How to - System Centre Configuration Manager - Part 1 (Pre-req's)
by, 8th January 2012 at 06:10 PM (15477 Views)
Ive had a lot of contact from people asking about installing System Centre Configuration Manager (SCCM) – having all sorts of issues with it. Normally – this install and config to the basics of doing a build and capture, through to the end game of it deploying your network clients for you!
Im not going to cover AD or DHCP – other than saying have 2 accounts setup ready to use, something like SCCMAdmin and SCCMClient. Make sure that you arent running SCCM on the same server as DHCP; and if at all possible, run it on dedicated hardware.
This is going to be a 3 part post – this one (the first) will deal with the getting started bits. The stuff you really need to read and follow to avoid issues later.
Rule 1 – make sure you have all your prerequisites done. No, seriously – really do. The amount of times this happens!
1. Do the AD Schema update
Its not as terrible as it sounds! If you’ve not extended the Active directory schema before – this is a good guide… WindowsNoob SCCM Schema Update.
2. Remote Differential Compression
It is needed, so in Server Manager, on the Features node, start the Add Features Wizard.On the Select Features page, select Remote Differential Compression. Job done.
3. Windows Deployment Services
WDS – well, Im assuming you will be wanting to use the killer automated Operating Systems deployment! Add the WDS role – but do not (I repeat really DO NOT) configure it. Don’t even open its console!a
]IIS – yes, SCCM “needs” IIS, make sure you give it all this bits of it that it needs. There are a few, and 9 times out of 10 – you will miss one!
The following Web Server role services should be installed.
IIS Role Services
Common HTTP Features (in IIS 7.5 [Server 2008 R2] – you will find WebDav here which you also need to add)
Health and Diagnostics
IP and Domain Restrictions
Static Content Compression
IIS Management Console
IIS Management Scripts and Tools
IIS 6 Management Compatibilty
IIS 6 Metabase Compatibility
IIS 6 WMI Compatibility
IIS 6 Scripting Tools
IIS 6 Management Console
Now, after you’ve got that little lot all installed, time to do a bit of configuring!
URL Authorization Feature:
When the Authorization feature opens, make sure that an Allow rule is defined that includes the administrator account
Right click on Windows Authentication and choose Enable
This one should come with a health warning! In IIS7.5 [Server 2008 R2]– this is a role service not an additional install. For IIS7 [Server 2008] – download and install from Microsoft download centre.
Then configure as follows…
1.Startup IIS Manager and in the Connections pane, expand the Sites node in the tree, then click the Default Web Site, then double-click the WebDAV Authoring Rules icon.
2. Click enable webdav in the Actions pane on the right side. Once you've clicked it it will then say 'Disable webdav' so be sure not to click there again, now we need to click the Add Authoring Rule task in the Actions pane.
3. Start IIS Manager, select the server and select Stop from the actions.Allow actions To All
Allow access to this content to All Users
Permissions Source, Read, Write
4. Start Explorer and navigate to C:\Windows\System32\inetsrv\config\schema.
5. Right-click WebDAV_schema.xml and select Properties.
6. Select the Security tab and click the Advanced button.
7. Select the Owner tab and click Edit. Change the owner to administrators so the permissions can be changed.
8. Select the Permissions tab and grant your user or administrators Full Control via the Change Permissions button. Click OK, and then open the WebDAV_schema.xml file in Notepad. Find the area below and make sure the values are set as shown:
9. Click Save.<attribute name="allowAnonymousPropfind" type="bool" defaultValue="true" />
<attribute name="allowInfinitePropfindDepth" type="bool" defaultValue="true" />
<attribute name="allowCustomProperties" type="bool" defaultValue="false" />
10. Start the IIS service in IIS Manager
These settings you can make in IIS Manager, but Ive found that they don’t actually set in the xml file 9 times out of 10 – so doing it this way prevents it being a worry. IIS reads this file when it starts so it appears correctly.
Now you should be ready to do the install, which will be covered in Post 2 in a few days time.
Total Trackbacks 0