Jump to content




anyweb

using System Center 2012 Configuration Manager - Part 2. Install the primary server - P01



Recommended Posts

In Part 1 of this series we created our new LAB, we got the System Center 2012 Configuration Manager ISO and extracted it, then copied it to our Active Directory server. We then created the System Management container in AD, delegated permissions to the container, extended the Schema for Configuration Manager. We then opened TCP ports 1433 and 4022 for SQL replication between sites, installed some prerequisites like .NET Framework 4.0, added some features and then downloaded and installed SQL Server 2008 R2 SP1 CU6. We then configured SQL Server using SQL Server Management Studio for security and memory configurations prior to running the Configuration Manager 2012 setup to assess server readiness. Finally we installed a central administration site (CAS) and will now install our primary server.

 

The primary server will be called P01 (P for primary, 01 as it's the first primary, if you were to have more primaries connected to your CAS, you could call the next one P02 and so on). Prior to installing our primary server I want you to set this server up the same way as you did the CAS, install the pre-reqs including .NET Framework 4.0, install SQL Server 2008 R2 SP1 CU6 and configure it (security and memory) before doing anything else. You do not need to extend the schema again that is a one time operation. The primary server (p01.server2008r2.lab.local) should therefore now have SQL installed and you should have copied the Configuration Manager 2012 source files from our active directory server AD1 to C:\Temp\CM12RTM before starting step 1 below.

 

Note: Determine Whether to Install a Primary Site - The below is from Technet

 

Use primary sites to manage clients. Consider installing a primary site for any of the following reasons:

  • To manage clients directly.
  • To increase the number of clients to manage. Each primary site can support up to 100,000 clients.
  • To provide a local point of connectivity for administration.
  • To meet organizational management requirements. For example, you might install a primary site at a remote location to manage the transfer of deployment content across a low-bandwidth network.

Use the following information to help you plan for primary sites:

  • A primary site can be a stand-alone primary site or a member of a hierarchy.
  • A primary site only supports a central administration site as a parent site.
  • A primary site only supports secondary sites as child sites and can support one or more secondary child sites.
  • A primary site cannot change its parent site relationship after installation.
  • Primary sites are responsible for processing all client data from their assigned clients.
  • When a primary site is installed, it automatically configures database replication with its designated central administration site.
  • Primary sites use database replication to communicate directly to their central administration site.
  • You can install typically used site system roles when you install a primary site. For a list of site system roles that are supported on primary sites, see Planning Where to Install Sites System Roles in the Hierarchy.

Note: Each primary site management point can support up to 25,000 computer clients. To support 100,000 clients you must have at least four management points. Do not place management points across a slow link from their primary site server or from the site database server. Each primary site can support up to 10 management points. When you have more than four management points in a primary site, you do not increase the supported client count of the primary site beyond 100,000. Instead, any additional management points provide redundancy for communications from clients. For more information about this topic see Site and Site System Role Scalability on Technet.

 

Hardware Requirements

Note: For detailed hardware requirements for site servers both standalone and in a hierarchy please see the following page on Technet. The below information is summarised from Technet and should be used as a reference in planning for your Primary site hardware requirements.

 

Primary site in a hierarchy (Local SQL Install)

  • Up to 50,000 clients
  • SQL Server is installed on the site server computer

The suggested hardware for the above is as follows:-

  • 4 cores (Intel Xeon 5140 or comparable CPU)
  • 16 GB of RAM
  • 300 GB of hard disk space for the operating system, Configuration Manager, SQL Server, and all database files.

Primary site in a hierarchy (Remote SQL Install)

  • Up to 100,000 clients
  • SQL Server is remote from the site server computer

Site Server:

  • 4 cores (Intel Xeon 5140 or comparable CPU)
  • 8GB of RAM
  • 200 GB of disk space for the operating system and Configuration Manager.

Remote SQL Server:

  • 8 cores (Intel Xeon E5504 or comparable CPU)
  • 32 GB of RAM
  • 550 GB of hard disk space for the operating system, SQL Server, and all database files.

 

Determine the Distribution Point Infrastructure

At least one distribution point is required at each site in the Configuration Manager hierarchy. By default, a primary site server is configured as a distribution point. However, assign this role to a remote site system and remove it from the site server if possible. This role assignment reduces the resource requirements and improves performance on the site server, and also assists in load balancing. The distribution point site system role is automatically configured on the secondary site server when it is installed. However, the distribution point site system role is not required at secondary sites. Clients connect to distribution points at the parent primary site if one is not available at the secondary site. As you configure your distribution points with assigned boundary groups, consider the physical location and network connection speed between the distribution point and site server .

 

Step 1. Start the System Center 2012 Configuration Manager setup

Note: Perform the following on the Primary server (P01) as SMSadmin

 

It is important to note that the user you use to run the Configuration Manager setup wizard has the correct rights assigned, if you are using the domain user, SMSadmin then you should be ok. We added this user as a Local Administrator of both the CAS and P01 servers in Step 1 of Part 1. If you try to run the setup wizard as a user that doesn't have the correct rights or if you are logged onto this computer as the local administrator and not a domain user, you may see all sorts of warnings in the server readiness check including Active Directory Schema warnings even though you've extended the schema. Therefore please take note of the following requirements for the user prior to running setup and login as that domain user (server2008r2\SMSadmin).

 

Verify the user that runs Setup has the following security rights:

  • Local Administrator rights on the central administration site server.
  • Local Administrator rights on the remote site database server for the central administration site, if it is remote.
  • Sysadmin rights on the site database of the central administration site.
  • Local Administrator rights on the primary site computer.
  • Local Administrator rights on the remote site database server for the primary site, if it is remote.
  • User name associated with the Infrastructure Administrator or Full Administrator security role on the central administration site.

Note: The hotfix described in KB2552033 must be installed on site servers that run Windows Server 2008 R2 when client push installation is enabled. As we will configure client push on this primary, you must install that hotfix.

 

Browse to C:\Temp\CM12RTM on your Primary server, and double click on splash.hta

 

splash hta.png

 

the System Center 2012 Configuration Manager Setup screen appears.

 

setup screen.png

 

click on Assess Server Readiness, if you did everything outlined above then the only warning (in yellow, errors are in red) you'll see is about WSUS SDK on site server, and that is ok to ignore as we'll be installing it later on in this series.

 

wsus sdk on site server.png

 

click Ok and then click on Install to start the setup wizard, answer yes to any UAC prompts..

 

install.png

 

review the wizard Before you Begin page...and click next

 

before you begin.png

 

The option we need will already be selected (Install a Configuration Manager primary site), do NOT place a checkmark in the box below as this will install a standalone site instead of allowing us to join our Primary to our Central Administration Site server. If you want to install a standalone primary then read this guide instead.

 

install a configuration manager primary site.png

 

enter your Product Key or choose the evaluation option, yes you can upgrade from evaluation to full version (read this post from Ronni).

 

product key.png

 

Accept the Microsoft Software License Terms

 

eula.png

 

followed by the Prerequisite Licenses

 

prereq licenses.png

 

The Prerequite Downloads screen offers you the choice to use previously downloaded files, as we already downloaded them when installing our CAS I copied these files to C:\Temp\downloads

 

prereq downloads.png

 

click next and they'll be verified..

 

verified.png

 

and you get to see the Server Language Selection

 

Server Language Selection.png

 

closely followed by the Client Language Selection, choose the language that you want displayed on the display language of the client computer (eg: if your client computers are in Swedish, choose Swedish). You can always modify these options later by running Setup again and choosing Site Maintenance.

 

client language selection.png

 

for Site and Installation Settings fill in your desired Site Code (P01) and name, and install it to D:\, make sure you are happy with the choices as you can't change them later...

 

site and installation settings.png

 

now you get to join it to our CAS in the Primary Site Installation screen, type in the FQDN of your CAS server (if you want it to be a standalone you could choose that option now...)

 

primary site installation.png

 

next we have the Database Information, it should auto populate

 

database information.png

 

followed by the SMS Provider settings, you can have multiple SMS Providers depending on your needs but we will just be using one in this LAB

 

SMS Provider settings.png

 

next we get to configure Client Computer Communication Settings (HTTP or HTTPS). Select Configure the communication method on each site system role.

 

Client Computer Communication Settings.png

 

and the Site System Roles screen appears, note that the site server Computer Account must be a member of the Local Administrators Group in order to install these roles.

 

Site System Roles.png

 

and next you get the Customer Experience Improvement Program Configuration options

 

CEIP.png

 

review the Settings Summary

 

settings summary.png

 

before seeing our Prerequisite Check being performed again, click Begin Install to start installing our Primary Server

 

Prerequisite Check.png

 

and off it goes !

 

install beginning.png

 

Tip: click on View Log to see the C:\ConfigMgrSetup.log file scrolling by in real time. CMTrace should be run once first to associate itself with log files. You can find CMTrace in the ConfigMgr media which you copied to C:\Temp\CM12RTM\SMSSetup\Tools\

 

view log.png

 

Core setup will be done in approx 37 minutes on reasonable hardware (read: a nice laptop) but you want to wait until all the components listed are green before patting yourself on the back for a job well done and that takes considerably longer. Note that the time doesn't progress after core setup, you can review the log for details of what was actually done.

 

install done.png

 

After that you can close the wizard and start the Configuration Manager console on your newly installed primary.

 

primary done.png

 

navigate to Monitoring and Site Heirarchy in the console,

 

 

site heirarchy.png

 

Tip: you can move your mouse cursor on the link between CAS and P01, or point it directly to either of the site servers to see how replication is going. You can also review the SMS_REPLICATION_CONFIGURATION_MONITOR component status or review the rcmctrl.log to get more details of how replication is progressing.

 

site to site replication.png

 

congratulations, you now have a System Center 2012 Configuration Manager 2012 hierarchy !.

 

Note: Setup automatically configures the-sender address to use the computer account for the primary site server. This account must have Read, Write, Execute, and Delete NTFS file system permissions on the SMS\Inboxes\Despoolr.box\Receive folder on the central administration site server. Also, your security policy must allow the account Access this computer from the network rights on the central administration site. After Setup completes, you can change the account to a Windows user account if required. For example, you must change the account to a Windows user account if your central administration site is in a different forest. For more information about communication requirements across forests, see Planning for Communications Across Forests in Configuration Manager.

 

 

server manager CAS.png

 

 

In the next part we will configure Discovery methods and Boundaries.

Share this post


Link to post
Share on other sites


What would be the benefit of using a local SQL server on the Primary server as opposed to a remote SQL server that hosts both the CAS DB and the new Primary DB? in my lab I have a remote SQL server, I found once I figured out the issue of named instances, one, needing to have the SQL CUP patches themselves, two, to set a static port for the named instance and three changing the port number of the SSB (which probably should have been obvious), my Primary server installed with no problems and the link for DB replication came up active within an hour. Hopefully there will be a tutorial or side bar on setting up SCCM 2012 with a remote SQL server as I spent days knocking my head around trying to figure those three points out.

 

On a side note, will there be an article/tutorial on adding a primary site in a child domain to a CAS? This is my latest headache. I keep getting the error on the step where you list the CAS server as "Setup could not get site code from specified central administration site." Once I click ok, the setup just statys there and the ConfigMgrSetupWizard log has a bunch of the below in it. Hopefully someone can shed some light on this error.

 

5/8/2012 1:07:50 PM: ConfigMgrSetupWizard Error: 1 : Exception message: [Requested registry access is not allowed.], Exception details: [system.Security.SecurityException: Requested registry access is not allowed.

at Microsoft.Win32.RegistryKey.OpenSubKey(String name, Boolean writable)

at Microsoft.SystemCenter.ConfigMgr.Setup.RegistryConfigBase.get_Key()

The Zone of the assembly that failed was:

MyComputer].

Share this post


Link to post
Share on other sites

Based on the message it looks like you are getting rejected access to the CAS server registery. I would make sure that the account you are using is in both the CAS and Primary Server's local administrators group. If that looks right, I would verify that you have the correct firewall ports open between the servers.

Share this post


Link to post
Share on other sites

Hello Gentlemen,

 

I have a question about SCCM 2012 sites,

 

Can I install SCCM 2012 Central Administration Site and Primary Site on the same Server?

If not, can I install the Primary Site only without Central Administration Site?

 

Many Thanks

Share this post


Link to post
Share on other sites

i wouldn't install them on the same server, not sure if it's even supported. as regards can you install a primary site without a CAS, of course, but then it will be a standalone primary site with a maximum support of up to 100,000 clients.

Share this post


Link to post
Share on other sites

If I install the SQL instances on a single remote server, the replication runs also over the Sites?

Share this post


Link to post
Share on other sites

as long as you have configured everything correctly i don't see why not.

Share this post


Link to post
Share on other sites

Hello anyweb,

 

thanks for your complete HOWTOs !

I tried this one for an SCCM 2012 installation, but I get some strange errors at the end of the Primary Site installation : the console starts in read-only mode. After a few research, I found out that the issue comes from a replication between the CAS and the PS.

In Site Hierarchy, under Monitoring, the PS does not see the parent CAS. The CAS sees both sites, but the link state is unknown.

In Database Replication, the PS displays a replication link with the CAS but link state unknown. On the CAS, there is no replication link at all...

 

On the PS, i checked the log files and I can see this in the rcmctl.log:

post-18027-0-76420900-1351610960_thumb.png

On the CAS, I can see some errors:

post-18027-0-12104400-1351610951_thumb.png

 

The SCCM databases are created correctly on the SQL Server.

 

Architecture:

1 SQL Server 2012 with CU6 on Windows Server 2012, with 2 named instances (ports 10000 and 10002, SSB on 10001 and 10003)

1 SCCM 2012 CAS on Windows Server 2008 R2

1 SCCM 2012 PS on Windows Server 2008 R2

All firewalls down.

 

Would you have any idea?

I already reinstalled all this stuff but things are not solved.

 

Thanks a lot for your time !

Share this post


Link to post
Share on other sites
1 SQL Server 2012 with CU6 on Windows Server 2012

 

that is not a supported configuration at this time, you'd have to wait until Service Pack 1 is released (early 2013) for that to be supported

Share this post


Link to post
Share on other sites

Hi,

I am new to this topic - but I want to ask some questions - hope they aren't too foolish.

We have a HQ and 4 offices linked together through 10 Mbps VPN-links. Each office has its own IP range.

1) If I install a primary site on the HQ and want to manage all the five locations - is it possible?

2) If I want a local-cache on the offices (4) do I have to install in each location a System Center server and mark it as a secondary server? (I though about some local storage and just to point for the IP range 1.1.1.x to the \\1.1.1.1\Cache server).

Thanks!

Share this post


Link to post
Share on other sites

Hi,

I am new to this topic - but I want to ask some questions - hope they aren't too foolish.

We have a HQ and 4 offices linked together through 10 Mbps VPN-links. Each office has its own IP range.

1) If I install a primary site on the HQ and want to manage all the five locations - is it possible?

2) If I want a local-cache on the offices (4) do I have to install in each location a System Center server and mark it as a secondary server? (I though about some local storage and just to point for the IP range 1.1.1.x to the \\1.1.1.1\Cache server).

Thanks!

 

1. yes it's posible

2. you can place distribution points at the 4 locoal offices, no probnlem at all, or you can have have 4 secondary servers, it's up to you what you think you need.

Share this post


Link to post
Share on other sites

1. yes it's posible

2. you can place distribution points at the 4 locoal offices, no probnlem at all, or you can have have 4 secondary servers, it's up to you what you think you need.

I am quite sure I won't need secondary servers - we are talking about 15-20 clients in each of the 4 sites. The question is - if you have some resources somewhere - how do I make ordinary servers distribution points?

 

L.E.: Found it! :)http://www.niallbrady.com/2012/06/14/how-can-i-add-a-pxe-enabled-distribution-point-on-server-2008-x86-for-system-center-2012-configuration-manager/

Thanks a lot!

Share this post


Link to post
Share on other sites

that example on my blog does show you how to create distribution points however it is specifically aimed at doing so on a X86 server, if you are using an X64 server then you will gain additional functionality

Share this post


Link to post
Share on other sites

that example on my blog does show you how to create distribution points however it is specifically aimed at doing so on a X86 server, if you are using an X64 server then you will gain additional functionality

I will use x64 for sure.

Also, I will try and setup in a test environment - I will see it will come out! :)

Anyway - nice job that you are doing! Keep up!

Share this post


Link to post
Share on other sites

Hi anyweb

 

I am a SQL Server Admin.

We have a Shared SQL Server instance (other application use this SQL instance)

SQL Server 2008 R2

SCCM 2012 (Managed by another team)

 

  • Is this true?
    1. "The site server computer account must be a member of the Administrators group on the computer running SQL Server." This was an extract from SCCM 2007 (http://technet.microsoft.com/en-us/library/bb694127.aspx)
  • I am reluctant to provide Local Admin rights to the Server hosting only SQL Server instance?
  • What level of SQL Server access doe the SCCM account need on the SQL Server instance?

 

Jagadesh.

Share this post


Link to post
Share on other sites

anyweb,

Great job! Your guides really took the mystery out of SCCM 2012. Even a noob like me could make it work. We successfully set up a Primary site in our location and we're humming along. Thanks again. I do have a question regarding setting up a CAS/Primary. site in a virtual lab. I have followed your guide until I got to this point:

post-1-0-67759500-1336249667.png

After hitting next I get an error: "Attemted to perform an unauthorized operation. I am logged in as SMS Admin that has local rights to CAS and P01. I have opened firewall ports on all machines. I have verified that all servers are joined to my domain and they have active DNS records. I have added SMSAdmin as a sysadmin on SQL Server.

 

Insterestingly, If I login as the local admin I get the following error.

"The user running setup must have an RBA security role of Infrastructure Administrator or Full Administstrator on the target central administrator site. Please verify the user hase the correct role.

I have added the RBA roles in question for local administrator in the ConfMgr console

Is there something I am missing? Have I given enough information? Please let me know if there's an easy fix for this.

 

Share this post


Link to post
Share on other sites

anyweb,

Great job! Your guides really took the mystery out of SCCM 2012. Even a noob like me could make it work.

 

thanks :)

 

are you trying to join a primary site to a CAS ?

Share this post


Link to post
Share on other sites

Yes I am. Just to test that my configuration is working OK I went ahead and created it as a stand-alone primary. Of course the installation went through without a hitch. I think I have a rights issue. The primary console doesn't run under SMSAdmin only under local admin. Thanks for the fast reply.

Share this post


Link to post
Share on other sites

Hi Anyweb,

 

Could you please tell me, why I cannot install SCCM 2012 SP1 the both follow options?

 

"Install a Configuration Manager central administration site" and after that I could install
"Install a Configuration Manager primary site"

 

I know I could install these above option by SCCM 2012. But SCCM 2012 SP1 you can install on of these option.

Is that correct?

 

Best regards

 

Share this post


Link to post
Share on other sites

you should be able to install both provided that you havnt installed one (a CAS) before, can you show me what you are seeing (screenshot)

Share this post


Link to post
Share on other sites

Hi,

 

My machine is new and I do not have installed any SCCM 2012 before.

 

I install first

 

"Install a Configuration Manager central administration site" and after that I did want to install the second option "Install a Configuration Manager primary site"

but it is gray out and I can choose only recover the side or uninstall the side. Is the problem because I have only one sccm server and I should to install an standalone primary server?

post-17658-0-78380400-1365663064_thumb.png

Share this post


Link to post
Share on other sites

if you installed a CAS on this server and if you want to install a primary site then you must do that on ANOTHER server by running setup on that other server

 

if you have only one server then you should probably not be installing a CAS but install a standalone primary instead, are you setting up a lab or production ?

 

cheers

Share this post


Link to post
Share on other sites

Hi anyweb,

 

Yes you are right, I know that too. I only have one server and I want to install standalone primary side. I am setting up a production.

I did follow your parts (index)

http://www.windows-noob.com/forums/index.php?/topic/4045-system-center-2012-configuration-manager-guides/

If I go to above link and Standalone Primary Server and click on CM12 in a lab - Part 1. Installation., I see follow information:

 

Update: This post has been superseded since the release of the RTM version of Configuration Manager 2012. To see the new post please click here.

 

If I click on here, I see the same parts like CAS. Is the link correct?

 

How many clients can I configure with standalone primary side? What is the differnet between Lab and Production?

 

Let me please know which documentation should I follow to installing standalone primary side

 

Best regards

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×