Historically, a pull-based client communication mechanism is employed in the System Center Configuration Manager line of products. As a result, in large scale enterprise environments, when an administrator initiates a task, it would take minutes or even hours for each client to receive that task, run it and then report the result back to the server. For common scenarios it is an appropriate trade off, however it is problematic if such tasks are mission-critical and time sensitive (e.g., anti-malware operations). The latency is also more obvious in data center environments where servers only have a limited amount of time reserved for management tasks. How useful would it be to push IT administration tasks much faster ? Configuration Manager 2012 SP1 provides this capability by providing a fast “client notification” channel between server and the managed clients.
Client notification is, by popular demand, a new and exciting infrastructure component introduced in Configuration Manager 2012 SP1, which can provide a fast channel that a Configuration Manager administrator can use to notify clients to initiate time-sensitive tasks as soon as possible. The communication channel is push-based instead of dependent on the client policy polling interval. By using client notification, clients can establish a persistent connection with a management point. Subsequently, the server can notify the client of time-sensitive or urgent tasks over the channel and the client can perform an action in response to the message. In SP1, all System Center Endpoint Protection operations and the “Download Computer Policy” client action are implemented by using this channel.
Client notification is an end-to-end infrastructure composed of notification manager on the site server, notification server on the management point and notification agent on the client.
1) Notification Manager
Notification manager is a component of the site server. Its responsibility is to generate push messages for client notification-enabled actions, update the client online presence status and client notification push results in the site database.
2) Notification Server
Notification server is the server component on the management point. It is automatically deployed and installed on management points, including on secondary sites. Notification server performs the following functions:
3) Notification Agent
Notification agent is a client component hosted in CCMEXEC.exe. As a part of client initialization, it will establish a persistent connection with notification server. For those clients that communicate via a secondary site, they will establish connection with the notification server on the proxy management point. It will try TCP mode first, then fallback to HTTP mode if it fails (due to firewalls or Internet proxies that do not allow TCP traffic). If the connection is dropped (e.g. because of a network issue), notification agent will attempt to reconnect.
Client notification supports both the TCP and HTTP communication protocols. TCP is the primary mode used, which requires an extra port to be opened in firewalls, and HTTP is the fallback option and doesn’t need any prerequisite configuration. The respective workflow is nearly the same. Take TCP mode as an example.
1) Client notification Infrastructure is by default enabled end-to-end. During client initialization, notification agent will first attempt to establish a persistent TCP Connection to notification server on the current management point. Once successful, notification agent will periodically send a keep-alive message every 15 minutes to maintain the connection. If the client fails to establish a TCP Connection, notification agent will try the HTTP protocol.
2) Notification server on the management point computer will accept the client’s connection request after TLS (Transport Layer Security) authentication is passed. Thus notification server will manage all active connections and generate online status data every 5 minutes to be placed in <Site Server Install Dir>inboxesbgb.box.
3) Notification manager will read the Online files (*.BOS) from bgb.box, and update the online presence info in the site database.
4) When an administrator initiates a supported client operation from the Configuration Manager console, that action will be translated into a client notification message and placed into the database service broker queue.
5) Notification server will detect the message request and get the message from the service broker queue and then push the message to online clients over the persistent channel.
6) Upon receiving the message over the channel, notification agent will perform the corresponding action based on the message content: either notify the Endpoint Protection client to perform an action (e.g. quick scan), or notify the client to request machine policy as soon as possible. The notification result will be sent back to notification server.
7) Notification server summarizes the task push results periodically and exports them into files to be placed in <Site Server Install Dir>inboxesbgb.box.
8) Notification manager processes the task push result files (*.BTS) and updates the site database.
Note: While this has been an attempt to provide interested administrators with more information about how the client notification channel works, this article contains many implementation details (like timeout lengths) that are subject to change in future releases of System Center Configuration Manager.
<smssiteserver setup dir>logsbgbmgr.log
<mp setup dir>logsBGBServer.log
<sms_ccm dir or client setup dir>logsBgbHttpProxy.log
For installation issues:
<mp setup dir>logsBgbSetup.log
<mp setup dir>logsbgbisapiMSI.log
<client setup dir>logsCcmNotificationAgent.log
Question: Does client notification work with mobile device or Mac computers?
Answer: Client notification only supports Windows computer clients and embedded clients.
Question: How does client notification load balancing work?
Answer: Notification agent will identify the notification server based on the client’s assigned management point. If the assigned management point gets changed, notification agent will close the current connection and connect to the notification server located on the newly assigned management point. This helps to ensure that the connection load is balanced.
Question: Can I see the online status of clients from the Configuration Manager console?
Answer: Not currently. We are considering this for a future release.
Question: Which Windows Management Instrumentation (WMI) class will include the client computer online status?
Answer: SMS_CN_ClientStatus is an SMS Provider class that defines the client computer online status information. Property OnlineStatus stands for the online status of the client computers. Value 1 means online and 0 represents offline. Property ChannelType is used to differentiate the protocol type client notification channel leverages. ChannelType = 0 stands for TCP Protocol and 1 is HTTP protocol.
Note: the class name is a prerelease class name and is subject to change.
Question: How long is each task re-pushed once it has been created?
Answer: 1 hour
Question: Which processes contain notification server code?
Answer: Notification server code runs in smsexec.exe, dllhost.exe(Managed Code TCP listener) and w3wp.exe(HTTP ISAPI).
Question: Why can’t the client notification agent establish TCP connection?
Answer: The most COMMON reason is the configured TCP port (10123 by default) is still prohibited by firewall policy.
Question: Will an MP be overloaded by triggering download machine policy?
Answer: Notification server implements the push throttling mechanism. Default value is notifying 42 clients per second. So the load added on MP is controlled. You can configure the value thru registry HKEY_LOCAL_MACHINESOFTWAREMicrosoftSMSNotificationServerTask Throttle Param. However, it is still not recommended to target this action to large collections(ex. All Systems) except under extreme circumstances that warrant it.
Question: How do I determine how many clients are connected to each management point?
Answer: The following SQL query can tell you the number.
select B.ServerName, A.OnlineClients as 'Online Clients' from Bgb_Server B left join dbo.v_BgbServerCurrent A on A.ServerID=B.ServerID order by 2
Question: When the client service is started, will it connect to notification server immediately?
Answer: Notification agent will sleep a random number of seconds between 0 and 10 minutes before it contacts the notification server in order to avoid excessive network bandwidth usage if multiple computers are powered on simultaneously (for example at the start of the business day).
Question: When a client computer enters sleep mode or leaves the network, will Notification Server know that?
Answer: Yes. If notification server receives nothing from notification agent for 20 minutes, it will drop the connection if it’s there and set the client’s online status to Offline.
Question: If the client is offline and online later, will it be able to receive the missed task through the client notification server?
Answer: When client gets online again, if the task assigned to it is expired, notification server will not notify it again. If the task is still valid, notification server re-pushes the task to the client.
Question: If the client communicates with a management point in a secondary site, which notification server it will connect to?
Answer: The client will connect to the notification server in the proxy management point.
Question: Will Internet facing clients able to go through client notification Channel?
Answer: Yes. While it is likely that due to firewalls and proxies in the path of the communication that the TCP connection will fail, clients should still be able to use HTTPS to connect to the notification server.
Question: Will notification server work with clustered SQL Server?
Question: Does notification server support management point in a site database replica?
Answer: Yes. notification server supports management point in a site databse replica.
Question: For roaming clients, will it connect to the notification server in local management point?
Answer: No. While a client will make use of a proxy management point, globally roaming clients will still establish connection to the notification server in the assigned management point.
I hope that this blog post helps you to gain a better understanding of the newly introduced client notification infrastructure in Configuration Manager 2012 SP1 and provides you with information about some typical troubleshooting problems with solutions.
-- Randy Xu
This posting is provided "AS IS" with no warranties and confers no rights.