Dynamic client configuration updating policy information

You might decide not to use Automatically detect for the following reasons: If you specify the Application Catalog website point rather than use automatic detection, specify the Net BIOS name rather than the intranet FQDN to help reduce the likelihood that users will be prompted for credentials when they connect to the Application Catalog on the intranet.

To use the Net BIOS name, the following conditions must apply: Typically, users are prompted for credentials when the URL contains an FQDN but not when the URL is a Net BIOS name.

Because the Application Catalog receives the list of available software for users from the site server, this setting does not have to be configured as True or Yes for users to see and request applications from the Application Catalog.

However, if this setting is False or No, the following will not work when users use the Application Catalog: In addition, when this setting is False or No, users will not receive required applications that you deploy to users or any other management operations that are contained in user policies.

For more information about managing clients on the Internet, see the Planning for Internet-Based Client Management section in the Planning for Communications in Configuration Manager topic.

A set of default settings is supplied with Configuration Manager.When there is more than one available Application Catalog website point in the site, an HTTPS-enabled server takes precedence over a server that is not enabled for HTTPS.After this filtering, all clients are given one of the servers to use as the Application Catalog; Configuration Manager does not load-balance between multiple servers.Expect users to be always prompted when they connect from the Internet, because this connection must use the Internet FQDN.When users are prompted for credentials when they are on the Internet, ensure that the server that runs the Application Catalog website point can connect to a domain controller for the user’s account so that the user can be authenticated by using Kerberos.

Leave a Reply