CSM for MECM - Requirements for MECM

Centero Software Manager Integration Client integrates to MECM environment and needs access to MECM environment and also file system locations used by CSM Integration Client.

1. MECM requirements

  • Supported versions
    • Current branch
    • 2012 R2
      • Some CSM for MECM features are not available in 2012 R2 and other old versions
  • At least one distribution point group
  • Collections that will be used for deployments
  • Make sure you are not deploying the same applications through a manually created application or other 3rd party patching solution and with CSM

2. Service account requirements

  • Password set to never expire
  • MECM PowerShell usage permissions (instructions in step 4.)
  • At least Application Administrator role is MECM 
    • Task Sequence Auto Update feature requires additional Operating System Deployment Manager role
  • Permission to log on locally and as a service to the server

3. File system permissions

  • Service account and all users who use CSM Integration Client UI must have administrative access to server (where CSM Integration Client will be installed) or at least these permissions:
    • Full Control to HKEY_LOCAL_MACHINE\SOFTWARE\Centero\Agent registry key
    • Modify permissions to %ProgramData%\Centero folder and all its subfolders (this folder structure is created during CSM Integration Client installation but this can also be created manually before installation)
    • Modify permissions to network share where applications will be downloaded (verify that both share and folder permissions allow modification)

Note

If your application download network share is located on a different server, you must also add modify permissions to network share for the computer object of server where CSM Integration Client is installed. 

You might have to grant admin permissions for CSM server's computer object to the server hosting the network share.

4. PowerShell connection

  1. Open Microsoft Endpoint Configuration Manager as a service user and select Connect via Windows PowerShell
  2. Make Microsoft as trusted publisher for PowerShell scrips by choosing A (always run)