{"id":2080,"date":"2018-08-28T12:15:33","date_gmt":"2018-08-28T11:15:33","guid":{"rendered":"https:\/\/www.autoitconsulting.com\/site\/?p=2080"},"modified":"2025-07-26T12:50:44","modified_gmt":"2025-07-26T11:50:44","slug":"sccm-create-task-sequence-media-wizard-network-ports","status":"publish","type":"post","link":"https:\/\/www.autoitconsulting.com\/site\/deployment\/sccm-create-task-sequence-media-wizard-network-ports\/","title":{"rendered":"ConfigMgr Create Task Sequence Media Wizard and Network Ports"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Overview<\/h2>\n\n\n\n<p>This post describes the firewall ports that need to be opened between a Microsoft Configuration Manager console and servers in order to use the Create Task Sequence Media wizard. I recently had to run the <strong>Create Task Sequence Media<\/strong> wizard from a ConfigMgr console installed in a secure environment. All the network ports as documented by Microsoft were open but the wizard didn&#8217;t work. This post describes the requirements of the process in more detail and shows the network ports that were missing from the Microsoft documentation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Create Media Wizard Requirements<\/h2>\n\n\n\n<p>The official list of ports used by the ConfigMgr console are listed at\u00a0<a href=\"https:\/\/learn.microsoft.com\/en-us\/intune\/configmgr\/core\/plan-design\/hierarchy\/ports\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/learn.microsoft.com\/en-us\/intune\/configmgr\/core\/plan-design\/hierarchy\/ports<\/a>. However, this list only covers the basic ConfigMgr console operations and does not cover the <strong>Create Task Sequence Media<\/strong> process.<\/p>\n\n\n\n<p>During the media creation process the console allows the choice of various Distribution Points (DPs) in order to download the content required for the specified task sequence. An <strong>SMB<\/strong> connection is made to the DP&#8217;s <strong>ContentLib$<\/strong> network share. All content is downloaded from the DP via SMB and not http\/https as might be expected. All other console requirements (RPC) are as documented by Microsoft.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Create Media Wizard Firewall Port List<\/h2>\n\n\n\n<p>The table below shows the full list of firewall ports that need to be opened between the ConfigMgr console and the various ConfigMgr server systems in order to run the <strong>Create Task Sequence Media<\/strong> wizard. The RPC connections to the SMS provider system would be to the primary Site Server or CAS.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><td>Description<\/td><td>UDP<\/td><td>TCP<\/td><\/tr><\/thead><tbody><tr><td>RPC (initial connection to WMI to locate provider system)<\/td><td>&nbsp;<\/td><td>135<\/td><\/tr><tr><td>RPC Endpoint Mapper<\/td><td>135<\/td><td>135<\/td><\/tr><tr><td>RPC Dynamic Ports\n<p>(Windows Vista, Windows Server 2008, or later)<\/p>\n<\/td><td>&nbsp;<\/td><td>49152-65535<\/td><\/tr><tr><td>RPC Dynamic Ports\n<p>(Windows XP, Windows Server 2003)<\/p>\n<\/td><td>&nbsp;<\/td><td>1025-5000<\/td><\/tr><tr><td>SMB to ConfigMgr Distribution Point <p>(For each DP where content needs to be accessed by the console)<\/p><\/td><td>137, 138<\/td><td>137, 139, 445<\/td><\/tr><\/tbody><\/table><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Overview This post describes the firewall ports that need to be opened between a Microsoft Configuration Manager console and servers in order to use the Create Task Sequence Media wizard. I recently had to run the Create Task Sequence Media wizard from a ConfigMgr console installed in a secure environment. All the network ports as [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":100234,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[59,91,46,68],"class_list":["post-2080","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-deployment","tag-configmgr","tag-mecm","tag-networking","tag-sccm"],"_links":{"self":[{"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/posts\/2080","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/comments?post=2080"}],"version-history":[{"count":15,"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/posts\/2080\/revisions"}],"predecessor-version":[{"id":100239,"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/posts\/2080\/revisions\/100239"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/media\/100234"}],"wp:attachment":[{"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/media?parent=2080"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/categories?post=2080"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.autoitconsulting.com\/site\/wp-json\/wp\/v2\/tags?post=2080"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}