I’ve been talking to some people about SCCM recently and it seems to be difficult to understand the whole process to set it up right. Therefore i’m going to share my experiences.
This first part covers all the prerequisites and setting them up.
1 - The (simple) setup
I’m going to presume an active directory is already present.
My (vmware) setup:
- DC1
- Windows 2008 R2 with SP1
- 1vCPU, 512MB ram, 1×32GB harddisk (C:)
- 10.10.10.100
- role: the one and only domain controller responsible for the domain “tailspintoys.com”.
- SCCM01
- Clean installation with Windows 2008 R2 with SP1 added to the “tailspintoys.com” domain
- 2vCPU, 2GB ram, 2×32GB harddisk (C: and E:, D: is the dvd player)
- 10.10.10.125
- role: going to be the SCCM 2007 SP2 server, also acting as SQL, WDS and IIS server. More on that later.
2 - Windows 2008R2 Roles, Features and configuration for SCCM
Features
On SCCM01, let’s add some features first. Start the server manager, go to features, add features:
- select feature “background intellingend transfer service (BITS)”
- yes, “Add Required Role Services”
- select feature “remote differential compression”
- next, next
- since we’ve added the webserver role (that came with BITS) we now have the chance to add extra role services for this role. Add the following:
- “Webdav Publishing”
- “ASP .NET” (yes, add the dependencies)
- ASP (you’ll need that for the reporting of SCCM, at first i forgot which led to “HTTP error 404.3 - Not Found” errors)
- “Windows Authentication”
- “IIS6 WMI Compatibility”
- next, install, close
Configure webdav
Now we have to configure the webdav properties for the default website in IIS. You can do it later after SCCM is fully installed but you have to do it at some point so why not do it now.
Microsoft has a document on this but here it is in short:
- Start the IIS manager
- Expand till you see the default website. Click on it.
- In the middle pane, doubleclick “Webdav Authoring Rules”
- In the right pane, select “enable webdav”, followed by “Webdav Authoring Rules”, followed by “Add Authoring Rule”
- “All Content”, “All Users”, “Read” + OK
- In the right pane, select “Webdav Settings”
- Allow anonymous property queries = True
- Allow Custom Properties = False
- Allow property queries with infinite depth = True
- Allow hidden files to be listed = True
- In the right pane, click Apply
- Close the IIS manager
Roles
As SCCM needs WSUS and relies on the PXE server from WDS, we have to install some additional roles. Go to the server manager, roles and add the following role first. You have to install the WSUS role later, you can’t select it with other roles at the same time. So first:
- Windows Deployment Services. Just next, next next, ….
Now add the following role:
- Windows Server Update Services (yes, add the dependencies). Next, next, next, ….
- If you are wondering why installation takes such a long time, notice the window on your taskbar. An additional screen with “Welcome to Windows Server Update Services 3.0 SP2 Setup Wizard” has opened.
- I’ve placed the wsus data on E:\WSUS and i’m using the Windows internal database, but other circumstances may apply.
- Click through the setup till the end and click Finish
- When the roles are installed, click Close. A new window to configure WSUS will open.
- Cancel these configuration steps.
Configure WDS
- From the Administrative Tools, start Windows Deployment Services.
- Expand servers, Rightclick SCCM01 and select Configure Server
- I’m storing the data on E:\RemoteInstall but change to match your environment
- I’m selecting “Respond to all client computers (Known and Unknown)” but that’s also a choice
- Don’t select “Add images to the server now” and Finish
If you are not going to run DHCP on this server, skip this next 3 steps. But if you are going to install the DHCP role on this server then do the following prior to installing the DHCP role:
- Rightclick the SCCM01 server and select Properties
- Go to the tab DHCP
- Select the first option “Do not listen on port 67”.
Optionally: Install and configure the DHCP role on this server
This is optional. You can run DHCP on any other server too.
But if you are installing DHCP on this server (i’m sure the basic configuration doesn’t need additional explaining here), all you have to do is go to the WDS settings (above) and on the DHCP tab select the “Configure DHCP option 60 …”. Then restart the DHCP service.
Configure DHCP that runs on a different server
If you are running DHCP on a different server in your network, configure options 66 with the ip-address of the WDS server and option 67 with “boot\x86\wdsnbp.com”. “wdsnbp.com” is a little utility that automatically determines the platform so it will automatically switch to x86 or x64 if neccessary.
At this point, all the Windows “internal” software related prerequisites on the SCCM01 server are in place.
3 - Other prerequisites
Associate a subnet with a site
To define a boundary for SCCM later, it is important to have a subnet defined and match it with a site in active directory.
So if you have not defined a subnet yet (if you have done a plain active directory installation, you won’t), then log on to the domain controller and do the following:
- Open Active Directory Sites and Services
- Expand till you see Subnets
- On Subnets, rightclick and select “New Subnet”
- Prefix: in my case: 10.10.10.0/24 and select a site object from the box below (on a plain installation it’s just Default-First-Site-Name)
Install SQL server for SCCM
To start with: i’m far from an expert on SQL. Beste practices may be different. But to get things up and running, the following will work.
SCCM won’t work on Express editions of SQL, so make sure you have a full version (get trial version here). I’ve read rumours that SCCM 2007 SP2 doesn’t work on SQL 2008 R2 but it does!
- On the domain controller, start “Active Directory Users and Computers” and create a group called “SQL Admins” and make this group member of the group “Domain Admins”
- Also create a new account called “sql2008r2”. Make this user member of the group “SQL Admins”
- On the SCCM server, go to the server manager, add the feature “.NET Framework 3.5.1 Features” and add the required dependencies. Next, Install, Close
- Reboot the server prior to installing SQL to be sure you don’t have pending installation tasks
- Run setup.exe. On the first page, there’s a System Configuration Checker. Run it, all checks should be OK. If not, correct them
- Click on Installation on the left side of the screen, then select “New installation …”
- Keep everything default unless stated otherwise.
- At “Setup Role”, choose “SQL Feature Installation”
- Only the “Database Engine Service” is really required, but you also want to select “Reporting services” to create all kinds of cool reports from SCCM later. Also select “Management Tools - Complete”.
- At “Server Configuration”, click on “use the same account for all services” and supply the “sql2008r2” account created in the second step.
- At “Database Engine Configuration”, click “Add the current user” followed by “Add” and also add the “SQL Admins” group.
- Complete the rest of the installation of SQL