more information, Site and site system prerequisites. In version 2103 and earlier, this role requires. NET version 4.6.2, and version 4.8 is recommended. Starting in version 2107, the SMS Provider requires. For more information about Windows ADK and the SMS Provider, see OS deployment requirements.
In the same domain as the site server and the site database site systemsĬan't have a site system role from a different siteĬan't already have an SMS Provider from any siteĪt least 650 MB of free disk space to support the Windows ADK components. The SMS Provider has the following prerequisites:
When each instance of the SMS Provider for a site is offline, Configuration Manager consoles can't connect to the site.įor more information about how to manage the SMS Provider, see Manage the SMS Provider. For more information, see What is the administration service?. This REST API can be used in place of a custom web service to access information from the site. The SMS Provider also provides API interoperability access over HTTPS, called the administration service. It returns only the information that the console user is authorized to view. The SMS Provider helps enforce Configuration Manager security. When a Configuration Manager console connects to a site, it queries WMI on the site server to locate an instance of the SMS Provider to use. The SMS Provider doesn't interact with Configuration Manager clients. To do so, admins can use the Configuration Manager console, Resource Explorer, tools, and custom scripts. Secondary sites don't support the SMS Provider role.Ĭonfiguration Manager administrative users use an SMS Provider to access information that's stored in the database. Configuration Manager automatically creates this group on the site server, and on each computer where you install an instance of the SMS Provider.
The SMS Admins security group provides access to the SMS Provider. You can install more providers as needed. The SMS Provider is a Windows Management Instrumentation (WMI) provider that assigns read and write access to the Configuration Manager database at a site.Įach CAS and primary site require at least one SMS Provider. By default, an SMS Provider installs on the site server when you install a central administration site (CAS) or primary site. To manage Configuration Manager, you use a Configuration Manager console that connects to an instance of the SMS Provider. Applies to: Configuration Manager (current branch)