350 likes | 555 Views
MGT303 System Center Configuration Manager v.Next : Site Hierarchy Technical Overview. Mark Florida, Principal Program Manager Lead Wally Mead, Senior Program Manager Microsoft Corporation. Session Objectives And Takeaways. Session Objective(s): ConfigMgr v.Next Infrastructure Promises
E N D
MGT303System Center Configuration Manager v.Next: Site Hierarchy Technical Overview Mark Florida, Principal Program Manager Lead Wally Mead, Senior Program Manager Microsoft Corporation
Session Objectives And Takeaways • Session Objective(s): • ConfigMgr v.Next Infrastructure Promises • Site Server Characteristics • Data Replication Models • Client Agent Settings • Role-based Administration/Admin Segmentation • Sample Customer Profiles • Minimum System Requirements
Infrastructure Promises • Modernizing Architecture • Minimizing infrastructure for remote offices • Consolidating infrastructure for primary sites • Scalability and Data Latency Improvements • Central Administration Site is just for administration and reporting – Other work distributed to the primaries as much as possible • System-generated data (HW Inventory and Status) can be configured to flow to the Central Administration Site directly • File processing occurs once at the Primary Site and uses replication to reach other sites (no more reprocessing at each site in the hierarchy) • Be Trustworthy • Replace cumbersome object replication and cost associated to troubleshooting • Industry standard SQL replication sub-system simplifies troubleshooting and reduces operational costs
When do I need a Central Administration Site? • If you have more than one Primary Site and want them linked together in a single hierarchy • If you want to off-load reporting and administration from your Primary Site Migration Consideration: The Central Administration Site must always be installed on new hardware
When do I need a Primary Site? • To manage any clients • Add more primary sites for: • Scale (more than 100,000 clients) • Reduce impact of primary site failure • Local point of connectivity for administration • Political reasons • Content regulation
Previous Reasons to add Primary Sites - No Longer Necessary for ConfigMgr v.Next • Decentralized administration • Logical data segmentation • Client agent settings • Language • Content routing for deep hierarchies
When do I need a Secondary Site? • No local administrator • If you need to manage upward-flowing WAN traffic • Consider supporting roles like SUP, PXE Service Point, and State Migration Point, also • If you need tiered content routing for deep network topologies
When do I need a Distribution Point? • If you’re not concerned about clients pulling policy or reporting status, inventory, or discovery to their primary site location • If BITS doesn’t provide enough bandwidth control for your WAN • If you want to leverage BITS access for clients (including the use of BranchCache™), multicast for Operating System Deployment, or streaming for App-V Note: These advanced features are not available on file-share-only Distribution Points
What other options are available for content distribution? • Use Distribution Points with throttling and scheduling capabilities when: • The DP will be remotely located from a primary site • You want to throttle or schedule downward flowing traffic to that location • Use Branch DPs when: • You have 100 or fewer clients to manage and expect <=10 concurrent connections • Can assign at least one workstation as a Branch DP – can run on Win 2008 or client OSes • BITS meets your network traffic control needs for content distribution • You want download on demand capabilities • Utilize BranchCache™ when: • You have a distribution point running on Windows Server 2008 R2 • Your clients are running a compatible OS
Customer Profile #1 – 5000 clients“Remote office optimization” Infrastructure Goal: Minimize ConfigMgr infrastructure to support the remote office locations
Customer Profile #1 – 5000 clients“Remote office optimization” • Corporate Campus • Primary site (3,000 clients) • Local SQL Server • MP, DP (x2), FSP*, SLP*, SUP, SMP, RP/RSP • Sales Office • Only 15 clients • Good connectivity • Branch DP or BranchCache™ • Warehouse • Secondary site (485 clients) • Manage WAN • DP • District Office • Secondary site (1,500 clients) • Manage WAN • MP, DP, SUP, PMP Configuration Manager 2007
Customer Profile #1 – 5000 clients“Remote office optimization” • Corporate Campus • Primary site (3,000 clients) • Local SQL Server • MP, DP (x2), FSP*, SLP*, SUP, RP/RSP • Sales Office • Only 15 clients • Good connectivity • Branch DP or BranchCache™ • Warehouse • DP with throttling and scheduling (485 clients) • Manage downward flow of Content over WAN • District Office • Secondary site (1,500 clients) • Manage upward/downward WAN traffic • SQL Express • MP, DP, SUP, PMP v.Next
Replication *Subset of global data only
Conceptual Replication Model • Global Data • Available at: Central Administration Site and all Primary Sites • Examples • Collection rules • Package metadata • Deployments • Security Scopes • Site Data • Available at: Central Administration Site, Replicating Primary • Examples: • HINV • Status • Collection Membership Results Content Available where content has been distributed to a Distribution Point Central Administration Site (Germany) Germany (Berlin) Spain (Madrid) Sevilla Cordoba • Global Data subset • Examples • Packages metadata and status • Program metadata Content routing between Secondaries
SQL Replicated Data Types Global Data Examples Site Data Examples • Collection Rules • Package Metadata • Program Metadata • Deployments • Configuration Item Metadata • Software Update Metadata • Task Sequence Metadata • Site Control File • System Resource List (site servers) • Site Security Objects (Roles, Scopes, etc.) • Alert Rules • Collection Membership Results • Alert Messages • Hardware Inventory • Software Inventory & Metering • Asset Intelligence CAL Track Data • Status Messages • Software Distribution Status Details • Status Summary Data • Component and Site Status Summarizers • Client Health Data • Client Health History • Wake On LAN • Quarantine Client Restriction History
Client Agent Settings • Default client agent settings • Defined for the entire hierarchy • Not unique per site • Custom client agent settings • Collection-based targeting • Multiple custom setting objects Multiple collections • Model behaviors consistent with targeting today • Can override “optional” client agent settings applied to the hierarchy • Conflict Resolution that is priority-based • Resultant settings can be an aggregation of both default & custom setting
Role-Based Administration“Display what’s relevant to me” • Role-Based Administration lets you map the organizational roles of your administrators to defined security roles • Security role = What types of objects can I see and what can I do to them? (e.g. Read Application) • Security scope = Which instances can I see and interact with? • An administrator has one or more security roles and security scopes associated • Admins only see what they have access to • ConfigMgr security management simplified by defining once for the entire hierarchy (security is global data)
Site Data Segmentation today… France Primary Site Meg wishes to distribute a package to all of her EMEA users in the West region Louis “French Admin” • French collection(s) • Create advertisement for French collection(s) Meg Collins “Central Admin” England Primary Site • Create and distribute • package Anthony “English Admin” • English collection(s) • Create advertisement for English collection(s)
Data Segmentation via Role-Based Administration France Primary Site Meg wishes to distribute an application to all of her EMEA users in the West region Anthony “English Admin” Louis “French Admin” Central Administration Site Meg Collins “Central Admin” • French collection(s) • Create deployment for French collection(s) • English collection(s) • Create deployment for English collection(s) • Create and distribute • application England Primary Site
Customer Profile #2“Minimize Infrastructure” Infrastructure Goal: Minimize Configuration Manager infrastructure to support unique remote control settings for the HR department and hardware inventory policies for servers
HR Primary Site • Primary site (300 clients) • Remote Control Disabled • Admin Segmentation • Chicago Central Site • Primary site (~14,700 clients) • Remote Control Enabled Chicago Campus 15,000 clients • London Primary Site • Primary site (5,000 clients) • Standard Inventory Policies for desktop • London Servers Site • Primary site (500 clients) • Hardware Inventory Policies unique to Servers • Admin Segmentation London Offices 5,000 desktops 500 Servers Configuration Manager 2007
Chicago Primary Site • Primary site (15,000 clients) • Local SQL Server • HR Collection-based settings for Remote Control • Central Admin Site • No Clients • Administration & Reporting for Hierarchy • Admin segment for HR clients Chicago Campus 15,000 clients • London Primary • Primary site (5,500 clients) • Inventory Class reporting at Collection level • Admin Segment for Servers v.Next London Offices 5,000 desktops 500 Servers
200,000 clients Primary 5 Primary 3 Primary 2 Primary 4 Primary 1 SQL Server Central Administration Site • Local point of connectivity for administration • Fault Tolerance • Scale/Perf • Content Regulation Secondary Site Secondary Site Distribution Point Distribution Point Distribution Point Distribution Point • Concerned with downward flow of content only • Concerned with upward and downward flow of traffic (Client/Content) Secondary Sites (3) Secondary Site Secondary Sites (3) Secondary Sites (3) Content Branch Distribution Point or BranchCache™ Branch Distribution Point or BranchCache™ Branch Distribution Point or BranchCache™
Minimum System Requirements • 64-bit hardware for all site servers and site system roles • SQL Server 2008 SP1 with CU6 (64-bit) • Windows Server 2008* (64-bit) • Exceptions as follows: • Standard Distribution Points will support Windows Server 2003 (including 32-bit). Some feature limitations may apply (e.g. BranchCache™) • Branch Distribution Points will run on Configuration Manager v.Next supported client operating systems (including 32-bit) * Latest Service Pack
What can I do now to prepare? • Flatten hierarchy where possible • Plan for Windows Server 2008, SQL 2008, and 64-bit • Start implementing BranchCache™ with ConfigMgr 2007 SP2 • Move from web reporting to SQL Reporting Services
Session Evaluations Tell us what you think, and you could win! All evaluations submitted are automatically entered into a daily prize draw* Sign-in to the Schedule Builder at http://europe.msteched.com/topic/list/ * Details of prize draw rules can be obtained from the Information Desk.
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.