To use these webservices for your Deployments your first need to download the files for the webservice and extract them into a folder on your favourite IIS Webserver. Then publish this Directory as Virtual Directory. It should be configured for .Net 2. The first important thing is the account on which the website is running. As the webservice functions are anonymous by default (authenticated webservices will be easily usable with MDT 2010) and several (better to say all) functions are accessing information from the SCCM Server(s), Active Directory or the MDT Database it will use the account of the website itself. If there are any issues with webservice functions not working first check if your account has enough permission to do what you expect it to do.

There are also a couple of settings in the file called web.config in the root which need to be configured depending on what functions of the webservice you would like to use.

This is the complete list of settings configurable in the web.config:

  <add key="RootServer" value="{YourSCCMRootServer}"/>
  <add key="SLPServer" value="{YourSLPServer}"/>
  <add key="RootSiteCode" value="{YourRootSiteCode}"/>
  <add key="ADDomain" value="DC=YourDomain,DC=com"/>
  <add key="ADUsername" value="Yourdomain\someAccount"/>
  <add key="ADPassword" value="SomePassword"/>

The RootServer, SLPServer and RootSitCode values are necessary if you want to use any of the SCCM Functions Webservice SCCM.

The ADDomain, ADUsername, and ADPassword are only necessary if you want to use the "MoveComputerToOU" Function from the AD Webservice (Webservice AD]. All other Active Directory Functions will be called using the account the website itself is running on. As we are only reading information this should be possible for any authenticated user account.

Finally there are two connection strings as we might need to make some Database calls (see for sample connection strings):

  <add name="MDT" connectionString="{Valid_Connection_String_To_MDT_Database}"/>
  <add name="SCCM" connectionString="{Valid_Connection_String_To_SCCM_Database"/>

The "MDT" connection string is used to access the MDT Database. I personally prefer to have a specific MDTAdmin Account for the MDT Database. The "SCCM" connection string is only necessary for the USMT StateStore and Encryption Key functions in SCCM. All other functions will be executed using WMI.

If you experience any issues you can also turn on tracing in the web.config which will help you troubleshooting the issue. See further information on Webservice Troubleshooting

Last edited Jul 13, 2009 at 8:17 PM by MaikKoster, version 4


No comments yet.