There are many articles on the internet on how to push the SCCM client to clients/servers, but not all of them go into the pre-requisitse:
If you have not set up an account for client push installations (and I suggest you do) the computer account of the SCCM server will be used. This must have administrative rights on the target machine. I generally create a specific user account in AD and add it to domain admins. I use this account ONLY for client pushes.
Firewall – several rules need to be created on the windows firewall to allow the client push to happen (I use a group policy for this):
Description | UDP | TCP |
Server Message Block (SMB) between the site server and client computer. | — | 445 |
RPC endpoint mapper between the site server and the client computer. | 135 | 135 |
RPC dynamic ports between the site server and the client computer. | — | DYNAMIC |
Hypertext Transfer Protocol (HTTP) from the client computer to a mixed mode management point. | — | 80 (See note 1,Alternate Port Available) |
Secure Hypertext Transfer Protocol (HTTPS) from the client computer to a native mode management point. | — | 443 (See note 1,Alternate Port Available) |
In order to successfully use client push to install the Configuration Manager 2012 client, you must also add the following as exceptions to the Windows Firewall:
File and Printer Sharing
Windows Management Instrumentation (WMI)
The following links will give more details
http://technet.microsoft.com/en-us/library/bb680537.aspx
http://technet.microsoft.com/en-us/library/ff189805.aspx
http://technet.microsoft.com/en-us/library/bb694088.aspx