Client Push by OU
Having the ability to use Client Push more granularly would be awesome. We have about 6 domains, and multiple OUs are defined in System Discovery, yet I don't want Client Push enabled on them all, so it is currently disabled. Maybe having an option in the Discovery area, for an OU that is added (right where it says "Search AD Groups and Search Child containers") that enabled Client Push on that discovered OU. Or More granular settings on Client Push itself, maybe a small GUI attached to it
Todd Miller commented
I would be happy to accept collection based client push, which would allow us to be even more surgical in targeting. That would make an implemented solution cover more circumstances and would only require original suggested to maintain an OU to collection mapping which is pretty easy. I sure wish this would get added . Configmgr "knows" how to deploy clients - so it is a shame we have to do it through GPOs and other means to maintain the control lacking in the Configmgr function.
Blake Erwin commented
The ability to do this via both OU and AD Security Group would be excellent. We have a large fleet of non persistent virtual machines that we have to exclude and the registry key approach does not work for us.
Agreed. We have certain OU's that contain critical systems that we cannot touch in any way. Because of these OU's, client push is disabled enterprise wide. It would be great to be able to only include (or exclude) certain OU's from client push.
Leo D'Arcy commented
I think having a box in the client push installation properties where you can add and remove specified collections would be great. This way you can be far more granular about automatic client push, ie only windows 10 or by specific OU etc.