Guest Post: A Step by Step Guide to System Center 2012 Configuration Manager with sp1

Neil Hodgkinson has provided a step by step guide to getting started with System Center 2012 Configuration Manager.  This is part of a 15 part series which will cover the installation, setup, configuration and usage of Microsoft System Center 2012 Configuration Manager.  To find the additional articles in the series please take a look at Neil’s site.

https://SCCM2012 IIS Default for group policy is not needed if you are using SCCM push, read more about it here https://technet.microsoft.com/en-us/library/bb632380.aspx

Remote Differential Compression for site server and branch distribution point computers

Site servers and branch distribution points require Remote Differential Compression (RDC) to generate package signatures and perform signature comparison. By default, RDC is not installed on Windows Server 2008 or Windows Server 2008 R2 and must be enabled manually.

Use the following procedure to enable Remote Differential Compression for Windows Server 2008 and Windows Server 2008 R2 and now 2012

  1. On the Windows Server 2008 or Windows Server 2008 R2 computer, navigate to Start / All Programs / Administrative Tools / Server Manager to start Server Manager or open server manager dashboard server 2012. In Server Manager, select the Features node and click Add Features to start the Add Features Wizard.
  2. On the Select Features page, select Remote Differential Compression and BITS and then click next.
  3. Complete the rest of the wizard.
  4. Close Server Manager.

Delegate Permission to the System Management Container

Open Active Directory Users and Computers. Click on view, select Advanced Features.
Select the System Management Container, and right click it, choose All Tasks and Delegate Control.

clip_image002

When the Welcome to Delegation of Control Wizard appears click next, then click Add. Click on Object Types, select Computers. Type in your SCCM server name and click on Check Names, it should resolve.

Click Ok, then Next. Choose Create a Custom Task to Delegate, click next, make sure this folder, existing objects in this folder and creation of new objects in this folder is selected.

clip_image004

Click next, select the 3 permissions General, Property-Specific and Creation-deletion of specific child objects are selected then place a check mark in FULL CONTROL, and click next then Finish.

clip_image006

Extent the AD schema for sccm

Perform the below on your Active Directory server, simply browse the network to your AD Server server \\adminserver\c$ and copy the contents of SC2012_SP1_RTM_SCCM_SCEP and find \SMSSetup\Bin\x64\Extadsch.exe, right click and choose Run As Administrator.

clip_image008

Open SQL ports

Create an OU for your SCCM server and allow port 1433 and 4022 for SQL replication with group policy – Select Computer Configuration, Policies, Windows Settings, Windows Firewall with Advanced Security and select Inbound Rules, choose New and follow the wizard for opening up TCP port 1433, repeat for port 4022.

If using group policy refer to step 2 below Image

clip_image010

To open a port in the Windows firewall for TCP access

  1. On the Start menu, click Run, type WF.msc, and then click OK.
  2. In the Windows Firewall with Advanced Security, in the left pane, right-click Inbound Rules, and then click New Rule in the action pane.
  3. In the Rule Type dialog box, select Port, and then click Next.
  4. In the Protocol and Ports dialog box, select TCP. Select Specific local ports, and then type the port number of the instance of the Database Engine, such as 1433 for the default instance. Click Next.
  5. In the Action dialog box, select Allow the connection, and then click Next.
  6. In the Profile dialog box, select any profiles that describe the computer connection environment when you want to connect to the Database Engine, and then click Next.
  7. In the Name dialog box, type a name and description for this rule, and then click Finish.

To open access to SQL Server when using dynamic ports

  1. On the Start menu, click Run, type WF.msc, and then click OK.
  2. In the Windows Firewall with Advanced Security, in the left pane, right-click Inbound Rules, and then click New Rule in the action pane.
  3. In the Rule Type dialog box, select Program, and then click Next.
  4. In the Program dialog box, select This program path. Click Browse, and navigate to the instance of SQL Server that you want to access through the firewall, and then click Open. By default, SQL Server is at C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Sqlservr.exe. Click Next.
  5. In the Action dialog box, select Allow the connection, and then click Next.
  6. In the Profile dialog box, select any profiles that describe the computer connection environment when you want to connect to the Database Engine, and then click Next.
  7. In the Name dialog box, type a name and description for this rule, and then click Finish.

Install .net frame work and IIS WCF activation and BITS

In Server Manager select Features, Add Features, Select .NET Framework 3.5, also select WCF Activation and when prompted answer Add Required Role Services click next and next again. ( Make sure the BIT and IIS service is running/restart after install ).

SQL Server 2012

Install SQL on D:\Program Files... and when running setup.exe right click and choose Run as Administrator, Select all options on install, click on the account name and enter the admin username and password.

clip_image012

clip_image014
Click next and finish install (takes a long time).Make sure SCCM computer is a member of the built-in administrators.

Check TCPIP properties for listening IP address in SQL Server Configuration Manager
Start up the SQL Server Configuration Manager, and expand SQL Server Network Configuration on the left pane, highlight Protocols for <Instancename> and double click on TCPIP in the right pane

clip_image016

Click on IP addresses

Change IP2 to enabled yes

Leave default IP

Change IP4 to enabled yes

Leave default IP

SQL Memory Configuration

https://technet.microsoft.com/library/ms191144%28SQL.105%29.aspx

clip_image018

The logon account for the SQL Server service cannot be a local user account, NT SERVICE\<sql service name> or LOCAL SERVICE. You must configure the SQL Server service to use a valid domain account, NETWORK SERVICE, or LOCAL SYSTEM. SEE BELOW PIC

clip_image020

Installation of System Center 2012 Configuration Manager with SP1

Here is the download link for the Assessment and deployment kit https://www.microsoft.com/en-us/download/details.aspx?id=30652 this is one of the prerequisites.

Also restart your server

When the wizard appears, click on Install, click next and then select Install a Configuration Manager Primary Site

clip_image021

Click next, and then create a folder on your D/E Drive called rc_updates

clip_image023

Click next on your Language of choice and enter your site installation settings install on D/E not C:

clip_image025

Install as the first site in a new hierarchy

clip_image027

Click next, leave the FQDN as default

clip_image029

Select Configure the Communication method on each site system role and review all setting.

clip_image030

Client Computer Communication Settings (HTTP or HTTPS). Select Configure the communication method on each site system role.

clip_image032

clip_image034

clip_image035

Any warnings can be fixed after the install

clip_image037

Make a brew this part can take a while!

clip_image038

After the install has finished restart the server.

The next step in the guide we will be going through the different discovery methods and creating boundary Groups.

Head on over to https://www.technodge.co.uk for more Deployment guides.

About the Author

IMG_0263 (2)Neil Hodgkinson has been working in the IT industry for 14 years with 9 of those working in the education sector, I have worked with many versions of Windows Server, Exchange and Group Policy . Over the last few years I have been specializing in Deployment methods starting with Microsoft's deployment tool kit and the migrating over to Microsoft System Center, the Holy grail of servers- for Endpoint Protection, Deployment, App Control for windows 8 and the ability to manage smart phones.

I also do a lot of free consultancy for all the local primary schools on the best way to deploy and control their windows environment Via system center and Group policy's.

IT is a passion and I feel you have to be passionate about the IT industry for things to keep things moving forward.