Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Configuring SCCM Server: Installing Roles, Creating OUs, and Setting Up DHCP and ADK, Study notes of Computer Networks

Jawaharlal Nehru Technological UniversityComputer Networks

The steps to configure an sccm server, including joining it to a domain, installing prerequisites, creating ous in active directory, and setting up dhcp and adk. It also covers creating sccm accounts and installing the sql server services account.

Typology: Study notes

2023/2024

Uploaded on 01/02/2024

siva-krishna-8
siva-krishna-8 🇮🇳

1 document

1 / 25

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
LAB Overview ..................................................................................................................................................................... 3
Stage 1: - Enable Hyper-V and create virtual switch ..................................................................................................... 4
Stage 2: - Setup 2 Server and 1 Endpoint ...................................................................................................................... 4
Stage 3: - Configure Server ............................................................................................................................................ 4
Now install the roles on DC01: - ................................................................................................................................ 4
Post installation configuration: -............................................................................................................................ 4
SCCM Accounts: - ....................................................................................................................................................... 5
Create 3 OU in Active Directory (SCCM, workstation, users) ................................................................................ 5
SCCM server will join to domain: -............................................................................................................................. 6
Stage 4: - Download and install prerequisite ADK, Active directory schema extension, My-SQL ................................ 6
ADK, win 10 ADM ....................................................................................................................................................... 7
Extending the Active directory Schema ..................................................................................................................... 7
Create the System Management Container For SCCM ............................................................................................. 7
Set security permission: - ....................................................................................................................................... 7
SQL Server .................................................................................................................................................................. 8
SQL Server management Studio (SSMS) .................................................................................................................... 9
Stage 5: - Required Server Roles and Features for System Configuration Manager ..................................................... 9
Server Roles ........................................................................................................................................................... 9
WEB Server (IIS) ................................................................................................................................................. 9
Also add required feature ...................................................................................................................................... 9
NET Framework 3.5 Features including sub features. ....................................................................................... 9
NET Framework 4.6 Features including sub features Expand WCF Service and add sub features ................... 9
Background Intelligent Transfer Service (BITS) + Sub Folders ........................................................................... 9
Remote Differential Compression ..................................................................................................................... 9
Web server role (IIS) ...................................................................................................................................... 9
Security -> Request Filtering, Windows Authentication.......................................................................... 10
Expand Application Development-> Select ASP.NET 3.5 ......................................................................... 10
Management Tools-> Expand IIS6 Management Compatibility select all sub features .......................... 10
ISS Man Scripts and Tools ........................................................................................................................ 10
Stage 6: - Installation of MECM/SCCM ........................................................................................................................ 10
Discovering and Organizing Resources: - ......................................................................................................................... 15
Create/Add Administrative User/Security Account for SCCM Administration ............................................................... 16
SCCM client Installation ................................................................................................................................................... 17
Prerequisite .................................................................................................................................................................. 17
Open Required Ports on Firewall form SCCM by GPO......................................................................................... 17
Inbound Rule .................................................................................................................................................... 17
Windows Management Instrumentation WMI ........................................................................................... 17
File and Printer Sharing ................................................................................................................................ 17
Outbound Rules ............................................................................................................................................... 18
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19

Partial preview of the text

Download Configuring SCCM Server: Installing Roles, Creating OUs, and Setting Up DHCP and ADK and more Study notes Computer Networks in PDF only on Docsity!

  • LAB Overview
    • Stage 1: - Enable Hyper-V and create virtual switch
    • Stage 2: - Setup 2 Server and 1 Endpoint
    • Stage 3: - Configure Server
      • Now install the roles on DC01: -
        • Post installation configuration: -
      • SCCM Accounts: -
        • Create 3 OU in Active Directory (SCCM, workstation, users)
      • SCCM server will join to domain: -
    • Stage 4: - Download and install prerequisite ADK, Active directory schema extension, My-SQL
      • ADK, win 10 ADM
      • Extending the Active directory Schema
      • Create the System Management Container For SCCM
        • Set security permission: -
      • SQL Server
      • SQL Server management Studio (SSMS)
    • Stage 5: - Required Server Roles and Features for System Configuration Manager - Server Roles - WEB Server (IIS) - Also add required feature - NET Framework 3.5 Features including sub features. - NET Framework 4.6 Features including sub features Expand WCF Service and add sub features - Background Intelligent Transfer Service (BITS) + Sub Folders - Remote Differential Compression - Web server role (IIS) - Security - > Request Filtering, Windows Authentication.......................................................................... - Expand Application Development-> Select ASP.NET 3.5 - Management Tools-> Expand IIS6 Management Compatibility select all sub features - ISS Man Scripts and Tools
    • Stage 6: - Installation of MECM/SCCM
  • Discovering and Organizing Resources: -
  • Create/Add Administrative User/Security Account for SCCM Administration
  • SCCM client Installation
    • Prerequisite - Open Required Ports on Firewall form SCCM by GPO......................................................................................... - Inbound Rule - Windows Management Instrumentation WMI - File and Printer Sharing - Outbound Rules
      • Windows Management Instrumentation WMI
    • ADD SCCM Server on client computer Administrators Groups with GPO
  • Client Push Installation from SCCM Server
  • Install SCCM client with group policy on client computers
    • Configure configuration manager site assignment
    • Configure configuration manager client deployment setting
    • Configure Software setting
  • Install SCCM Client Manually on Client computer
  • Deploying Maintenance windows To a Collection
  • Assign a user collection to an administrative security role sccm
  • Turn on the Remote-Control Feature

Stage 1: - Enable Hyper-V and create virtual switch

  • Enable Hyper-V
  • create 2 virtual switches
  • 1st Lab network: - open Hyper-V - > right side select virtual switch - > new virtual network switch - > Internal - > Create - > give name - > apply by default
  • 2nd to access internet: - External network - > intel(R) Ethernet connection - > select check box (Allow management operating system to share this network adaptor)

Stage 2: - Setup 2 Server and 1 Endpoint

Install window server 2019 DC01 - > generation 1-> 4024 Mb uncheck (use dynamic memory) - > LAB network - > size 50 Gb - > install and operating system from bootable - > select .ISO file - > finish Connect virtual machine - > win server 2019 Evaluation (Desktop experience) X SCCM - > generation 1-> 6024 Mb uncheck (use dynamic memory) - > LAB network - > size 100 Gb - > install and operating system from bootable - > select .ISO file - > finish Connect virtual machine - > win server 2019 Evaluation (Desktop experience) X Client1 - > generation 1-> 2024 Mb uncheck (use dynamic memory) - > LAB network - > size 50 Gb - > install and operating system from bootable - > select .ISO file - > finish Connect virtual machine - > win 10 pro X

Stage 3: - Configure Server

Login to DC01 - > Change computer name Open server manager - > local server - > computer name - > popup change - > computer name - > Dc01 - > ok - > close restart later Ethernet setting - > change adapter settings - > ethernet property - > internet protocol version 4(TCP/Ipv4) - > select use the following Ip address Ip address - 10.0.0. Subnet - 255.0.0. Gate way - 10.0.0. Use following DNS not required but still configured below Prefer DNS - 10.0.0. Post this ok - > close - > reboot the server

Now install the roles on DC01: -

Server manager - > add role and feature - > select option role based or feature based installation - > select server -

select (Active Directory Domain servers, DHCP server, DNS automatically get installed during Active directory installation) - > next till confirmation - > select option restart the destination server automatically if required. Note: - In production Environment DHCP installed on another server where fire wall is setup it depends upon company Monitor the progress bar, do not perform post configuration. Close

Post installation configuration: -

Now open server manager - > flag - > promote this server to a domain controller

Here you can add the existing domain if not select add new forest - > root domain name - > Mindmajix.tech.com or. local anything you want. - > next - > go with by default value - > post these reboot Complete DHCP configuration - > next - > authorization (use the following user’s credential) - > commit Post this you will be getting below screen

SCCM Accounts: -

Create 3 OU in Active Directory (SCCM, workstation, users)

DC01 - server manager - > tools - > Active Directory users and computer - > Waite for popup right root domain - > new origination unit - > name India - > ok Create new OU inside India - >for SCCM, workstation, users Now create user in User OU for login. Username create user in SCCM OU for login. SCCM Admin SQL admin Or Create the necessary accounts and groups created before installation. You can use a different name, but I’ll refer to these names throughout the guide. SQL server services account – SCCM-SQLService SCCM Network Access Account – SCCM-NAA Domain user account for use SCCM client push install – SCCM-ClientPush Domain user account for use with reporting services User – SCCM-SQLReporting Domain account used to join machine to the domain during OSD – SCCM-DomainJoin Domain group containing all SCCM Admins Group – SCCM-Admins Domain group containing all SCCM servers in the hierarchy Group – SCCM-SiteServers

ADK, win 10 ADM

Extending the Active directory Schema

Create the System Management Container For SCCM

Configuration Manager does not automatically create the System Management container in Active Directory Domain Services when the schema is extended. The container must be created one time for each domain that includes a Configuration Manager primary site server or secondary site server that publishes site information to Active Directory Domain Services Start ADSIEdit - > go to the System container and create a new Object - > Select Container - > Enter System Management Set security permission: - Open properties of the container System Management created previously In the Security tab, add the site server computer account and Grant the Full Control permissions Click Advanced, select the site server’s computer account, and then click Edit In the Applies to list, select This object and all descendant objects

Click OK and close the ADSIEdit console

SQL Server

  • https://www.microsoft.com/en-us/evalc...

Security - > Request Filtering, Windows Authentication Expand Application Development-> Select ASP.NET 3. Management Tools-> Expand IIS6 Management Compatibility select all sub features ISS Man Scripts and Tools Next-> Insert Windows Server DVD/ISO on SCCM Server - > Open DVD/ISO - > Sources - sxs copy the path Specify an alternate source path paste copied path here Install Close

Stage 6 : - Installation of MECM/SCCM

  • Login to server SCCM with Domain Admin - > open C:\ drive and click on SC_Configmgr - > Click on Splash - > Click on Install - > click on next - > Click on install a configuration Manager primary site - > Next - > install evaluation edition of this product - > Accept all licence terms.
  • Download MECM file offline
  • Select SCCM Files and click on Next - > Select Language-> Next - > English Site Code - STP Site Name – Mindmajix Note: - during language selection here we have option to select MECM console language and client language.
  • Next - > Install the primary site a stand-alone site - > Yes Enter SQL Server Name FQDN Select Database Name Next
  • Next - Next - Next - Next No – Next - > Ignore the warning
  • Next - > Begin Install This will take +26 mints
  • Start - Configuration Manager Console

Here we have to option we can provide active directory Group name or location Active Directory System Discovery – > Right click properties Enable – Add – Browse Select specify OU or forest Select – Recursively search Active directory child container Ok. Ok.Go to Option tab and enable, only discover computer that have logged on to domain in given period. Active Directory User Discovery – > Right click properties Enable – Add – Browse Select specify OU or forest Select – Recursively search Active directory child container Ok. Ok. Heartbeat Discovery Enabled by default Note: Distribution groups not discover by SCCM discovery method Note: Distribution groups do not discover by SCCM discovery method

Create/Add Administrative User/Security Account for SCCM Administration

Create new user in DC01 or select user from existing users. Domain user Logon to SCCM Server - > Administrator – > Security – > Administrative Users - > Right Click Add User or Group Browse Check name – > Add – > Full Administrator All Instances of the object and click on OK. Sign out from administrator from SCCM Logon form new SCCM administrator user Open System Centre Configuration Manager Not: - for a backup there should be at list one local admin user, to access console

SCCM client Installation

Prerequisite

Open Required Ports on Firewall form SCCM by GPO Log in to DC01 open Groupe policy – expand forest - > expand domain - > right click on workstation OU - > new GPO-> name – OpenFirewallports_SCCM - > click Ok Now go back to GPO management - > edit OpenFirewallports_SCCM - > go to Computer Configuration - > Polices

  • Administrative Templates..... - > Network - > Network Connection - > Windows Firewall - > Domain Profile Windows Firewall: Protech all network connections Double click - > Enable - > Apply - > ok Close all expanded Network setting OU and go back to GP editor Inbound Rule Windows Management Instrumentation WMI Computer Configuration - > Polices - > Windows Settings - > Security Settings - > Windows Firewall with advanced security - > Windows Firewall with advanced security - > Inbound Rules - > Right Click New Rule Predefined - > Windows Management Instrumentation WMI - > Next - > Next (make sure it is selected all)-> Allow the connection File and Printer Sharing Inbound Rules - > Right Click New Rule - > Predefined - > File and Printer Sharing - > Next - > Next - > Allow the connection

Expand Preference - > expand C ontrol Pannal Setting - > Local users and Groupe - > right click - > select New-> Local Groupe Action- Update (here we are not creating new GPO we are updating the existing one) Drope down Groupe name-> Select Administrator (Built-in) Now cleck on Add (here we will be adding MECM server) if in case above step does not work try adding domain_name\Server_name$ in local group member name Ok - > Apply - > Ok Close all the Tab and run CMD command gpupdate /force on DC01 (domain controller) Now login to end-user machine right click on ThisPC - > Manage-> Local user and Groupe - > select Groupe - > Go to administrator property check from

Troubleshoot: - Ping DC01 from end-user machine. Run CMD command gpupdate /force on end-user machine Client Push Installation from SCCM Server Logon To SCCM Server Sccm console - > Administration - > Overview - > Site Configuration - > Right Click on Site - > Client Installation Settings -

Client Push Installation Under Account tab - > Add Account - > New Account - > Browse - > Add User - >OK Enter Password - > Verify - > Data source - Network Share - \SCCM - Browse - Select Net logon Test Connection