Tuesday, September 13, 2011

Configuring Boundaries, Discovery Methods and Boundary Groups in SCCM 2012

  Now that we have our basic installation of SCCM 2012, verified that our Management Point is functioning properly, and hopefully have certificates configured and issued properly including in certificate stores and IIS site bindings for HTTPS communication, we are ready to setup boundaries, discovery methods and boundary groups for populating our device collections with computers. After all, we can't utilize the many powerful features SCCM 2012 has to offer without first having a method for populating our site with manageable objects in our enterprise!

    Boundaries in SCCM 2012 are very similar to those in SCCM 2007 such as your Active Directory Site and IP subnets. New to SCCM 2012 regarding discovery methods and boundaries (as well as with Distribution Groups, which I will cover in a future post) is the notion of groups, or in this case, "Boundary Groups". Once boundaries for your site have been defined and discovery methods for them have been enabled, you must then create a boundary group and add your boundaries to it. If this is the first Site Server in your environment then it should be a Primary Site Server. (Central Sites are now for site administration only and cannot contain sccm clients, but I will cover that in future posts.) That said, go into the properties of your boundary group and select the "reference" tab. There you will want to check the box labeled "Use this boundary group for site assignment" as well as add your site system server in the box below in the boundary group properties dialog box. At this point, if everything is working properly, running your discovery methods should start populating your device collections in the "Assets and Compliance" pane of the dashboard.

    If you have successfully configured all of these items then take a minute to relax and feel confident knowing that you've made significant progress and that you are well on your way to using SCCM 2012 in many powerful and useful ways! But, there is still much to cover and the fun is only just beginning!

Configuration of SCCM 2012

   Assuming that your Active Directory schema as has been extended and the appropriate server roles and services have been configured beforehand, setup will succeed in the installation of the default or first Management Point for your site. Verify that your MP is communicating properly by checking the mpcontrol log and looking for "http status code 200" for good. Log locations are slightly different on both the server and client sides of SCCM. SCCM 2012 is 64-bit so most of your logs will be inside "program files" underneath "Microsoft Configuration Manager" or inside "SMS_CCM" when your MP is installed. I strongly recommend using Trace32 for all log viewing and for those of you who used the SMS 2003 version for SCCM 2007, this program will no longer work. You will need to download the SCCM 2007 Toolkit and use the trace32 program that comes with it for SCCM 2012. I'll make one note here, that this version of trace32 does not always show the accurate time of a particular event which is a bit frustrating. If someone knows how to fix that then let me know.

     After the SCCM 2012 console has been launched successfully, you will notice right away that the look and feel of it is unlike previous versions and is much closer to those of System Center Operations Manager or System Center Service Manager. There is a dashboard on the bottom left-hand corner of the console which contains "Administration", "Software Library", "Monitoring", and "Assets and Compliance" panes. There is also a functional ribbon at the top of the console which makes available certain features based on selections made either in the dashboard or in the right-viewing pane. Here is a picture:

Installation of SCCM 2012

   
    System Center Configuration Manager 2012 is currently at a "Beta 2" release, which can be downloaded here: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=20961

   Before installing the product, ensure that hardware and software prerequisites have been met. That leads us to a first order of business which is adding the Microsoft Technet Library SCCM 2012 technical documentation section as a favorite in your web browser: http://technet.microsoft.com/en-us/library/gg682129.aspx us/library/gg682129.aspx

   Before installing SCCM 2012, install SQL Server 2008 Enterprise. Someone told me that "Beta 1" could only be installed on SQL Server 2008 SP1 with CU 10 or higher, but "Beta 2" is compatible with SP2 so go ahead and install SQL Server 2008 Enterprise, then service packs 1 and 2. For better performance I would install the SQL instance on the same server where your SCCM installation will reside. The database could be installed on a different partition for backup and recovery purposes of course, that's up to you.

    Now that we have downloaded the product, installed SQL Server, added the Microsoft Technet SCCM 2012 technical documentation page to our browser and verified the hardware and software requirements specified by Microsoft, we are ready to begin our installation of SCCM 2012. When you launch the setup, run the prerequisite checker on the installation page. Also let's go ahead and download the SCCM updates required for install. PLEASE NOTE: When you create a folder as a download location for these updates, make sure that if it has multiple words that they are connected with an underscore, meaning essentially that the destination folder cannot have any spaces in the names. If there are spaces, you will not be able to click "next" on the installation page where the update download location is specified.

 As far as I can tell, the configuration requirements for Server Roles and services such as IIS are the same as in SCCM 2007. SCCM 2012 no longer includes a "native mode" or "mixed mode". Management and Distribution Point communication can be configured for HTTP or HTTPS as you see fit. Internet-based clients require HTTPS. Speaking of HTTPS, the PKI configuration is slightly different in SCCM 2012 in that a "site-signing" or document-signing certificate is no longer required. Only the "Workstation Authentication" and "Web Server" templates are needed to create their respective certificates for use. Instructions for PKI configuration for Server 2008 and SCCM 2012 can be found here: http://technet.microsoft.com/en-us/library/gg682023.aspx


  

Launch and Introduction of System Center Professional

   Welcome to my blog site dedicated to Microsoft System Center! This is my first attempt at a technical blog site and I hope that it becomes a place where both myself and others learn about the powerful tools found in the Microsoft System Center suite of products. We'll start things off by taking an introductory look at System Center Configuration Manager 2012, then work our way forwards, backwards and sideways with other previous and upcoming products. Stay tuned!!