CONFIGURATION MANAGER FORWINDOWS AND MORE…SYSTEMS CENTER CONFIGURATION MANAGER(SCCM) 2007 - Prashanth Sundaram
Agenda 1. Introduction 2. SCCM Console & Roles 3. Collections 4. Inventory 5. Software Distribution 6. OS Deployment 7. Software Update Management 8. Queries and Reports 9. Branch Office10. Internet based Clients11. Other Features12. Tips and Tricks13. Resources
INTRODUCTION● A comprehensive solution for change and configuration management for the Microsoft platform.● Server-Client based model with agent installed.● Role based component management.● Native and Mixed mode deployment options.● Centralized console● SQL Server Reporting Services● Manage Internet-based clients● Vulnerability assessment● Say "GoodBye" to custom scripts for most of system related management and deploying software.
SCCM Console● Site Management: Boundaries, Agents, Server Roles, Discovery Methods etc.● Computer Management: Collections, Software Distribution, OSD, Updates, AI, Reporting● Misc: Service Config, Site status, Users & Groups, Pkg & Adv. status
Collections● Centerpiece of management● Manage users, computers, and other resources dynamically.● Multiple levels (sub-collections)● Highly customizable by writing SQL queries and/or built-in properties.● Maintenance windows
Inventory● Fetched by Client Agents● Granular view of hardware/software inventory● Evaluate Hardware requirements for new deployments(not just OS).● Add, edit and remove inventory items ○ sms_def.mof, configuration.mof ○ Built-in Registry Key and WMI browser class selector wizard
Software Distribution● Packages: Used to deploy software apps● Programs: Contained within a package to run a specific executable file or command.● Distribution Point: Network share on SCCM server that stores packages(one per site)● Advertisement: Target programs and task sequences to collection to be executed● Features: ○ Supports Virtual Application deployment ○ Branch Distribution points ○ Copy package wizard● Benefits over GPO based application distribution ○ Deploy immediately rather wait for GP to refresh. ○ Give users the choice of when to install applications. ○ Ability to download software before installing on slow connections. ○ Leverages BITS and BranchCache to conserve WAN usage ○ Status reports available for all advertisements. (including error codes)
OS Deployment● Integrates with WDS.● Offline distribution via DVD and USB drives.● Deploy and Capture Image in one shot.● Achieve Zero-Touch Installation.● Optionally Integrate MDT and create more customized Task Sequences.● Components: ○ Boot Images: ○ Computer Association ○ OS Images ○ OS Install Packages ○ Task Sequences ○ Drivers ○ Driver Packages
OS Deployment - Preparation● Windows Automated Install Kit(AIK) ○ Boot image compatible with most deployments(even XP). ○ Edit .wim file. E.g. Slipstream SP1, NIC drivers, Trace32/64 or disable features dism /Mount-Wim /WimFile:"C:Win7-isosourcesinstall.wim" /index:4 /MountDir:C:WIM dism /Image:C:WIM /add-driver /driver:"C:NICDriversdell 980e1k62x64.INF" dism /Image:C:WIM /add-package /PackagePath:"C:internet -explorer-9" dism /Image:C:WIM /Disable-Feature /FeatureName:InboxGames dism /Unmount-Wim /MountDir:C:WIM /commit● Drivers ○ Use DriverMax to export drivers from a reference system. ○ Import Drivers with category and package specific to the model of target machine. ○ Dell Client Deployment Pack for SCCM (can do more than just drivers.)● OS Image or Install Packages ○ Import either image or DVD contents. By default install.wim installs in D: drive.
OS Deployment - Task Sequence● Defines a series of steps that are followed in order to perform a specific task. ○ E.g. Deploy an OS along with a series of software to be installed, manipulate bitlocker settings etc. ○ Can be used for other general purpose sequencing as well● Two kinds of actions ○ Fixed set of built-in actions that are implemented as part of ConfigMgr ○ Custom actions that can be any command line executable, including running scripts and commands.
Demo● Deploy Windows 7 by just importing MAC address to SCCM. ○ ZERO touch OS Install● Demo checklist ○ Task sequence ○ PXE boot ○ Enter command mode and open parser. ○ Check status of advertisement on browser
Software Updates● Integrated with WSUS ○ Complete MS repository ○ Zero-day and routine deployments ○ Simplified admin console ○ Also manage custom software updates(OEM,drivers, etc)● Update Lists: List of updates created by admin● Deployment Templates: Templates Configuration Options like target collection, restart settings, Date/Time● Deployment Packages: Updates that are deployed to specific clients. (Like a software distribution package)● Deployment Management: Culmination of entire update deployment configuration.
Queries and Reports● Reports run against a set of SQL views.(inner joins, outer joins)● Create charts and refresh automatically● Link to other reports● User/Group security settings● Benefits ○ Compliance state and other assessments on-demand. ○ Status of Advertisements, deployments, packages, site transfer etc. help troubleshoot issues.
Branch Office ● Primary Sites ○ SQL server; requires server license ○ can be parent/child server; clients attach directly ○ Can host all server roles ● Secondary sitesCannot be attached to SQL; does not require licenseCan only be child site; clients cannot be assigned ○ Only host certain server roles ● Central Sites ○ Primary Sites, that are at top level ● HACK: Create a primary site and make it a child site. ○ Manage clients at secondary site ○ Transfer all settings from Primary server(TS, Pkgs, OS images etc.) ○ Good for DR scenarios (Break the link to convert back to primary)
Other features● Desired Configuration Management● Mobile Device Management● Network Access Protection● Remote Control● Out-of-band Management● Asset Intelligence● Software Metering
Tips & Tricks● OS Deployment ○ Add Trace32/64 log parser to boot image and enable command support. ○ Log File locations: X:WindowsTempSMSTSLog; X:WindowsINF/ ○ Import DVD contents instead of .wim file for OS.(Install in C: instead of D:). Use OEM disk. ○ Enable architecture discovery in WDS. (for 64-bit OS)● Software Packaging & Distribution ○ For MSI files use "Package by Definition" ○ By default, apps are installed as SYSTEM unless a domain acct. specified● Software Updates ○ Re-use update lists by creating deployment templates ○ Create file non_sms_ondrive.sms on drive that should not have sccm data. Dont use C:● Reporting ○ Set status filter rules to get notified about deployments. ○ When deploying software/OS, check the Advertisement or Task Sequence status. (Very Useful)
Resources● Installation and Configuration ○ http://www.iphopper.net/wp-content/Uploads/sccmR3_v1.pdf● Nice guides to get started and active community ○ http://www.windows-noob.com/forums/index.php?/forum/44-sms-2003-sccm-2007-sccm-2012/ ○ http://social.technet.microsoft.com/Forums/en-US/category/configurationmanager● Blogs ○ blogs.technet.comblogs.technet.com/b/deploymentguys/archive/tags/sccm+2007/ ○ www.sccmguy.com● Tools and scripts (highly recommended) ○ www.myitforum.com/myitwiki/SCCMTools.ashx● Application packaging ○ http://www.mockbox.net/configmgr-sccm.html● Software Updates ○ http://www.myitforum.com/myITWiki/Default.aspx?Page=SCCMSU● Secondary Site ○ http://sysadminops.blogspot.com/2011/07/sccm-2007-r3-building-disaster-recovery.html