Orchestrator 2012: a quickstart deployment guide

System Center Orchestrator 2012 is extremely easy to setup and deploy.  There are only a handful of prerequisites, and most can be handled by the setup installer routine.


The TechNet documentation does an excellent job of detailing the system requirements and deployment process:



The following document will cover a basic install of System Center Orchestrator 2012 at a generic customer.  This is to be used as a template only, for a customer to implement as their own pilot or POC deployment guide.  It is intended to be general in nature and will require the customer to modify it to suit their specific data and processes.

SCORCH can be scaled to match the customer requirements. This document will cover a typical two server model, where all server roles are installed on a single VM, and utilize a remote database server or cluster.

This is not an architecture guide or intended to be a design guide in any way.


SCORCH          System Center Orchestrator

Server Names\Roles:

SCORCH          Orchestrator 2012 role server

  • Management Server
  • Runbook Server
  • Orchestrator Web Service Server
  • Runbook Designer client application
  • Windows Server 2008 R2 SP1 Enterprise edition will be installed as the base OS for all platforms.
  • All servers will be a member of the AD domain.
  • SQL 2008 R2 ENT edition with SP1 will be the base standard for all database services. SCORCH only requires a SQL DB engine (locally or remote) in order to host SCORCH databases.


High Level Deployment Process:


1.  In AD, create the following accounts and groups, according to your naming convention:

a.  DOMAIN\scorchsvc                       SCORCH Mgmt, Runbook, and Monitor Account

b.  DOMAIN\ScorchUsers                 SCORCH users security global group

2.  Add the domain user accounts for yourself and your team to the ScorchUsers group.

3.  Install Windows Server 2008 R2 SP1 to all server role members.

4.  Add the DOMAIN\scorchsvc account to the local administrators group on the SCORCH server.

5.  Add the DOMAIN\ScorchUsers global group to the local administrators group on the SCORCH server.

6.  Install the SCORCH Server.



1.  Install Windows Server 2008R2 SP1

2.  Ensure server has a minimum of 1GB of RAM.

3.  .Net 3.5SP1 is required. Setup will add this feature if not installed.

4.  IIS7 (IIS Role) is required. Setup will add this role is not installed.

5.  .Net 4.0 is required. This must be installed manually on Server 2008 R2 SP1. Download and install this prereq.

6.  Install all available Windows Updates as a best practice.

7.  Join all servers to domain.

8.  Add the “DOMAIN\scorchsvc” domain account explicitly to the Local Administrators group on the SCORCH server.

9.  Add the “DOMAIN\ScorchUsers” global group explicitly to the Local Administrators group on the SCORCH server.


Step by step deployment guide:

1.  Install SCORCH 2012:

  • Log on using your domain user account that is a member of the ScorchUsers group.
  • Run Setuporchestrator.exe
  • Click Install
  • Supply a name, org, and license key (if you have one) and click Next.
  • Accept the license agreement and click Next.
  • Check all boxes on the getting started screen, for:
    • Management Server
    • Runbook Server
    • Orchestration console and web service
    • Runbook Designer
  • On the Prerequisites screen, check the boxes to remediate any necessary prerequisites, and click Next when all prerequisites are installed.
  • Input the service account “scorchsvc” and input the password, domain, and click Test. Ensure this is a success and click Next.
  • Configure the database server. Type in the local computer name if you installed SQL on this SCORCH Server, or provide a remote SQL server (and instance if using a named instance) to which you have the “System Administrator” (SA) rights to in order to create the SCORCH database and assign permissions to it. Test the database connection and click Next.
  • Specify a new database, Orchestrator. Click Next.
  • Browse AD and select your domain global group for ScorchUsers. Click Next.
  • Accept defaults for the SCORCH Web service ports of 81 and 82, Click Next.
  • Accept default location for install and Click Next.
  • Select the appropriate options for Customer Experience and Error reporting. Click Next.
  • Click Install.
  • Setup will install all roles, create the Orchestrator database, and complete very quickly.

2. Open the consoles.

  • Start > Microsoft System Center 2012 > Orchestrator
  • Open the Deployment Manager, Orchestration Console, and Runbook designer. Ensure all consoles open successfully.


Post install procedures:


1.  Lets register and then deploy Integration Packs that enable Orchestrator to connect to so many outside systems.

Go to http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=28725 and download the toolkit, add-ons, and IP’s.

  • Make a directory on the local SCORCH server such as “C:\Integration Packs”
  • Copy to this directory, the downloaded IP’s, such as the following:
    • SC2012_Configuration_Manager_Integration_Pack.oip
    • SC2012_Data_Protection_Manager_Integration_Pack.oip
    • SC2012_Operations_Manager_Integration_Pack.oip
    • SC2012_Service_Manager_Integration_Pack.oip
    • SC2012_Virtual_Machine_Manager_Integration_Pack.oip
    • Configuration_Manager_2007_Integration_Pack.oip
    • Data_Protection_Manager_2010_Integration_Pack.oip
    • Operations_Manager_2007_Integration_Pack.oip
    • Service_Manager_2010_Integration_Pack.oip
    • Virtual_Machine_Manager_2008_Integration_Pack.oip
  • Open the Deployment Manager console
  • Expand “Orchestrator Management Server
  • Right click “Integration Packs” and choose “Register IP with the Orchestrator Management Server
  • Click Next, then “Add”.  Browse to “C:\Integration Packs” and select all of the OIP files you copied here.  You have to select one at a time and go back and click “Add” again to get them all.
  • Click Next, then Finish.  You have to accept the License Agreement for each IP. 
  • Now when you select “Integration Packs” you can see these 10 IP’s in the list.
  • Right Click “Integration Packs” again, this time choose “Deploy IP to Runbook server or Runbook Designer”.
  • Click Next, select all the available IP’s and click Next.
  • Type in the name of your Runbook server role name, and click Add.
  • On the scheduling screen – accept the default (which will deploy immediately) and click Next.
  • Click Finish.  Note the logging of each step in the Log entries section of the console.
  • Verify deployment by expanding “Runbook Servers” in the console.  Verify that each runbook was deployed.
  • Open the Runbook Designer console.
  • Note that you now have these new IP’s available in the console for your workflows.


Additionally – you can download more IP’s at:


Such as the VMware VSphere IP, or the IBM Netcool IP.

Additionally – check out Charles Joy’s blog on popular codeplex IP’s which have been updated for Orchestrator:


Comments (6)

  1. Opalis was a bit of a pain to install, but this looks indeed a bit easier 🙂

  2. Nicholas, you can get it from this bundle here: technet.microsoft.com/…/hh505660.aspx for SP1 and R2 Preview Release here: technet.microsoft.com/…/dn205295.aspx

  3. Jose Fehse says:

    Hi Kevin, did you have a chance to try upgrading Orchestrator 2012 to SP1? I've followed microsoft's guide and it seems to work and doesn't complain about the existing DB, but it erases my folders and runbooks in them. I've tried twice and no luck.



  4. Nicholas Cooper says:

    Where do I  get Orchestrator from? I know its stupid question. All I can find is the add on packs. Driving me crazy!!

  5. Khaled_Hamad says:

    Hello Kevin,

    I have an Orchestrator server up and running. I need to make a high availability with active-active scenario for this server.

    Is it possible? Are there any certain steps can be done?



  6. Matt Mcginde says:

    In regard to step 5
    5. Add the DOMAIN\ScorchUsers global group to the local administrators group on the SCORCH server.

    Why does Scorch users group need to be a member of local admins? I don’t see any reason for this .

    Thanks –

Skip to main content