In our last article Part6: Software Updates (SUP), we’ve configure the Software Update point and ran the synchronization with Microsoft Updates server.
As a result of this process, we’ve got the Software Updates metadata synchronized and the result can be viewed from the Configuration Manager console
Throughout this article, we will select few updates and deploy them to a collection of Windows 7 machines. Before we do that, it would be nice to review the Software Update policy to make sure its properties satisfy our business needs.
From the Client Settings in the Administration tab, Click Software Update
If you are planning to use Software Update point to patch your environment, make sure you do not configure domain policy for client computers to receive updates from WSUS through Group Policy Settings. The group policy settings used by Windows Update Agent (WUA) on client computers will override any machine policy sent from Configuration Manager and hence the client agent will retrieve the updates specified by the “unmanaged” WSUS.
Deploying Software Updates to client machines is simply the process of adding software updates to a software update group and then deploy the software update group to clients. There are actually two methods to deploy updates. The first one is a manual process where we select updates from the console and deploy it to a collection of machines and the second method is automatic by using an automatic deployment rule or by adding software updates to an update group that has active an deployment.
At your initial install, you might need to use first the manual method to get your devices up-to-date with required software updates and then you create an automatic deployment rule to manage your ongoing monthly software update deployments.
As you’ve seen in our first screenshot, there are hundreds of updates in the console. The first step here would be to filter the updates by criteria.
To do so, from the Configuration Manager console, click Software Library.
Expand Software Updates and click All Software Updates.
In the search pane, click Add Criteria and select the criteria that you want to use to filter software updates and click Add
Click Search to filter the Software Updates
Select the updates you wish to deploy, right click on your selection and click Deploy
On the General page, specify the name of the deployment, the software update group name and the collection where the updates will be deployed
On the Deployment Settings page, make sure Required is selected as the Type of deployment to make sure the updates will be mandatory with an installation deadline and Minimal for Detail level.
On the Scheduling page, select Client local time, on the Software Available Time, select As soon as possible to make sure clients are notified for updates installation as soon as their next policy polling cycle and on the Installation deadline, specify a time where the software updates will get installed automatically
On the User Experience page, you can keep the default settings and click Next
On the Alerts page, configure how Configuration Manager and Operations Manager will generate Alerts
On the Download Settings page, when a client is connected to a slow network or is using a fallback content location, specify whether the client will download and install the software updates and when the content for the software updates is not available on a preferred distribution point, you can specify whether to have the client download and install the software updates from a fallback distribution point and on the Allow clients to share content with other clients on the same subnet: specify whether to enable the use of BranchCache for content downloads
On the Deployment Package page, select to create a new deployment package and specify its properties
On the Distribution point page, select the distribution point to host the software update files.
On the Download location page, select to Download software updates from the internet
On the Language selection page, select the languages for which the selected software updates are downloaded.
On the Summary page, review the settings and click Save As Template to save the settings for a future deployment
Click Next and on the Completion screen click Close.
At this stage, you would need to wait for the next policy polling cycle on the client machine or you can force the client machine to retrieve the machine policy by double clicking the Configuration Manager Client Agent found in Control Panel.
From the Actions tab, select Machine Policy Retrieval & Evaluation Cycle and click Run Now
After few seconds, you will notice a notification message
From the Software Center, you can check the Software Updates deployment settings
Once the updates get installed, you will be able to view the installed updates with a description of each update
This comes to the end of this article where we’ve discussed the required steps to deploy Software Updates to devices. We will be discussing in a future article the automatic deployment rule when it comes to Endpoint Protection.
In my previous article Part5: Software Updates (WSUS), we’ve seen the necessary steps to install WSUS for Configuration Manager.
Throughout this article, we will install and configure Software update point.
From the Configuration Manager console, click Administration, expand Site Configuration and click Servers and Site System Roles.
Right click the primary server and click Add Site System Roles
On the General page, click Next and on the System Role Selection page, check Software update point
On the Software Update Point page, specify proxy settings if needed to connect to the internet to synchronize and download content.
On the Active Settings page, select to Use this server as the active software update point and choose to use the custom WSUS website
On the Synchronization source page, select to Synchronize from Microsoft Update. This option is only available for stand-alone primary servers and for CAS servers. Secondary servers and primary servers within a hierarchy are automatically configured to upstream through their parent site.
Under WSUS reporting events, keep the default selection since Configuration Manager doesn’t interpret WSUS reporting events.
On the Synchronization Schedule page, check to Enable synchronization on a schedule and check to Alert when synchronization fails on any site in the hierarchy
On the Supersedence Rules page, if you click to immediately expire a superseded software update, you will be able to see the expired updates in the Configuration Manager console for a period of 7 days. Following that, expired updates that are not associated with any deployment will be tomb-stoned.
You can select some time if you would need to wait before a superseded software update is expired
On the Classifications page, select the classification you want to synchronize
On the Products page, select the products you want to synchronize
On the Languages page, select the language you want to synchronize
On the Summary page, click Next
On the Completion page, click Finish
From the Configuration Manager console and from the Administration tab, click All Software Updates and click Synchronize Software Updates
Click Yes on the informational box
You can monitor the synchronization progress by checking wsyncmgr.log
This comes to the end of this article. In our next article we will deploy updates to desktop machines.
In my previous blog article Part4: Client Settings, we’ve discussed what have changed since Configuration Manager 2007 and how to create client settings for devices and users collection.
In this article, we will first install WSUS and later we will walk through the installation and configuration of the Software Update point.
From the Server Manager, right click Add Roles and click to add the WSUS role
On the Before you begin page click Next and on the Add Roles Wizard, select Windows Server Update Services
Click Next on the Windows Server Update Services page and click Install on the Confirm Installations Selections page
Click Next on the Setup Wizard page
Click the checkbox to accept the License Agreement and select the Store Update location
Select to use the existing database and click Next after successfully connecting to the SQL Server instance
On the Web Site selection, select to create a custom website
Click Next twice to start the installation
Click Finish on the completion page and click Cancel on the Windows Server Update Services Configuration Wizard since we will configure these settings from the Configuration Manager console.
This comes to the end of this article where we’ve install WSUS. In our next article we will go through the installation and configuration of Software Update point.
In my last blog article Part3: Boundaries and Boundary Groups, we’ve covered how to automatically discover and create boundaries and how to use these boundaries in boundary groups for site assignment and content location.
Throughout this article, we’ll cover Client Settings which was known as Client Agent Settings in Configuration Manager 2007.
One of the major changes in this area that Client Settings are now configured on the hierarchy level. With ConfigMgr 2007, Client Agent Settings are configured on a site level. Having that said, you didn’t have the option to configure different client agent settings for agents that exist within the same Configuration Manager site.
In System Center 2012 Configuration Manager, client settings are hierarchy based. The default client settings policy is applied to all agents within the hierarchy and additional client settings policies can be created and applied to collections. These collections could be a group of computers or a group of users.
The following client settings can be applied for devices (click on the policy to know more information):
The following client settings are for users:
To create a new custom client settings for a user or a device, go the Administration tab in the console, right click Client Settings and select to create a new policy setting
Select a custom setting such as Remote Tools and click on Remote Tools from the upper left box to configure settings
Click Configure, check the box to Enable Remote Control on client computers and check the box of the Domain profile to automatically configure the Remote Control port and program exceptions for clients.
Set your other settings as desired and click on Set Viewers
Type the permitted viewers such as a user or a group and click OK
Once done you will notice the newly create device settings
If it happens to have two policies such as Remote Control settings and both being applied to the same collection, the policy with lower priority value will take over any other policy.
You can increase or decrease the client settings priority by right clicking the policy and selecting to increase the priority
To deploy the newly created policy to a device collection, right click the policy and click Deploy
Select the device collection and click OK
From the properties of the device collection, you will notice that the custom settings now appear as being applied to the collection
In my last blog article Part2: Discovery Methods, we’ve discussed the different discovery methods and how to configure these methods.
We’ve also seen the Forest Discovery Method which aim to automatically create boundaries based on the discovered IP subnets and Active Directory Sites.
To check the created boundaries. go to the Administration tab and click on Boundaries
Even though, the boundaries do exist, each boundary would need to to be a member of a boundary group before a device on that boundary can identify an assigned site or a distribution point.
On the other hand, boundaries are no longer site specific, instead defined for the hierarchy which make them available at all existing sites of that hierarchy. Boundaries are defined under the Hierarchy Configuration from the Administration tab.
From Boundary Groups, click Create Boundary Group
In the Name field, type the name for the boundary group and click on Add to add boundaries to the boundary group
On the References tab, check Use this boundary group for site assignment and click Apply
During automatic site assignment, the selected site will be used for client assignment that exists within the defined network location. If one particular boundary is added to many boundary groups where these groups are configured for client assignment, new installed clients will nondeterministically select one of the sites and we will have an overlap of boundary configuration. This scenario is not supported in Configuration Manager.
You might also have noticed from the References tab that we can add and associate one or many distribution points or state migration points to the boundary group
During a software distribution or an operating system deployment, the client request a location for deployment content or a location to send/receive state migration information (in OSD). The Configuration Manager send the client a list of distribution/state migration point that are associated with the boundary group of the client current network location. The client in this case will select the nearest server point.
The network connection speed is now defined for a distribution point and from within the boundary group
As a best practice, create boundary groups for site assignment and another set of boundary groups for content location. This will help you eliminate the chances for users getting assigned to wrong sites whenever they are roaming.
This comes to the end of this article where we’ve discussed boundaries and boundary groups.
Stay tuned for our next one!!
In part 1 of this series, we went over the steps to deploy a stand-alone primary site.
Throughout this article, we will configure discovery methods for our primary site.
From the Administration tab, expand Hierarchy Configuration and click Discovery Methods
As you have noticed, Active Directory System Group discovery has been removed and Active Directory Security Group has been renamed to Active Directory Group Discovery and discovers the group memberships of resources.
By default, Heartbeat Discovery is the only enabled discovery method. Heartbeat discovery is pre-configured to run every 7 days on every computer and it aims to create a discovery data record (DDR) which contains the network location, NETBIOS name and operational status details. The DDR (size of 1KB) is submitted to the management point and processed by the primary site to maintain the active client’s record in the database or force the discovery of an active client that have been removed from the database, or that has been manually installed and not discovered yet.
As a best practice, keep the heartbeat discovery method enabled all the time and if you need to modify the schedule the discovery runs make sure the value is always less than the value of the task Delete Aged Discovery Data which deletes inactive client records from the site database.
This task can be viewed from Site Maintenance
From the Discovery Methods page, double click Active Directory Forest Discovery.
Check to enable the forest discovery and check the other two options to Automatically create Active Directory site boundaries when they are discovered and to Automatically create IP address range boundaries for IP subnets when they are discovered
Active Directory Forest Discovery is a new method which will discover the IP subnets and the Active Directory sites and add them as boundaries. We will be covering later how we can use the discovered information for site boundaries.
This method is scheduled by default to run every 7 days and it doesn’t support Delta Discovery. You can always run the method if you right click on it and select to Run Full Discovery Now
If you go to Boundaries, you will notice the automatic creation of boundaries
The above Forest Discovery ran on the top-level site of the hierarchy.
You can also run this method on other Active Directory Forests. To do so, go to Active Directory Forests from the Administration tab and select the Forest you want to discover.
On the General page, you’d need to specify an account from the designated forest that has the privileges to discover Active Directory Sites and IP subnets and to publish information to the Active Directory. To do, this account must have full permissions on the System Management object in Active Directory.
Alternatively, the site server computer account can be used if he has permissions to do so.
On the Publishing page, you can select the site to be published to the designated forest.
You can monitor the Discovery Status and the Publishing Status from the lower right pane
You can also check further information on the status by checking the ADForestDisc.log file found in the <InstallationPath>\Logs
Next, double click Active Directory System Discovery and check to enable this method on the contoso.com domain
On the Polling Schedule tab, click to enable Delta Discovery.
Delta Discovery is not a full discovery but instead a method that will search Active Directory Domain Services (AD DS) for specific attributes that have changed since the last full discovery cycle. Even though, Delta Discovery will discover new resources and changes, it won’t detect when a resource is deleted from AD DS. If Delta Discovery is enabled for Active Directory Group Discovery, it will detect when computers or users are added or removed from a group.
On the Active Directory Attributes page, you can check the attributes that are selected for default discovery and you can select from the Available Attributes list a custom attribute such as “location” attribute and add it to the discovery method. This option has been improved from Configuration Manager 2007 R3
On the Option page, select the options to filter out stale computer records from the discovery. This is a new feature in the product which will help keep the site database up to date with active client records.
Let us enable Active Directory User Discovery on the contoso.com domain
Similar to Active Directory System Discovery, on the Polling Schedule page you can enable Delta Discovery and on the Active Directory Attributes page you can select additional attributes to be added to the default discovered attributes.
Those are the only discovery methods I will enable for my current environment.
This comes to the end of part 2 where we’ve configured discovery methods and discussed the new and the improved discovery functionalities.
In our next article, we will be discussing Boundaries and Boundary Groups.
Throughout this blog series, we will go through the installation and configuration of the site server and the site system while exploring the existing and the new features in the product.
In part 1, I’ll be driving you through the installation of a stand-alone primary site. For guidelines on installing the prerequisites, you can refer to my previous article Building Configuration Manager 2012 Hierarchy – Part 1 Installing prerequisites
Once you have completed the prerequisites installation, double click the Install button from the Configuration Manager media.
On the Before You Begin page, click Next
On the Getting Started Page, select Install a Configuration Manager primary site
On the Product Key page, select to use the product as evaluation period of 180 days or type in your product key
On the next two pages, Accept the Microsoft Software License Terms, the Prerequisite Licenses and click on Next
On the Prerequisite Downloads page, select a UNC path where you’ve downloaded the updates and click Next
On the Server/Client Language selection pages, keep the default value (English) and click Next
On the Site and Installation Settings page, fill in the Site Code, the Site Name and click Next
On the Primary Site Installation page, select to Install the primary site as a stand-alone site and click Next.
On the pop-up Configuration Manager informational message, click Yes
On the Database Information page, keep the default values and click Next
On the SMS Provider Settings page, make sure the site server name FQDN is selected and click Next
On the Communication page, select the second option and click Next
On the Site System Roles page, check to install a management point (MP) and a distribution point (DP) and click Next
Click Next on the CEIP page and on the Settings page
On the Prerequisite Check page, review the warnings and click Begin Install (you can ignore the WSUS warning message as we will be installing it in a future article)
Once the installation complete, make sure you have no errors in the core setup
One of the newest features in Configuration Manager is the new application model. Through this model, you can automatically detect information about the application from MSI application files. However, If you are used to deploy Office 2010 using the “setup.exe”, you can still do so by following the steps in this article.
From the Configuration Manager console, right click Application and click Create Application
Select Automatically detect information about this application from installation files and select PROPLUSWW.msi
Click Next twice and on the General Information page select Install for System and fill other informations as needed
Click Next twice and make sure the Create Application Wizard is completed successfully
Right click the Deployment Types tab found in the lower right pane of the console and click Properties
Select the Programs tab and replace the installation program field by setup.exe
On the Content tab, modify the content location to the Office 2010 root media
Now we have the application ready for deployment. Right click Microsoft Office Professional Plus 2010 and click Deploy
On the General page, select the collection you want to deploy Office 2010 and click Next
On the Content page, select a Distribution point or a distribution point group
On the Deployment Settings page, select Install from the Action field and available or required
Click Next on the remaining pages until you hit the Completion page
From the Client Machine and since we made this deployment of type available, let’s open Software Center and ignite the installation
Wait few minutes till the files get downloaded
The installation will start and once completed, the product will appear as installed
During the deployment of System Center 2012 Configuration Manager, I installed the Application Catalog web service point and the Application Catalog website point. While monitoring the SMS_PORTALWEB_CONTROL_MANAGER health, I found an error with message ID 1016
Checking SMSPORTALWEBSetup.log pointed me that IIS ASP.net was not registered
So I ran the aspnet_regiis.exe –I
At that point, I thought the issue was solved as the log showed a success for installing the portal web
After browsing the Application Catalog, I found that I wasn’t able to connect to the application server
The SMSAWEBSVCSSetup.log pointed me that the WCF isn’t activated
From the Add Features Wizard, I added the HTTP Activation
Opening again the Application Catalog, I got the following error: Error message after you install the .NET Framework 4.0: "Could not load type 'System.ServiceModel.Activation.HttpModule'"
Thanks to our KB2015129 article which explains the reason behind this error when enabling .NET 3.0 WCF HTTP Activation.
By running aspnet_regiis.exe /iru the issue was fixed!!
In my previous blog article Building Configuration Manager 2012 Hierarchy – Part 3 Deploying Tier 2 Primary Site, we went over the required steps to deploy the first primary site in the hierarchy.
To have more than one primary site, you will need to make sure your hierarchy contains a Central Administration Site (CAS). More primary sites can be deployed by following same steps.
In this article, we will walk you through the process of deploying a Tier 3 Secondary Site Server.
As a required step, we would need to add the primary server computer account to the local administrator group on the secondary server.
Open Configuration Manager console, navigate to Administration section, expand Site Configuration and select Sites.
Right click on the primary server and select Create Secondary Server
Specify the Site Code, the Site Server Name and other information as shown below
Specify how the source files will be located and press Next
On the SQL Server Settings page, make sure the following ports are set correctly and click Next
On the Distribution Point page specify the following settings and click Next
On the Drive Settings page specify the following settings and click Next
On the Specify the content validation settings page, click Next
On the Specify the boundary groups page, click Create to create a new boundary group for the secondary site.
In the Name box, type Secondary Site Clients.
Click Use this boundary group for site assignment, and then in the Assigned site box, verify that PR1-Contoso Primary Site is listed, click OK and click Next twice
Verify that the creation wizard completes successfully.
After refreshing the console, navigate to Administration section, expand Site Configuration and select Sites.
Verify that the State shows as Active and check that the Site Code and Parent Site Code are correct
To monitor the health of the hierarchy, go to Monitoring and click Site hierarchy.
Expand the hierarchy and make sure the hierarchy is healthy by verifying the green check mark.
This comes to the end of this blog article and the deployment series.
In my last blog article Building Configuration Manager 2012 Hierarchy – Part 2 Deploying Tier 1 CAS, we went over the details on deploying a Central Administration Site which is an essential role if you are looking to deploy more than one primary site in your hierarchy.
Throughout this blog article, we will walk through the details of deploying our first Primary Server in the hierarchy.
From the primary server run the splash.hta from the Configuration Manager 2012 media
Run Asses server readiness and make sure no errors or warnings are displayed
Go back to the Configuration Manager 2012 Setup page and click on Install
On the Getting Started page press select Install Configuration Manager primary site (make sure Use typical installation options for standalone primary option is deselected) and press Next
Specify the product key and accept the licensing terms on the Microsoft Software License Terms page and press Next
Select Use previously downloaded updates from the following location., browse to the updates and press Next
On the server language selection and press Next
On the client language selection and press Next
Specify the Site Code, Site Name and the Installation Folder as below and press Next
Specify join primary site to an existing hierarchy and then specify the FQDN of the central administration server (CAS) and press Next
Specify the database Server name, Instance name and leave the database name and SSB port on their defaults and press Next
Specify the SMS Provider and press Next
Select only Configure the communication method on each site system role (make sure Clients use HTTPS when they connect to HTTPS-enabled site roles are available is unchecked)
Specify management point site system and distribution point site systems and make sure that client communication is set to HTTP
Press Next on CEIP page
Review Settings Summary page and press Next
After prerequisite checker finishes press Begin Install to start Configuration Manager 2012 primary site installation
Make sure the setup marks as completed successfully
This comes to the end of Part 3 Deploying Tier 2 Primary Site. In our next blog, we will deploy a secondary server in the hierarchy.
Cheers!!
In Part 1 of this blog series Building Configuration Manager 2012 Hierarchy – Part 1 Installing prerequisites, we’ve configured and installed all features, roles and servers for Configuration Manager 2012.
In this article, we will first start with the Tier 1 Central Administration Site (CAS) installation.
1. Run splash.hta from the Configuration Manager 2012 media
2. Run Asses server readiness and make sure no errors or warnings are displayed
3. Go back to the Configuration Manager 2012 Setup page and click on Get the latest Configuration Manager updates and save the updates on your local drive such as C:\Downloads
4. Go back to the Configuration Manager 2012 Setup page and click on Install
5. On the Before You Begin page press Next
6. On the Getting Started page press select Install Configuration Manager central administration site and press Next
7. Specify product key and accept licensing terms on the Microsoft Software License Terms page and press Next
8. Accept all prerequisite licensing terms and press Next
9. Click Use previously downloaded updates from the following location, and then click Browse
10. Point to C:\Downloads, and then click OK
11. On the Server Language Selection page, keep the default language and press Next
12. On the Client language Selection page, keep the default language and press Next
13. In the Site code box, type CON and in the Site name box, type Contoso Central Administration Site
14. Verify that the Installation folder box contains the default setting of C:\Program Files\ Microsoft Configuration Manager and that Install Administrative console is selected, and then click Next
15. Click Next to accept the default values of the Configuration Manager site server’s installation of SQL Server and CM_CON for the database name
16. Click Next to use the Configuration Manager site server for the SMS Provider
17. Press Next on the CEIP page
18. Review the Settings Summary page and press Next
19. After the prerequisite checker has finishes press Begin Install to start the Configuration Manager 2012 CAS installation
20. Press View Log to monitor the installation details
Now let us have a look at the Configuration Manager status messages
1. Click Start | All Programs | Microsoft System Center | Configuration Manager 2012, and then click ConfigMgr Console.
2. Click the Monitoring workspace
3. In the navigation pane, expand System Status, and then click Site Status
4. In the navigation pane, click Component Status
5. In the results pane, click SMS_SITE_COMPONENT_MANAGER, and then on the Ribbon, click Show Messages, click All
6. Click OK, click the message, and then on the View menu, click Detail
7. Click OK and on the File menu, click Exit
8. Display all status messages for SMS_HIERARCHY_MANAGER
9. On the File menu, click Exit
10. Display all status messages for SMS_WINNT_SERVER_DISCOVERY_AGENT
11. On the File menu, click Exit
12. Click the Administration workspace
13. In the navigation pane, expand Site Configuration, and then click Sites
14. In the navigation pane, click Servers and Site System Roles
Notice that the installed roles for the central administration site appears in the details pane. Notice also that the site server and site database roles have all been installed on the site server computer (as well as site system and component server). A CAS does not include all the same site system roles that a primary site includes. Because no clients are managed by a central administration site, there is no need for a management point or a distribution point.
This comes to the end of Part 2 Deploying Tier 1 CAS. In our next blog we will deploy our first primary site in the hierarchy.
Throughout this blog series, we will drive the installation of a greenfield configuration manager 2012 hierarchy composed of a central administration site (Tier 1 CAS), a primary site (Tier 2) and a secondary site (Tier 3).
The below figure shows the hierarchy design:
As this is a new installation, we would need to extend the Active Directory schema.
Next, we need to create the System Management container and set the rights for site servers in order to be able to publish information.
1. Click Start | Administrative Tools, and then click Active Directory Users and Computers
2. On the View menu, click Advanced Features
3. In the console tree, expand contoso.com, and then click System
4. On the Action menu, click Properties and click the Security tab
5. Click Add and Click Object Types
6. Under Object types, click Computers, and then click OK
7. In the Enter the object names to select field, type CM12-CAS and then click OK
8. Under Permissions for CM12-CAS$, click Full Control under Allow, and then click Advanced
9. Under Name, click CM12-CAS$, and then click Edit
10. In the Apply to field, click This object and all descendant objects, and then click OK
11. Click OK
Repeat steps 5 through 13 to add CM12-Primary and CM12-Secondary as site servers to publish to AD
Next, we need to install the Operating System required components for Configuration Manager
1. From the CM12-CAS server, open Server Manager and select Features
2. Add the following features including all dependencies that are require and press Next:
3. On the WEB Server (IIS) Page add the following role services and press Next:
4. Verify that all components are installed successfully
It is now time to install the SQL Server. I have already slipstreamed the SQL Server 2008 R2 with SP1 and I’d recommend you do the same.
For details please refer to the following Microsoft support article. http://support.microsoft.com/kb/955392
Make sure you install .NET Framework 3.5.1 before launching SQL installation.
1. Start the installation of SQL
2. Click on New SQL Server stand-alone installation or add features to an existing installation
3. The Setup Support Rules window will be displayed
4. Click OK, enter the Product Key and click Next
5. Accept the License Terms, click Next and click Install to install the SQL 2008 Setup Support Components
6. Click Install to install the SQL 2008 Setup Support Components
7. Select the following features for the SQL installation and specify the Shared Feature Directory, then click Next:
8. Use the Default/Named Instance, Instance ID, and Root directory. Click Next
9. Select Use the same account for all SQL Server services
10. Change SQL Server Agent Startup Type to Automatic
11. Press Collation TAB and verify that SQL_Latin1_General_CP1_CI_AS is the selected collation
12. Use Windows authentication mode (Default) on the Account Provisioning Tab. Click on “Add Current User” button at the bottom of the window
13. Click on the Data Directories Tab and specify the target directory for each of the following, then click Next
14. Select Install the native mode default configuration (Default) and click Next
15. Verify that the installation components summary is correct, make note of the location of the ConfigurationFile.ini, and click Install
SQL Server memory should not be left to its default configuration of unlimited memory usage. Follow the below steps to configure SQL Server memory to have a maximum memory.
Finally, install .net framework 4.0
This come to the end of Part 1 Installing prerequisites for the blog series on Building Configuration Manager 2012 Hierarchy.
In this part, we’ve extended Active Directory, created the System Management container and set the configuration manager servers permissions.
We’ve also installed the core operating system components and the SQL Server.
In the next blog article, we will proceed with the deployment and configuration of the Central Administration Site.
I have been asked a number of times on the possibility of allowing or denying Windows 7 installation to specific MAC addresses.
If you are performing a light touch installation (LTI) using MDT, you can append the MAC address to your customsettings.ini file. A sample configuration is shown below:
[Settings]
Priority=MacAddress, Default
[00:15:5D:84:2F:24]
OSInstall=Y
[Default]
OSInstall=N
The above entries will install the operating system only to the MAC address [00:15:5D:84:2F:24]. Any other MAC address won’t be able to perform the OS installation. When you try to run a task sequence from an unauthorized machine, you will get the below error:
You could also make use of the SQL Express for dynamic configuration. To do so, expand your deployment share, expand Advanced Configuration, expand Database, right click on Computers and click New Computer.
Fill in the information to identify the computer machine as shown below and click Apply:
Click the Details tab, and scroll down to Miscellaneous section. On the OSInstall value, type NO and click OK:
Right click Database and select Configure Database Rules. On the Configure DB Wizard page, select the first option to query for computer-specific settings only:
Click Next and Deselect All for Location Options. Repeat this for the remaining pages till you reach the confirmation page.
Check your customsettings.ini and it should look as below:
When you try to run an operating system deployment from an unauthorized machine, you would get a similar error to the one at the top of this article.
On the other hand, if you are performing a zero touch installation (ZTI) with Configuration Manager, the steps would be similar to LTI but you would need to add a Gather step to read customsettings.ini at the beginning of your task sequence.
From the configuration manager console, expand Operating System Deployment and click on Task Sequences. Right click your desired task sequence and click on Edit.
Place your cursor on the Initialization group, click on Add, select MDT and click Gather.
Select Gather local data and process rules and browse to your Settings package that was created prior to the task sequence creation. On the Rules file field, type CustomSettings.ini:
Machines with MAC address not listed for deployment will get the following error:
You can also deny the installation at the PXE level by adding a string value MACIgnoreListFile to the registry of the PXE server. This key should reference a text file placed on the same server which lists the MAC addresses to be ignored for PXE boot:
On a 32-bit system, the registry key needs to be created at HKLM\Software\Microsoft\SMS\PXE. On a 64-bit system, the registry key needs to be created at HKLM\Software\Wow6432Node\SMS\PXE.
Machines listed in the text file would get the following error when booting from the PXE:
Conversely, you can allow only specific MAC addresses to boot from a PXE server. To do so, from the configuration manager console, expand your Site Settings, select your site server, right click your PXE service point and click on properties.
Under Interfaces, select “Respond to PXE requests on specific network interfaces” and add your MAC addresses as shown below:
One of the best features in Operations Manager 2012 is network monitoring. Out of the box, Operations Manager gives you the opportunity to discover and monitor your network environment. In addition, you can execute reports against your network devices in a simple and single pane.
It is good to start by running a discovery against our network devices. For that purpose, go to the Administration tab and click on Discovery Wizard
Select Network Devices, and click on Next
On the General Properties page, enter a Name and a Description for the discovery rule. Under Select a management server or gateway server, select a server from the available servers’ list.
It is important to note that the selected server must have SNMP or ICMP access to the network device it is going to discover.
Under Select a management Pool, select a pool from the Available pools and click on Next
Resource Pool is another feature in Operations Manager 2012 which supports high availability. You will now have the option to select one or many management servers, group them in a pool, and assign your network devices to be monitored by the pool. If a server goes down from that pool, it will automatically failover any monitoring that is occurring on that management server to the other members of the pool.
Out of the box, All Management Servers Resource Pool is created which includes all management servers.
On the Discovery Method page, select Explicit discovery if you know which devices you want to discover. On the other hand, select recursive discovery if you don’t know much about your devices and thus you wish to do a recursive discovery starting from few discovered network devices.
On the Default Accounts page, we will create a Run-As account. Click on Create Account and then on Next. Provide a display name and a description as shown below:
Click on Next and provide a read-only community string
Click on Create.
The interesting aspect is that if you have a large number of devices which require different community strings, you can specify them here.
Click on Next and on the Devices page, and then click on Import if you wish to import your network devices from a text file or click on Add to add your devices one by one.
On your Add a device page, type your device FQDN or IP address and select the Access mode and the SNMP version you want to use.
In the SNMP V1 or V2 Run As account, select the appropriate community string, or choose Use selected default accounts if you wish Operations Manager to do the matching for you and create the 1:1 relation between the network device and the community string. This is very useful if you are importing a large number of network devices that use a number of community strings.
Click Ok and then Next.
On the Include filters page, you can filter the discovered network devices in the case of a recursive discovery and filter them by device type as shown below:
Select the network device type you wish to include, click on Ok and then Next.
On the Exclude filters page, you can specify a network device type to be excluded from the discovery. The list of network device type looks similar to the one shown above.
Select the devices you wish to exclude, click on Ok and then Next.
On the Schedule Discovery page, set the scheduled date and time for running the discovery rule or select Run the discovery rule manually to run the rule manually.
On the Summary page, click on Discover to start the discovery and save the newly created discovery rule.
Once the discovery runs and gets completed, you will be able to quickly view the result of the network discovery by clicking on Discovery Rules in the Administration tab as shown below:
Network Devices that could not be discovered will be placed in the Network Devices Pending Management.
From the monitoring tab, you will find a list of sealed views and dashboards.
By default, the operations manager will monitor the active port/interface, the connection health, the VLAN health, and the HSRP group.
If you click on the VLANs view, and select any VLAN from your discovered VLANs, you will be able to navigate to its specific view or execute a report against it as shown below:
In OpsMgr 2007, you would need to go to the Reporting tab, open the report, look for the object, and add it. Now with OpsMgr 2012, you just need to select the object such as the VLAN, click on your desired report, and the report will open with the selected object being added.
Similar to running a report, you can now run a dashboard in the same way. If you select any view such as the Routers view, select the router object and launch the Vicinity Dashboard from the right pane as shown below:
From the Vicinity Dashboard, you can also run the Network Node Dashboard.
The steps and screens in this article are provided from an Operations Manager 2012 CTP3 version and therefore might change in future releases of the product.
Microsoft Deployment Toolkit (MDT) 2012 Beta 1 has been announced earlier this month by Michael Niehaus.
From the new features that come along MDT 2012 Beta 1, we will explore the new added Task Sequence template called “Deploy to VHD Client Task Sequence” which is used for Windows 7 VHD installation. A second Task Sequence for Server is available as well to boot Windows Server 2008 R2 from a VHD but that scenario won’t be covered in this article.
Let’s start by importing the Windows 7 Operating System into the workbench. After that, right click on Task Sequence and click New Task Sequence.
Enter the Task sequence ID, and the Task sequence name, and click Next.
In the Select Template page, select “Deploy to VHD Client Task Sequence”, and click Next.
Choose the Windows 7 OS, and click Next.
For the remaining pages, select your choice, and click Next till you hit Finish.
As I am working in a Hyper-V environment, I have attached the WinPE bootable file to a newly created machine, and booted the machine.
Now is time to experience the new User Interface
On the Initialization phase, click Next
On the next page, type your credentials to connect to the network share
On the Welcome screen, click “Run the Deployment Wizard to install a new Operating System”
On the Task Sequence page, select the task sequence, and click Next
Keep or modify the computer name, and click Next
Select Whether to join a Domain or a Workgroup, and click Next
For the rest of the pages, select your choice until you’re at the Ready page
Click Begin, and the installation will start
If we look back to the Task Sequence we created, we will see similar tasks and group of the tasks to the “Standard Client Task Sequence” template. What makes the VHD sequence template different is actually the “New Computer” scenario where we notice three additional tasks as shown below
Back to our client machine, the task sequence will create the VHD file
and the Windows installation will proceed
After the installation is successfully done, and by clicking on Disk Management from the Computer Management, we notice that the Operating System is booted from the VHD, and the VHD file is located in the VHD directory on the OSDisk partition
As you’ve seen, it is a simple process and I recommend you try it out!!
To join the MDT 2012 Beta 1: http://go.microsoft.com/fwlink/?LinkId=217606
In my previous article Zero Touch Implementation with Configuration Manager 2007 R3 – part2, we went over the required configuration for ZTI. We also installed and configured MDT integration with Configuration Manager.
Throughout this article, we will build and capture a reference image to be used later for production deployment.
Before starting with the package creation that we will build later for our reference image, let us add and configure an authoring rule in WebDAV.
For that, expand Server Manager, expand Roles, and expand Internet Information Services. From the Internet Information Services (IIS) Manager pane, expand Default Web Site, and double click WebDAV
Click Enable WebDAV, and click Add Authoring Rule…
Under Allow access to this content to: select All Users, and under the Permissions check Read, and click OK
From the WebDAV Authoring Rules page, click WebDAV Settings. Under the Property Behavior section, select True on the Allow Anonymous Property Queries, select False on the Allow Custom Properties, select True on the Allow Property Queries with Infinite, and select False on the Allow Hidden Files to be Listed
At this point, we need to create packages for our Reference Image. For that, we will be creating packages for the User State Migration Tool (USMT), the Configuration Manager Client Agent, and the WinPE 3.0 (x86 and x64).
Expand Software Distribution, right click Packages, and select New Package. On the New Package Wizard, and on the General page, fill the information as shown in the below figure, and click Next
On the Data Source page, check This package contains source files, click Set and browse to USMT folder
For the remaining pages, click Next and accept all the default settings.
To update the distribution point, expand Packages, expand USMT package, right click Distribution Points, and click New Distribution Points. On the Welcome page click Next, on the Copy Package page select the distribution point, click Next and Close
To create the Configuration Manager Client Agent, expand Software Distribution, right click Packages, and select New Package. On the New Package Wizard, and on the General page, fill the information as shown in the below figure, and click Next
On the Data Source page, check This package contains source files, click Set and browse to Client folder
To create a Program for the Configuration Manager Client Agent, expand the package, right click Programs and select New Program. On the General page, fill the information as shown in the below figure, and click Next twice
On the Environment page, select the option “Whether or not a user is logged on”
To update the distribution point, expand the Configuration Manager Client package, right click Distribution Points, and click New Distribution Points.
On the Welcome page, click Next, and on the Copy Package check the distribution point, click Next and Close
For WinPE images, we will have to create a package for x86 platform and a second one for x64 platform.
To create an x86 WinPE image, expand Operating System Deployment, right click Boot Images and select Create Boot Image using Microsoft Deployment. On the package source page, specify the UNC path for the package source, and click Next
On the General Settings page, fill in the information and click Next.
On the Image Options page, select the x86 platform, and click Next
On the Summary page, click Next to start generating the WinPE x86 boot image.
To update the boot image to the PXE distribution point, expand Operating System Deployment, expand Boot Images, expand WinPE3.0 x86, right click Distribution Points, and click New Distribution Points.
On the Welcome page, click Next, and on the Copy Package page select the PXE distribution point
Click Next and Close.
To create an x64 WinPE image, expand Operating System Deployment, right click Boot Images and select Create Boot Image using Microsoft Deployment. On the package source page, specify the UNC path for the package source, and click Next
On the Image Options page, select the x64 platform, and click Next
On the Summary page, click Next to start generating the WinPE x64 boot image.
Click Next and Close
The next step would be to add the Operating System Install Package.
Expand Operating System Deployment, right click Operating System Install Packages, and click Add Operating System Install Package.
On the Data Source page, browse to the OS source directory that contains the installation source, and click Next
On the General page, fill in the information as shown in the below figure, and click Next
On the Summary page, click Next and Close
To update the distribution point with the OS package, expand the Windows 7 x86 Default Image package, right click Distribution Points and click New Distribution Points.
On the Welcome page click Next, and on the Copy Package page, check the distribution point
The next step would be to create a task sequence.
For that, expand Operating System Deployment, right click Task Sequences and click Create Microsoft Deployment Task Sequence.
On the Choose Template page, select the Client Task Sequence, and click Next.
On the General page, type a name for the Task Sequence name, and click Next.
On the Details page, Join a Workgroup , fill Windows Settings information, and click Next
On the Capture Settings page, locate the capture destination location and the capture account, and click Next
On the Boot Image page, select Specify an existing boot image package and browse to select the WinPE 3.0x86 boot image, and click Next
On the MDT package, select Create a new Microsoft Deployment Toolkit Files package and specify the UNC path for the package source folder to be created, and click Next
On the MDT Details page, fill in the package properties, and click Next
On the OS image page, select specify an existing OS install package and browse for the Windows 7 x86 Default Image, and click Next
On the Client Package page, select Specify an existing ConfigMgr client package, browse and select the Configuration Manager Client, and click Next
On the USMT package, select Specify an existing USMT package, browse and select the package, and click Next
On the Settings page, select Create a new settings page, and set the UNC path for the package source folder to be created, and click Next
On the Settings Details page, specify the settings package properties, and click Next
On the Sysprep Package, select No Sysprep package is required, and click Next
On the Summary page, click Next, and on the Confirmation page, click Finish
Go to the Capture Settings folder, and open the CustomSettings.ini file
Copy the below to be able to capture the reference image:
DoCapture=YES
ComputerBackupLocation=NONE
BDEInstallSuppress=YES
We need to assign distribution point to the newly created package, and mainly to the MDT 2010 package and the Capture Settings package.
For the MDT 2010, expand the package, right click Distribution Points, and click New Distribution Points.
On the Welcome page, click Next. On the Copy Package page, select the distribution point
Expand Windows 7 Capture Settings package, right click Distribution Points, and click New Distribution Points.
Next, we need to edit the SLP parameter in the Configuration Manager Client Agent properties before installing it. For that, expand Operating System Deployment, select Task Sequences, right click the newly created Client Task Sequence and click on Edit.
Under PostInstall group, select Setup Windows and ConfigMgr, and in the installation properties type SMSSLP=SCCMPRIMARY where SCCMPRIMARY is the server hosting the Server Locator Point.
Your Task Sequence should look as below:
Click Apply and OK
The last step would be to Advertise the Task Sequence.
For that, right click the Windows 7 x86 Default Image Task Sequence, and click on Advertise
On the General page, on the Collection field, click Browse to select the desired collection.
Select All Unknown Computers, and check Make this task sequence available to boot media and PXE
For the remaining pages, click Next till you hit Close
Next, we need to create a WinPE media.
To create a bootable media, right click the Windows 7 x86 Default Image Task Sequence, and click Create Task Sequence Media.
On the Select Media Type page, select Bootable Media
Click Next, and specify the file name and location for the media file
On the Security page, uncheck Protect Media with a password and click Next
On the Boot Image page, specify the boot image that will be run from the media
Click Next twice, and click Close
At the end of this process, you should see a bootable WinPE ISO file that will be used to boot the machine that will be used to build and capture the reference image.
If you will be using Hyper-V to build and capture the reference image, you will need to attach the “iso” file to be able to boot to the Windows PE. If you are using a physical machine you can burn the “iso” file to a CD/DVD.
Once the machine is booted, WinPE will start and you will receive the Welcome screen
At this stage, you can click Configure to configure a static IP address, or you click Next and the machine will get an automatic IP address from the DHCP server.
On the Task Sequence Wizard page, click Next
And the Task Sequence will execute
At the end of this process, the Windows 7 will be installed, and an image will be captured and ready to be used for production deployment.
This comes to the end of Part 3. In this article, we went over the required steps to build and capture a reference image.
In my previous article Zero Touch Implementation with Configuration Manager 2007 R3 - Part1, we went over installing and configuring the required Windows, and Configuration Manager Roles for ZTI. We’ve also installed System Center Configuration Manager 2007 R3 version to benefit from the latest enhancements.
In this article, we will go over configuring SCCM components, installing and integrating MDT with Configuration Manager.
One of the major settings to define is the Site Boundary. To begin with that open the Configuration Manager Console, expand Site Database, expand Site Management, expand Central Site, and expand Site Settings.
Right click Boundaries, and click New Boundary
In the New Site Boundary dialog box, Select Active Directory site in the Type drop list.
In the Site name field, click browse and select Default-First-Site-Name, then click OK
The reference images that we will be creating later on will be installed by default in workgroup. For that, we will define a second site boundary by IP subnet.
In the New Site Boundary dialog box, Select IP subnet in the Type drop list.
SCCM 2007 client computers use the Local System account to perform most Configuration Manager 2007 client operations, but Local System cannot access network resources. When the client computer accesses the distribution point to download the operating system deployment packages, we need to define a network access account so that client from workgroup can access resources in the site server’s domain. For that purpose, we have already created a network access account in Active Directory Users and Computers named ConfigMgr-NA.
To define that account, in Configuration Manager console, click Client Agents, and double click Computer Client Agent.
In the General tab, under the Network Access Account properties, click Set.
Type ConfigMgr-NA and click OK twice
Next step would be to discover the system. From the Configuration Manager console, click Discovery Methods, and double click Active Directory System Discovery. On the General tab, check Enable Active Directory System Discovery, and locate the Computers container
In our scenario, we’ll be installing the configuration manager agent along with the image. For the purpose of this article, I’ll be using the push agent installation method. Having that in mind, the account specified for that purpose must have administrative credentials on the computer that will have the client software installed.
An easy way to work around that is to define the client push installation account in a security group and assign that security group through the help of Group Policy as local administrators on the local machines.
To get the picture clearer, we have first created a security group named ConfigMgr-LocalAdmins. Second, we have created the client push installation account ConfigMgr-ClientPush and added that account to ConfigMgr-LocalAdmins.
Next, we need to create a Group Policy Object (GPO) and assign ConfigMgr-LocalAdmins group administrative privileges on local machines where we will be installing the configuration manager 2007 agents.
To create a GPO, open Group Policy Management from the Administrative Tools, expand Forest: elieb.com, expand Domains, expand elieb.com, and click on Configuration Manager OU
Right click the Configuration Manager OU, and select Create a GPO in this domain, and Link it here…
In the New GPO dialog box, in the Name: text box, type in Set Local Admins, and click OK
Click Configuration Manager OU, and under Linked Group Policy Objects, right click the newly create GPO, and click Edit
Expand Computer Configuration, Policies, Windows Settings, and Security Settings, right click Restricted Groups and click Add Group…
Click Browse …, and in Select Groups, type ConfigMgr-LocalAdmins, click Check Names, then click OK
In the properties dialog box, in the This group is a member of, click Add, type Administrators, and click OK
Click Apply, then OK
In Configuration Manager console, expand Site Settings, click Client Installation Methods, and double click Client Push Installation.
In the Accounts tab, add ConfigMgrClient account, and click OK
Next, we'll need to define the distribution point drive where the packages will be stored.
From the Configuration Manager console, expand Site Settingsclick Component Configuration, and double click Software Distribution, then type E:\ (as E drive is considered our second drive where the OS is not installed) and click OK
Now that we’ve configured SCCM 2007 SP2/R3 settings, let’s install the Microsoft Deployment Toolkit (MDT 2010) and integrate it with configuration manager.
Run the MDT setup file, and on the Welcome screen, click Next
Read and accept the therms in the license agreement, then click Next
On the Custom Setup page, accept the default settings and click Next, then Install
Before running the integration between MDT and SCCM, let’s first create the MDT Deployment share.
For that, launch the Deployment Workbench console from the Start menu.
Right click Deployment Shares, and click New Deployment Share
On the Path page, specify the Deployment share path. In our environment, it will be E:\MDTDeploymentShare
On the Share page, type MDTDeploymentShare$
For the remaining pages, accept the default settings until you hit the Finish button.
To setup the configuration manager integration, close the Configuration Manager console, click the Start menu, and go to Microsoft Deployment Toolkit, then click Configure ConfigMgr Integration
On the Options page, click Next, and Finish
This comes to the end of part2 of ZTI with Configuration Manager 2007 R3 series. In this article, we have configured the configuration manager components related to ZTI, installed and configured MDT integration with SCCM.
In our future article, we will go step-by-step on creating Windows 7 reference image.
One of the most important challenges that an organization can face is deploying or migrating operating systems to a bunch of computers. Microsoft System Center Configuration Manager (SCCM) is a great product that can be used to automate the process of installing or migrating an Operating System. In SCCM, we call that process Zero Touch Implementation or Zero Touch Installation (ZTI).
This article will be part one of a multi-part articles where we’ll walk step-by-step on how to build and implement Windows 7 using ZTI.
Our environment currently consists of an Active Directory domain named elieb.com and a SCCM 2007 SP2 server named SCCMPrimary.elieb.com. The Configuration Manager database is hosted on a SQL Server 2008 R2 on SCCMPrimary server.
As a general guideline for our zero touch configurations, we will first install and configure a DHCP server, add the required roles for ZTI, then build our Windows 7 boot images, build our reference image, and finally deploy Windows 7.
Let’s get started and install the DHCP server. In our scenario, the DHCP role will be installed on the Configuration Manager Server, however note that in real production environment, you might have the DHCP role installed on a separate or a dedicated server.
To install DHCP, open Server Manager, select Roles, and select Add Roles
In the Before You Begin page, click Next
Select DHCP Server, and click Next twice.
Click Next, and on the Add or Edit DHCP Scopes, click Add
On the Add Scope dialog box page, type the settings as shown in the below figure, and click OK:
Click Next four times (while accepting the default settings), and on Confirm Installation Selections page, click Install to start the DHCP installation
Once the DHCP installation is completed, click Close.
Next, comes the Windows Deployment Services (WDS). By definition, Windows Deployment Services is the updated and redesigned version of Remote Installation Services (RIS). Windows Deployment Services enables you to deploy Windows operating systems over the network, which means that you do not have to install each operating system directly from a CD or DVD. If you’d like to know more details about WDS, download Windows Deployment Services Step-by-Step Guide
For SCCM 2007, the Windows Deployment Services for Windows 2008/R2 must be installed before multicast is enabled on the distribution point server. The WDS transport server role service is required for multicast operating system deployment support.
To install WDS role, open Server Manager, select Roles, and select Add Roles
In the Before You Begin page, click Next, select Windows Deployment Services, and click Next
Click Next twice, and on the Role Services, keep the default checked boxes and click Next
Click Next, and then Install. Click Close once the WDS installation finish.
In the Server Manager console, expand Roles, expand Windows Deployment Services, and expand Servers
Under Server Name, right click SCCMPrimary.elieb.com and click Configure Server
In the Remote Installation Folder Location, select a drive with enough space to hold the boot images, the install images, the PXE boot files, and the WDS management tools. (Make sure to avoid using the OS drive)
In the DHCP Option 60 page, if you do have the DHCP role installed on the same server, check Do not listen on port 67 and Configure DHCP option 60 to ‘PXEClient’, and click Next
On the PXE Server Initial Settings page, click Next
On the Operation Complete page, uncheck Add images to the server now, and click Finish
To benefit from the latest enhancements of Configuration Manager, we will install the R3 version. You have to note that you need to be running SCCM 2007 with Service Pack 2 to be able to install the R3 version.
Before starting with that, we need to download and install the following hotfix KB977384.
After installing the hotfix, launch splash.exe, and click Configuration Manager 2007 R3
On the Welcome page, click Next. Read, and click I accept the license agreement, and click Next
On the Registration Information page, enter your information and click Next twice to start the installation.
Click Finish, and open the Configuration Manager Console.
Expand Site Database, Site Management, right click on the Central Site and click Properties
Make sure to see R3 installed ----- Yes as shown below
By default, the Configuration Manager doesn’t install the required system roles for ZTI.
To do that, right click SCCMPRIMARY server and click New Roles
On the General page keep default settings, and click Next
Under Available Roles, check Roles as shown in the below figure
Click Next, and on the PXE Service Point Configuration, click Yes
On the Server Locator Point page, click Next
On the State Migration Point page, click to add the state migration data folder and adjust the Minimum free space, then click OK and Next
On the PXE-General page, check Enable unknown computer support, and click OK in the General dialog box.
In the Require a password for computers to boot using PXE, in the Password field, enter a password and enter it again in the Confirm password field , and click Next
In the PXE – Database page, click Next.
In the Reporting Services Point page, keep the default Report Folder and click Next twice, then click Close
This comes to the end of my first article covering Zero Touch Implementation in Configuration Manager. In this article, we’ve installed and configured the required roles for ZTI, installed SCCM 2007 R3 and the required system roled. I hope it was a good start, till our next article.
The Windows® Automated Installation Kit for Windows® 7 SP1 has been released.
To download the update: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=696dd665-9f76-4177-a811-39c26d3b3b34
For the online readme help: http://technet.microsoft.com/en-us/library/dd349350(WS.10).aspx
For a quick Q&A, check Michael Niehaus blog here: http://blogs.technet.com/b/mniehaus/archive/2011/02/17/windows-aik-for-windows-7-sp1-released.aspx