Summary

What you will need to prepare in advance of implementing Nomad in your network. Typically, these are tasks that may take some time, depending on how your organization works. A more complete checklist of tasks is provided in Prerequisites.

ActiveEfficiency



NightWatchman Enterprise

Nomad integration with WakeUp is available if you enable this feature when installing NightWatchman Management Center. You should install ActiveEfficiency Server first and then install NightWatchman Management Center. Both servers require Windows Message Queuing feature (MSMQ) to be enabled.

In summary, you require the following:

  • NightWatchman Management Center server
  • WakeUp Server installed on each Configuration Manager site server
  • ActiveEfficiency Server
  • WakeUp client module enabled in the 1E Client on all client computers
  • Wake-on-LAN enabled on all client computers.

Please refer to Integrating with WakeUp.

See below for pre-installation checks, architecture and ports. 

Tachyon

Nomad Download Pause is available if you implement a Tachyon server infrastructure, including enabling the Tachyon client features in 1E Client in addition to the Nomad client. It also requires Single-site download and ActiveEfficiency.

PXE Everywhere

If you are also implementing a PXE Everywhere solution using Nomad, ensure you meets its prerequisites. Please refer to PXE Everywhere 4.0 - Requirements.

Accounts needed to install Nomad

To install Nomad, you will need:

  • Installer account – must be a domain account with local admin rights

The Nomad Dashboard and dynamic pre-cache features require ActiveEfficiency to synchronize with the Configuration Manager database. For standalone primary site environments, permissions are assigned to the ActiveEfficiency service account automatically using the ConfigMgr_DViewAccess localgroup native to Configuration Manager. For a CAS, this group is not created natively therefore additional steps are required to allow access. Please refer to ActiveEfficiency Server 1.10 - Preparation: Granting access to the Configuration Manager site database.

If your set-up is across three distributed servers hosting the ActiveEfficiency service, the database and the Configuration Manager database and you plan to use the Nomad Dashboard or the Nomad pre-cache features (or if you get the Login failed for user NT AUTHORITY\ANONYMOUS LOGON error message in the ActiveEfficiency service log (located in C:\ProgramData\1E\ActveEfficiency), please refer to the procedure in ActiveEfficiency Server 1.10 - Preparation: Service Principal Names and Delegation.



Checks prior to installing Nomad

  • If you are upgrading, please refer to Upgrading Nomad. You must upgrade in the following order to avoid potential forward compatibility issues:
    • Upgrade all site servers and Distribution Points first. Old and new clients can then be sure to connect to the latest version on servers
    • Upgrade all Nomad clients running on a single subnet at the same time. This avoids potential issues with older clients attempting to peer connect with new clients on the same subnet, even if the client configuration remains the same
  • Ensure DNS is working properly
  • Ensure client side firewalls have exceptions in place for NomadBranch.exeNomadPackageLocator.exe and PackageStatusRequest.exe
  • Ensure local broadcasts are enabled on each subnet that Nomad operates in

    Some wireless access points may be configured to prevent broadcasts, which will prevent Nomad peer-sharing features from working. See the Wireless Access Points prerequisite below for details on WAP configuration.


  • Ensure the Configuration Manager client is healthy and functioning properly
  • The latest version of ActiveEfficiency should be installed to support certain features, please refer to the ActiveEfficiency heading above. Network site information (which subnets are in which sites) must also be added to ActiveEfficiency.
  • Nomad clients must have StatusMsgEvents = 0x1000000064 set in the registry to enable them to send data to the dashboard. Currently the default is 0 and no status messages will be sent.
  • If you want Nomad integration with WakeUp then you will need the following
    1. ActiveEfficiency
    2. NightWatchman Management Center with the WakeUp integration with ActiveEfficiency feature enabled.
      • NightWatchman Management Center 7.0 or later must be installed
      • WakeUp Server 7.0 or later must be installed
      • 1E Agent 7.0 or later (with the WakeUp component enabled and reporting turned on) must be deployed to all the clients on the required subnets

      You will need a valid NightWatchman Enterprise license to use these components.


    3. On Nomad peers:
    4. On Nomad machines requesting the download:
      • Enable the 1E Agent WakeUp component
      • Enable SSD if site-wide wake-up is required
    5. On the machines where wake-up is used:
      • The BIOS on each client must be configured to support wake from off
      • The network adapter on each client must be configured to support wake from sleep (1E Services can help configure this using vendor utilities and scripts)
  • To support enhanced package consistency checking, the Nomad client must be installed on each Configuration Manager DP. This client enables file-level consistency checking by creating a manifest file on the DP for every version of each package created enabling Nomad to verify that each file it downloads is consistent with the version available on the DP.


    LSZ generation using HTTP/HTTPS is automatically configured only on DPs that are also Site servers. For standalone DPs (those not on a site server), enable the following on the Nomad client running on the DP either during installation or by updating the Nomad registry:

    Installer propertyRegistry valueDescription
    SIGSFOLDERSigsFolderNomad is able to leverage Configuration Manager's binary differential replication (BDR) if the Windows remote differential compression feature is installed on the DP server using the Windows Server Manager. On the Nomad side, set this registry value on the DP to point to the Configuration Manager RDC signatures folder.
    SPECIALNETSHARESpecialNetShareThe 0x4000 bit must be set to enable the Nomad client to handle LSZ file generation requests coming from HTTP/HTTPS enabled clients.
    PERMITTEDLSZSHARESPermittedLSZSharesWhen installed on a standalone DP (not on a site server), ensure that this registry value contains the local share names used on the server (e.g. SMSPKGF$; SMSPKGG$; etc) to host Configuration Manager packages. The default value satisfies the default locations used by Configuration Manager.




  • If you are using the BIOS to UEFI feature, ensure you meet its prerequisites described in BIOS to UEFI 1.4 - Prerequisites.

Certificates

You can use digital certificates to certify the identity of entities in your network. We support the use of Public key infrastructure (PKI) based certificates or self-signed certificates. If you are using PKIs to digitally sign entities from the outset, ensure that they are deployed to all agents. Alternatively, you can deploy PKIs post-installation. Things to bear in mind when using the HTTPS protocol: 

  • Define the certificate type using P2PSSLSETTINGS (0 – self-signed certificates or 1 – PKI certificates). By default self-signed is enabled.
  • When self-signed is enabled, a self-signed certificate is created by the installer and stored in MY store.