SCCM I AM

Ad you

Introduction to Microsoft SCCM 2012

SCCM(System Center Configuration Manager) is Microsoft's software product to manage endpoints(Desktops,Laptops,Tablet,MobilePhones etc.) and widely use by companies from mid size to large enterprises.

Introduction to Microsoft Intune

Intune is Microsoft's MDM(Mobile Device Management) product and its a part of EMS(Enterprise Mobility Suite). Intune can be used as standalone or integrated with SCCM to manage mobile devices.

Introduction to Windows Powershell

Windows Powershell is Microsof't scripting environment comes with Microsoft Operating system. It is widely used scripting language to perform different kind of automation in Windows OS instlaled machines.

Introduction to Microsoft SQL Server

SQL Server is Microsoft Database and widely used a database server in Windows OS installed servers.As a SCCM specialiast, one must know about SQL server from querying database to administration.

Introduction to Windows 10

Windows 10 is Microsoft's latest client operating system and more advance than its previous versions like 8.1,8 and 7. Microsoft introduced lots of features in Windows 10.

Sunday, January 18, 2015

Frequently Asked Questions- SCCM FAQ

By No comments
Frequently Asked Questions- SCCM FAQ



What is the purpose of extended AD schema?
What are MP, SLP and DP?
Why we are using BITS?
If client is not reporting data/info then which point is falls under?
If we want to advertisement a package in a single client then how do to that?
How to create collections?
What is feature of SCCM 2k7? – Internet based client, OSD and Wake on LAN.
Where the SMS server and client log file will be store?
What is the direct collection membership?
What is the wake on LAN?
What is the pre-requisites of SCCM 2k7?
What is Wake on LAN and how it’s works?
What is OSD? And what are the options available?
What is diff. between WSUS & ITMU?
If pkg is not reaching the secondary server then what could be a issue?
What is NAP?
What are the issue faced while distribute the package from primary server to secondary server?
Which tool are you using to monitor SMS server?
What kind of major issues face on the client side?
What is the different between pkg refresh and update, where the changes will be happen, how the pkg version will be change?
What is the SMS version are you using, ITMU version?
How MP and DP identified client? Is it possible client can send inventory report to server if AD not extended?
When AD extended in the SMS server there are entry will be added in the AD, what is that?
What are the pre-requisites for SMS 2k3 installation?
If DP doesn’t work then where we need to look and which are the log files will you refer?26) How the clients send the info to MP? If it is WMI then which file send the info to WMI?27) What is the procedure to deploy pkg to client and how it works?
Which log file will indicate if SMS client install successfully?
What is the sender address? Classification of sender, if you use Standard sender then why we are using it?
What are the role will you enable in the Central Site?
Different between Primary and Secondary site?
What is the reason we are enabling reporting point in Central Site?
What is the flow of pkg distribution?
Some of the clients are not getting patch installed? What could be a reason and how to find out those clients and troubleshoot?
What are the logs need to look client and server side?
How to client communicate with server?
Through which port client getting download file from server?
How did you know that the particular patch reached client or not?
How many MP and DP can we enable a single site?
When the default profile will be loading in AD user & computers while install SMS? What are the profile names?
Why are we using SQL2005 enterprise edition? What is the advantage of that and there are major changes/ Configuration need to be done during the SQL 2005 installation, what is that?
Scenario: we have a one Forest and two Domain’s, how the SMS communicate with them if so, how to configure in boundaries?
There are 4 methods to view the logs and to do troubleshoot also.
What are the discovery methods available?
What is the default schedule time for AD system discovery method?
Which .exe file will use for SMS client installation?
After SMS client installation, there is a one exe will be running continuously, what is that?
If the client machine not in the domain then how the SMS server communicate and install SMS client?
Scenario: Total hosts: 20001500 clients assigned status is ‘Yes’ and 500 client status is ‘No’ even all the client got installed SMS client. What are the troubleshoot steps to be followed for resolving the issue?
How to know that the particular application is running on client machine?
What are the default collections available in SMS?
Can you tell two resource ids? Resource id, Resource Value, Resource type and system resource.
How to advertisement goes to client?
Which logs should look when communication happen from primary to secondary? Hman.log and hierarchy manager
Site to site communication? Sitecomp.log, hman.log
How will you check client health status?
What are the steps needs to be following if a pkg needs to distribute production environment?
There is a one site and it has 100 clients, needs to be deployed one pkg to 10 clients? How will you create a collection?
There is a pkg and it will be rebooting after install the application. Needs to be suppressing the reboot function in the program?
What kind of client installation method are you using?
We have a 1000 client and 800 clients are installed SMS client, 200 client not installed. What could be a reason? 61) Why we need to extend AD? What is the name of file?
What is SLP, BITS, Difference b/w primary and secondary server, native mode and mixed mode , what is advantage using this
Does internet based client support mixed mode? No64) What is DP and BDP, hw will backup SCCM, difference b/w SMS and SCCM 65) How to configure software metering for particular package?
Deployed one package to 10k client, however 1500 machines got failed, how will troubleshoot?
What are the sites roles configured?
What is desire configure management? Why are we using it?
What are the features avail in SCCM
OSD- how will create a OS
What are the reports will pullout from SCCM
What are the components avail in SCCM
Diff b/w native mode and mixed mode
How will setup new SCCM environment
What is BDP, what are the roles avail in SCCM &their function
What is H/W inventory log file and server log files
Diff b/w ITMU & WSUS
What are the service are running on SCCM server and client –
What is SMS execute
What is SMS_site_component_manager
SMS_site_SQL_backup, SMS_Reporting point, SMS_server_locator_point, SMS_task_sequencer_agent, SMS_agent_host
What are the package can distribute through ITMU or WSUS – all Microsoft package, hot fixes, patch, Service pack
ConfigMgr does not allow for incremental or differential backups and it always adopts a “full backup” approach i.e. it backs up everything that is needed to reinstall a site completely

Share:  Facebook Twitter Google+
Read More

SCCM Sites

By 1 comment
SCCM Sites



A site consists of a site server, site system roles, clients, and resources. A site always requires access to a Microsoft SQL Server database. There are several types of SCCM 2007 sites. A SCCM 2007 site uses boundaries to determine the clients belonging to the site. Multiple sites can be configured into site hierarchies and connected such that you can manage bandwidth utilization between sites. A SCCM 2007 site is identified by the three-character code and the friendly site name configured during Setup and types of sites as follows.


Central Administration Site(CAS) -A central site has no parent site. Typically, a central site has child and grandchild sites and aggregates all of their client information to provide centralized management and reporting. A site with no parent and no child site is still called a central site although it is also referred to as a standalone site. A central site to collect all of the site information for centralized management.

Primary Site(PS)-A primary site stores SCCM 2007 data for itself and all the sites beneath it in a SQL Server database.

Secondary Site(SS)-A secondary site has no SCCM 2007 site database. It is attached to and reports to a primary site. The secondary site is managed by a SCCM 2007 administrator running a Configuration Manager 2007 console that is connected to the primary site. The secondary site forwards the information it gathers from Configuration Manager 2007 clients, such as computer inventory data and Configuration Manager 2007 system status information, to its parent site. The primary site then stores the data of both the primary and secondary sites in the SCCM 2007 site database. The advantages of using secondary sites are that they require no additional SCCM 2007 server license and do not require the overhead of maintaining an additional database. Secondary sites are managed from the primary site it is connected to, so they are frequently used in sites with no local administrator present. The disadvantage of secondary sites is that they must be attached to a primary site and cannot be moved to a different primary site without deleting and recreating the site. Also, secondary sites cannot have sites beneath them in the hierarchy.


Share:  Facebook Twitter Google+
Read More

SCCM Site System Roles

By No comments
Different SCCM Site System Roles

1. Distribution point: As the name suggests, CM site system stores package files and scripts needed for a package to be executed on client machines.

2. Management point : CM clients cannot communicate with CM site server directly and vice versa. This communication is done via Management point.

3. Reporting point : Its a site server that stores report files used for web based reporting functionality for SCCM.

4. Server Locator Point : In lame words, used to locate management Point needed to install client softwares.

5. FallBack Status point : Generally used for debugging. It helps for monitoring and identifying problems during client installations.

6. State migration point : It stores the user's state migration data when a computer's OS is migrated.

7. System health Validator point : Used along side with Network Access Protection feature in SCCM.

8. PXE Service point : It responds to machines requesting for deployment of OS through PXE.

9. Software Updation point : Used along side with Windows Server Update Services(WSUS). For now, it’s responsible for all software updates in the site.
Share:  Facebook Twitter Google+
Read More

Software Updates in Configuration Manager 2012

By No comments
Software updates in System Center 2012 Configuration Manager provides a set of tools and resources that can help manage the complex task of tracking and applying software updates to client computers in the enterprise. An effective software update management process is necessary to maintain operational efficiency, overcome security issues, and maintain the stability of the network infrastructure. However, because of the changing nature of technology and the continual appearance of new security threats, effective software update management requires consistent and continual attention.
Share:  Facebook Twitter Google+
Read More

Understanding Security Modes in SMS 2003 and SCCM 2007

By No comments

When it comes to planning for Implementing  SMS 2003 or SCCM 2007 in an organization, the biggest question comes in mind is "What Security mode should I select to suit by organizations environment"  There are 2 security modes in SMS 2003, which is Standard Security mode and Advanced Security mode. But what is the different between this 2 security mode? Let us share on this.


Standard security uses user accounts to run services, configure computers, and connect between computers. Advanced security make use of Active Directory. It uses the Local System Account (which is computer account) to run services, configure computers, and connect between computers. It is more secure, but it requires Active Directory and it does not require the schema to be extended.

You can switch from standard security mode to advanced security mode, but it cannot change back to standard security mode once the security mode is switch over to advanced security mode.

Now lets look at  SCCM 2007, what is the different between SCCM 2007 and SMS 2003 on security mode? well, SCCM 2007 also provided 2 types of security modes, which is SMS 2003 compatibility security mode (Mixed Mode) and another is SCCM 2007 security mode (Native Mode).

Native mode is a higher level of security mode by integrating with a public key infrastructure (PKI) to help protect client-to-server communication. With this security mode enable, you are able to manage Internet-based client, which the client computer connect to your site server through public WAN connection. Thus, extra security is needed in order to implement this and you need to get a valid Certificate from certificate authority in order to accomplish this task.

Mixed mode provides backwards compatibility for hierarchies that have both SMS 2003 sites and Configuration Manager 2007 sites. With this security mode, you are unable to manage Internet-based client. You are allow to switch from Mixed mode to Native mode once all your site servers is migrated to SCCM 2007 and it is also possible to revert back to Mixed mode from Native mode. This is really a good fall back feature if you would like to perform a migration for your SMS 2003 to SCCM 2007. SCCM introduced the native security model. It's for client-server communications and provides a higher level of security through public key infrastructure (PKI) and Secure Sockets Layer (SSL) encryption for nearly all communications (except for certain distribution-point and fallback-status-point communications). Policies and other sensitive communications are signed using a PKI certificate. Microsoft Systems Management Server (SMS) 2003 mixed security mode uses a self-signed certificate.

It’s important to note that native mode affects only client-to-server communications and not server-to-server communications. To protect server-to-server communications, use IPsec. Also, a native-mode site can’t be a mixed-mode child site.


There are four native-mode requirements:

•You must have a deployed PKI infrastructure in the organization
•DNS must be available and configured for clients to locate management points
•All clients must run the SCCM 2007 client. Native-mode sites don’t support SMS 2003 clients
•Native-mode sites also don’t support Windows-2000-based clients

There are no SCCM 2007 native-mode Active Directory (AD) domain- or forest-mode requirements.

Share:  Facebook Twitter Google+
Read More

Comparing SMS 2003,SCCM 2007 and SCCM 2012

By No comments

I started listing down comparative differences between SMS 2003, SCCM 2007 and SCCM 2012, here is what we came up with...


Features
SMS2003
SCCM2007
SCCM 2012
Hardware & Software Inventory
ü
ü
ü
Automatic Client Health Remediation
ü
Software Distribution
ü
ü
ü
Computer based targeting
ü
ü
ü
User based targeting
ü*P
ü
State-based Application Distribution
ü
Self-service portal
ü
App-V Package Deployment
ü
ü
Xen-App Package Deployment
ü
Uninstallation via Software Center
ü
User-Device Affinity
ü
Distribution Point Groups
ü
Boundary Groups
ü
Application Revision History
ü
Content Management
ü
Software Updates
ITMU
Via WSUS
Via WSUS
3rd party application
ü
ü
Automatic Software Updates Deployment Rules
ü
Automatic clean-up of Superseded and Expired Updates
ü
Software Metering
ü
ü
ü
Collection-based Policies
ü
Remote Administration
Remote Tools
Remote Tools & Remote Desktop
Remote Tools + Ctrl-Alt-Del
Reporting
Basic
Basic & SQL Reporting
SQL Reporting Services
Administrator Console
ü
ü
ü
User-friendly ribbon
ü
Status reporting
ü*P
ü
Agent Managed
ü
ü
ü
Integrate with Active Directory
ü
ü
ü
Automatic Boundary Discovery
ü
Forest Discovery
ü
Discovery of Computers
ü
ü
ü
Operating System Deployment
ü
ü
Offline Servicing of OS Image
ü
Task Sequence
ü
ü
Maintenance Windows
ü
ü
Desired Configuration Management
ü
ü
Automatic Remediation of Configuration Drift
ü
Internet Based Client Management
ü
ü
Integration with Windows Server 2008 Network Access Protection
ü
ü
Intel vPro Intergration
ü SP1
ü
Role-based Access Control
ü
Power Management
ü R3
ü
User Power Management Opt-out
ü
Windows Mobile Device Management
ü
ü
Non-Windows Mobile Device Management
ü


 Note: *P = Partial
NOTE: The above was done in comparison to SCCM 2012 Beta 2 and what we know that will be supported in the eventual release.

Share:  Facebook Twitter Google+
Read More