Kevin Holman's System Center Blog

Posts in this blog are provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified in the Terms of UseAre you interested in having a dedicated engineer that will be your Mic

ConfigMgr 2012 SP1 - QuickStart deployment Guide

ConfigMgr 2012 SP1 - QuickStart deployment Guide

  • Comments 7
  • Likes

This is to be used as a template only, for a customer to implement as their own pilot or POC, or customized deployment guide. It is intended to be general in nature and will require the customer to modify it to suit their specific data and processes.

This also happens to be a very typical scenario for small environments for a production deployment.  This is not an architecture guide or intended to be a design guide in any way. This is provided "AS IS" with no warranties, and confers no rights. Use is subject to the terms specified in the Terms of Use.

  

Server Names\Roles:

  • DB3               SQL Database Services, Reporting Services
  • CM1              Primary Site Server  Management Server, Web Console server

 

Windows Server 2012 will be installed as the base OS for all platforms.  All servers will be a member of the AD domain.

SQL 2012 RTM with CU2 will be the base standard for all SQL database and reporting services.      http://technet.microsoft.com/en-us/library/gg682077.aspx

High Level Deployment Process:

1.  In AD, create the following accounts and groups, according to your naming convention:

  • DOMAIN\ConfigMgrAdmins           ConfigMgr Administrators security group
  • DOMAIN\ConfigMgrLocalAdmin    ConfigMgr Client Push account

2.  Add the domain user accounts for yourself and your team to the “ConfigMgrAdmins” group.

3.  Install Windows Server 2012 to all server role servers.

4.  Install Prerequisites and SQL 2012.

5.  Install the Site Server and Database Components

6.  Install the Reporting components.

 

Prerequisites:

1.  Install Windows Server 2012 to all Servers 

2.  Join all servers to domain.

3.  Install all available Windows Updates.

4.  Add the “ConfigMgrAdmins” domain global group to the Local Administrators group on each server.

5.  On CM1, Install required prerequisites for the site system roles (this covers all site system roles combined on a single server):

Open PowerShell (as an administrator) and run the following:   

Add-WindowsFeature Web-Windows-Auth,Web-ISAPI-Ext,Web-Metabase,Web-WMI,BITS,RDC,NET-Framework-Features,Web-Asp-Net,Web-Asp-Net45,NET-HTTP-Activation,NET-Non-HTTP-Activ,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Redirect,Web-App-Dev,Web-Net-Ext,Web-Net-Ext45,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-HTTP-Tracing,Web-Security,Web-Filtering,Web-Performance,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools,Web-Mgmt-Compat -Restart

Note – if your machines are not internet connected, you might need to add a “–Source D:\sources\sxs” or whatever the path is to your Windows installation media.  By default Windows 2012 gets .NET 3.5 from Windows Update, but this doesn't always work, and will never work for machines without an internet connection.

After installing these roles/features, you must register ASP.NET with IIS.  The simplest way is to open an elevated command prompt: C:\Windows\Microsoft.NET\Framework64\v4.0.30319>aspnet_regiis.exe –r 

6.  On CM1 – Install the Deployment Tools, Windows PE, and the User State Migration tool from the Windows 8 ADK:   http://www.microsoft.com/en-us/download/details.aspx?id=30652

7.  On CM1 – add the WSUS feature from Server Manager.

8. Install SQL 2012 RTM with CU2 to the DB server role

  • Setup is fairly straightforward. This document will not go into details and best practices for SQL configuration. Consult your DBA team to ensure your SQL deployment is configured for best practices according to your corporate standards.
  • Run setup, choose Installation > New Installation…
  • When prompted for feature selection, install ALL of the following:
    • Database Engine Services
    • Full-Text and Semantic Extractions for Search
    • Reporting Services - Native
  • Optionally – consider adding the following to ease administration:
    • Management Tools – Basic and Complete (for running queries and configuring SQL services)
  • On the Instance configuration, choose a default instance, or a named instance. Default instances are fine for testing and labs. Production clustered instances of SQL will generally be a named instance. For the purposes of the POC, choose default instance to keep things simple.
  • On the Server configuration screen, set SQL Server Agent to Automatic.  You can accept the defaults for the service accounts, but I recommend using a Domain account for the service account.  Input the DOMAIN\sqlsvc account and password for Agent, Engine, and Reporting.
  • On the Collation Tab – you can use the default which is SQL_Latin1_General_CP1_CI_AS or choose another supported collation.
  • On the Account provisioning tab – add your personal domain user account or a group you already have set up for SQL admins. Alternatively, you can use the OMAdmins global group here. This will grant more rights than is required to all OMAdmin accounts, but is fine for testing purposes of the POC.
  • On the Data Directories tab – set your drive letters correctly for your SQL databases, logs, TempDB, and backup.
  • On the Reporting Services Configuration – choose to Install and Configure. This will install and configure SRS to be active on this server, and use the default DBengine present to house the reporting server databases. This is the simplest configuration. If you install Reporting Services on a stand-alone (no DBEngine) server, you will need to configure this manually.
  • Setup will complete.
  • Apply SQL 2012 RTM, CU2 to the SQL server.  http://support.microsoft.com/kb/2703275
  • Set a limit on SQL memory for the DB instance – to reserve memory for the OS and Reporting services.

9.  On the SQL server – add the Computer Account in the domain to the local administrators group of the SQL database server (DOMAIN\CM1$)

10.  In Active Directory – extend the schema, create the System Management container, and assign permissions:  http://technet.microsoft.com/en-us/library/gg712264.aspx#BKMK_PrepAD

                

    Step by step deployment guide:

    1.  Install the Primary Site Server role on CM1.

    • Log on using your personal domain user account that is a member of the ConfigMgrAdmins group.
    • Run Splash.hta
    • Click Install
    • Read the “Before You Begin” Info and click Next.
    • On the Available Setup Options, choose to install a primary site, but to NOT check the box for typical options.  We are going to configure each step for our site and use a remote SQL database server.
    • Choose Eval or input your license key and click Next.
    • Accept the Eula and click Next.
    • Accept the additional license agreements and click Next.
    • Provide a path to the prereq file downloads.  If you have not downloaded these recently then create a new folder for these, locally or on a remote path.
    • Choose you language and click Next, on the server and client screens.
    • Input a site code for your primary site.  Input a description.  Choose a path.  Make sure you are also installing the console.  Click Next.
    • Choose to install a primary site as a stand alone site.  We can add a CAS later in ConfigMgr 2012 SP1.
    • Input the SQL server name, instance, click Next.
    • Accept the default for the SMS provider.  Next.
    • Choose to configure the communication method on each site system role, and to use HTTPS in the check box.  Next.
    • Choose HTTP for the MP and DP – we can change this to HTTPS with certs down the road.  Next.
    • Choose to enable CEIP or not.  Next.
    • Choose next to run prereq checker.  Resolve any issues.  Click Begin Install.

     

     

    Post Deployment Configuration:

     

    1.  Add Site System Roles:

    2.  Enable discoveries

    image

    This will bring in the AD site and IP boundaries.

    • Enable AD system discoveries to bring in systems
    • Enable User discovery

     

    3.   Create boundary groups

    • Create a boundary group and add your site boundaries and site servers to it, for site assignment.

    4.  Assign a client Push account to Administration > Site Configuration > Sites

    5.  Push a client/clients from discovered assets.

    6.  Verify Hardware and software inventory for clients

    7.  Enable Endpoint protection

    • Client Settings – create a new client device setting.  Enable endpoint protection.
    • Configure Client device settings to turn on Endpoint protection and deploy endpoints.
    • Deploy new client policy to All Desktop and Server Clients Collection, or a custom collection
    • Create automatic deployment rule for definition updates using Definition template.

     

       

       

       

       

       

       

        Comments
        • Did you get the Reporting Services working? I can't seem to get it configured. SCCM 2012 SP1 with SQL 2012 SP1.

        • SCCM2012 SP1 isnt compatible with SQL 2012 SP1.

        • Kevin,

          In your Quick Start Guide for Ops Mgr 2012 (posted back in April of 2012)  You specifically adressed database size and growth planning.  So far your post is the only item I can find on the net that details how to plan for and manage DB growth for the DB's used by System Center.

          In addition to the question about growth there are other unanswered questions from Microsoft.  For example what security ID should be the dbo or does it even matter?  I know that when it comes to Microsoft propducts there often is a level of integration with SQL Server that other non-MS based procuts don;t have and so there may be one or more specific needs that must be addressed for System Center to access/use th DB.

          Because our IT admins each installed the piece of System Center that they were working on, every DB is owned by the domain acct of the admin who did the install/setup.  Joe Smith setup Config Manager and so the DB's used by Config Manager have as the dbo the doimain account [mydomain\joe.smtih].

          Thanks

        • Ed - can you clarify what your specific question is?

        • SQL 2012 SP1 is not compatable with  SCCM 2012 Sp1 ?  Are you sure   Shaun

          technet.microsoft.com/.../gg682077.aspx

        • Hi Kevin,

          Do we need to install WAIK for SCCM 2012 SP1 or 2012 R2? Is it supported?

        • Hi Kevin, I followed this Guide to build a SCCM server in my lab and it installed perfectly the first time. I played around for a few days, decided that I wanted to uninstall and reinstall SCCM and after several attempts was unable to get past the part were the install wizard asks for the remote SQL Server FQDN and Instance name (Database Information screen). After a few days and a couple of times of rebuilding the server (VM) I realized that when I built the server the first time and installed SCCM, I left the computer object in the default Computer container in AD. In the subsequent rebuilds of the server and reinstalls I placed the computer object in a sub OU for member servers. So what I just did now was to move the computer object back to the default Computer container, did a GPUPDATE / FORCE and attempted a install. Low and behold it went thru without any issues. So, what User Rights Assignment do I need to make sure get applied in the GPO that is linked to the member servers OU because I haven't found that information... Thanks!

        Your comment has been posted.   Close
        Thank you, your comment requires moderation so it may take a while to appear.   Close
        Leave a Comment
        Search Blogs