460 likes | 645 Views
Deploying System Center Configuration Manager 2007: Part 1: Site Deployment. Wally Mead Senior Program Manager Microsoft Corporation MGT304. Session Agenda. Prerequisites for Configuration Manager 2007 Deploying Configuration Manager 2007 Deploying Site Systems Understanding Boundaries
E N D
Deploying System Center Configuration Manager 2007: Part 1: Site Deployment Wally Mead Senior Program Manager Microsoft Corporation MGT304
Session Agenda • Prerequisites for Configuration Manager 2007 • Deploying Configuration Manager 2007 • Deploying Site Systems • Understanding Boundaries • Considerations for Upgrading from SMS 2003
Prerequisite Checking • Both site and site system checking • Issues and resolutions clearly explained • Extensive install and upgrade checks Site Deployment Changes Site Deployment Progress • Real time notification of deployment • Setup won’t exit until the site is ready to be used • Detailed installation report available Platform Support • Virtual Server 2005 R2 host/guest • Hyper-V support • Dropped Windows 2000 Server Updated AD Schema • New site systems • Required for network access protection • FQDN, versioning and site capabilities
Configuration Manager 2007 Prerequisites • The Configuration Manager site server requires: • Windows Server 2003 SP1, SP2 or Windows Server 2003 R2 • If not SP2 then a number of updates are recommended • SQL Server 2005 SP2/SP3 or SQL Server 2008 • IIS for a number of site systems • .NET Framework 2.0 • MMC 3.0 • Access to specific required client components • Can be downloaded during install or prior to Setup
Configuration Manager 2007 SP1 Prerequisites • Configuration Manager SP1 is very similar to the RTM product • SP1 supports Windows Server 2008 for all site system roles • Was limited to System Health Validator role in RTM • No support for Server Core installations as site systems • Requires Windows Server Update Services (WSUS) 3.0 SP1 • For WSUS server • For site server, WSUS admin console required if WSUS installation is remote from site server (which is recommended)
Configuration Manager 2007 SP1 Prerequisites (2) • Configuration Manager SP1 is very similar to the RTM product (continued) • Two required updates to use Intel AMT out of band management • KBs 936059 and 942841 • Two new site roles in Configuration Manager SP1 both require specific certificates • Out of band service point • For Intel AMT support • Asset Intelligence Synchronization Point • To access System Center Online
Additional Items Prerequisite Check Will Identify • The Configuration Manager Prerequisite Check will also check for: • administrative rights on site systems • Sysadmin rights to SQL Server instance • WSUS requirement • minimum of the WSUS administrator console • or entire WSUS Server installation • Active Directory schema extensions • 8.3 file name support
Service Pack 1 Prereq Updates • The Configuration Manager SP1 Prerequisite Check adds support for: • SQL Server Service Principle Name registration • one of the biggest deployment issues we see today – the lack of proper SPN registration of SQL Server • FQDN for site systems • Recommended to use FQDNs • installed version of the WAIK • SP1 requires WAIK 1.1, and you may have to manually deinstall WAIK 1.0 • WSUS 3.0 SP1 • required for Configuration Manager SP1
demo Validating Prerequisites for Configuration Manager 2007 SP1 Wally Mead Senior Program Manager Microsoft Corporation MGT304
Active Directory Requirements • Configuration Manager site systems are required to be in an Active Directory environment • Active Directory schema extensions are not required, however highly recommended • Network Access Protection (NAP) does require AD schema extended for Configuration Manager • Without the AD schema extended for Configuration Manager, you are required to have a server locator point to assign clients to the Configuration Manager site
AD Schema Compatibility • Configuration Manager can use AD if extended for SMS 2003 with limited functionality • Can’t publish new data or FQDN of site systems • Should upgrade the schema to Configuration Manager as soon as possible • SMS 2003 can publish to AD if extended for Configuration Manager 2007 • Publishes what it is configured to publish, won’t publish Configuration Manager specific data • No new schema update with SP1 of Configuration Manager
Extending Active Directory for Configuration Manager • Configuration Manager Setup will NOT extend the AD schema as SMS 2003 Setup could • You must manually extend the AD schema • Run SMSSetup\Bin\I386\Extadsch.exe • Check C:\Extadsch.log for success • Prior to Configuration Manager Setup is preferred • LDF file will be provided also • Must manually grant site server rights to publish to AD
demo Extending the Active Directory Schema Wally Mead Senior Program Manager Microsoft Corporation MGT304
Configuration Manager 2007 R2 Prerequisites • Configuration Manager R2 adds new capabilities to the SP1 product • Requires Configuration Manager SP1 • If you want to use SQL Server Reporting Services, you must have SRS installed and configured • Not installed nor configured as part of the R2 installation • Multicast support is limited • Windows Server 2008 distribution points • Only used for OSD to download content when running in WinPE
Session Agenda • Prerequisites for Configuration Manager 2007 • Deploying Configuration Manager 2007 • Deploying Site Systems • Understanding Boundaries • Considerations for Upgrading from SMS 2003
Site Installation/Upgrade • Primary Site Installation • CD/Network share • Interactive deployment • Scripted (the standard file you know today) • Secondary Site Installation • Same as primary • Secondary site push installation • ~150MB package sent over the network
Operational Considerations • IIS configuration • Custom websites are supported • All Configuration Manager roles on the server use the same custom website • Site system configuration • Push/Pull for site system data retrieval • Client configuration • Client approval mode for mixed mode • Default is automatic approval for domain joined clients
Site Modes • Mixed mode • Equivalent to SMS 2003 Advanced Security with data signing from clients implemented • Available for new installations and site upgrades • SMS 2003 upgrades will automatically install in mixed mode • Mixed mode provides interoperability with SMS 2003 SP2/SP3 sites • If your environment includes a mix of SMS 2003 and Configuration Manager sites, it is highly recommended that SMS 2003 is SP3
Site Modes (2) • Native mode • Full mutual authentication using PKI-based machine certificates • New installs or migration of mixed-mode sites • Required for Internet-based client management • Cannot report to a mixed-mode site • Should keep sites consistent in the hierarchy • Secondary sites the same as parent
demo Installing a Configuration Manager 2007 SP1 Primary Site Wally Mead Senior Program Manager Microsoft Corporation MGT304
Session Agenda • Prerequisites for Configuration Manager 2007 • Deploying Configuration Manager 2007 • Deploying Site Systems • Understanding Boundaries • Considerations for Upgrading from SMS 2003
Site System Roles • Most site system roles remain the same: • Site server (primary and secondary) • Site database server • Management point • Server locator point • Reporting point • Distribution point • The only roles that were removed are: • Client access point • Sender component server
New Site System Roles • Operating System Deployment • State migration point • PXE service point • Software Updates Management • Software update point (WSUS 3.0 server) • Network Access Protection • System health validator
New Site System Roles (2) • Client Deployment and Distress • Fallback status point • Software Distribution • Branch distribution point • Also supports OSD and SUM • SMS Provider can now be on a 3rd Computer • SMS 2003 required it on the site server or the site database server
Site System Deployment Tips • Ensure you have a fallback status point (FSP) in your hierarchy • Then you can generate client deployment reports • Don’t place distribution points on remote site systems with unreliable or high-latency links • SMB is used to replicate content to distribution points • Use branch distribution points to handle poor network connectivity • Use BITS to download content
Site System Deployment Tips (2) • Separate site systems for easier troubleshooting • Software update point • Management point • Reporting point • Fallback status point • Separate site system roles also provide higher scalability numbers
Configuration Manager Site System Roles SMS 2003 Equivalent Role SQL Server New Role SQL Server Distribution Point Primary Site Server Server Locator Point System Health Validator Reporting Point Fallback Status Point Software Update Point Management Point Branch DP PXE Service Point State Migration Point
ConfigMgr SP1/R2 Site Systems Out of band service point Asset Intelligence synch point Reporting Services point SQL Server SQL Server • Distribution Point • Multicast • AVM streaming Primary Site Server Server Locator Point System Health Validator Reporting Point Fallback Status Point Software Update Point Management Point Branch DP PXE Service Point State Migration Point
demo Deploying Configuration Manager 2007 Site Systems Wally Mead Senior Program Manager Microsoft Corporation MGT304
Session Agenda • Prerequisites for Configuration Manager 2007 • Deploying Configuration Manager 2007 • Deploying Site Systems • Understanding Boundaries • Considerations for Upgrading from SMS 2003
Boundaries • Differences from SMS 2003: • Site Boundaries and Roaming Boundaries are gone • No longer Site Properties • Boundaries replace them • New node under Site Settings • Boundaries are either Fast or Slow • “Fast” would be SMS 2003 “Local” • “Slow” would be SMS 2003 “Remote”
Boundaries(2) • Boundaries flow up the hierarchy • Hierarchy wide view of all boundaries • Makes it easier to identify overlapping boundary scenarios • Still a bad thing in Configuration Manager • Works with SMS 2003 sites • Cannot create SMS 2003 boundaries • Except for SMS 2003 child secondary sites
demo Configuring Boundaries Wally Mead Senior Program Manager Microsoft Corporation MGT304
Session Agenda • Prerequisites for Configuration Manager 2007 • Deploying Configuration Manager 2007 • Deploying Site Systems • Understanding Boundaries • Considerations for Upgrading from SMS 2003
In place Upgrade • Server emphasis • Retains existing data • Feature Packs • All SMS 2003 feature packs should be de-installed prior to upgrade (ITMU is not required to be removed) • OSD and Device Management packages remain Side-by-Side • Client emphasis • Upgrade and re-assign existing clients
Hierarchy Considerations • Top-down upgrade is required • Higher version is always the parent • Can detach a section of the hierarchy if needed • Allows central site to remain SMS 2003 as a new hierarchy is created • Configuration Manager does NOT support any Legacy Clients in the hierarchy • Must remove all Legacy Clients from the hierarchy to upgrade the central site to Configuration Manager
Hierarchy Considerations (2) • Always run a Testdbupgrade prior to upgrade • Interoperability • SMS 2003 sites can report to Configuration Manager sites • SMS 2003 clients can be assigned to a mixed mode Configuration Manager site • Configuration Manager clients can roam to SMS 2003 SP2/SP3 sites • But cannot be assigned to an SMS 2003 site • No SMS 2.0 sites in the hierarchy
SMS 2003 site settings require a SMS 2003 console • Secondary sites are limited, so upgrade to ConfigMgras soon as possible Interoperability Admin UI • No Legacy Client support/interoperability • No standard security support/interoperability • Provide patch/feature-level interop for child sites and SMS 2003 clients in the hierarchy SMS 2003 • No SMS 2.0 interop support provided at all SMS 2.0
Session Summary • System Center Configuration Manager 2007 is the replacement for Systems Management Server • Available for more than a year now • Deployment is very similar to the SMS 2003 deployments you’ve already done • There are new site system roles to be aware of • System requirements are greater than SMS 2003
Resources • www.microsoft.com/teched Sessions On-Demand & Community • www.microsoft.com/learning • Microsoft Certification & Training Resources • http://microsoft.com/technet • Resources for IT Professionals • http://microsoft.com/msdn Resources for Developers www.microsoft.com/learning Microsoft Certification and Training Resources
Related Content MGT304, MGT305, MGT306 – Deploying System Center Configuration Manager 2007: Part 1 – Monday, 2:45 – 4:00 Part 2 – Wednesday, 1:00 – 2:15 Part 3 – Friday, 9:00 – 10:15 MGT05-INT – General Questions on Microsoft System Center Configuration Manager Tuesday, 10:15 – 11:30 MGT01-INT – Deploying Microsoft System Center Configuration Manager Thursday, 1:00 – 2:15 MGT03-HOL – Deploying Microsoft System Center Configuration Manager MGT12-HOL – Managing Microsoft Updates with System Center Configuration Manager MGT04-HOL – Deploying OS Images Using Microsoft System Center Configuration Manager and Network Boot MGT20-HOL – Upgrading from Microsoft System Center Configuration Manager 2007 to Microsoft System Center Configuration Manager SP1 MGT21-HOL – Upgrading from SMS S2003 SP2 to Microsoft System Center Configuration Manager MGT02-HOL - Microsoft System Center Configuration Manager: Migrating from Mixed Mode to Native Mode MGT05-HOL – Device Management with Microsoft System Center Configuration Manager
Management Track Resources • Key Microsoft Sites • System Center on Microsoft.com: http://www.microsoft.com/systemcenter • System Center on TechNet: http://technet.microsoft.com/systemcenter/ • Virtualization on Microsoft.com: http://www.microsoft.com/virtualization • Community Resources • System Center Team Blog: http://blogs.technet.com/systemcenter • System Center Central: http://www.systemcentercentral.com • System Center Community: http://www.myITforum.com • System Center on TechNet Edge: http://edge.technet.com/systemcenter • System Center on Twitter: http://twitter.com/system_center • Virtualization Feed: http://www.virtualizationfeed.com • System Center Influencers Program: Content, connections, and resources for influencers in the System Center Community. For information, contact scnetsup@microsoft.com
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.