This webinar covers administering and configuring System Center Configuration Manager 2012 R2 SP1. Topics include configuring and deploying SCCM 2012 R2, using WQL to query data and build collections, and configuring software and hardware inventory, asset intelligence, and software metering. The webinar provides an overview of SCCM 2012 R2 capabilities such as application management, software updates, operating system deployment, and asset management features. It also discusses new features in SCCM 2012 R2 like support for additional client operating systems and servers, and merging SCCM hierarchies.
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
Administering and configuring System Center Configuration Manager 2012 R2 SP1
1. Webinar on SCCM 2012 R2
Administering and configuring System Center
Configuration Manager 2012 R2 SP1
Topics:
• Configuring and deploying SCCM 2012 R2
• Data Quering using WQL and gathering
collections
• Configuring Software and Hardware Inventory,
asset intelligence and software metering.
2. Overview of the System Center 2012 Environment
Single admin console
Manage clients on
the organizational
network and the Internet
Configuration Manager
3. Overview of System Center 2012 R2
Configuration Manager
Application
Management
Software Update
Management
Operating System
Deployment
Content
Management
Asset
management
Hardware and
Software
Inventory
Asset Intelligence
Software Metering
Administrative
features
Role-Based
Administration
Remote
Management
Reporting
Monitoring
Compliance
Settings
Power
Management
Client
Health
Endpoint
Protection
Change
management
4. New Features Provided with an Installation of
System Center 2012 R2 Configuration Manager
• Support for clients that run Windows 8, Windows 8.1,
Windows RT, Windows 8.1 RT, iOS, Mac OS X, and Android
• Support for Windows Server 2012 and Windows Server
2012 R2 to host site system roles
• Support for SQL Server 2012 to host Configuration
Manager databases
• Support for merging of System Center 2012 R2
Configuration Manager hierarchies
• New site system roles for the certificate registration point
• Bulk reassignment of clients to alternate primary sites
• Configuration Manager Windows PowerShell cmdlets
5. Overview of the System Center 2012 R2
Configuration Manager Hierarchy
Central administration site SQL database
SQL database
Primary site
SQL database SQL database
SQL
database
Secondary
site
Primary site Primary site
• Each site is identified by a unique three-character code
• The central administration site is for reporting and
management only
• Primary sites can be parents of secondary sites only
• Secondary sites now have their own database
6. Site System Roles in Configuration Manager
• Default site system roles are installed when
Configuration Manager setup is run
• Optional site system roles are added post-installation
to support specific features
Default site system roles
• Site server
• Site system
• Component server
• Site database server
• SMS Provider: does not
display in the console
Optional site system roles
• Certificate registration
point
• Distribution point
• Management point
• Reporting services point
• Software update point
• State migration point
7. What Is a Central Administration Site?
A central administration site:
• Is required to use a multisite hierarchy
• Is used for administration and reporting
• Requires an SQL database
• Does not process client data
• Does not support client assignment
• Has a limited number of site system roles
8. What Is a Primary Site?
• To use Configuration Manager, you must have at
least one primary site
• Primary sites:
• Can be in a child relationship to a central administration site,
which can only be set during installation
• Cannot be a child to another primary site
• Manage clients in well-connected networks
• Require a SQL Server database
• Replicate their data to a central administration site if part of
a hierarchy
• Support client assignment
• Consist of one or more systems that host various site
system roles
9. What Is a Secondary Site?
A secondary site:
• Is optional
• Must be in a child relationship to a primary site, which
is set in the secondary site during installation
• Is used when you need to control network bandwidth
• Requires SQL Server Express or a SQL Server database
to store configuration information
• Replicates its collected client data to its parent site by
using file-based replication
• Does not support client assignment
• Consists of one or more systems that host various site
system roles
10. Configuration Manager in a Small- to Medium-Sized
Organization
Small- to medium-sized organizations often use a
single primary site that includes:
• Mandatory:
• Site server
• Site database
• Management point
• Distribution point
• Optional:
• Reporting services point
• Software update point
• Fallback status point
• Other roles as required
Single Server
with All Site
Roles
11. Configuration Manager in a Medium- to
Large-Sized Organization
Medium- to large-sized organizations use primary and
secondary sites
• A primary site typically includes:
• Site server
• Site database
• Management point
• Distribution point
• Reporting services point
• Software update point
• Fallback status point
• Other roles as required
• Secondary sites include:
• Management point
• Distribution point
Site
Server
Site
Database
Software
Update Point
Secondary
Site Server
Remote
Distribution
Point
12. Configuration Manager in a Global Organization
Example of a complex hierarchy implementation:
Central Administration Site
Primary Sites
Secondary
Sites
Remote
Distribution Point
13. How Data Flows and Replicates in a Hierarchy
Central Administration
Primary
Site
Site
Primary
Site
Secondary
Site
Global Data
Site Data
Global data Site data
• Alert rules
• Client discovery
• Collections rules and count
• Configuration items metadata
• Deployments
• Operating system images
• Package metadata
• Program metadata
• Site control file
• Site security objects
• Software updates metadata
• System resource list
• Alert messages
• Asset intelligence CAL tracking
• Client Health data
• Client Health history
• Collection membership results
• Component and Site Status
Summarizers
• Hardware inventory
• Software distribution status details
• Software inventory and metering
• Software updates site data
• Status messages
14. Considerations for Implementing Configuration
Manager Sites
Install a stand-alone primary site when you have:
• A centralized administration approach
• No more than 100,000 clients
Install secondary sites when you want:
• To offload the client communication from the primary site
• To provide tiered content routing between secondary sites with
the same parent
Install multiple primary sites in a hierarchy when you have:
• More clients than can be managed using a single primary site
• Multiple administrative teams that require local connectivity for
the Configuration Manager consoles
• A large number of remote locations
• Export regulations on content
15. Planning a Multiple-Site Hierarchy
A central administration site:
• Supports up to 25 child primary sites
• Supports up to 400,000 clients in the hierarchy when using SQL Server
Enterprise for the site database
• Supports up to 50,000 clients in the hierarchy when using SQL Server
Standard for the site database
A primary site:
• Supports up to 250 secondary sites
• Supports up to 250 distribution points
• Supports up to 10 management points
• Supports up to 50,000 clients when SQL Server is on the site server
• Supports up to 100,000 clients when SQL Server is on a separate computer
A secondary site:
• Supports up to 250 distribution points
• Supports a single management point located on site server
• Supports communications from up to 5,000 clients
16. Overview of the Configuration Manager
Administration Tools
• Configuration Manager console:
• Primary method of managing a Configuration Manager
deployment
• You can install it on an administrator’s client computer
• Configuration Manager client:
• Trigger updates and retrieve information about individual client
computers
• Windows PowerShell Configuration Manager cmdlets:
• Enable you to script Configuration Manager activities
• Orchestrator runbooks:
• Enable using runbook automation to perform Configuration
Manager tasks
17. Using the Configuration Manager Console
Ribbon
Navigation Pane
Results
Pane
Preview
Pane
Workspaces
18. Overview of Client Installation Methods
• The client deployment installation methods include:
• Client push installation
• Group Policy installation
• Software update point installation
• Manual installation
• Logon script installation
• Upgrade installation (software deployment)
• Operating system deployment
• Computer imaging
19. Device Requirements to Support the Windows-Based
Configuration Manager Client Agent
Supported Windows-based clients include:
• Windows XP SP3, Windows XP x64 SP2, Windows Server
2003 SP2, and newer operating systems
Prerequisite software includes:
• Windows Installer version 3.1.4000.2435 or newer
• Installation process installs these additional prerequisites
before client installation:
• Windows Update Agent
• Microsoft Core XML Services
• Microsoft Visual C++ Redistributable
• Microsoft Policy Platform
• Microsoft Silverlight
• Microsoft .NET Framework 4 Client
20. Considerations for Supporting a Virtual Desktop
Infrastructure
• RDS
• Configuration Manager client agent is installed only once
on the Remote Desktop Session Host
• All features are supported
• Private virtual machines
• Configuration Manager client agent is installed in each
virtual machine
• All features are supported
• Pooled virtual machines
• Configuration Manager client agent is installed on each
virtual machine
• Software inventory, hardware inventory, and software
metering data may not be relevant
21. Supporting Internet-Based Clients
• Considerations for supporting Internet-based clients:
• Internet-based clients require a PKI
• Microsoft Certificate Services certificate templates can
simplify certificate enrollment
• All systems involved must trust the root CA
• Internet-facing roles require a certificate
• Client systems use a certificate for authentication
HTTPS connection
Secure web services
All utilized IIS-based site services
except fallback status point
(not an HTTPS service)
without PKI-issued server certificate
Client system
on Internet
with PKI-issued
client certificate
Primary site
PKI infrastructure
Root CA
Issuing CA
22. Supporting Mobile Devices
• Supported mobile devices include:
• Windows Phone 8, Windows RT, and iOS devices
• Windows Mobile 6.0 or newer
• Windows CE 5.0 or newer
• Nokia Symbian Belle
• Limited support for devices that use ActiveSync
• Android
• Client certificates are required on mobile devices for
full support
• You can support and manage mobile devices by using:
• Windows Intune connector
• Configuration Manager client agent
• Legacy Configuration Manager client agent
• Exchange connector
23. Supporting Workgroup-based Clients
The prerequisites that workgroup-based computers
must meet include:
• The Configuration Manager client agent must be
installed manually on each workgroup-based computer
• A network access account must be configured
The features that workgroup-based computers do not
support include:
• Client push installation
• Targeting users for application deployment
• Global roaming
• Using AD DS to locate site systems
• Active Directory discovery
24. Supporting Mac Computers
The following features are supported in Mac OS X
computers:
• Hardware inventory:
• Viewed in Resource Explorer
• Used to create queries, collections, and reports
• Software deployment. Deploy software packages in the
following formats:
• Mac OS Installer Package (.PKG)
• Mac OS X Application (.APP)
• Apple Disk Image (.DMG)
• Meta Package File (.MPKG)
• Compliance settings. Configuration Manager supports:
• .plist files
• Shell scripts
25. Supporting Linux-based and UNIX-based Computers
The supported operating systems include:
• Red Hat Enterprise, Solaris, SUSE Linux Enterprise Server,
Debian, CentOS, Ubuntu Server, Oracle Linux
• IBM AIX, HP-UX
Linux-based and UNIX-based computers support the
following features:
• Hardware inventory:
• Viewed in Resource Explorer
• Used to create queries, collections, and reports
• Software deployment:
• User interaction is not supported
• Maintenance windows are fully supported
26. Data Query
• Data Queries extract information related to
resource discovery or inventory data.
• In general the primary purpose of Data Queries
are to build collections.
27. Status Message Query
Status Message Query has a very specific use. The
site status and component status nodes show
status messages related to a very specific site
system or component. Although there are some
filtering options these may not be sufficient when
troubleshooting an issue. In such case you can use
the status message queries to create custom
queries for status messages including status
messages from client.
The primary purpose of status message queries are
to locate stored status messages.
28. Objects and Attributes
There are over 20 object types available for building queries in
Configuration Manager
Each object type consists of one or more attribute classes Some of
the object types include:
A Configuration Manager object type is a resource class containing
a set of attributes that represent Configuration Manager database
objects
Deployment
System Resource
Processor Disk Drives
Object Types
System
Resource
Package
Site
Attribute Class
User Group
Resource
Program
User
Resource
Software
Metering
Rule
Role
Object Type
Attribute SCSI Bus
Current Clock Speed Manufacturer Partitions
29. New
Delete
Required
Name
Group
Required
Object Type
Query Elements
Properties Change
Ungroup
Operator
Not
Logical
Operators
Class
Group
Indicators
Attribute
Sort
Attribute classes and attributes are required, and if not
specified, all available attributes display
Every query requires a unique name, and
System Resource is the default object type
Optional query elements are used to narrow the scope of a
query
30. Managing Data Queries
To create a data query:
Complete the settings on the General page of the
1 Create Query Wizard
2 Import an existing query or build a query from scratch
3 Edit the query statement
Edit the General tab of the query statement properties
4 to specify the criteria to display
5 Add search criterion on the Criteria tab
When creating criterion, use the Values button
to display the related data currently stored in the
database
6
31. What Is Inventory Collection?
Inventory collection is:
• The process of gathering information that describes the
hardware and software installed on a client computer
• Configured by using client settings for the hierarchy or
assigned on a per-collection basis
Hardware
inventory data
Software
inventory data
Asset
intelligence data
32. Management Tasks That Use Inventory Data
Uses of hardware and software inventory data
include:
• Building queries based upon hardware configuration
or installed software
• Building collections on the basis of queried inventory
results
• Creating reports to display hardware configuration or
installed software details
• Maintaining corporate standards
• Troubleshooting client problems
• Collecting files (software inventory only)
33. The Process of Inventory Collection
View inventory information at a
site after its database is updated
by this process:
1. Client gets settings and
collects inventory
2. Deliver data to
management point
3. Deliver data to site server
4. Update site database
5. Replicate to the central
administration site
Site Database
Server
Site
Server
Management
Point Client
34. How Is Hardware Inventory Collected?
• A hardware inventory obtains information by
querying:
• WMI database on Windows client computers
• CMI database named OMI on Linux, UNIX, and
Mac OS X
• The hardware inventory agent collects:
• An initial full hardware inventory
• Subsequent delta inventories
36. How Is Software Inventory Collected?
The software inventory process:
• Collects data directly from files by reading the file
header information
• Collects file system details even from unknown files that
may not have information in their file header
• Collects copies of files that you specify and stores them
on the site server
• Enables you to view collected inventory and file
information by using Resource Explorer, or view
software inventory information in reports
37. Software Inventory File Types
• To configure new software
inventory rules:
• Create a new inventory rule
• Type the file name or variable
• Specify the location
• Specify whether to exclude
encrypted and compressed
files
• Specify whether to exclude
files in the Windows directory
• Specify the reporting detail
for all rules
38. Overview of Asset Intelligence
Asset Intelligence:
• Extends hardware inventory
• License reporting
• Supports ISO/IEC 19770-2 tags
• Collect information about App-V apps
39. Benefits of Asset Intelligence
Asset Intelligence provides the following benefits
over software inventory:
• More accurate representation of software titles
present on managed computers.
• Information about the license usage for specific
products, rather than just information about the
software itself.
• Asset intelligence retrieves information about
installed software through the Hardware
Inventory Client Agent.
40. The Asset Intelligence Catalog
Asset Intelligence catalog features:
• Includes more than 500,000
software titles
• Enables import of software license
information
• Provides information about hardware
requirements for some titles
• Is updated periodically through
System Center Online
41. Configuring Data Collection for Asset Intelligence
Configuring Asset Intelligence can include the
following tasks:
• Enabling Hardware Inventory and software metering
• Enabling Asset Intelligence inventory reporting classes
• Enabling Windows Event Log settings
• Importing software license information
• Installing an Asset Intelligence synchronization point
• Configuring Asset Intelligence maintenance tasks
• Configuring Asset Intelligence security
42. Overview of Software Metering
• Software metering is the process of gathering
detailed data on program usage from client
computers in a Configuration Manager site
• Types of data collected:
• Program usage information
• File information
• Program information
43. How Software Metering Works
Software
Metering
Agent
Monitored
program
Monitored
program
Monitored
program
Site
Server
1
2
When you enable the Software Metering Agent, it:
Collects data each time 1 a monitored program runs and terminates
2 Uploads data to the management point on a scheduled basis
3 Forwards data to the site server
4 Adds data to the site database
4
3
44. Configuring the Software Metering Agent and Rules
Enable the Software Metering Agent
and configure a reporting schedule
When enabled, software metering will:
• Automatically generate disabled
To create a software metering rule:
rules from recent usage history
1 Navigate to the Software Metering node
• Generate automatic rules on the
basis of a specified percentage of
computers using a program
2 Create a new software metering rule
Provide relevant information for the program
that you want to meter
3
4 Apply the rule to other sites if applicable
45. • Thanks for Attending the Session
Regards
Abu Zobayer (MCT)