5. Cómo ayuda en la empresa? 217 Manejo de Inventario 1 Distribución de Software 2 Reportes 5 Diagnóstico & Troubleshooting 6 4 Seguridad Implementación de Sistema Operativo 3
6.
7. Roles – Estructura SCCM Domain Controller Protected Branch Distribution Point Management Point en NLB Cluster BITS-Enabled Distribution Points Sucursal 1 Sucursal 2 Protected Distribution Points SQL Server 2008 Fallback Status Point Reporting Point PXE Service Points State Migration Points WSUS 3.0 Database Server Software Update Point 417 Site Server
8. Configuración Global Site Central Parent Site Child Site Parent Site Parent Site Site Child Child Site Child Site Child Site Secondary Site Proxy Management Point Internet-based Clients RRAS Server Site Systems for Internet-Based Clients Oficina Central Oficina Regional Oficina Regional Oficina Satelital Oficina Satelital Oficina Satelital VPN Clients . 517 Slow Boundary
9.
10.
11.
12.
13. Cómo los clientes actualizan Compliance Site Database Site Server WSUS Database WSUS Server Software Update Point Admin Console Management Point Distribution Point 1a 1b Reports Managed Computer WMI Repository 4b 1117 2a 5b 5a 2b 3 4a 6
14. Cómo los clientes instalan Software Updates Site Server Admin Console Management Point Distribution Point Site Database Managed Computer Microsoft Update Software Updates Local Source 4a 6a 7a 6b 7b 6c 7c 1217 1 2a 2a 2b 2b 3 4b 5a 5b
15.
16.
17.
18.
19.
20. Proceso de Implementación de Sistema Operativo Distribution Point Client Site Server Management Point El Administrador crea la imagen de booteo y Sist. Operativo y la replica a los distribution point 1 El Cliente lee la política del management point y ejecuta la secuencia de tareas 3 El Cliente trae la imagen de boot y OS que indica la secuencia de tareas 4 El Administrador crea la secuencia de tareas y la advierte a la colección correspondiente 2 El Cliente devuelve el status de la secuencia de tareas ejecutada 5
21. Implementación de Sistema Operativo usando PXE El código del ConfigMgr in WinPE contacta al management point para traer la secuencia de tareas advertida El Administrador establece el servicio de PXE del Configuration Manager El Administrador importa la computadora y la asigna a la colección 1 EL PXE bootea la maquina destino 5 Crea y advierte la tarea para PXE 4 2 3 Site Database Database Server Site Server Management Point PXE SP
33. Configurando Streaming Delivery Replica a los distribution points El usuario hace click en el shortcut El cliente App-V trae el paquete del distribution point y corre el programa Paquete con la Aplicación virtual Se advierte el paquete El cliente CCM registra la aplicación en el cliente App-V que crea el shortcut y la asociación de archivo En el cliente: 512 Secuencia de aplicación
34. Configurando Local Delivery Replica a los distribution points El usuario hace click en el shortcut El cliente App-V trae y corre el programa Paquete con la Aplicación virtual Se advierte el paquete El cliente CCM evalúa el aviso y baja el paquete a su caché En el cliente: 612 Secuencia de aplicación Configuration Manager llama a App-V para correr la aplicación
35.
36.
37. Clientes soportados 912 Operating System Edition Service Pack Architecture Windows 2000 Professional, Server, Advanced Server, Datacenter SP4 x86 Windows XP Professional SP2 or SP3 x86 Windows XP Tablet PC SP2 or SP3 x86 Windows XP Embedded SP2 x86 Windows Vista Business, Enterprise, Ultimate No service pack, SP1, or SP2 X86 or x64 Windows 7 Professional, Enterprise, Ultimate X86 or x64 Windows Server 2003 Web, Standard, Enterprise, Datacenter, Storage SP1 or SP2 X86 or x64 X86, x64, or IA64 Windows Server 2003 R2 Standard, Enterprise, Datacenter X86 or x64 X86, x64, or IA64 Windows Server 2008 Standard, Enterprise, Datacenter SP1 or SP2 X86 or x64 Windows Server 2008 R2 Standard, Enterprise, Datacenter x64
38.
39. Resumen 1112 Platforma Inventario HW/SW OS Deployment DistribuciónSoftware Software Update ConfiguraciónDeseada Vista Vista SP1 XP SP2 Windows 2000 Server 2008 Server 2003 Server 2000 WFLOP WePOS XP Embedded Windows CE Windows Mobile
Course 6451A Note: Antivirus settings can affect the software update scanning performance greatly. We recommend that you adjust your antivirus settings to reduce workstation workload. For more information, please review KB 900638 http://go.microsoft.com/fwlink/?LinkId=50014 and see “Antivirus Products Might Cause High CPU Usage” within the ConfigMgr07Readme.htm. On the compliance scan schedule or when initiated manually, the client gets the WSUS server location from the local policies. The compliance scan is initiated on the client. The WSUS agent component (WUA) on the client connects to the WSUS server and initiates the compliance scan. The client returns a list of the updates that are Installed or Required. Note: The site server determines which updates are not required on each client by comparing the list of all defined updates with the scan results. WSUS stores the results of the scan in the WSUS database. The client stores the compliance-scan results in WMI and sends the results as a batch to the management point, in the form of state messages. The management point sends the results to the site server, and they are entered into the site database. The compliance scan data is available in reports such as Software Updates – Compliance reports and in the Configuration Manager Console.
Course 6451A You create a new deployment in the Administrator console. The site server requests the software updates binaries from the source location defined in the deployment. This can be from Microsoft Updates or from a local source. Note: The site server stores the software update binaries temporarily in a folder. The site server copies the software update binaries to the package share on the distribution point. The site server also adds the new software update deployment to the machine policy and copies the policy to the management point. The client retrieves the machine policy from the management point on the schedule and receives the new deployment information. The client then scans for each software update to verify that they are still required. If the software update is still required, the client requests the binaries from the distribution point for each mandatory update and stores them in the local cache. Note: Optional updates download at installation. Note: Selective download is used so that only the binaries for the required updates download to the client. The client sends a state message to the management point reporting that the software update was downloaded. The management point forwards the state message to the site server, which then enters the message into the database. When the software update deadline arrives or you initiate the update installation manually, the client scans for each software update to verify that they still are required. The client installs the software update, scans for the software update using local rules to verify that the update is no longer required, and reports to the management point a state message that indicates the deployment state at completion. For each software update that fails to install, an error status message is sent to the management point. The messages are then forwarded to the site server, which then inserts them into the database. Client computers initiate a deployment re-evaluation cycle every two hours, by default. During this evaluation cycle, the client computer scans for software updates that have been deployed and installed previously. If any are missing, the software updates are reinstalled. Note: If the software update is no longer in the local cache, it downloads again from the distribution point. Review Questions When software updates are applied to client computers, are they installed one at a time or in a batch? Answer: Like Windows Updater, software updates will install as many updates as possible in one batch. However, after that batch is installed, there maybe additional required software updates. References About Software Update Deployments http://technet.microsoft.com/en-us/library/bb680906.aspx
09/06/11 18:04
09/06/11 18:04
09/06/11 18:04
Course 6451A To Deploy an Operating System Using PXE: Import the target computer information and assign the computer to a Configuration Manager 2007 collection. In the Configuration Manager Console, navigate to System Center Configuration Manager , expand Site Database , expand Site Management , expand < site code > - < site name > , expand Site Settings , and then click Site Systems . Create the Configuration Manager 2007 PXE service point site role. Create and advertise the PXE operating system deployment task sequence to the target collection or device. You can assign a mandatory or optional advertisement. If you specify an optional advertisement, then there must be a user present to PXE boot the computer. You can only assign one mandatory advertisement to a target computer, and you must specify the time when the mandatory advertisement should run. To initiate the operating system image installation, you must configure the target computer BIOS to PXE boot. PXE boot the target computer. For mandatory PXE advertisements the computer will automatically boot using PXE. For optional advertisements there must be a user present to PXE boot the computer. If you have specified that no password is required to establish the connection to the PXE service point, PXE boot the computer to initiate the operating system deployment. For additional security, you can assign a password to establish a connection to the PXE service point. If you have specified that a password is required to establish a connection to the PXE service point, PXE boot the computer to initiate the operating system deployment and enter the password. For the operating system deployment to continue, the password must be entered at the Configuration Manager 2007 client computer or the task sequence will not run. Important: If you are using the English version of Windows PE and communicating with a Configuration Manager 2007 site server running a double-byte character set , you should assign a password containing only simple characters or not require a password for PXE initiated deployments. Configuration Manager 2007 will connect to the assigned management point, retrieve the assigned policy, and complete the operating system deployment. You will need at least one boot image for each type of processor architecture present in your Configuration Manager 2007 environment distribution point. For example, if you have computers with x64 processors in your environment, you will need at least one x64 boot image assigned to the PXE distribution point even if you only plan to deploy x86 operating systems. This is because the PXE stub needs some native files contained in the boot image to identify the computer before the task sequence can be started. Review Questions If the PXE files are placed on the default site distribution point and not on the PXE distribution point, will PXE boot still succeed? Answer: No, the PXE service point directs clients to the PXE distribution points only . References Configuration Manager Documentation Library: How to Deploy an Operating System Image using PXE
09/06/11 18:04
Course 6451B Use this topic to describe how to configure distribution points for streaming delivery. Also use the PowerPoint slide to describe the streaming delivery process. Point out that this process is not supported for Internet-facing scenarios. For Internet-facing scenarios, you will need to use the local delivery process (discussed in the next topic). Question: Since an application does not stream until a user first launches the application, what implications may this have on mobile clients? Answer: A user may receive program shortcuts for virtual applications, making the user think that the applications are installed. However, any applications that have not been launched on the client computer are not available when the user is disconnected from the network. The application is unavailable until the user reconnects to the network and launches the application. References How to Enable Streaming for Virtual Application Packages http://technet.microsoft.com/en-ca/library/cc161925.aspx About Virtual Application Packages http://technet.microsoft.com/en-ca/library/cc161873.aspx
Course 6451B Use this topic to describe how to configure distribution points for streaming delivery. Also use the PowerPoint slide to describe the streaming delivery process. Point out that this process is not supported for Internet-facing scenarios. For Internet-facing scenarios, you will need to use the local delivery process (discussed in the next topic). Question: Since an application does not stream until a user first launches the application, what implications may this have on mobile clients? Answer: A user may receive program shortcuts for virtual applications, making the user think that the applications are installed. However, any applications that have not been launched on the client computer are not available when the user is disconnected from the network. The application is unavailable until the user reconnects to the network and launches the application. References How to Enable Streaming for Virtual Application Packages http://technet.microsoft.com/en-ca/library/cc161925.aspx About Virtual Application Packages http://technet.microsoft.com/en-ca/library/cc161873.aspx
System Center Configuration Manager System Center Configuration Manager enables secure and scalable operating and application deployment, desired configuration management, system quarantine, and asset management of servers, desktops, and mobile devices. New capabilities ensure that systems are checked and updated before joining the network, operating system and application deployment is greatly simplified for both new and existing systems, and configuration changes and system updates are more effectively managed regardless of location or device type, all of which enable IT managers to take control of their environment like never before. The current plan of record is to provide the following key capabilities: • Operating system deployment (OSD) is an automated and end-to-end solution for hands-off deployment • Network Access Protection • Software distribution • Software update management (SUM) • Desired configuration management • Device management • Software inventory and metering • Hardware inventory • Remote control • Wake On LAN • Windows Vista and Microsoft Office 12 upgrade assessment • Vulnerability assessment • Software Development Kit (SDK) provides extensibility • Scalable yet flexible • Internationalization • Easy to use infrastructure