How to Install Manage and Configure System Center 2007 to Update Clients

1

Contents
Chapter 1: Preparation ................................................................................................................................. 4 Install Active Directory .............................................................................................................................. 4 Adding the DNS Role ............................................................................................................................. 4 Adding Active Directory to Server 2008................................................................................................ 5 Using dcpromo ...................................................................................................................................... 5 Initial Configuration ...................................................................................................................................... 7 Installing Web Services ............................................................................................................................. 7 Installing IIS ........................................................................................................................................... 7 Adding Features to Server 2008............................................................................................................ 8 Install WebDAV ..................................................................................................................................... 8 SQL Server 2005 ...................................................................................................................................... 10 Installing SQL Server 2005................................................................................................................... 10 Updating SQL Server to Service Pack 2 ............................................................................................... 13 Windows Update .................................................................................................................................... 16 Update Windows Server 2008 ............................................................................................................ 16 Other Components Installation .............................................................................................................. 17 WSUS ................................................................................................................................................... 17 Install Schema Extensions ................................................................................................................... 18 Chapter 2:.................................................................................................................................................... 19 System Center Configuration Manager .................................................................................................. 19 Core Installation .................................................................................................................................. 19 SCCM Service Pack 2 ........................................................................................................................... 24 Chapter 3:.................................................................................................................................................... 26 SCCM Initial Configuration .......................................................................................................................... 26 Creating a user for SCCM .................................................................................................................... 26 Add member to domain admin group ................................................................................................ 27 Add client computer to domain admin group .................................................................................... 28 Setting up user to logon as service ..................................................................................................... 29 Chapter 4:.................................................................................................................................................... 32 Setup of SCCM ............................................................................................................................................ 32

2

Client, Server and User detection ....................................................................................................... 32 Client push Setup ................................................................................................................................ 36 Client Agents ........................................................................................................................................... 39 Opening Configuration Manager ....................................................................................................... 39 Computer Client agent setup .............................................................................................................. 39 Create a site boundary ........................................................................................................................ 40 Configure Client Agents ...................................................................................................................... 41 Update Client Configuration ................................................................................................................... 42 Software Update Client Agent ............................................................................................................ 42 Hardware Inventory Client Agent ....................................................................................................... 43 Software Inventory Client Agent......................................................................................................... 43 Client agent push ................................................................................................................................ 44 Install Client Agent Software .................................................................................................................. 45 From server ......................................................................................................................................... 45 From Client .......................................................................................................................................... 46 Adding Roles to SCCM ............................................................................................................................. 47 Adding WSUS Role .............................................................................................................................. 47 Importing Updates .................................................................................................................................. 51 Deployment Template ................................................................................................................................ 54 For Server ................................................................................................................................................ 54 For Clients ............................................................................................................................................... 57 Deployment Folder Setup ........................................................................................................................... 59 Deploying updates ...................................................................................................................................... 61 Index............................................................................................................................................................ 66

3

Chapter 1: Preparation
Install Active Directory

Figure 1.1 Server Manager Adding the DNS Role 1. Click Add Roles 2. In the Roles summary window as shown in figure 1.1 Click next on the “Before you begin” Page 3. 4. 5. 6. 7. Click to continue Then click Next Click next on the next screen Click Install to begin installation Once the installation is finished click close

4

Adding Active Directory to Server 2008 1. Click Add Roles 2. in the Roles summary window as shown in figure 1.1 Click next on the “Before you begin” Page 3. 4. 5. 6. 7. Click to continue Then click Next Click next on the next screen Click Install to begin installation Once the installation is finished click close

Using dcpromo 1. To complete Active Directory Installation Click Start

2. Type “dcpromo” in the search box press enter 3. Click Next on the domain services installation wizard. 4. Click next on the following screen

5. Choose 6. Type the FQDN of your new Domain

to continue

7. Click Next. 8. Choose the windows server 2008 forest functional level

9. Click Next.

5

10. Click next on the additional domain controller option screen to install DNS

11. If this screen yes. You will need to have static IP addresses for this to work.

shows up choose

12. 13. 14. 15. 16. 17.

Choose Yes to continue Click next on the location of sysvol, database and log files window. Create a password for restore mode then click next Click next at the summary window Click Finish Restart your machine to finish installation

6

Initial Configuration
Installing Web Services
Installing IIS 1. Click Add Roles 2. In the Roles summary window. 3. Click Web server (IIS) You will need to click add required features to continue. You will get this pop up.

4. Click Next 5. Click next on the introduction to IIS 6. You will be presented with a screen to choose the options

I choose to install most options to insure I have all prerequisites. 7. Click next 8. Click Install to begin installation. 9. Hit Close to complete installation

7

Adding Features to Server 2008 1. Click Features on the left pane in the server manager

Error! Bookmark not defined. window

2. Click

to add the BITS Server Extensions feature

3. Click to add remote differential Compression 4. Click next, Then Install to complete installation of the features 5. Click Close after the features are installed

Install WebDAV 1. You will need to download WebDAV From Microsoft to continue to the next step 2. Run Install file 3. Choose to accept the license agreement then click the install button

4. When installation is complete click the finish button 5. Now we have to configure webdav 6. The following configuration was found at 7. http://technet.microsoft.com/en-us/library/cc431377.aspx

 Enable WebDAV and create an Authoring Rule, as follows: 1. Navigate to Start / All Programs / Administrative Tools / Internet Information Services (IIS 2. Error! Bookmark not defined.) Manager to start Internet Information Services 7 Application Server Manager. In Server Manager, select the Features Error! Bookmark not defined. node, and click Add Features to start the Add Features Wizard. In

8

3. 4. 5. 6. 7. 8.

the Connections pane, expand the Sites node in the navigation tree, and then click Default Web Site if you are using the default Web site for the site system or SMSWEB if you are using a custom Web site for the site system. In the Features View, double-click WebDAV Authoring Rules. When the WebDAV Authoring Rules page is displayed, in the Actions pane, click Enable WebDAV. After WebDAV has been enabled, in the Actions pane, click Add Authoring Rule. In the Add Authoring Rule dialog box, under Allow access to, click All content. Under Allow access to this content to, click All users. Under Permissions, click Read, and then click OK.

 Change the property behavior as follows: 1. In the WebDAV Authoring Rules page, in the Actions pane, click WebDAV Settings. 2. In the WebDAV Settings page, under Property Behavior, set Allow anonymous property queries to True. 3. Set Allow Custom Properties to False. 4. Set Allow property queries with infinite depth to True. 5. If this is a BITS-enabled distribution point 6. under WebDAV Behavior, set Allow hidden files to be listed to True. In the Action pane, click Apply.

9

SQL Server 2005

Installing SQL Server 2005 1. Insert your SQL Server 2005 x64 DVD

2. Run Splash.hta

from the AutoPlay window

3. Click this link 4. Accept terms and conditions then click next

.

5. Click 6. Some prerequisite files will be installed

to continue.

7. Click next to continue 8. At the Welcome to SQL server setup window click next

10

9. Your system will be checked for the following prerequisites. If all is successful you can click next to continue.

10. At the registration information screen, enter the proper information then click continue 11. At the components to install screen choose all enabled components and click next

12. For the instance name we are choosing to use the default instance. Since we are only running 1 server you do not need to name this instance. Choose next

11

13. Choose to use the built-in System account (local system) and click next

14. Keep the option “windows authentication mode” bubbled. It is more secure to use windows authentication then to use both. And easier to administer.

15. Choose next at the collation settings and change nothing. 16. Keep the default configuration for the installation of report server.

17. Keep all options unchecked on the Error and Usage report window as we are not connected to the internet it would be useless to check it.

12

18. Click install on the Ready to install window. 19. Almost at the end of the install you will be see this window. Click run program to continue

20. Once the installation is finished click next 21. Click finish to complete the installation. Updating SQL Server to Service Pack 2 1. You must first download the service pack from Microsoft. 2. Run the installation file 3. Click next at the welcome screen. 4. Accept the license agreement and click next 5. Keep everything selected to update and click next. 6. Keep windows authentication since we used it in the previous install click next

7. Once again do not check anything on the error and usage reporting screen. Click next.

13

8. This next screen searches for running process that can’t be update due to the services currently running. It warns if we update now we will have to restart for the update to be complete. Its ok we will restart. Click next

9. Click next to install. 10. At some point during your installation you will be prompted again with the program compatibility window. Click run program

11. You will be prompted with this screen. Its ok just reboot after. Click ok.

12. Click next at the next screen. 13. Keep the provisioning tool checkbox checked. we will need that later. Click finish

14

14. Once the window for the provisioning tool pops up you will need the click >> to move all users over the privileged users. As shown in figure 12.1 Click ok to finish

Figure 12.1 All users moved to granted privileges. 15. Your installation of SP2 is complete.

15

Windows Update
Update Windows Server 2008 1. At this point download all the updates and install them Via windows update

2. Click install updates 3. Once they are installed reboot.

16

Other Components Installation
WSUS 1. Download WSUS from Microsoft. 2. Run installation program. 3. Click next once you see this window

4. Make sure Full server installation is selected. click next

5. Accept license agreement click next 6. Choose to store everything locally

7. If this error appears its ok just continue as long as you know that you will have enough space.

8. Choose the same folder as above for the database of updates.

17

9. Use the default settings for the web site preference

10. Click next at the ready to install screen to begin installation. 11. Click finish to complete

When you see the above screen, press cancel. SCCM will do the configuring. Install Schema Extensions 1. Insert SCCM CD 2. Click start and type CMD in the search box and hit enter to open up the command prompt. 3. Change drives to the drive with your sccm cd mine is f: but yours might be d: 4. Type cd \smssetup\bin\i386 then hit enter 5. Type extadsch.exe then hit enter

6. No output is good.

18

Chapter 2:
System Center Configuration Manager
Core Installation 1. You should have the cd already in from installing schema extensions. 2. Run the splash file from the popup window. If it doesn’t show up take the cd out and put it back in. 3. Run the Prerequisite checker to make sure you have everything installed.

19

4. Use your computer name as your SQL instance. Click ok to continue.

5. All required prerequisites should be installed. Click ok to continue

6. Now that the prerequisite checker is done you may now run the installation

20

7. Click install link right here 8. Click next at welcome screen 9. Keep the default bubble bubbled and click next.

10. Accept the terms and conditions and click next 11. Choose Simple settings unless you are advanced and knowledgeable about SCCM.

12. Choose not to participate just for fun.

21

13. Enter the product key into the next screen and click continue.

14. Here you will need to enter a site code. A site code is a 3 code that makes the site unique and somehow helps you remember where it is. The same name is kinda like a description for it.

15. Choose the top option to download updates from the internet

16. Choose a directory to download the updates too. If you do not have a folder to download to you must create one.

22

. 17. You can see here what components will be installed and you can click next to continue.

18. If all prerequisites are met you can continue

19. Installation should be complete and you can click next to continue.

20. Click finish at the next screen.

23

SCCM Service Pack 2 1. Whether it be from a cd or a zip file. You will need to run the splash file

2. On the welcome screen choose next

3. Choose the upgrade bubble(default) to continue installation. click next

4. On the next screen choose to accept license agreement 5. If you want to participate choose that option and continue otherwise leave the default and continue by pressing next 6. Choose to check for updates from an alternate path and click continue unlessyou already have the updates downloaded.

7. This screen shows you the type of setup. No settings here. Click continue

24

8. Once the prerequisite checker is complete continue the installation. Warnings are ok but take caution if it seems important. Click “begin installation”

9. All components should be installed and you should get this screen. Press next.

10. Click finish on the final screen to complete the installation.

25

Chapter 3:
SCCM Initial Configuration
Creating a user for SCCM 1. Open Active Directory Users and Computers

2. Enter information the corresponds to the user you want for SCCM

3. In notepad create a random jumbled password you will use for the user. Save it to your desktop. Don’t worry if a hacker gets into your server he already has broken in.

26

4. Set the options of user cannot change password and pwd never expires to enabled.

5. Click next then finish

Add member to domain admin group

1. Open AD Users and computers

27

2. Once this box shows up type domain admins in the window and click ok.

3. This should show up afterwards.

Add client computer to domain admin group 1. Open Active Directory users and computers from the Administrative tools in the start menu 2. Click computers in the tree in the left pane 3. Right-Click the client computer and click “Add to group” 4. In the object names box, Type “domain admins” click ok

5. 6. 7. 8.

Click Domain Controllers in the tree in the left pane Right-Click the Domain Controller and click “Add to group” In the object names box, Type “domain admins” click ok Close Active Directory users and computers.

28

Setting up user to logon as service 1. Open up Global Policy Management.

29

2. Right click Default domain policy in the group policy objects and click edit.

3. Under computer configuration click expand a. Expand Security settings i. Expand local policies

4. Double click Log as a service 5. Check the box that says Define these policy settings

30

6. Click the add user or group button

7. Type in the user that you created.

8. Click ok to continue 9. Click ok again to return to the global policy window.

You are now ready to setup SCCM!!!

31

Chapter 4:
Setup of SCCM
Client, Server and User detection 1. Click start 2. Click All Programs 3. Click Microsoft System Center 4. Click ConfigMgr Console

5. 6. 7. 8. 9.

Once the console shows up expand Site Database Expand Site management Expand your site code mine is SEA – Mat.sccm Expand site settings Click discovery methods

32

10. Double Click Active Directory System Discovery

11. Click the nice yellow sun 12. When you see this window click ok with the default settings.

33

13. Click ok once you have your domain selected.

14. You should now see your domain in the distinguished name field.

15. Click the polling schedule tab at the top of the screen

34

16. Since this is a new installation you want to run the discovery mode as soon as possible so

check this box click ok when finished. 17. Now open Active Directory security group discovery 18. Click the sun again and add your domain the same way you did in step 12-15

19. Click the polling schedule and check the run discovery as soon as possible then click ok.

20. Now double click Active Directory user discovery 21. Add you domain by clicking the sun as you did in the 2 previous tasks

35

22. Click polling schedule and check the same checkbox you did in previous steps

Client push Setup 1. Click start 2. Click All Programs 3. Click Microsoft System Center 4. Click ConfigMgr Console

5. Once the console shows up expand Site Database 6. Expand Site management 7. Expand your site code mine is SEA – Mat.sccm

36

8. Expand site settings 9. Click Client installation methods

10. Double click client push installation as seen below

11. In the client push installation properties window make sure all check boxes are selected

12. Click the Accounts tab

37

13. Click the

to add the account you created in previous steps

14. Click ok to add the user to the accounts window list 15. Click ok to close the client push installation window.

38

Client Agents
a. b. c. d. Opening Configuration Manager Click start Click All Programs Click Microsoft System Center Click ConfigMgr Console

Computer Client agent setup 1. Open Configuration Manager as shown in steps A thru D above 2. Expand Site Database, site management,(your site code),site settings. Then click client agents.

3. Double click computer client agent

39

4. In the network access account from click the set button

5. In the windows user account windows enter the domain name\username of the user you created for sccm.

6. Also enter the password you made for the account in both the password and confirm password box. Click ok 7. Click ok to close the client agent properties window. Create a site boundary 1. Open Configuration Manager as shown in steps A-D 2. Expand Site Database, site management,(your site code),site settings. Then right-click Boundaries.

3. Click New Boundary

40

4. For description you should put something in to remind you what site your making settings for. a. For network: put the network ID of your network b. Subnet Mask: Put in your subnet mask c. The subnet ID should show up automatically but if it doesn’t enter that as well.

Configure Client Agents 1. Open Configuration Manager as shown in steps A thru D above 2. Expand Site Database, site management,(your site code),site settings. Then click client agents. 3. In the middle pane dbl-click “Remote Tools Client Agent”

4. Click the Security Tab 5. Click the nice yellow sun

41

6. Enter the name of the administrator that will be administering remote desktop.

7. Click ok to accept permitted viewer 8. Click ok to close the remote tools window.

Update Client Configuration
Software Update Client Agent 1. Open Configuration Manager as shown in steps A thru D above 2. Expand Site Database, site management,(your site code),site settings. Then click client agents. In the middle pane dbl-click “Software update Clients”

3. Make sure the the “enforce all mandatory deployments” checkbox is checked and adjust the schedule to what you want.

42

Hardware Inventory Client Agent 1. Open Configuration Manager as shown in steps A thru D above 2. Expand Site Database, site management,(your site code),site settings. Then click client agents. In the middle pane dbl-click “Hardware inventory Client Agent”

3. Make sure the the “Enable hardware inventory on clients” checkbox is checked and adjust the schedule to what you want. Originially you might want to set it up for a quicker schedule. Once you get inventory you want to change it back to something more feasible. Software Inventory Client Agent 1. Open Configuration Manager as shown in steps A thru D above 2. Expand Site Database, site management,(your site code),site settings. Then click client agents. In the middle pane dbl-click “Software inventory Client agent”

43

3. Make sure the the “Enable software inventory on clients” checkbox is checked and adjust the schedule to what you want. Originally you might want to set it up for a quicker schedule. Once you get inventory you want to change it back to something more feasible. Client agent push 14. Open Configuration Manager as shown in steps A thru D above 15. Expand Site Database, site management,(your site code),site settings. Then click client Installation methods. In the middle pane dbl-click “Client Push Installation”

44

Install Client Agent Software
From server 1. Open Configuration Manager console 2. Expand Site Database, Computer Management and Collections. 3. If you want to install the client for all machines right click on all systems 4. Click Install Client 5. If you want to install for a specific machine only. Find that machine 6. Right click on the machine and click install client as seen in figure

7. When this window shows up check everything and click next

45

From Client 1. On your client machine 2. Open a command prompt using the search command by typing “cmd” 3. Map a network drive A. type “net use * \\<yourservername>\sms_<yoursitecodehere>” B. most likely the drive that is set to z: C. change drive by typing “z:” D. type “cd client” to change directory E. type ccmsetup /forcereboot F. that will install the client agent on your client

46

Adding Roles to SCCM
Adding WSUS Role 1. Open Configuration Manager Console 2. Expand Site Database,Site Management, <your site code>, site settings,site systems as shown below 3. Right click your server name and click new roles

4. 5. 6. 7.

Make sure that the first checkbox is checked that states “specify a fully qualified domain name” Enter your FQDN the the “intranet FQDN” box. Make sure the “use the site servers computer account to install the site system. Click next

47

8. Click Software update point

9. Click next on the next screen. You do not need proxy settings

10. Click the checkbox to use this server as the active software update point 11. Make sure to specify the right ports. Or use defaults

12. For normal situations you would sync from Microsoft update

48

13. But in this case you do not want to synchronize as we will be importing the updates

14. You do not need to synchronize as we are importing the updates

15. You do not need to check anything because you are not synchronizing

49

Again you do not need to moify this because you are not synchronizing.

16. Choose the languages that you are updating and click next

17. Click next at this screen to complete configuration

50

18, Click close to complete the role

Importing Updates
1. Open a command prompt on the server by typing “cmd” in the search box 2. Navigate to the directory that has your updates

51

3. Type “wsusutil import export.cab import.log” WARNING! Doing this step will render your server useless for about 4 hours. Do not do anything with your server till it’s complete.

The update database has now been imported. 1. Open System Center Configuration Manager 2. Expand Computer Management 3. Expand Software updates

52

4. Right-Click Update Repository 5. Click “Run Synchronization”

Note: You only need to run the synchronization 1 time

53

Chapter 5:
Deployment Deployment Template
For Server
1. 2. 3. 4. Open System Center Configuration Manager Expand Computer Management Expand Software Updates Right-Click deployment templates

5. Click new deployment template 6. Type in the name of the template you would like to make in the name box 7. Type in the description of the template.

54

8. Click Next 9. In the Collection box type in the name of the collection or click browse

10. In the browse box Select the type of collection you want for the template.

11. Once the collection is selected click next.

12. For servers: choose to suppress notifications on clients

55

13. Since this is a server template: Choose to suppress on the server. if it’s a workstation you can choose not to suppress.. Up to you.

14. Choose next to continue. 15. Because this is a server you should disable alerts while software updates run. 16. Click Next

17. With a slow connection we still need to install updates to a server so we will install anyway. 18. Click Next

19. Since we do not have sms 2003 clients can leave this blank. 20. Click Next, Click next at the next screen to complete the wizard

56

For Clients
1. 2. 3. 4. Open System Center Configuration Manager Expand Computer Management Expand Software Updates Right-Click deployment templates

5. Click new deployment template 6. Type in the name of the template you would like to make in the name box 7. Type in the description of the template.

8. Click Next In the Collection box type in the name of the collection or click browse

9. Click Next 10. On a client system we will allow the notifications.

57

11. Click next

12. We do not need to suppress system restarts on a client because its not mission critical to keep a client up.

13. We will continue to disable Mom notifications because we do not have mom installed

14. On a client you don’t need to install updates over a slow connection. you can wait till a fast connection becomes available.

15. we do not have any sms 2003 we can leave the checkbox blank and continue by pressing next

58

16. At the deployment template summary click next. 17. Click close to complete wizard

Deployment Folder Setup
1. 2. 3. 4. Click Start In the search box type “C:\” right-click on a blank part of the new window Click “New”

5. Click “Folder” 6. Type “updates” as the name of the folder. 7. Right click the new folder and click properties

59

8. Click the Advanced Sharing button

9. 10. 11. 12. 13. 14. 15.

Check the “Share this folder” checkbox For the share name Type in “Updates”. Click the permissions button Click the Add.. Button Type in “domain admins” and click ok. Assign Domain Admins full Access Assign Everyone Read Access

60

16. Click ok twice then click close 17. Create 2 new folders that correspond with the 2 templates you created previously

Deploying updates
1. 2. 3. 4. 5. 6. Open System Center Configuration Manager. Expand Computer Management Expand Software Updates Expand Updates Expand All Updates Find the update that you would like to deploy. All updates are organized based on what the updates are for. I chose patch #954366. 7. Drag all updates that you would like to deploy at once to the deployment template of your choice. You can choose multiple random listed updates by holding CTRL and click on each update.

You will see a deployment wizard pop up 8. You can keep the default naming for updates or you can edit and enter your own name. Possible including something regarding what the template is.

61

9. Click “Create a new deployment package” radio button

For the name: Choose a name for the deployment. For Package source: use you server that you in now. 10. Click next. 11. In the distribution points of the wizard box click boxes 12. Check the checkbox of your site code and click ok

13. You should see the distribution point now listed in the window 14. Click next

62

15. In the download location screen choose to get the updates from the internet.

16. Choose your languages and click next

63

17. The next screen is where you setup the schedule for when it is deployed.

You can put what you want for the schedule. I left it pretty standard. 18. In the NAP Evaluation you should leave it unchecked by default.

64

Click next to approve the summary of whats going to happen.

Yay your deployment was successfully created

65

Index
A
Active Directory, 2, 4, 5, 27, 29, 30, 34, 36 active software update point, 50

M
Microsoft System Center, 33, 37, 40

C
Client Agents, 3, 40, 42, 43, 44 Client Configuration, 3, 43 Client installation methods, 38 client push installation, 38, 39 Client push Setup, 2, 37 CMD, 19 Collection, 46, 56, 59 Computer Management, 46, 54, 56, 59, 63 ConfigMgr Console, 33, 37, 40 Configuration Manager, 2, 3, 20, 40, 41, 42, 43, 44, 45, 46, 48, 54, 56, 59, 63

P
polling schedule, 35, 36, 37 provisioning tool, 14, 15

R
Roles, 3, 4, 5, 6, 48

S
SCCM, 2, 3, 19, 22, 25, 27, 28, 32, 33, 48 server manager, 7 site boundary, 3, 41 site code, 23, 33, 38, 40, 41, 42, 43, 44, 45, 48, 64 Site Database, 33, 37, 40, 41, 42, 43, 44, 45,46 Site management, 33, 37 site settings, 33, 38, 40, 41, 42, 43, 44, 45, 48 Software update point, 49 Software Updates, 54, 56, 59, 63 SQL server SQL Server, 2, 9, , 10, 12 Subnet Mask, 42 synchronize, 50 System Discovery, 34

D
dcpromo, 5 discovery methods, 33 Default domain policy, 31 Directory user discovery, 36 discovery mode, 36 distribution point, 9, 64 DNS, 4 Domain Controllers, 30 domain services, 5

F
Features, 2, 7, 8 FQDN, 5, 48

U
Update Repository, 54 updates, 3, 16, 17, 23, 25, 50, 53, 58, 60, 61, 63, 65

H
Hardware inventory Client Agent, 44

W
windows server 2008 forest functional level, 5 windows update, 16 WSUS, 2, 3, 17, 48 wsusutil, 53

I
IIS, 2, 6, 7, 8

66

Sign up to vote on this title
UsefulNot useful