Jump to content


  • 0
Kevin79

SCCM questions

Asked by Kevin79

Question

Kevin79 Newbie

Kevin79

Posted
Posted

As I'm sure you all have seen from my posts on the forums, I am working on a trial of SCCM to replace how we currently deploy software (using Group policy) and OS images (using mdt) and integrate WSUS.

 

Before I get to my questions, I'll try to explain my network layout...

 

I have a main site with 11 smaller sites connected to it. Each site has a domain controller at a minimum, most have other servers as well. All remote sites that are using MDT have it installed on the domain controller (Not my setup). There are a couple sites that don't use MDT. Some of the sites also have WSUS installed on the DC (again, not my idea). Each site is connected in different ways but most have a T1. Also, each instance of WSUS gets update approvals from the main site but downloads content directly from Microsoft.

 

Now on to my questions...


  • -Should I install an instance of SCCM at each location? If not, how do I deploy OS images without them going over the slow WAN link?
    -Right now, with mdt, we have about 10 different images. We use Lenovo laptops and Dell desktops. WIll SCCM allow us to reduce our number of images?
    -Will it still be possible to have SCCM/WSUS download updates directly from Microsoft? (Note: the WSUS server downloads them from Microsoft and the clients then download from the WSUS server)
    -When deploying software to new computers, should I use a task sequence in the OS deployment or just use a standard application deployment? What are the pros and cons when using each one?

 

I'm sorry if these are stupid questions but they are biggies to the company and will determine if we move forward. I'm sure there will be more questions as well.

 

Thanks!

Share this post

Link to post
Share on other sites

12 answers to this question

Recommended Posts

  • 0
boozecow Newbie

boozecow

Posted
Posted

I'm not an expert of SCCM but I currently have a task to upgrade our SMS to SCCM.

 

I have Two major sites and few regional sites.

 

My setup is:

One central site

Major Site 1 - Primary (600 users)

Secondary Site 1 (70 users)

Secondary Site 2 (140 users)

Secondary Site 3 (45 users)

Secondary Site 4 (30 users)

Major Site 2 - Primary (0 user bunker site)

Secondary Site 1 (120 users)

Secondary Site 2 (600 users)

Secondary Site 3 (80 users)

Secondary Site 4 (5 users)

 

On all secondary sites, I have like you a DC and a Fileserver

 

I'm going to upgrade my secondary sites to windows 2008 + SCCM with WDS + PXE services.

 

I will have one central image of windows 7 with multile task sequences for all the model of the computers I have in the compagny.

 

All regional site will respond to his PXE local services and will get the image from the secondary site.

 

So only one Image Nationaly distributed to local distribution point.

 

If you want to sleep at night and keep control, I think you should do this.

 

But let's see what expert will say about this !

Share this post

Link to post
Share on other sites
  • 0
Kevin79 Newbie

Kevin79

Posted
Posted (edited)

I'm not an expert of SCCM but I currently have a task to upgrade our SMS to SCCM.

 

I have Two major sites and few regional sites.

 

My setup is:

One central site

Major Site 1 - Primary (600 users)

Secondary Site 1 (70 users)

Secondary Site 2 (140 users)

Secondary Site 3 (45 users)

Secondary Site 4 (30 users)

Major Site 2 - Primary (0 user bunker site)

Secondary Site 1 (120 users)

Secondary Site 2 (600 users)

Secondary Site 3 (80 users)

Secondary Site 4 (5 users)

 

On all secondary sites, I have like you a DC and a Fileserver

 

I'm going to upgrade my secondary sites to windows 2008 + SCCM with WDS + PXE services.

 

I will have one central image of windows 7 with multile task sequences for all the model of the computers I have in the compagny.

 

All regional site will respond to his PXE local services and will get the image from the secondary site.

 

So only one Image Nationaly distributed to local distribution point.

 

If you want to sleep at night and keep control, I think you should do this.

 

But let's see what expert will say about this !

 

So let me make sure I'm understanding correctly. First, you can have a single image for all of your computers, you just use task sequences to install the correct drivers for each system? Even if the systems are different (I.E. Wide range of Dells and Lenovo laptops)?

 

When you say all your regional sites will get the image from the secondary site, are clients downloading the image from local servers or pulling them down from a server in a different physical location?

 

The one image Nationally distributed means that I have a single image that is replicated to my remote servers?

Edited by Kevin79

Share this post

Link to post
Share on other sites
  • 0
YiannosG Newbie

YiannosG

Posted
Posted

That is correct. Thats my current step; eliminate all computer images and have one generic image, where depending on the model the drivers will get installed, and depending on the department a specific task sequence will start to deploy the application based on that department.

 

You can install Distribution Points on some servers and have boundaries on it, so it will offer the package only to that specific active directory site/ network IP range. Then when you create the packages you can select which distribution points that program will be available and when someone request that file from ie.site B it will get it from the local distribution point in site B, with out using your WAN bandwidth!This ofcourse works the same with OS images :D

 

Also you can integrate WSUS in SCCM and SCCM clients on the computers will know that your SCCM has a WSUS built in!

Share this post

Link to post
Share on other sites
  • 0
Kevin79 Newbie

Kevin79

Posted
Posted

That is correct. Thats my current step; eliminate all computer images and have one generic image, where depending on the model the drivers will get installed, and depending on the department a specific task sequence will start to deploy the application based on that department.

 

You can install Distribution Points on some servers and have boundaries on it, so it will offer the package only to that specific active directory site/ network IP range. Then when you create the packages you can select which distribution points that program will be available and when someone request that file from ie.site B it will get it from the local distribution point in site B, with out using your WAN bandwidth!This ofcourse works the same with OS images :D

 

Also you can integrate WSUS in SCCM and SCCM clients on the computers will know that your SCCM has a WSUS built in!

 

How would OS images work since it has to connect to a PXE server locally? Wouldn't the PXE server just be a SCCM server with the images on it?

 

With WSUS in SCCM, if I had SCCM servers at the remote sites, would I be able to have each SCCM server download patches directly from Microsoft or would they download the files from my main site?

Share this post

Link to post
Share on other sites
  • 0
YiannosG Newbie

YiannosG

Posted
Posted

How would OS images work since it has to connect to a PXE server locally? Wouldn't the PXE server just be a SCCM server with the images on it?

 

With WSUS in SCCM, if I had SCCM servers at the remote sites, would I be able to have each SCCM server download patches directly from Microsoft or would they download the files from my main site?

 

Each DP can have a PXE role on it. So when you Create an image at the central SCCM and distribute it at your DP, your DP servers will be able to run the image deployment.

 

Note that there is a different between a distribution point and a secondary SCCM site.

Read more here and see which one matches ur company so you can modify your SCCM environment.

 

You can have the WSUS in SCCM download the updates and then create packages and use the distribution points as you can do with any ordinary program.

Share this post

Link to post
Share on other sites
  • 0
Kevin79 Newbie

Kevin79

Posted
Posted

I read through that document, thanks.

 

What is the typical cut off point when using BDP's isn't efficient? I'm thinking that some sites will need a secondary site and that at that point, I might as well go with secondary sites all the way. Thoughts?

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to question listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.