One hindrance to updating systems with the
latest updates is the power status of the system; specifically, if the
system is not powered on, how can you or a tool maintain that system?
Traditionally, the best time to update systems in an organization is
when no one is using them—at night. However, many users turn off their
desktop systems when they leave for the day, even if instructed not to,
and some systems may go into a power-saving hibernation mode.
Powered-down systems present an obvious problem with no easy workaround
and give us systems that either are not patched or are slammed with
patches the moment users log into the network in the morning.
The
solution to this is Wake On LAN (WOL). WOL is an industry-standard
method of sending a remote signal over the network to a system to
“wake” it up when the system is powered off or hibernating. It does
this by sending a specially crafted network packet known as a magic packet
to the destination system. The network interface card (NIC) of the
destination system receives this magic packet (also referred as a wake-up packet in the ConfigMgr console) and proceeds to wake up the system.
WOL Prerequisites
There are two ConfigMgr-specific prerequisites and three external prerequisites to fully enable WOL capabilities in ConfigMgr.
ConfigMgr Prerequisites
External Prerequisites
Network interface cards must support WOL and the use of the magic packet.
Enable WOL on NICs and in the BIOS of destination systems.
If
subnet-directed broadcasts (discussed in the next section) are used,
configure the network infrastructure to forward subnet-directed
broadcasts.
Two Types of WOL
ConfigMgr supports two types of WOL:
Unicast—
With unicast WOL, a single magic packet is sent to the IP address of
the system that needs to be woken up. The IP address is taken from the
hardware inventory of the destination system (thus the requirement for
hardware inventory to be enabled).
You do not
have to make changes to most network infrastructures for this type of
WOL to function. The magic packet is simply a specially crafted UDP
(User Datagram Protocol) packet sent directly to the destination
system’s IP address.
The magic packet includes
the Media Access Control (MAC) address of the system. The destination
NIC compares the MAC address to its own before actually waking up the
system; if the MAC address in the magic packet does not match the MAC
address on the destination NIC, the NIC does not signal the system to
wake up. This prevents a situation where the desired destination system
changes its IP address, but the magic packet is sent to a different
system that acquired the old IP address of the destination system. In
this case, there is no way to actually wake up the destination system
because its new IP address is unknown to ConfigMgr!
Subnet directed—
With subnet-directed WOL, ConfigMgr broadcasts the magic packet to the
IP subnet of the destination system. All NICs on that subnet receive
the magic packet. Each compares the MAC address specified in the magic
packet to its own; if there is a match, the NIC wakes up its system.
This allows ConfigMgr to wake up those systems with changed IP
addresses that remain on the same subnet.
Subnet-directed
WOL requires support from your network infrastructure; specifically
your network infrastructure must support subnet-directed broadcasts.
These broadcasts are often disabled due to overhead. Additionally, it
is a security best practice to change the default port used by
subnet-directed WOL packets and configure the network infrastructure to
allow only subnet-directed broadcasts from your ConfigMgr site server.
Configuring WOL
Several
configuration options are available for WOL in ConfigMgr. You perform
all customizations from the Wake On LAN and Ports tabs of the <Site> Properties dialog box (see Figure 1). Right-click Site Database -> Site Management -> <Site Code> <Site Name> and then choose Properties to get there.
Enable
WOL on the Wake On LAN tab and configure whether you want to use
unicast or subnet-directed broadcasts. New in R2 is the ability to use
the power-on functionality of the Intel AMT technology. This is an
alternative to the magic packets used by traditional WOL, but requires
Out of Band (OOB) management support
on the destination system; OOB also must be fully configured and
enabled in ConfigMgr. To support the AMT power-on capability, R2
includes three new options:
Use power-on commands if the computers support this technology; otherwise, use wake-up packets.
Use power-on commands only.
Use wake-up packets only.
You can also access advanced options from the Wake On LAN tab by clicking the Advanced button displayed in Figure 1. These options are mainly network and ConfigMgr throttling controls; only change them if you are experiencing issues.
To view the port used by ConfigMgr for the magic packet, switch to the Ports tab of the <Site>
Properties dialog box. ConfigMgr uses UDP port 9 by default. To change
the port, select the Wake On LAN entry in the list box and click the
Properties button (the button looks like a hand pointing to a box). The
Port Details dialog box launches, allowing you to change this port
number. Only a single port number is supported.
Using WOL
ConfigMgr
takes care of all the details for actually implementing WOL. You simply
have to tell the system when to use it. ConfigMgr 2007 supports WOL for
the following three activities:
Software distribution mandatory advertisements
Task sequence mandatory advertisements
Software update mandatory deployments
A
check box is present on the Schedule tab of the Properties dialog box
for each of these activities. Once one is selected, ConfigMgr sends the
WOL request to each applicable destination system at the scheduled
mandatory time. When the destination system wakes up, it initiates the
mandatory advertisement or deployment.
WOL
is a great addition to the ConfigMgr toolset. Although third-party
tools were previously available to fill this gap, having the capability
built in is always better—and cheaper. WOL is not complicated, and
Microsoft maintains this simplicity by seamlessly integrating WOL into
the console and functionality of ConfigMgr.
