50,39 €
Mehr erfahren.
- Herausgeber: Packt Publishing
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
Over 60 applicable recipes to administer and manage System Center Configuration Manager Current Branch
About This Book
- Overcome the challenges of administering System Center Configuration Manager when deploying single and multiple-hierarchy sites
- Help your organization to build a custom-line of business apps and also protect the server against malware threats with Endpoint protection
- Get easy guidance and best practices to help you work with SCCM
Who This Book Is For
If you are an intermediate to advanced administrator who wants to administer SCCM and understand how to solve particular problems/scenarios, then this book is for you. You should have a working knowledge of SCCM, however, knowledge of the latest version is not required.
What You Will Learn
- Administer System Center Configuration Manager
- Upgrade computers from Windows 7/ 8.x to Windows 10, using Serivce Plans to keep Windows 10 machines up to date
- Manage Compliance Settings effectively and monitor it with SSRS
- Manage Sites in System Center Configuration Manager and also learn to create collections, leverage role-based administration (RBA), and support clients over the internet without a VPN connection
- Implement multiple methods to deploy the client, as well as how to be proactive in monitoring client agent health
- Achieve Mobile device management with Microsoft Intune
In Detail
This practical cookbook is based on the 1602 current branch of System Center Configuration Manager (SCCM). It shows you how to administer SCCM, giving you an essential toolbox of techniques to solve real-world scenarios. Packed with over 60 task-based and instantly usable recipes, you'll discover how design a SCCM Infrastructure, and dive into topics such as the recommended SQL configuration for SCCM and how to deploy Windows 10 with Operating System Deployment (OSD).
You will learn to easily manage Windows 10 devices by deploying applications, software updates, and feature upgrades, andl be able to leverage Mobile Device Management (MDM) using SCCM and Microsoft Intune. Finally, you see how to gather the inventory of all your PC park and create reports based on it. By the end of the book, you will have learned the best practices when working with SCCM and have a handy reference guide for troubleshooting.
Style and approach
This cookbook is full of quick recipes that show you how to administer SCCM and will help you understand how to solve particular problems/situations encountered in day-to-day tasks.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 379
Veröffentlichungsjahr: 2016
Ähnliche
Table of Contents
Microsoft System Center Configuration Manager Cookbook - Second Edition
Microsoft System Center Configuration Manager Cookbook - Second Edition
Copyright © 2016 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: September 2012
Second edtion: November 2016
Production reference: 1161116
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78588-120-6
www.packtpub.com
Credits
Samir Hammoudi
Chuluunsuren Damdinsuren
Brian Mason
Greg Ramsey
Copy EditorLaxmi Subramanian
ReviewerMatthew Hudson
ProofreaderSafis Editing
Commissioning EditorKartikey Pandey
GraphicsKirk D'Penha
Acquisition EditorMeeta Rajani
IndexerPratik Shirodkar
Technical EditorsNarsimha Pai
Nirant Carvalho
Production CoordinatorShantanu N. Zagade
About the Authors
Samir Hammoudi is a Microsoft Full Time Employee (MSFT) working as a Sales Engineer (TSP) on Surface devices and Windows 10 in Tokyo, Japan. During the beginning of his career, he worked as a Senior ICT Consultant in Switzerland for 7 years offering his wide technical expertise on Microsoft technologies such as Active Directory, Exchange, Virtualization, and Windows client deployment and management. Looking for a new challenge, he then moved to Japan and joined Microsoft as a Premier Field Engineer (PFE) on System Center Configuration Manager, where he covered customers all around APAC region. Avid of learning new technologies, Samir is the holder of a wide range of Microsoft certifications as MCSE (Server and Private Cloud) and MCITP (Enterprise Admin, Messaging Admin, and Lync Server Admin). He regularly writes tech notes and articles in both his blogs, one written in English covering Microsoft Devices and Cloud technologies (aka.ms/beanexpert) and one written in Japanese covering mainly Microsoft Deployment Toolkit (aka.ms/mdtjp). Samir loves sharing information to empower the Microsoft IT pros community. He tries his best through his blogs to cover information that is missing from official Microsoft sites. Samir is passionate about sports (football in particular) and about technology in general. Always open to direct contact, he encourages anyone wanting to discuss about anything on Windows client technologies to head over to his blogs and contact him personally.
Chuluunsuren Damdinsuren is a Microsoft Full Time Employee (MSFT) working as a Premier Field Engineer (PFE) in client management area such as Active Directory, System Center Configuration Manager, and Remote Desktop Services for Microsoft Japan. He has an Engineering degree from Osaka University and an MS degree in Computer Science. His primary focus is to design, migrate, deploy, train, and troubleshoot System Center Configuration Manager and Active Directory. He has a couple of technical blogs, and various MSCA and MCSE certificates. He is a passionate fan of football and topcoder.
Brian Mason is a Systems Engineer at Wells Fargo where he manages over 350,000 resources with CM (note that any views expressed in this book are Brian's and not necessarily those of Wells Fargo). Brian is a 6-time Microsoft MVP for Configuration Manager (CM). He currently runs the Minnesota System Center User Group and its website where he blogs. He can be found answering forum questions on TechNet and myITforum.
Greg Ramsey is a Systems Engineer specializing in global systems management for Dell Services. He has a B.S. in Computer Sciences and Engineering from the Ohio State University and is a Microsoft Most Valuable Professional (MVP) for Microsoft System Center Configuration Manager. Greg co-authored SMS 2003 Recipes: A Problem Solution Approach (Apress, 2006) and Microsoft System Center Configuration Manager Unleashed (Sams, 2009). Greg is the co-founder of the Ohio SMS Users Group and the Central Texas Systems Management User Group.
About the Reviewer
Matthew Hudson has been involved in IT for over 25 years.He has focused on Enterprise Systems Management for more than a decade at various companies ranging from Higher Education to the Energy sector. Matthew is currently a Microsoft MVP in Enterprise Mobility.
www.PacktPub.com
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www.packtpub.com/mapt
Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.
Why subscribe?
Preface
Microsoft's System Center Configuration Manager Current Branch (CM CB) is arguably the most complex (and feature rich) offering of the System Center suite. CM administrators must be proficient in a variety of technologies in order to effectively design and operate a CM hierarchy. The list of technologies that CM touches is almost overwhelming, for example, SQL, IIS, MDT, WSUS, WMI, PXE, SSRS, workstation and server operating systems, networking, and more. It should come as no surprise then that CM admins have built themselves a strong network of support. Forums such as Microsoft TechNet and myITforum are daily filled with questions and answers. There are local user groups, online webcasts, and conferences held routinely for admins to learn and share their trials and tribulations.
We often hear of an Exchange or Active Directory admin suddenly getting the CM dropped in his lap from the boss. There is little time to sink or swim. By giving quick recipes to get things done, readers can get things going (or keep them running) to buy time to better learn the product. This book does not spend time going into why CM does things the way it does, nor does it go into deep details as admins too often don't have the time for that. There are also other Configuration Manager 2007/2012 (CM07/CM12) admins who don't want to spend time reading bible-sized books on CM CB. They know an old version of CM very well and just need a quick guide to get them up to speed. Therefore, this book is aimed at getting admins up to speed fast with CM CB.
This book will get the reader up to a working knowledge of the product. For example, we cover Operating System Deployment (OSD) far enough for the reader to create a Windows 10 image and deploy it. Real world finesse will come only with time, but that cannot begin until the reader picks up the terminology and fundamentals. This book should remove that feeling of being overwhelmed by putting the reader straight to work with step by step recipes. Once the reader has actually tried a recipe, the topic will seem less intimidating. By using these recipes, the reader will gain the fundamentals of site administration, reporting, software distribution and patching, and client management.
What this book covers
Chapter 1, Designing a System Center Configuration Manager Infrastructure, covers ways to reduce the drag on primary sites to help keep you on just one site if possible such as installing SQL to be as efficient as possible and how to offload roles.
Chapter 2, Deploying Windows 10 with Operating System Deployment, shows you how to create an image and deploy it, taking into consideration the need to manage drivers or migrate user data.
Chapter 3, Deploying Applications and Software Updates, covers applications, patching and upgrades, monitoring deployments, and use of the new Software Center and Application Catalog.
Chapter 4, Managing Compliance Settings, covers how to create configuration items, put them into baselines and deploy them, and then monitor computers for compliance to those baselines with e-mailed drift reports.
Chapter 5, Managing Mobile Devices using Configuration Manager with Microsoft Intune, details ways to manage mobile devices by taking advantage of the MDM solution called Microsoft Intune that can be integrated with CM to offer a unique single pane of glass to manage both desktop and mobile devices.
Chapter 6, Managing Sites, details ways to configure and manage sites, set up discovery tasks to find systems, and explains how to set up security roles and scopes for other admins.
Chapter 7, Managing Clients, covers installation and upgrade of the CM client on systems, how to manage and monitor health of that client, and how to manage power on those clients.
Chapter 8, Managing Inventory, details the set up and usage of the various inventory methods of CM as well as metering of software usage.
Chapter 9, Managing Reports and Queries, walks you through Reporting Services installation, building queries for reports, and editing and creating reports.
What you need for this book
Readers with experience in CM07 or CM12 will get up to speed sooner, but it isn't a requirement. However, experience is needed in the following areas:
You might also want to get a mobile device (Android or iOS) if you are interested in testing the mobile device management features offered by CM CB and Microsoft Intune.
Who this book is for
This book is for administrators who need to get up to speed quickly with CM CB. Readers are given how-to steps without all the fat and fluff. Need to get SQL and CM installed right away? This book has recipes for design considerations. Need to just get a Windows 10 deployment started right now? There is an entire chapter dedicated to that. Need to set up a security drift report for your boss? There is a chapter for that as well. All the main features of CM have recipes written as concisely as possible to give the reader a quick start.
Sections
In this book, you will find several headings that appear frequently (Getting ready, How to do it, How it works, There's more, and See also).
To give clear instructions on how to complete a recipe, we use these sections as follows:
Getting ready
This section tells you what to expect in the recipe, and describes how to set up any software or any preliminary settings required for the recipe.
How to do it…
This section contains the steps required to follow the recipe.
How it works…
This section usually consists of a detailed explanation of what happened in the previous section.
There's more…
This section consists of additional information about the recipe in order to make the reader more knowledgeable about the recipe.
See also
This section provides helpful links to other useful information for the recipe.
Conventions
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "You could manually create your own reference build, Sysprep, and capture it to a .wim file."
A block of code is set as follows:
PCUSOURCE=\\Server\Share\SQLServicePackX CUSOURCE=\\Server\Share\SQLCUXAny command-line input or output is written as follows:
Setup.exe /CONFIGURATIONFILE=cmsqlconfig.iniNew terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "Change the properties of the Rebuild Indexes task to be enabled to Weekly."
Note
Warnings or important notes appear in a box like this.
Tip
Tips and tricks appear like this.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors .
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at [email protected] with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
Questions
If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.
Chapter 1. Designing a System Center Configuration Manager Infrastructure
In this chapter, we will cover the following recipes:
Introduction
In this chapter, we will learn the new servicing model, and walk through the various setup scenarios and configurations for System Center Configuration Manager Current Branch (SCCM CB). Designing and keeping a System Center Configuration Manager (SCCM) infrastructure current by using best practices such as keeping SQL server on the site, offloading some roles as needed, and in-place upgrades from CM12.
What's changed from System Center 2012 Configuration Manager?
We will go through the new features, changes, and removed features in CM since CM 2012.
Getting ready
The following are the new features in CM since CM12:
How to do it...
Whats new in CM Capabilities
This information is based on versions 1511 and 1602. You can find out if the change is made in 1602 or later by looking for the version 1602 or later tag. You can find the latest changes at https://technet.microsoft.com/en-us/library/mt757350.aspx.
Removed features
There are two features that were removed from CM current branch's initial release in December 2015, and there will be no more support on these features. If your organization uses these features, you need to find alternatives or stay with CM12.
See also
System Center Configuration Manager's new servicing models
The new concept servicing model is one of the biggest changes in CM. We will learn what the servicing model is and how to do it in this chapter.
Getting Ready
Windows 10's new servicing models
Before we dive into the new CM servicing model, we first need to understand the new Windows 10 servicing model approach called Windows as a Service (WaaS).
Microsoft regularly gets asked for advice on how to keep Windows devices secure, reliable, and compatible. Microsoft has a pretty strong point-of-view on this: Your devices will be more secure, more reliable, and more compatible if you are keeping up with the updates we regularly release.
In a mobile-first, cloud-first world, IT expects to have new value and new capabilities constantly flowing to them. Most users have smart phones and regularly accept the updates to their apps from the various app stores. The iOS and Android ecosystems also release updates to the OS on a regular cadence.
With this in mind, Microsoft is committed to continuously rolling out new capabilities to users around the world, but Windows is unique in that it is used in an incredibly broad set of scenarios, from a simple phone to some of the most complex and mission critical use scenarios in factories and hospitals. It is clear that one model does not fit all of these scenarios.
To strike a balance between the needed updates for such a wide range of device types, there are four servicing options (summarized in Table 1) you will want to completely understand.
Table 1. Windows 10 servicing options (WaaS)
Servicing Models
Key Benefits
Support Lifetime
Editions
Target Scenario
Windows Insider Program
Enables testing new features before release
N/A
Home, Pro, Enterprise, Education
IT Pros, Developers
Current Branch (CB)
Makes new features available to users immediately
Approximately 4 months
Home, Pro, Enterprise, Education
Consumers, limited number of Enterprise users
Current Branch for Business (CBB)
Provides additional testing time through Current Branch
Approximately 8 months
Pro, Enterprise, Education
Enterprise users
Long-Term Servicing Branch (LTSB)
Enables long-term low changing deployments like previous Windows versions
10 Years
Enterprise LTSB
ATM, Line machines, Factory control
How to do it...
How will CM support Windows 10?
As you read in the previous section, Windows 10 brings with it new options for deployment and servicing models. On the System Center side, it has to provide enterprise customers with the best management for Windows 10 with CM by helping you deploy, manage, and service Windows 10. Windows 10 comes in two basic types: a Current Branch/Current Branch for Business with fast version model, and the LTSB with a more traditional support model.
Therefore, Microsoft has released a new version of CM to provide full support for the deployment, upgrade, and management of Windows 10 in December 2015. The new CM (simply without calendar year) is called Configuration Manager Current Branch (CMCB), and designed to support the much faster pace of updates for Windows 10, by being updated periodically.
This new version will also simplify the CM upgrade experience itself. One of the core capabilities of this release is a brand new approach for updating the features and functionality of CM. Moving faster with CM will allow you to take advantage of the very latest feature innovations in Windows 10, as well as other operating systems such as Apple iOS and Android when using mobile device management (MDM) and mobile application management (MAM) capabilities.
The new features for CM are in-console Updates-and-Servicing processes that replace the need to learn about, locate, and download updates from external sources. This means no more service packs or cumulative update versions to track. Instead, when you use the CM current branch, you periodically install in-console updates to get a new version. New update versions release periodically and will include product updates and can also introduce new features you may choose to use (or not use) in your deployment.
Because CM will be updated frequently, will be denoted each particular version with a version number, for example 1511 for a version shipped in December 2015. Updates will be released for the current branch about three times a year. The first release of the current branch was 1511 in December 2015, followed by 1602 in March 2016. Each update version is supported for 12 months from its general availability release date.
Why is there another version called Configuration Manager LTSB 2016?
There will be a release named System Center Configuration Manager LTSB 2016 that aligns with the release of Windows Server 2016 and System Center 2016. With this version, as like previous versions 2007 and 2012, you do not have to update the Configuration Manager Site Servers like the current branch.
Table 2. Configuration Manager Servicing Options:
Servicing Options
Benefits
Support Lifetime
Intended Target Clients
CM CB
Fully supports any type of Windows 10
Approximately 12 months
Windows 10 CB/CBB, Windows 10
Configuration Manager LTSB 2016
You do not need to update frequently
10 Years
Windows 10 LTSB
Keeping your CM deployment up-to date
CM synchronizes with the Microsoft cloud service to get updates. You can then install from within the CM console. Only updates that apply to your infrastructure and version are downloaded and made available. This synchronization can be automatic, or manual depending on how you configure the service connection point for your hierarchy.You can choose either of the following methods for upgrading your CM Infrastructure.
You can choose either of the following methods for upgrading your CM Infrastructure:
By default, CM checks for new updates every 24 hours. Beginning with version 1602 or later, you can also check for updates immediately by:
Note
To view updates in the console, a user must be assigned a security role that includes the Read permission in the permission group Site, and the security scope All.
To configure the service connection point role:
Note
The service connection point site system role may only be installed on a central administration site or standalone primary site. The service connection point must have Internet access.
Getting ready
Before applying a CM update, there are three recommended actions you can execute in order to safely update CM:
Refer to the checklist available at https://technet.microsoft.com/en-us/library/mt691556.aspx for updating from System Center Configuration Manager version 1511 to 1602.
Test the database upgrade:How to do it...
Before installing a new CM update, be sure to have done the prerequisite checks described in the Getting ready section.
Tip
Child primary sites start the update automatically after the central administration site completes installation of the update. You can use Service Windows for site servers to control when a site installs updates.
When it comes to updating CM to a new version, you will have to consider updating the CM hierarchy in the following order:
Note
You have to manually update secondary sites from the CM console after the primary parent site update is completed. Automatic update of secondary site servers is not supported. When you open the CM console after the site update, you are prompted to update the console.
How it works...
As part of the update installation, CM re-installs any affected components such as site system roles or the console, manages updates to clients based on the selections you made for client piloting, and basically there is no need to reboot site system servers as part of the update.
Tip
When updates are installed, Configuration Manager also updates the CD.Latest folder which is used during a site recovery.
There's more...
From the CM console, it is also possible to verify any update installation status as well as monitor the update in progress.
To verify the status of updated packages, navigate to Administration | Cloud Services | Updates and Servicing. This node shows the installation status for all updated packages.
To monitor the CM update while it's applied, follow these steps:
After a CAS or primary site updates, each CM console that connects to that site must also update.
To start updating CM consoles:
