Maximizing Security in Configuration Manager

This post details my experience and lessons learned with hardening a System Center Configuration Manager system.  I’ll review the risks and then describe the various technical components of a ConfigMgr system: Windows Server host, Internet Information Service (IIS), SQL Server and ConfigMgr itself.  Make sure to review the current product documentation on Security for Configuration…

0

Secondary site server attempting NTLM anonymous logon

I recently came across a problem that drove me crazy for several hours.  I’ve installed secondary site servers many times and have the setup down pat to work with my usual secure configuration.  The secondary site server installed ok, but then the mpcontrol.log showed entries similar to the following: Attempting to connect to the configured SQL database.***…

0

TestDBUpgrade on a Named Instance

In a scenario where a hardened SQL named instance (e.g., SQLI1) is used to perform the database (e.g., SMS_P01) upgrade test for a service pack the ConfigMgrSetup.log may contain the following errors: The command line options are /TESTDBUPGRADE SMS_P01…Testing database upgrade on SMS_P01 database, on the sqlsrv01 server.Running test query.***SqlError: [08001][17][Microsoft][ODBC SQL Server Driver][Shared Memory]SQL…

4