Jump to content


anyweb

using SCCM 2012 beta 2 in a LAB - Part 3. Additional Configuration

Recommended Posts

In Part 1. of this series we Installed vNext, in Part 2 we started to configure it. In this part we will continue configuring Beta 2 by enabling Active Directory discovery methods, adding some site system roles, configuring the computer client agent and client push settings and finally doing a manual client installation to verify it all works.

 

Perform the following on the vNext server as SMSadmin

 

 

Configuring Discovery Methods.

 

For information of Planning Discovery methods for SCCM 2012, please refer to this page on Technet.

 

Planning for Discovery in Configuration Manager 2012 - http://technet.microsoft.com/en-us/library/gg712308.aspx

 

Active Directory Discovery Methods

 

Configuration Manager 2012 Active Directory discovery methods can discover Active Directory sites, subnets, users, and computers that are stored in Active Directory Domain Services. To discover information from Active Directory, Configuration Manager requires access to the Active Directory locations that you specify and will use the computer account of the site server that runs the Active Directory discovery method. Or, you can specify a Windows account to run any Active Directory discovery method.

 

When any of the four Active Directory discovery methods run, Configuration Manager contacts the nearest domain controller in the Active Directory forest to locate Active Directory resources. The domain and forest can be in any supported Active Directory mode, and the account that runs the discovery method must have Read access to the specified Active Directory containers. During discovery, the discovery method searches the specified locations for objects and then collects information about the object.

 

With the exception of Forest Discovery, all the Active Directory discovery methods support Delta Discovery.

 

 

Step 1. Enable Active Directory Security Group Discovery

 

 

Click on the Administration workspace, expand Overview, Site Hierarchy, Discovery Methods

 

discovery methods.png

 

You can see that we have already enabled Active Directory Forest Discovery (Heartbeat Discovery is automatically enabled), so let's enable some additional discovery methods otherwise our computers (and users) will not appear in Assets and Compliance.

 

 

 

 

 

Double click on Active Directory Security Group Discovery, place a checkmark in enable active directory security group discovery

 

enable active directory security group discovery.png

 

click on the yellow starburst to add an Active Directory container, once done click on Browse and select your chosen active directory container to search during the discovery process

 

new ldap.png

 

click Ok when done

 

adsgd done.png

 

note that enabling discovery will trigger full polling to be run immediately

 

enabling discovery will trigger full polling to be run immediately.png

 

 

Step 2. Enable the other three Active Directory discovery methods

 

Repeat the above for the remaining discovery methods

 


     
  • Active Directory System Discovery
  • Active Directory System Group Discovery
  • Active Directory User Discovery

 

The following Discovery Methods should now be Enabled

 

following discovery methods.png

 

 

Step 3. Verify that discovery is working

 

In the console, click on Assets and Compliance

 

assets and compliance.png

 

Discovery of Computers

 

Click on Device Collections, then click on All Systems, you should now see both AD1 (was previously missing) and the vNext server listed.

 

all systems.png

 

Double click on AD1 (your Domain controller computer) and you should see details about the system including discovery details (it was discovered using Active Directory System Discovery and Active Directory System Group Discovery).

 

discovery details.png

 

Click on Close.

 

Discovery of Users

 

Click on User Collections in the left pane, Click on All Users and in the Ribbon, click on Show Members

 

show members.png

 

the contents of All Users are displayed (these are the users we created in Part 1 of this guide)

 

all users.png

 

Double click on a user and you'll see the discovery information listed, including discovery type (sms_ad_user_discovery_agent)

 

sms_ad_user_discovery_agent.png

 

click ok to Close.

 

 

Using logs to verify discovery

 

In addtion to the visual verification we did above, you can browse the Logs folder of where you installed SCCM 2012, eg: D:\Program Files\Microsoft Configuration Manager\Logs

and find the following discovery logs

 

 

adforestdisc.log

adsgdis.log

adsysdis.log

adsysgrp.log

adusrdis.log

 

these log files can be opened with Trace64 and you'll see lots of interesting info in there such as starting the discovery and what type of discovery it is (the below sample screenshot is from the first discovery after enabling Active Directory User Discovery from adusrdis.log)

 

usrdis.png

 

 

Step 4. Add the Catalog Web Service Point and Catalog Web Site Point roles

 

We will be setting some options in the next step which require certain roles to be installed, so in Administration, expand Site Operations, Servers and Site System Roles, right click on our site and choose Add site system role

 

add site system role.png

 

create roles wizard appears, click next

 

create roles wizard.png

 

select the following roles

 


     
  • Application Catalog Web Service Point
  • Application Catalog Web Site Point

 

and click next

 

new roles.png

 

accept the following values for the application catalog web service point, make sure to manually change port 443 to port 80.

 

port 80.png

 

add your organization name to the application catalog web site point, verify it says port 80 and not 443

 

confirm 80.png

 

click next at the summary and review the completion

 

web site point added completed.png

Share this post


Link to post
Share on other sites

Configuring Client Agent Settings

 

Please refer to Planning for Client Settings in Configuration Manager 2012 on Technet.

 

You manage all client settings in Configuration Manager 2012 from the Client Settings node in the Administration workspace of the Configuration Manager console. Modify the default settings when you want to configure settings for all users and devices in the hierarchy that do not have any custom settings applied. If you want to apply different settings to just some users or devices, create custom settings and assign these to collections.

 

 

Step 5. Configure the Client Agent

 

In the navigation pane, select Administration, then click Client Settings, select Properties from the ribbon. Currently there is only one client agent setting available – Default Client Agent Settings.

 

client settings.png

 

the Default settings appear

 

default settings.png

 

to start off with, let's configure the client Policy polling interval, select Client Policy in the left pane and change the value from 60 minutes (default) to 15 minutes as this is a LAB and we want our client to poll for changes in policy every 15 minutes.

 

client policy.png

 

To change the Organization Name listed in the client agent, select Computer Agent in the left and type in your organization name

 

organization name.png

 

to the right of Default Application Catalog website point, click on Set Website...

 

set website.png

 

select our VNEXT server from the drop down menu

 

vnext server.png

 

change Add default application catalog website to Internet Explorer trusted sites zone to True

 

trusted sites.png

 

Now select Hardware Inventory on the left and then click on Set Classes

 

set classes.png

 

select TPM from the list of available classes, this will be a class that is reported on in the site's sms_def.mof

 

tpm.png

 

Now click on Remote Control in the left and set prompt user for remote control permission to false (useful when you want to remote to a Server)

 

prompt user for remote control permission.png

 

Select Software Updates and set the Install all required software updates when deadline occurs to True

 

install all required updates.png

 

click ok to exit from modifying default settings.

Share this post


Link to post
Share on other sites

Deploying the Client Agent

 

Now that we have made changes to the Default Client Agent settings, we want to deploy it to our clients. Before doing so we need to decide what method is appropriate for installing the client on our computers.

 

The following methods are available

 

Client Installation Method Description

 


     
  • Client push installation - Automatically installs the client to assigned resources and manually installs the client to resources that are not assigned.
  • Software update point installation - Installs the client by using the Configuration Manager 2012 software updates feature.
  • Group Policy installation - Installs the client by using Windows Group Policy.
  • Logon script installation - Installs the client by using a logon script.
  • Manual installation - Manually installs the client software.
  • Upgrade installation - Upgrades clients to a newer version by using Configuration Manager 2012 application management. You can also use Configuration Manager 2007 software distribution to upgrade clients to Configuration Manager 2012.
  • Client Imaging - Prestages the client installation in an operating system image.

 

Please refer to Technet to Determine the Client Installation Method to Use in Configuration Manager 2012.

 

For the purposes of this LAB we will select Client Push Installation.

 

Step 6. Enable Client Push Installation

 

In Administration, expand Site Operations, Sites, select our site P01, choose Client Installation Settings in the Ribbon.

 

client installation settings.png

 

select Client Push Installation from the drop down menu

 

client push.png

 

make sure that enable automatic site-wide client push installation and the Configuration Manager site system servers options are selected

 

enable automatic site-wide client push installation.png

 

click on the Accounts tab and click on the yellow starburst, enter the user details of your ClientInstall account

 

accounts.png

 

this user must be in the local adminstrators group on your destination computers

 

local admin group.png

 

click Ok

 

ok.png

Share this post


Link to post
Share on other sites

Step 7. Manually installing the client using the wizard

 

In Assets and Compliance select our Domain Controller (AD1) right click and choose Install Client

 

install client.png

 

when the Install Client Wizard appears click Next

 

install client wizard.png

 

select the first two options (allow the client software to be installed on domain controllers and Always install the client software) as we only have one site currently (P01)

 

review the summary

 

client install summary.png

 

and completion

 

summary completion.png

 

 

Step 8. Verify client installation

 

On the AD1 computer, you can open Task Manager and verify that Ccmsetup.exe is running, this means your Client software is installing.

 

ccmsetup in task manager.png

 

after some minutes the clients are installed and it is reflected in Assets and Compliance (client=Yes)

 

clients installed.png

 

and you'll see new software installed in your start menu, including Microsoft Silverlight and Microsoft System Center Configuration Manager 2012 Software Center

 

client installed start menu.png

 

and you can start Software Center and you'll see the IT Organization we configured earlier listed in the Top Right corner

 

software center.png

 

and finally you can view the client agent itself by opening up control panel, search for Config, and you'll see the Configuration Manager Client, click on it

 

configuration manager client.png

 

config client.png

Share this post


Link to post
Share on other sites

Hello,

 

When you say install client on AD1 (which is a domain controller) and, I see you have successfully installed the client. In my case, I am unable to install the client because clientinstall (user) is not a member of Local Administrators group (which is one of the requirement to install the software as per your description).

 

On the Domain Controller there is no option to add clientinstall (user) to Local Administrators. Can you help me here how to proceed with.

 

I just started SCCM2012 install and, I am new to this subject.

 

Thanks

 

Ram

 

P.S: Ignore the message - Found a way to complete the client install.

Share this post


Link to post
Share on other sites

Can anyone help?

 

I am new to SCCM and an trying to learn it in a lab environment. I have successfully setup a vmware lab based on the guides provided by this site.

I have followed every step in these guides and have experienced success with everything, however, when I try to open software center on my domain controller, the WIndow is white with nothing displayed inside. Also, when I click on Configuration manager in control panel, There are many properties on the general tab and many actions missing from the actions tab. Any Advice?

 

Eric Craven

Share this post


Link to post
Share on other sites

my client installing is not appearing on the client computers

 

i checkes the monitoring and found the following errors

sys_ad_system_group_discovery_agent showing critical

sys_ad_system_discovery_agent shows critical

sys_ad_security_group_discovery_agent showing critical

sys_ad_user_discovery_agent shows critical

sys_portalweb_control_manger shows critical

sys_awebsvc_control_manger shows critical

 

any ideas and solutions

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.