anyweb

Introduction In an earlier post you installed System Center Configuration Manager (Current Branch). In this post you will learn about configuring discovery. Planning for discovery in ConfigMgr is an important step while configuring your sites and hierarchies. You need to discover objects in locations that you select and these discovered resources are what you want to manage (devices/users). These discovered resources can be targeted with software and/or get the ConfigMgr client agent installed via Client Push functionality. Discovery within System Center Configuration Manager (Current Branch) has 6 methods listed below: Active Directory Forest Discovery Active Directory Group Discovery Active Directory System Discovery Active Directory User Discovery Heartbeat Discovery Network Discovery When a discovery method successfully finds a new resource, discovery puts information about that resource into a file that is called a discovery data record (DDR), which is processed by a primary or central administration site. Processing of a DDR creates a new record in the site database for newly discovered resources, or updates existing records with the DDRs new information. [source: Technet] Step 1. Enable Active Directory Forest Discovery Note: Perform the following on your ConfigMgr server as a user with Full Administrator permissions in the ConfigMgr console. In the Configuration Manager console, click on Administration and select Hierarchy Configuration, click on Discovery Methods. The first discovery method listed is Active Directory Forest Discovery. This discovery method can be enabled on CAS or Primary site(s). Unlike other discovery methods, Active Directory Forest Discovery does not discover resources that you can manage. Instead, this method discovers Active Directory network locations and can convert those locations into boundaries for use throughout your hierarchy. To discover Active Directory network locations and convert those locations into boundaries open the ConfigMgr console, in the Administration workspace, select Hierarchy Configuration, then select Discovery Methods and right click Active Directory Forest Discovery for the primary site and right click, choose Properties. The General window appears with one option, Enable Active Directory Forest Discovery. Select it and two more choices are revealed: Automatically create active directory site boundaries when they are discovered Automatically create IP address range boundaries for IP subnets when they are discovered. Select the second option and leave the default schedule for every 1 weeks. Tip: Selecting both options above is fine in a LAB. In Production however, you should consider only selecting to discover IP address ranges. For clarification about this point please review this post from Jason Sandys (Enterprise Mobility MVP) about why IP Subnet Boundaries are EVIL Click Apply, you'll be prompted if you want to run a discovery as soon as possible, answer Yes. Tip: If you want to review the discovery of objects via this discovery method, you can use CMTrace to open the ADForestDisc.log file. The log file will be located in in the <InstallationPath>\LOGS folder. When publishing is enabled for a forest and that forests schema is extended for Configuration Manager, the following information is published for each site that is enabled to publish to that Active Directory forest: SMS-Site-<site code> SMS-MP-<site code>-<site system server name> SMS-<site code>-<Active Directory site name or subnet> To verify that you've enabled publishing browse to Administration, Site Configuration, Sites, and check the properties of your Primary site server. Click on the Publishing tab. Step 2. Enable Active Directory Group Discovery Note: Perform the following on your ConfigMgr server as a user with Full Administrator permissions in the ConfigMgr console. You can use Active Directory Group Discovery to search Active Directory Domain Services (AD DS) to identify the group memberships of computers and users. This discovery method searches a discovery scope that you configure, and then identifies the group memberships of resources in that discovery scope. By default, only security groups are discovered. However, you can discover the membership of distribution groups when you select the checkbox for the option Discover the membership of distribution groups on the Option tab in the Active Directory Group Discovery Properties dialog box. When you discover a group, you can also discover limited information about its members. Note: This does not replace Active Directory System Discovery or Active Directory User Discovery and is usually insufficient to build complex queries/collections or to serve as the bases of a client push installation. Active Directory Group Discovery can discover the following information: Groups Membership of Groups Limited information about a groups member computers and users, even when those computers and users have not previously been discovered by another discovery method Tip: This step assumes you want to discover resources recursively in the windowsnoob OU. Therefore, it may be necessary to move servers into their respective OU which is a child OU under the windowsnoob OU created in this guide otherwise they will not be discovered by this discovery method. You can do that via Active Directory Users and Computers on AD1. In the ConfigMgr console, in the Administration workspace, select Hierarchy Configuration, then select Discovery Methods and right click Active Directory Group Discovery and choose properties. Select the option to Enable Active Directory Group Discovery and click on Add to see two more choices, Groups and Location. These options are explained below: Groups: Use groups if you want to search one or more specific Active Directory groups. You can configure the Active Directory Domain to use the default domain and forest, or limit the search to an individual domain controller. Additionally, you can specify one or more groups to search. If you do not specify at least one group, all groups found in the specified Active Directory Domain location are searched. Location: Use a location if you want to search one or more Active Directory containers. This scope option supports a recursive search of the specified Active Directory containers that also searches each child container under the container you specify. This process continues until no more child containers are found. Note: When you configure a discovery scope, select only the groups that you must discover. This is because Active Directory Group Discovery attempts to discover each member of each group in the discovery scope. Discovery of large groups can require extensive use of bandwidth and Active Directory resources. Select Location from the drop down menu. Give it a name like Active Directory Group Discovery - P01 and select browse to decide where to recursively search. In this example I select the previously created windowsnoob Organizational Unit (OU) which will contain your servers, users, computers and devices. Click on the Polling schedule tab and decide what is appropriate for your setup, the default is 7 days for a full Active Directory Group Discovery and you can enable Delta Discovery (enabled by default). This discovery method finds resources in Active Directory Domain services that are new or modified since the last discovery cycle in the time interval specified (default is 5 minutes). Next, you can review the three options on the Options tab and click Apply when ready and answer Yes to running the full discovery. Tip: If you want to review the discovery of objects via this discovery method, you can use CMTrace to open the adsgdis.log file. The log file will be located in in the <InstallationPath>\LOGS folder. Step 3. Enable Active Directory System Discovery Note: Perform the following on your ConfigMgr server as a user with Full Administrator permissions in the ConfigMgr console. Use Configuration Manager Active Directory System Discovery to search the specified Active Directory Domain Services (AD DS) locations for computer resources that can be used to create collections and queries. You can then install the client to discovered computers by using client push installation. To successfully create a discovery data record (DDR) for a computer, Active Directory System Discovery must be able to identify the computer account and then successfully resolve the computer name to an IP address. By default, Active Directory System Discovery discovers basic information about the computer including the following: Computer name Operating system and version Active Directory container name IP address Active Directory site Last Logon Timestamp In the ConfigMgr console, in the Administration workspace, select Hierarchy Configuration, then select Discovery Methods and right click Active Directory System Discovery and choose Properties, place a checkmark in Enable Active Directory System Discovery. Click on the yellow starburst to add some Active Directory containers. For path click on browse and browse to the location you want to discover systems in. Tip: You can add several locations by repeating this process and selecting different locations, but only add the locations you need to add as you don't want to generate unnecessary network and CPU bandwidth. On the Polling schedule tab, stick to the defaults and then select the Active Directory Attributes tab, if you want to add an attribute to discover select one from the list and choose Add >> in the example below you are adding an Active Directory attribute called msTPM-ownerinformation. There are many attributes to choose from, use only the ones you need to get your job done. and click Apply and Ok and answer Yes to run a full discovery as soon as possible. Tip: If you want to review the discovery of objects via this discovery method, you can use CMTrace to open the adsysdis.log file. The log file will be located in in the <InstallationPath>\LOGS folder. Step 4. Enable Active Directory User Discovery Note: Perform the following on your ConfigMgr server as a user with Full Administrator permissions in the ConfigMgr console. Use Configuration Manager Active Directory User Discovery to search Active Directory Domain Services (AD DS) to identify user accounts and associated attributes. You can view the default list of object attributes returned by Active Directory User Discovery, and configure additional attributes to be discovered in the Active Directory User Discovery Properties dialog box on the Active Directory Attributes tab. By default, Active Directory User Discovery discovers basic information about the user account including the following: User name Unique user name (includes domain name) Domain Active Directory container names In the ConfigMgr console, in the Administration workspace, select Hierarchy Configuration, then select Discovery Methods and right click Active Directory User Discovery and choose Properties. Place a checkmark in Enable Active Directory User Discovery as shown below. Select the Enable Active Directory User Discovery box and click on the yellow starburst to add some active directory locations to discover users. You can configure the Polling tab and Active Directory Attributes tab settings if you wish, then click apply and answer yes to Run a Full Discovery now. Tip: If you want to review the discovery of objects via this discovery method, you can use CMTrace to open the adusrdis.log file. The log file will be located in in the <InstallationPath>\LOGS folder. Step 5. Review what has been discovered in the console Note: Perform the following on your ConfigMgr server as a user with Full Administrator permissions in the ConfigMgr console. In the ConfigMgr console, in the Assets and Compliance workspace, select Users, then select All Users, the discovered Users should appear. In the Assets and Compliance workspace, select All User Groups, the discovered User Groups should appear. In the ConfigMgr console, in the Assets and Compliance workspace, select Devices, then select All Systems, the discovered Systems should appear. Note: If you are wondering why AD1 does not appear it is because that server is placed under the Domain Controllers container and that container path was not added to any system discovery method. Summary In this guide you configured Discovery methods in System Center Configuration Manager (Current Branch) to discover resources that you want to manage. In the next part of this new series you will configure Boundaries. until next time, adios and thanks for reading. Related Reading Run discovery for System Center Configuration Manager - https://technet.microsoft.com/en-us/library/mt621991.aspx Downloads You can download a Microsoft Word copy of this guide (dated 2015/12/17) here: Configuring Discovery for System Center Configuration Manager (Current Branch).zip Next Post > Configuring Boundaries

attach the logs here so we can see

try this link instead http://lmgtfy.com/?q=+install+internet+explorer+11+by+group+policy

search by the product name, then once done, count the results.

I would change it like so 1) Uninstall ADK 8.1 and install ADK 10, reboot 2) Upgrade MDT 2013 to MDT 2013 update 1 3) Install SCCM 2012 R2 SP1 CU1( KB KB3074857) and SCCM 2012 R2 SP1 CU2 (KB3100144) once everything is in place, you can then consider doing an inplace upgrade to CM1511

using System Center 2012 Configuration Manager - Part 9. Deploying Monthly Updates using System Center 2012 Configuration Manager - Part 10. Monitoring our Monthly Updates Automatic Deployment Rule

look at this https://www.windows-noob.com/forums/topic/2758-how-can-i-copy-files-from-a-package/

We received a report from a user of an unusual alert from their anti-malware software, where it appeared that a domain known to host malicious JavaScript was accessed from a Windows-Noob page. An analysis at the time did not detect any unusual changes to the forum software and concluded that the most likely scenario was a malicious advertisement in the Google/DoubleClick ecosystem. At this time, the skins for the IP.Board software were re-cached as a precaution. Some time later, some proxy servers' content categorisation system began to categorise Windows-Noob.com as "Suspicious". We were frustrated at the time to have little to no further information as to why this was the case. Only one of the website scanners we used to try and externally determine if there was an infection showed an issue: it had "Detected reference to malicious blacklisted domain myitforum.com". This domain obviously is quite legitimate, but had been compromised in the past, as have many websites that accept user generated content. We were assured that the infection issue on myitforum.com had been resolved, but in an effort to remove the "Suspicious" category from Windows-Noob.com, removed all outbound links to myitforum.com from our site. We did not at this stage connect the earlier report and this issue. None of the highly respected external systems like Google Webmaster Tools at any point suggested that we had been infected, and the 'detection' was limited to this one website scanner, which gave us these results referencing myitforum.com. Later still, we received another report from a user that their browser had been redirected to a malicious domain after visiting Windows-Noob from a search engine result page. We also finally received detailed information from the proxy server categorisation system provider that gave specific detail as to our “Suspicious” categorisation. A packet capture on the Windows-Noob server was taken over a few hours and then analysed. With the reported information from the user, we quickly identified injected JavaScript based on the reported malicious domain. The injected JavaScript was located in the theme cache files and was removed. Additional aggressive monitoring was put in place to try and determine if there was an active entry vector for the attacker. Later on that evening, malicious JavaScript re-appeared, detected by our additional monitoring that was put in place, and we promptly removed it again. Detailed analysis, including log file and packet capture analysis was performed to try and determine the attack vector, but no promising leads were found. The injected JavaScript then did not re-appear after that second appearance, and we unfortunately remain in the dark as to how the attack occurred. Our improved monitoring systems remain in place. The code, once unpacked and analysed, was actually quite rudimentary and simply injected references to the malicious JavaScript if certain conditions were met (user was referred from a search engine result page, and using certain browsers). Extensive reviewing of log files revealed no evidence of any other intrusion, but we accept that given our lack of understanding of the original attack vector, we cannot determine if any other actions were taken. Because we were unable to determine with confidence the source of the injected JavaScript and the attack vector used, we took the step of a complete server reinstall from known good media. The forum software has been completely reinstalled from a fresh download of the IP.Board software and all old and non-essential files removed. At the same time, we have taken other steps to protect users, including implementing mandatory HTTPS across the site (long overdue!), which would have, in this scenario, prevented injected JavaScript on HTTP domains executing in users' browsers and also protects passwords in transit. We apologise to users that this happened and particularly that we didn't spot it quickly enough. We hope as fellow IT professionals you appreciate the challenges in defending complex systems that are exposed to the world, especially on a very modest budget. We have learned a lot from this incident, despite the frustration of not knowing the original attack vector, and will continue to work hard to do better. It is a good idea, given what has happened, to reset your password for this site. This will also have the effect of invalidating the passwords that used to transit in the clear over HTTP and mean that your new password will not have traversed the public internet unencrypted. The standard advice about also resetting any other password that you might have shared with this site applies too.

yeah the errors you are seeing is what everyone else is seeing so we have to wait for a fix from microsoft I guess.

why not let Active Directory DNS do it's job ? why do you want to copy this file to every system, please explain

it seems that EDU and ENT editions are not available in WSUS/SUP yet, so i'd suggest you wait, the ones that currently are there don't work properly either, see my bug on Connect here.

done i've added a note about the different versions, thanks for pointing it out.

thanks 1. use the Windows 10 USMT package for your task sequences and you should be fine. 2. you've used the 1511 Windows 10 adk which is why your version is 10586, you can uninstall that ADK and use the original Windows 10 ADK instead which doesn't suffer from the issues mentioned in the post after yours.

first things first you cant upgrade from cu5 now because you've already upgraded to SP1 (or sp2 depending on how you look at it) as regards your console not connecting, have you tried installing the console directly from the sp1 media ? would you like me to do a teamviewer session to your computer to have a look ?

hi guys, please take a moment to read this uservoice, I can see a lot of people gettng problems due to this requirement and it's not checked for currently - if you vote for this then it's likely that Microsoft will fix it:- https://configurationmanager.uservoice.com/forums/300492-ideas/suggestions/10997490-modify-the-configuration-manager-prerequisites-che thanks ! cheers niall

search for smsts*.log and app*.log and attach them here zipped (for starters)

can you attach your logs please ? including the netsetup.log

are you running the script as system or as the logged in user, by the sounds of it you are running it as system when you should be running it as the logged in user...

I hope you are aware that this software (System Center Configuration Manager version 1511) went GA yesterday, it takes a lot of time (and effort) to write the guides ! you have a number of options, do a site backup (content and db) and then install the new site with the same computer name, once installed do a site restore, or use the migration feature to migrate what you want from one site to the other. The following guide should give you enough ideas of how a migration is done. http://www.windows-noob.com/forums/topic/4926-using-sccm-2012-rc-in-a-lab-part-14-performing-a-side-by-side-migration-from-configuration-manager-2007/ I'm separating your post into it's own topic.

while Server 2008 R2 is currently supported, it is deprecated and planned to be removed from support in 12 months with SCCM current branch. See https://technet.microsoft.com/en-us/library/mt628077.aspx.

Introduction Microsoft have been hard at work developing the next version of Configuration Manager (after System Center 2012 Configuration Manager). Up until now they've released a bunch of Technical Previews and today they've announced the General Availability of the RTM release, along with it's official name: System Center Configuration Manager and Endpoint Protection (version 1511). The version used in the product name specifies the YY/MM (year/month) that it was released. Note: There is a newer version of this guide which uses Server 2016, SQL Server 2016 and SCCM 1606CB here. This release is the first Current Branch release of Configuration Manager. This release has the ability to update itself based on your choices (Software as a Service SAAS) so as Microsoft releases newer versions of Configuration Manager to the Enterprise in the coming years, the Current Branch version identifier will change too (for example to 1607, 1611, 1702 etc). This is explained in Brad's post here. This long and detailed post will guide you through installing System Center Configuration Manager version 1511 using some automation via scripts, and you get to choose between two installation methods, manual or unattended. Regardless of what method you use to install ConfigMgr, this guide will configure everything correctly so that your environment is ready to manage all devices and to do Windows 10 servicing via Software Update Management, which is a topic that will be covered in a later post. Lastly, the guide looks at the Service Connection Point role settings, how you can change them and how to configure Usage Data. Technet Reading You can read the release notes for System Center Configuration Manager version 1511 here. Recommended hardware for System Center Configuration Manager here. Supported operating systems for sites and clients for System Center Configuration Manager here. Support for SQL Server versions for System Center Configuration Manager here. Support for Active Directory domains for System Center Configuration Manager here. Support for Windows features and networks in System Center Configuration Manager here. Support for Virtualization Environments for System Center Configuration Manager here. Assumptions In this guide I assume you have already installed two servers running Server 2012 R2 as listed below, I also assume you have some knowledge of PowerShell, if you don't, start learning it now ! AD1 Active directory domain controller with DNS, DHCP IPv4 Address: 192.168.5.1 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.5.199 CM01 Configuration Manager server, joined to the domain. IPv4 Address: 192.168.5.2 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.5.199 Smoothwall (optional) A Linux firewall running on 192.168.5.199 purely for sharing internet into these vm's. Scripts used in this guide The scripts used in this guide are available at the bottom of the guide in the Downloads section, download them before beginning and extract them to C:\Temp on your ConfigMgr server. Step 1. Define some GPO's Note: Perform the following on the Active Directory Domain Controller server (AD1) as Local Administrator To allow SQL to replicate data, open the following TCP ports in the Configuration Manager firewall, 1433, 4022. You can do this by targetting your ConfigMgr servers with a GPO. To create the GPO do as follows. Start the Group Policy Management tool (GPMC.MSC) and create a new GPO. Note: In the preceding screenshot I link the GPO to the domain GPO however you should consider creating an OU specifically for your Configuration Manager servers and target this GPO only to that OU (your Configuration Manager servers require this GPO for SQL replication). Give the GPO a name such as SQL Ports for System Center Configuration Manager. When done, right click on the GPO and choose Edit. Select Computer Configuration, Policies, Windows Settings, Security Settings, Windows Firewall with Advanced Security and select Inbound Rules, choose New Rule and follow the wizard for opening up TCP port 1433 as per this guide on Technet. Once done, repeat the above for TCP Port 4022. Optional: Once the above is done, and if you intend on using the PowerShell script in Step 2 to create users and to make a user a local admin on the CM01 server, create another GPO called Allow Inbound File and Printer sharing exception which sets Windows Firewall: Allow inbound file and printer sharing exception to Enabled. This policy is located in Computer Configuration, Administrative Templates, Network, Network Connections, Windows Firewall, Domain Profile. Once done, apply the GPO's by running gpupdate /force on CM01. Step 2. Create users Note: Perform the following on the Active Directory Domain Controller server (AD1) as Local Administrator You can do this step manually or automated using the supplied PowerShell script. To create users manually, add the following users in AD using Active Directory Users and Computers: * <your user name>, a domain user, this user will become a local administrator on CM01 * Testuser, a domain user * CM_BA, used for building ConfigMgr created images * CM_JD, used for joining computers to the domain * CM_SR used for reporting services. * CM_CP, a domain user used when installing the Configuration Manager Client for Client Push. * CM_NAA, a domain user, (Network Access Account) used during OSD To create users automatically, use the Create Users Usergroups and OU in AD.ps1 PowerShell script Copy the script to AD1, start Windows PowerShell ISE as Administrator and open the Create Users Usergroups and OU in AD.ps1 script. Edit the variables as desired before running. Note: You need to edit the script and adjust the variables to your liking, for example if you want to change the default password. You may also want to rem out the MDT and MBAM user/groups that are created and change some of the user names within the script. After running the PowerShell script in Windows PowerShell ISE you'll see something like the following. and in Active Directory Users and Groups you can see the OU and structure it has created. Step 3. Create the System Management Container Note: Perform the following on the Active Directory Domain Controller server (AD1) as Local Administrator Open ADSI Edit, click on Action, Connect To and click Ok, Double Click on Default Naming Context and the DC= that appears below it. Click on the + and scroll down to CN=System. Right Click on CN=System and choose New, Object, choose Container from the options, click Next and enter System Management as the value as shown below Step 4. Delegate Permission Note: Perform the following on the Active Directory Domain Controller server (AD1) as Local Administrator Open Active Directory Users and Computers. Click on view, select Advanced Features. Select the System Management Container, and right click it, choose All Tasks and Delegate Control. When the Welcome to Delegation of Control Wizard appears click next, then click Add. click on Object Types, select Computers. Type in your Configuration Manager server name (CM01) and click on Check Names, it should resolve. Click Ok, then Next. Choose Create a Custom Task to Delegate, click next, make sure This folder, existing objects in this folder and creation of new objects in this folder is selected. Click next, select the 3 permissions General, Property-Specific and Creation-deletion of specific child objects are selected then place a check mark in Full Control. Tip: Repeat the above for each site server that you install in a Hierarchy. Step 5. Install Roles and Features on CM01 Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator To support the various features in System Center Configuration Manager, the setup wizard requires some Server Roles and Features pre-installed on CM01, so let's go ahead and install them. On CM01, login as the username you added to the Local Administrators group and navigate to C:\Temp. The XML files within the Scripts Used in This Guide.zip were created using the Export Configuration File option in Server Manager after manually installing roles and features and the accompanying PowerShell script simply installs it. Note: Make sure your Server 2012R2 media is in the drive specified in the script or edit the script to point to the location of the media. To install the roles and features needed, start Windows Powershell ISE as Administrator and run the install roles and features.ps1 script. Step 6. Download and install Windows ADK 10 Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator The ConfigMgr prerequisite checker will check for various things, including ADK components such as USMT and Windows Preinstallation Environment (amongst others), therefore you need to install Windows ADK on your server. To do so, either download ADKsetup from here and manually install it or run the setup ADK and WDS.ps1 PowerShell script to download and install the correct components for you. This script not only downloads the components needed, it's also installs ADK 10 and then installs Windows Deployment Services. The setup ADK and WDS.ps1 PowerShell script is available in the Scripts Used in this Guide zip file. Note: due to issues with Windows ADK 10 for build 1511,I'm using the original Windows 10 ADK in the download script. Update: ADK 1511 has got a hotfix (March 2nd, 2016) to fix the previous issues, please read the updated blog about that here. To download and then install Windows ADK 10 with the components needed, start Windows Powershell ISE as Administrator and run the setup ADK and WDS.ps1 script. Step 7. Install SQL on CM01 Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Tip: If you want to get some great advice from a former SQL MVP (but now ECM MVP) about how to properly setup SQL and best practice tips, please review this blog post from Steve Thompson. Before you install the Configuration Manager you need SQL installed, both SQL Server 2012 and SQL Server 2014 are supported however you will use the latest release in this guide which is SQL 2014. I used the following release from MSDN for this guide, however you should use Volume License media in production:- en_sql_server_2014_standard_edition_with_service_pack_1_x64_dvd_6669998.isoThe command line below will install SQL Server with the correct collation needed for ConfigMgr to the following location: C:\Program Files\Microsoft SQL Server. If you don't want to use that location you can change it by modifying the /INSTANCEDIR reference. In addition, make sure to place your SQL Server 2014 media in the appropriate drive before running the script, if it's on a different drive letter, modify D:\setup.exe accordingly. To start the install, open an administrative cmd prompt on CM01 and change "windowsnoob\niall" to match your domain\username, after you've made the edit, press enter to install SQL Server 2014. D:\setup.exe /q /ACTION=Install /ERRORREPORTING="False" /FEATURES=SQLENGINE,RS,IS,SSMS,TOOLS,ADV_SSMS,CONN /INSTANCENAME=MSSQLSERVER /INSTANCEDIR="C:\Program Files\Microsoft SQL Server" /SQLSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" "windowsnoob\niall" /SQLSVCSTARTUPTYPE=Automatic /AGTSVCACCOUNT="NT AUTHORITY\SYSTEM" /AGTSVCSTARTUPTYPE=Automatic /RSSVCACCOUNT="NT AUTHORITY\System" /RSSVCSTARTUPTYPE=Automatic /ISSVCACCOUNT="NT AUTHORITY\System" /ISSVCSTARTUPTYPE=Disabled /ASCOLLATION="Latin1_General_CI_AS" /SQLCOLLATION="SQL_Latin1_General_CP1_CI_AS" /TCPENABLED="1" /NPENABLED="1" /IAcceptSQLServerLicenseTerms For a list of options for installing SQL Server 2014, see this page on Technet: https://technet.micr...v=sql.120).aspx Once installed, you should see success messages like below, if not, troubleshoot the errors and/or review your command line for typos. Step 8. SQL Memory Configuration Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Depending on your memory configuration and server setup, you may also want to configure SQL memory limits as per the following guidance prior to installing ConfigMgr otherwise you'll get warnings in the Prerequisite checker when it runs the Server Readiness checks. Configuration Manager requires SQL Server to reserve a minimum of 8 gigabytes (GB) of memory for the central administration site and primary site and a minimum of 4 gigabytes (GB) for the secondary site. This memory is reserved by using the Minimum server memory setting under Server Memory Options and is configured by using SQL Server Management Studio. For more information about how to set a fixed amount of memory, see here. If your SQL Server is configured for unlimited memory usage, you should configure SQL Server memory to have a maximum limit. Based on this guidance I've configured the SQL Server memory for this standalone primary as follows: Step 9. Restart the Server Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Open an administrative command prompt and issue the following command: shutdown /r Step 10. Getting ready for Windows 10 servicing Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Microsoft recently blogged about an Important update for WSUS 4.0 (KB 3095113). This update allows WSUS 4.0 to use the new Upgrades classification in WSUS 4.0 (Windows Server 2012R2). Failure to install the hotfix will mean that WSUS will not have the Upgrades Classification even though ConfigMgr version 1511 will show this classification in the SUP properties. In addition, this hotfix is mandatory to support Windows 10 servicing via Software Update Management. Before you can install the hotfix however you need a bunch of prerequisite updates and feature packs installed and then you need to install WSUS 4.0. The order of the installation of these updates is important too so I'm listing it here. The installation of some of these updates involve restarts. The installation of the WSUS 4.0 (KB 3095113) will take place immediately after installing WSUS 4.0 and is covered in the next step. Note: In this guide I assume you've not yet installed any updates on your server and you are setting things up from Windows Server 2012R2 media (the original release of Server 2012R2). If you are trying this on a server that is already updated via Windows Update, then some of the updates below may already be installed or superseded. However if that is the case, try and install any remaining updates in the same order as below. In addition, if you are using Server 2012R2 with Update media, then you'll only need to install the first two in the list below. You will need to download both KB2919442 and KB2919355 , make sure to download all the files within that Cumulative Update and Feature Pack release, The correct installation order is as follows, remember that you cannot install KB3095113 until after WSUS 4.0 is installed:- KB2919442 clearcompressionflag.exe KB2919355 KB2932046 KB2959977 KB2937592 KB2938439 KB2934018 Step 11. Install the WSUS role Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Now that SQL server is installed, we can utilize that for the WSUS database. To install WSUS and configure it to use the SQL servers database instead of the Windows Internal Database, do as follows: Browse to the location where you extracted the scripts, C:\Temp Start Windows PowerShell ISE as administrator, edit the Post Install Line and replace CM01 with the ServerName your are installing ConfigMgr on (SQL server) Then run the install roles and features_WSUS.ps1 script. Finally, you can install the WSUS Upgrades Classification hotfix. KB 3095113 Restart the server when prompted to do so. Note: Even though you have installed the Hotfix required to do Windows 10 servicing, the WSUS classifications will not display the Upgrades classification until the ConfigMgr Software Update Point has performed a successful sync. Step 12. Download and extract the content Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator To install System Center Configuration Manager version 1511 you'll need to download the content. You can download it from Microsoft's Volume license site for use in production or from MSDN for use in a lab. For the purposes of this guide I used the following content from MSDN. This iso is named mu_system_center_configuration_manager_version_1511_x86_x64_dvd_7295963.iso and is 1.20GB in size. The VLSC content is called System Center Config Mgr Client Mgmt License (current branch). Once downloaded, I mounted the ISO in Windows File Explorer and copied the contents to C:\ConfigMgrSources\SCCMversion1511 Step 13. Download the ConfigMgr Prerequisites Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator You can download the prerequisites during ConfigMgr setup or in advance. As you'll probably want to install more than one copy of ConfigMgr (one lab, one production) it's nice to have the prerequisites downloaded in advance. To do that, open a command prompt with administrative permissions and navigate to the following folder: C:\ConfigMgrSources\SCCMversion1511\smssetup\bin\X64 Run the following line SetupDL.exe C:\ConfigMgrSources\Downloads Tip: Browse to C:\ConfigMgrSources\SCCMversion1511\SMSSETUP\TOOLS and double click on CMTrace.exe, answer Yes to the default logging question. Then, using Windows File Explorer, browse to C:\ and double click on ConfigMgrSetup.log which will open the log file in CMTrace. This will allow you to view any errors or problems with the download of the prerequisites in real time. Step 14. Extend the Schema Note: Perform the following on the Domain controller server (AD1) as Administrator. You do not have to extend the Active Directory schema if it was already extended for Configuration Manager previously. Using Windows File Explorer on the Active Directory Domain Controller, browse to \\<server>\c$\ConfigMgrSources\SCCMversion1511\SMSSETUP\BIN\X64 where <server> is your ConfigMgr server locate extadsch.exe, right click and choose Run As Administrator. A command prompt window will appear briefly as the schema is extended, check in C:\ for a log file called ExtADSch.log it should look similar to this Step 15. Install Configuration Manager version 1511 manually Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator There are two ways to install ConfigMgr, manually using the ConfigMgr setup wizard or unattended. To install it manually use the settings below To do an unattended install jump to the next step. Browse to C:\ConfigMgrSources\SCCMversion1511 and click on Splash.HTA, notice the version number is clearly listed ! click on Install and then click on Next Note: In this release, you now have the option to install a Standalone Primary (recommended) or a CAS. If running setup on an already installed site (such as Configuration Manager 2012 R2) you will be offered the Upgrade option. Select the option to Use typical installation options for a stand-alone primary site and click on Next. You'll be prompted with a note, read it before clicking on Yes. Next you get to install the licensed or evaluation version (180 days) of the product, choose your version and click on Next. read the EULA and agree to the terms to continue accept the license terms for SQL server express and Silverlight select previously downloaded files and provide the following path C:\ConfigMgrSources\Downloads before clicking on Next fill in your Site Code, Site name, Installation Folder and then click Next Note: Change the Site Code, Site Name and Installation Folder to values that suit your environment, you can't change them later so think before clicking next. review the Usage Data screen, this gives you info about what data Microsoft collects and how you can change the User Data levels and settings choice at a later stage from within the ConfigMgr Console. Next you get to decide about the Service Connection Point setup, this is required if you want to allow ConfigMgr to check for updates to avail of new features and inform you about those updates (much like Intune Extensions show up in ConfigMgr 2012 R2 with Microsoft Intune integrated) and this role is the basis of ConfigMgr as a Service. finally, review your Settings Summary and if you followed this guide correctly all prerequisite rules pass successfully. Click on Begin Install to start the installation and click on View Log in the lower left corner (or use Windows File Explorer and open C:\ConfigMgrSetup.log) to bring up the log file in CMTrace so you can see the installation progress (or issues encountered) in real time....perhaps now is a good time for a coffee or some other suitable beverage ;-) and after a while you are done ! Click on close. You should now restart the Configuration Manager server via an administrative command prompt, enter the following: shutdown /r Step 16. Install Configuration Manager version 1511 unattended Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator To install ConfigMgr automated (unattended) you need to generate or use a previously created ini file called ConfigMgrAutoSave.ini. The easiest way to generate one is to go through a manual installation as shown in the step above and capture the file after everything is complete. The file will be stored in your %temp% profile as shown below: Below is a sample ConfigMgrAutoSave.ini file created from the above installation choices I made, I've removed the ProductID and SysCenterID values however. [Identification] Action=InstallPrimarySite [Options] ProductID=EVAL SiteCode=P01 SiteName=windows-noob.com Primary Site SMSInstallDir=C:\Program Files\Microsoft Configuration Manager SDKServer=CM01.windowsnoob.lab.local RoleCommunicationProtocol=HTTPorHTTPS ClientsUsePKICertificate=0 PrerequisiteComp=1 PrerequisitePath=C:\ConfigMgrSources\Downloads ManagementPoint=CM01.windowsnoob.lab.local ManagementPointProtocol=HTTP DistributionPoint=CM01.windowsnoob.lab.local DistributionPointProtocol=HTTP DistributionPointInstallIIS=0 AdminConsole=1 JoinCEIP=0 [SQLConfigOptions] SQLServerName=CM01.windowsnoob.lab.local DatabaseName=CM_P01 SQLSSBPort=4022 [CloudConnectorOptions] CloudConnector=1 CloudConnectorServer=CM01.windowsnoob.lab.local UseProxy=0 ProxyName= ProxyPort= [SystemCenterOptions] SysCenterId= [HierarchyExpansionOption] You can find a copy of the above file in the Scripts Used in This Guide.zip file. Note: You will need to edit this file and replace the values with those that work in your environment. For example, to change the ProductId open the file in notepad, locate the line that reads ProductID= and either enter your ConfigMgr Product Key or use the evaluation version of ConfigMgr by entering the word EVAL as shown below. To start an unattended install using the ini file do as follows. Save any changes you have made to the file, then copy the file to C:\ConfigMgrSources. Once copied, start the unattended install by running the following command: SCCMversion1511\SMSSETUP\bin\X64\Setup.exe /script C:\ConfigMgrSources\ConfigMgrAutoSave.ini as the install is unattended you'll need to review the ConfigMgrSetup.log file stored in the root of C: using CMTrace to get a real time status of the installation. and after a period of time if all went well you'll see this in the log file However you should open the main log (more than likely renamed to ConfigMgrSetup.LO_) file to verify there were no issues during setup. The above is great for doing unattended installs of ConfigMgr however If you want to automate this using PowerShell then you'll need to write your own script to convert the required values to variables or take a look at Johan Arwidmark's excellent hydration kit(s) or have a look at this sample to get you started on writing that script. Note: You'll have to tweak these scripts to suit your environment and to work with this release of Configuration Manager, however, the ini file I've provided should be enough to get you started. Step 17. Launch the Configuration Manager console Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Launch the Configuration Manager console via the start screen and click on the white downward pointing arrow in the top left of the console then click on About Configuration Manager, notice the version info, and that it says Version 1511. Next, take a look at the top line of the ConfigMgr console to reveal whether you are running a licensed or evaluation version. Below is how the evaluation version will appear. Step 18. Configure Usage Data settings Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator Earlier in this guide you saw a Usage Data information screen with no configurable options. To configure what Usage Data is sent to Microsoft do as follows. In the ConfigMgr Console, click on the white downward pointing arrow in the top left, and select Usage Data from the options available. there are three levels shown, Basic, Enhanced (default) and Full. Make your choice and click on OK You can click on the two clickable links provided to get more info about what these Usage Data settings and levels mean. Learn more about Usage Data levels and settings - http://go.microsoft.com/fwlink/?LinkID=626566 Privacy Statement for Configuration Manager - http://go.microsoft.com/fwlink/?LinkID=626527 Step 19. Configure Service Connection Point Note: Perform the following on the Configuration Manager server (CM01) as a Local Administrator During setup you have the choice of installing the Service Connection Point role (or skipping it). You can configure this by selecting Administration, Servers and Site System roles, select your Primary site and then select the Service Connection Point role from the roles listed as installed on the server. The options available are Online or Offline. If you do choose offline then you'll have to use the Service Connection Point tool to manually setup the role and configure notifications. Summary Over the years Microsoft has evolved Configuration Manager to become a single-pane-of-glass for managing all devices and in addition they've finally delivered Configuration Manager as a Service to match Windows 10 as a Service. To quote some key points from Brad, this release when Integrated with Microsoft Intune will allow you to: Update ConfigMgr easily each and every time new Windows capabilities are released. Update ConfigMgr each and every time updates for iOS and Android are released. Deliver the single-pane-of-glass for managing all devices – with immediate support across Windows, iOS and Android without you having to go through complex individual upgrades. We’ll do the work for you. Exciting times are ahead ! thanks for reading, and until next time, adios. Related Reading What's New in System Center Configuration Manager (Current Branch) - https://technet.microsoft.com/en-us/library/mt622084.aspx How to delete upgrades in WSUS https://blogs.technet.microsoft.com/sus/2016/01/29/how-to-delete-upgrades-in-wsus/ Downloads You can download a Microsoft Word copy of this guide (dated 2015/12/08) here: Installing SCCM version 1511 windows-noob.com guide.zip You can download a copy of the scripts used in this guide here: Scripts Used In This Guide.zip Next Post > Configuring Discovery.

System Center Virtual Machine Manager (or SCVMM) is a fantastic product, with many powerful features, that makes our lives as virtualization administrators much easier day to day. However, not all of us have the benefit of being able to make good use of it for a variety of reasons. SCVMM can be brutally complex if you only need to use small parts of it, and let’s face it, not all of us can afford the astronomical price tag. The sad part about this revelation is the fact that many of us miss out on some great features because of this. SCVMM includes things like service templates: the ability to deploy an entire collection of VM templates at once, and automatic cluster load balancing. Both of these are immensely helpful features! There is good news however! Even though we miss out on some automation potential if we’re lacking SCVMM in our environment, we still have a great tool at our disposal to do some of the same things, PowerShell! PowerShell is a great utility for automation and scripting, and it can be leveraged quite handily for use with Hyper-V and virtual machines. With that said, Altaro Software is putting on a webinar on “Scripting and Automation in Hyper-V without SCVMM”. This webinar will be hosted by Andy Syrewicze, and presented by Thomas Maurer, both of whom are Cloud and Datacenter Management MVPs with Microsoft for contributions to the Hyper-V community. Information will be presented in this webinar that will get you automating and scripting in Hyper-V in no time, and will allow you to put up your feet and let PowerShell do the work. Registration link can be found HERE. Disclaimer: Altaro software is a windows-noob.com recommends parntner.

what version of ConfigMgr are you running, and what CU's are applied.

first thing first, check my post here http://www.windows-noob.com/forums/index.php?/topic/12852-how-can-i-upgrade-to-system-center-2012-r2-sp1-with-mdt-2013-update-1-integrated/and tell me did you follow it or possibly miss any points?

the boot images are created when you install ConfigMgr, are you saying you had none present ?