wally mead senior program manager microsoft corporation session code: mgt303
Post on 23-Dec-2015
212 Views
Preview:
TRANSCRIPT
Deploying System Center Configuration Manager 2007: Part 2
Wally MeadSenior Program ManagerMicrosoft CorporationSession Code: MGT303
Session Agenda
Overview of Configuration Manager client deploymentSite system roles used in client deploymentClient push deploymentSoftware update client deploymentGroup Policy client deploymentClient upgrades
Supported Configuration Manager Clients
Windows 2000 Professional and Server SP4Windows XP Professional SP2 and SP3Windows Server 2003 SP1 and SP2Windows Server 2003 R2Windows Vista Business, Enterprise, and Ultimate
Including Vista RTM and SP1
Supported Configuration Manager Clients (2)
Windows Server 2008No Server Core client support with Configuration Manager RTMSupported with Configuration Manager SP1
Windows XP Tablet SP2Windows XP Embedded SP2Windows Embedded Point of Sale (WEPOS)Windows Foundation for Legacy Platforms (WinFLP)
Client Deployment MethodsThose that are the same as Systems Management Server (SMS) 2003:
Client push installationAutomated client push or admin controlledCan now use the site server computer account as the Client Push Installation account
Logon installation for high-rights usersNo support for low rights installation
Software distributionUpgrades from SMS 2003Upgrades to Configuration Manager SP1
Manual installation
Client Deployment Methods (2)
Those that are new deployment methods in Configuration Manager 2007
Software update point (SUP) client deploymentClient is installed through Windows Server Update Services (WSUS)
Group policy installationUse software installation feature to deploy Ccmsetup.msi
You can use whatever methods that meet your requirements
Site Role Maximum # of Client SystemsHierarchy (Central site) 200,000Primary site 100,000System Health Validator 200,000Management point 25,000Distribution point (non-OSD) 4,000Distribution point (OSD) Limited by Network & Disk I/OState migration point Limited by Network & Disk I/OSoftware update point (WSUS) 25,000Fallback status point 100,000Branch distribution point Limited by OS License, Network & Disk I/O
Supported Client Numbers
Components Used in Client Deployment
Ccmsetup.exeBackground Intelligent Transfer Service (BITS)Windows Installer 3.1 v2Windows Update AgentCore XML Services (MS XML 6 SP1)MSRDC (Remote Differential Compression)Wimgapi.msiClient.msi
Client Assignment
Configuration Manager clients can only be assigned to Configuration Manager sites
They cannot be assigned to SMS 2003 sitesIn order to validate site assignment, they must verify the intended site’s version
Required for automatic or manual assignmentThis occurs from one of two methods
Active Directory if the schema is extended for Configuration ManagerConfiguration Manager server locator point
Client Registration
Configuration Manager clients must be registered as a client to be able to send data to it, or retrieve data from it
Automatic process after assignmentClient finds the default management and issues a registration request to the site
This provides the client identity (self-signed certificate) to the site for validation
Client Approval Method
Configuration Manager clients must be approved to use the Network Access account
Can’t download the policy that contains the account until the client is approved
Approval has three options in mixed modeNo automatic approval (manual)Automatic approval for domain joined clientsAutomatic approval for all clients
Configuring the client approval methoddemo
Session Agenda
Overview of Configuration Manager client deploymentSite system roles used in client deploymentClient push deploymentSoftware update client deploymentGroup Policy client deploymentClient upgrades
Site System Roles Used in Client Deployment
Site serverWhen deploying via client push
Management pointUsed to download client files for deploymentRetrieve policies after deployment
Server locator pointUsed to validate assignment to the site in a non-extended Active Directory environment
Site System Roles Used in Client Deployment (2)
Distribution point (including branch DP)Used for a software distribution client upgradeCan be used for operating system deployment
Software update pointUsed when deploying the client through Windows Server Update Services
Fallback status point (FSP)Client sends state messages for the deployment to the FSP if configured to do so
Site System Roles Used in Client Deployment (3)
PXE service pointCan be used in operating system deployment in bare metal system scenarios
State migration pointCan be used in operating system deployment in machine replacement scenarios
Configuring a fallback status pointdemo
Session Agenda
Overview of Configuration Manager client deploymentSite system roles used in client deploymentClient push deploymentSoftware update client deploymentGroup Policy client deploymentClient upgrades
Client Push Installation
Essentially the same as in SMS 2003Automated push or Client Push Installation Wizard
The default is now SMSSITECODE=local site codeThe SMS 2003 default was AUTO
The site server computer account can be used as the Client Push Installation account
Is tried automatically if all other accounts fail
Client Push Installation (2)
No longer uses Remote Registry to the target system
Now use Remote WMIIf Active Directory is extended for Configuration Manager, the Client Push Installation parameters are published
Then used often when Ccmsetup.exe is run with no command line parameters
Not used for push installs as they use the Client Push Installation method parameters
Installing a client using the Client Push Installation Wizard
demo
Session Agenda
Overview of Configuration Manager client deploymentSite system roles used in client deploymentClient push deploymentSoftware update client deploymentGroup Policy client deploymentClient upgrades
Software Update Point Client Installation
Client installed as a WSUS mandatory update to non-client systems
No firewall issues if Windows Update Agent worksNo issues with low rights users
Client must point to the SUP via Group PolicyClient will then install automatically getting parameters from Active Directory
Software Update Point Client Installation Configuration
Site admin enables the Software Update Point Client Installation method
Requires a software update point site systemPublishes the current Configuration Manager client to WSUS as a mandatory application updateOnly required to publish at the central site
All child sites sync content from the parent site
Installing a client using a software update point
demo
Session Agenda
Overview of Configuration Manager client deploymentSite system roles used in client deploymentClient push deploymentSoftware update client deploymentGroup Policy client deploymentClient upgrades
Group Policy Client Deployment
True Active Directory client deployment integration
Use software installation to deploy the Configuration Manager client
CCMSetup.MSI for software installation packageAuto publish client deployment settings to ADADM templates for settings
No more “auto removal” of clients
Installing a client through Group Policydemo
Group Policy Client Assignment
Allows assignment of resources based on business model instead of network
Not constrained to BoundariesADM template for OU assignment configuration
Assigning a client to a site using Group Policy client assignment
demo
Session Agenda
Overview of Configuration Manager client deploymentSite system roles used in client deploymentClient push deploymentSoftware update client deploymentGroup Policy client deploymentClient upgrades
Client Upgrades
The most common client upgrade methods are:Software distribution
Can control targets and timing with advertisementsClient push installation
Use the Client Push Installation Wizard
Can also use:Manual installationAutomated push (must clear the Install flag)
Service Pack 1 Client Upgrades
There is a new client for Configuration Manager 2007 SP1Configuration Manager RTM clients can exist in a SP1 site
Configuration Manager SP1 clients not supported in an RTM site
There is no new client with Configuration Manager R2
The client remains at Configuration Manager SP1 code base
Upgrading clients using software distribution
demo
Client Deployment Tips
Consider pre-deploying required client filesFor example, BITS may require a reboot
Ensure that the Active Directory schema has been extended
If not, you need a server locator point for client assignment
Recommended to have a fallback status point available
Provides access to great client deployment status reports
Client Deployment Tips (2)
Deploy clients in a phased mannerValidate success throughout deploymentNo more than a few thousand a day
After initial deployment, deploy a test application to upgraded clients
Validates client can access the management point and distribution point
For brand new installs, may want to consider configuring Heartbeat Discovery and inventory cycles for daily
Validates client functionality and performance
Session Summary
There are many unique methods to deploy clients in Configuration Manager 2007For the most part, the same methods as SMS 2003 supported are available to Configuration Manager 2007
No longer manual Client.msi deploymentNew methods for Configuration Manager
Software update point client installation Group Policy client deployment
question & answer
www.microsoft.com/teched
Sessions On-Demand & Community
http://microsoft.com/technet
Resources for IT Professionals
http://microsoft.com/msdn
Resources for Developers
www.microsoft.com/learning
Microsoft Certification & Training Resources
Resources
Related Content
Breakout Sessions (session codes and titles)
Whiteboard Sessions (session codes and titles)
Hands-on Labs (session codes and titles)
Track Resources
Resource 1
Resource 2
Resource 3
Resource 4
A slide outlining the 2009 evaluation process and prizes will be provided closer to the event.
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
top related