System Center 2012 Configuration Manager – Installation (lab environment)

I’m working with SCCM 2012 for few months and I have passed the exam few weeks ago. In this blog I’m sharing my SCCM 2012 experiences with you. The experiences are to big for 1 blog, so I”ll begin with the installation and what you need to know and have for the SCCM 2012 environment. The configuration of SCCM will come later (maybe over few weeks)

SCCM 2012 has  3 different installation methods.

1) Central Administration Site (CAS) with a primary site (PS),

2) Primary site with a remote SQL server and works like a stand-alone PS,  (a not stand-alone PS must be connected to a hierarchy. This means you need to have a CAS)

3) A stand-alone Primary Site with a local SQL server.

Because of a not powerful lab environment, I have to explain the setup of a Stand-alone Primary Site with a remote SQL server.

This is a quote from the Technet site about Central Administration Site

  • A central administration site can support up to 25 child primary sites.
  • When using SQL Server Enterprise or Datacenter for the site database at the central administration site, the shared database and hierarchy supports up to 400,000 clients. The maximum number of supported clients per hierarchy depends on the SQL Server edition in the central administration site, and is independent of the SQL Server edition at primary or secondary sites.
    noteNote
    Configuration Manager supports up to 400,000 clients per hierarchy when you use the default settings for all Configuration Manager features. 

     

  • When you use SQL Server Standard for the site database at the central administration site, the shared database and hierarchy supports up to 50,000 clients. This is because of how the database is partitioned. After you install Configuration Manager, if you then upgrade the edition of SQL Server at the central administration site from Standard to Enterprise or Datacenter, the database does not repartition and this limitation remains.

noteNote

You cannot assign Configuration Manager clients to a central administration site. Support for clients applies to clients that are assigned to child primary sites in the hierarchy. 

About Primary Site:

  • Each primary site can support up to 250 secondary sites.
    noteNote
    The number of secondary sites per primary site is based on well connected and reliable wide area network (WAN) connections. For locations that have fewer than 500 clients, consider a distribution point instead of a secondary site.
  • A stand-alone primary site always supports up to 100,000 clients.

A child primary site that uses SQL Server installed on the same computer as the site server can support up to 50,000 clients. When you use SQL Server that is installed on a computer that is remote from the site server, the child primary site can support up to 100,000 clients.

noteNote
In a hierarchy with a central administration site that uses a standard edition SQL Server, the total number of clients supported in the hierarchy is limited to 50,000. In this hierarchy, a child primary site that uses a remote installation of SQL Server cannot support more clients than is supported by the hierarchy. The version of SQL Server that is used by a secondary site does not affect the number of clients that the primary site supports.
  • Unlike a central administration site, the edition of SQL Server you use for the primary site database does not affect the maximum number of clients the primary site supports. This is true for both child primary sites, and stand-alone primary sites.

And about the Secondary Site:

Each secondary site can support communications from up to 5,000 clients when you use a secondary site server computer with the recommended hardware and that has a fast and reliable network connection to its primary parent site. A secondary site might be able to support communications from additional clients when its hardware configuration exceeds the recommended hardware configuration.

For information about the recommended hardware for Configuration Manager sites, see Planning for Hardware Configurations for Configuration Manager.

For more information, take a look at this site: http://technet.microsoft.com/en-us/library/gg682077

For information about the hardware, http://technet.microsoft.com/en-us/library/hh846235

Check this blog about the CAS considerations. http://www.mnscug.org/blogs/brian-mason/169-cas-considerations-for-cm12

Now we have to prepare the installation of a stand-alone Primary Site with a remote SQL server.

What do you need for the standalone Primary Site? I’m using VirtualBox with Windows 7 x64 on a system with i5 cpu and 8GB of ram. I’m using a SSD (128GB) and a traditional HDD (500GB). I’ve separate the Domain controller’s HDD to the SSD. The others on the traditional HDD.

  • Domain Controller (1 vcpu, 512MB memory, 2 networkcards, dynamic disk 25GB)
  • RRAS (This is for the internet connection. The installation of SCCM has to download some files from the Internet. Also we have to download Framework 4.0 for the SCCM server. With RRAS you could make a NAT. Install RRAS on the domain controller. You have to use 2 network cards. 1 is LAN and the other is PUBLIC. Look a this site for a how to: http://www.windowsnetworking.com/articles_tutorials/using-windows-server-nat-router.html)
  • SQL Server ( 1 vcpu, 1024MB Memory, 1 networkcard, dynamic disk 25GB)
  • SCCM server (1 vcpu, 2048MB Memory, 1networkcard, dynamic disk 25GB)
  • Some users
  • .NET Framework 4.0 from Microsoft
  • SQL Standard/Enterprise/Datacenter. Check this link for the correct versions and updates: http://technet.microsoft.com/en-us/library/gg682077#BKMK_SupConfigSQLSrvReq For SQL 2008 R2 you have to install SP1 and CU6. I’m using a SQL standard 2008 R2 environment in this blog.
  • System Center Configuration Manager 2012 from Microsoft. (You could download the trail version from the Microsoft, otherwise the full version from Technet or MSDN)

Let’s begin.

Step 1) The Domain Controller

I don’t have to explain how to make a domain controller, well? We need a domain otherwise SCCM will not work. If this is done, go to Start -> Run and type adsiedit.msc. We will make a new container. 

Right click on ADSI and click on Connect to.. 

Click Ok. This is default.

Open the tree.

Right click on CN=System and choose for New -> Object…

Choose container and click Next.

Value is System Management and click Next. Click Finish. Close ADSI MMC.

Open Active Directory Users and Computers. Choose in the menu View for advanced features.

Navigate to domainname -> System. Righ click on System Management and select Delegate Control.

Click Next at the welcome screen.

We have to add the computername of the SCCM server, so click on the Add button. Click Object Types and select Computers. Click Ok. Type the name of the SCCM server. In my example is SCCM01 and click Check Names. After that click Ok.

Select “Create a custom task to delegate”

Select “The folder, existing objects in this folder, and creation of new objects in this folder” and click Next.

Select General, Property-specific and Creation/deletion of specific child objects. Permissions is Full Control. Click Next and Finish to close the screen. If you have more than 1 SCCM server, like a CAS and Primary Site, you have to add them also as as delegated Control.

For more information: http://technet.microsoft.com/en-us/library/21b20921-7997-4b8c-bf1e-ec4c476620cc#BKMK_PrepAD

We have to make some users. We need a SCCM admin, ClientInstall and SQLadmin.

  • SQLadmin – Local Administrator on SQL server
  • SCCMadmin – Local Administrator on SCCM server (also for CAS and the others) and local administrator on the SQL server.
  • ClientInstall – Is needed for the installation of the SCCM client. Must be local administrator on the clients for deploying the Configuration Client.
  • DomJoin – To join the client in the domain after the deployment
  • SCCMNAA – Is needed for the Netwerk Access Account for OSD (OS deployment)
  • TestUser1
  • TestUser2
  • TestUser3

Step 2) Schema update for SCCM 2012

Extract the SCCM installation files to a directory on the SCCM server. In my example is C:\Configmgr_SCEP_2012_RTM\

Go back to the domain controller.

Note: This is not needed if you did a schema update for SCCM 2007 in the past. This schema update is the same as that one for SCCM 2007.

Check this website for more information about extending the Active Directory Schema.

http://technet.microsoft.com/en-us/library/gg712272

You have to run this as Domain Admin. Browse to the SCCM server \\SCCM01\C$\Configmgr_SCEP_2012_RTM\SMSSETUP\BIN\X64\extadsch.exe. Run as administrator.

Check the log located at C:\ExtADSch.log.

Step 3) Open TCP port 4022 and 1433 for SQL remote. (This is also needed for the SQL replication with a CAS en PS. )

Open Group Policy Management console and make a new GPO.

Right click on the new gpo and choose for Edit

Navigate to Computer Configuration -> Windows Settings -> Security Settings -> Windows   Firewall with Advanced Security. Right click on Inbound Rules and choose New Rule. Follow the wizard. TCP, all connections, Domain, Private and Public and a name. Do it for port 1433 and 4022.  Close GPO mmc

Step 4) Install Framework and WCF Activation on the SCCM server.

Log on the SCCM server as SCCMadmin.

We have to install the Framework 3.5.1 and WCF activation.

Go to Server manager -> Features -> Add Feature -> Select Framwork 3.5.1 and WCF activation. Click 2 times Next.

IIS is needed for some Site system roles:

  • Application Catalog Web Service Point
  • Application Catalog Website Point
  • Distribution Point
  • Enrollment Point
  • Enrollment Proxy Point
  • Fallback Status Point
  • Management Point
  • Software Update Point

Now we have to add some IIS role services. Select these roles:

Common HTTP Features
Static Content
Default Document
Directory Browsing
HTTP Errors
HTTP Redirection

Application Development
ASP.NET
.NET Extensibility
ASP
ISAPI Extensions
ISAPI Filters

Health and Diagnostics
HTTP logging
Logging tools
Request Monitor
Tracing

Security
Basic Authentication
Windows Authentication
URL Authorization
Request Filtering
IP and Domain Restrictions

Performance
Static Content Compression

Management Tools
IIS Management Console
IIS Management Scripts and Tools
Management Service
IIS 6 Management Compatibilty
IIS 6 Metabase Compatibility
IIS 6 WMI Compatibility
IIS 6 Scripting Tools
IIS 6 Management Console

Click Next and Install.

Download Framework 4.0 from the Microsoft site. http://www.microsoft.com/downloads/en/details.aspx?FamilyID=0a391abd-25c1-4fc0-919f-b21f31ab88b7&displaylang=en (standalone version)`

Run the installation and reboot when prompted.

Step 5) Add BITS and Remote Differential Compression.

Login on the SCCM server as SCCMadmin.

Note: Site Servers or Distribution Point requires Remote Differential Compression (RDC). RDC Generate package signatures and perform signatures comparison.

More information: http://technet.microsoft.com/en-us/library/21b20921-7997-4b8c-bf1e-ec4c476620cc#BKMK_PrepAD

Go to Server Manager -> Roles -> Add Roles -> Select BITS and Remote Differential Compression. Click Next and Install.

Step 6 ) Install SQL Serve 2008 R2 with SP1 and with Cumulative Update 6 (CU)

The instance in use by each site must be SQL_Latin1_General_CP1_CI_AS. Link:http://technet.microsoft.com/en-us/library/gg682077#BKMK_SupConfigSQLSrvReq

Use this script to install the SQL server on the D:\Program Files\Microsoft SQL Sever\ (this is changeable) Don’t run the setup via the Wizard. If you do that some settings are not correct for SCCM 2012.

setup.exe /q /ACTION=Install /ERRORREPORTING="False" /FEATURES=SQLENGINE,RS,AS,IS,SSMS,TOOLS,BIDS,ADV_SSMS,CONN /INSTANCENAME=MSSQLSERVER /INSTANCEDIR="D:\Program Files\Microsoft SQL Server" /SQLSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /SQLSVCSTARTUPTYPE=Automatic /AGTSVCACCOUNT="NT AUTHORITY\SYSTEM" /AGTSVCSTARTUPTYPE=Automatic /RSSVCACCOUNT="NT AUTHORITY\System" /RSSVCSTARTUPTYPE=Automatic /ASSVCACCOUNT="NT AUTHORITY\System" /ASSVCSTARTUPTYPE=Disabled /ASSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /ISSVCACCOUNT="NT AUTHORITY\System" /ISSVCSTARTUPTYPE=Disabled /ASCOLLATION="Latin1_General_CI_AS" /SQLCOLLATION="SQL_Latin1_General_CP1_CI_AS" /TCPENABLED="1" /NPENABLED="1" /IAcceptSQLServerLicenseTerms

Open a command prompt in administrative mode and copy / paste the install script in the prompt.

When it’s successful. You have to use this script to install Service Pack 1. (If you have not downloaded the Service pack already. Here is the correct link for 2008 R2: http://www.microsoft.com/en-us/download/details.aspx?id=26727)

SQLServer2008R2SP1-KB2528583-x64-ENU.exe /Action=Patch /IAcceptSQLServerLicenseTerms /AllInstances /Quiet

Afther that, you have to install the CU6. This is a install script for CU6. Link for CU6: http://support.microsoft.com/kb/2679367

SQLServer2008R2-KB2679367-x64.exe /Action=Patch /IAcceptSQLServerLicenseTerms /AllInstances /Quiet

Close the command prompt.

Step 7) SQL server security settings for SCCMadmin.

Open Microsoft SQL Server Management Studio. You have to grant SCCMadmin as sysadmin in Logins.

Tip: Check also the memory settings in SQL Studio. Maybe you have to change that so that SQL is not using the full memory.

Step 8) Install System Center 2012 Configuration Manager – Standalone Primary Site.

Go to the Configmgr setup folder and run splash.exe

You will get this screen.  Click on Install

Click Next.

Select the radio button Install a Configuration Manager Primary site. Don’t select “Use a typical installation options for a Stand-alone primary site” This option will use only a local SQL server. We are using a remote SQL server.

Product key. Because I’m using a trail version for 180 day’s I selected the evaluation radio button.

Accept the terms and click Next.

Select all 3 and click Next.

Browse to a folder and click Next

The necessarily files are now downloading.. (This is why I’m using RRAS as NAT) You could also use SetupDL.exe on a computer with Internet for downloading the required files. SetupDL.exe has to run in a command prompt with administrative permissions, like this: C:\setuppatch\bin\x64\SetupDL.exe C:\Temp. Use this folder in the setup.

This is default. Click Next.

Also default and click Next.

You have to full in the site code and the site name. Click Next.

We won’t too join to an existing hierarchy. So select “Install the primary site as a stand-alone site”

Click Yes to accept this warning.

This is for a remote SQL server. If you use a default instance name, leave that blank. Click Next

Use the name of your SCCM server. Click Next.

We don’t have a PKI server and PKI certificates. So, select the 2nd radio button and also select “Clients will use HTTPS when..” This is a option for later, if we want to use PKI certificates in the future. Click Next.

Default. Client connection must be HTTP. Click Next.

Click Next.

Summary, click Next.

If you get only the warnings, you can hit the button Begin Install. But, maybe you will get a failure about a permission for the SQL server and management sites. You have to add the SCCM computername as a local administrator on the SQL server and Mangement sites.

The installation progress .

The installation is successful and you can hit the button Close. You should check the log for errors. Reboot the server and start the SCCM console.

Now, we have installed SCCM 2012. Later I’ll explain how to configure it. There is a lot of work to do for it’s really working. 😉