Application Deployment: Citrix Receiver

Deploying the Citrix Receiver has been an ongoing challenge; if you deploy it while the user is logged in chances are you’ll kill a VDI or published app that is running and disrupt the user. Conversely if you deploy only when the user is not logged in you’re penetration of the new client is going to be slim at best.

As of SCCM CB 1702 you can now specify install behaviour which allows you to specify any executable’s that must not be running before the deployment can run.

For Citrix, when a published app or a VDI is run Wfica32.exe is called and runs for the duration of the use of the application or the VDI. So by specifying this in the install behaviour you allow you’re deployment to run as required without impacting the users active sessions. 2017-11-16_9-22-08

The second piece to this is in the deployment where you are able to specify whether to automatically these executable’s if they are running. For Citrix I opt not to do this because it’s more about the user experience.

2017-11-16_9-32-25

Where the deployment runs and Citrix is being used the user will be presented with the below prompt, keep in mind the deployment will fail but it will re-run as per your Software Deployment re-evaluation under client settings.

2017-11-16_9-44-34

 

For more information see – https://docs.microsoft.com/en-us/sccm/apps/deploy-use/deploy-applications

Advertisements

SCCM Report: Asset Overview

One of the first things people want to start seeing once they have SCCM in place is richer detail on all of the devices that are being managed. I’ve written this report to provide an overview of all devices.

One key thing to call out is the way I structure reports like this is based around creating a temp table and then joining multiple queries together through the ‘UPDATE’ statement, this allows you to on the fly manage multiple values on sub queries to ensure you’re getting the desired data.

Capture.PNG

 DECLARE @TempTable TABLE(
Hostname varchar (100),
CCMClient varchar (10),
OperatingSystem varchar (100),
Manufacturer varchar (100),
Model varchar (100),
Chassis varchar (100),
Serial varchar (100),
IsVirtual varchar (100),
CPU ntext,
CPUCores int,
CPULogical int,
RAM int,
VolumeSize_C int,
VolumeFree_C int
)

INSERT INTO @TempTable (Hostname, OperatingSystem,CCMClient, IsVirtual)

SELECT
dbo.v_R_System.Name0,
dbo.v_R_System.operatingSystem0,
CASE WHEN dbo.v_R_System.Client0=1 THEN 'Yes' ELSE 'No' END,
CASE WHEN dbo.v_R_System.Is_Virtual_Machine0=1 THEN 'Yes' ELSE 'No' END
FROM
dbo.v_R_System

UPDATE @TempTable
SET Manufacturer = (
SELECT DISTINCT
dbo.v_GS_COMPUTER_SYSTEM.Manufacturer0
FROM
dbo.v_GS_COMPUTER_SYSTEM
INNER JOIN dbo.v_R_System ON dbo.v_GS_COMPUTER_SYSTEM.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_R_System.Name0 = HostName) AND
(dbo.v_GS_COMPUTER_SYSTEM.Manufacturer0 IS NOT NULL)
)

UPDATE @TempTable
SET Model = (
SELECT DISTINCT
dbo.v_GS_COMPUTER_SYSTEM.Model0
FROM
dbo.v_GS_COMPUTER_SYSTEM
INNER JOIN dbo.v_R_System ON dbo.v_GS_COMPUTER_SYSTEM.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_R_System.Name0 = HostName) AND
(dbo.v_GS_COMPUTER_SYSTEM.Model0 IS NOT NULL)
)

UPDATE @TempTable
SET Chassis = (
SELECT DISTINCT
CASE dbo.v_GS_SYSTEM_ENCLOSURE.ChassisTypes0
WHEN '1' THEN 'Other'
WHEN '2' THEN 'Unknown'
WHEN '3' THEN 'Desktop'
WHEN '4' THEN 'Low Profile Desktop'
WHEN '5' THEN 'Pizza Box'
WHEN '6' THEN 'Mini Tower'
WHEN '7' THEN 'Tower'
WHEN '8' THEN 'Portable'
WHEN '9' THEN 'Laptop'
WHEN '10' THEN 'Notebook'
WHEN '11' THEN 'Hand Held'
WHEN '12' THEN 'Docking Station'
WHEN '13' THEN 'All in One'
WHEN '14' THEN 'Sub Notebook'
WHEN '15' THEN 'Space-Saving'
WHEN '16' THEN 'Lunch Box'
WHEN '17' THEN 'Main System Chassis'
WHEN '18' THEN 'Expansion Chassis'
WHEN '19' THEN 'SubChassis'
WHEN '20' THEN 'Bus Expansion Chassis'
WHEN '21' THEN 'Peripheral Chassis'
WHEN '22' THEN 'Storage Chassis'
WHEN '23' THEN 'Rack Mount Chassis'
WHEN '24' THEN 'Sealed-Case PC'
ELSE 'Undefinded' END AS 'Chassis'
FROM
dbo.v_R_System
INNER JOIN dbo.v_GS_SYSTEM_ENCLOSURE ON dbo.v_R_System.ResourceID = dbo.v_GS_SYSTEM_ENCLOSURE.ResourceID
WHERE
(dbo.v_R_System.Name0 = HostName) AND
(dbo.v_GS_SYSTEM_ENCLOSURE.ChassisTypes0!='12')
)

UPDATE @TempTable
SET Serial = (
SELECT DISTINCT
dbo.v_GS_PC_BIOS.SerialNumber0
FROM
dbo.v_GS_PC_BIOS
INNER JOIN dbo.v_R_System ON dbo.v_GS_PC_BIOS.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_R_System.Name0 = HostName) AND
(dbo.v_GS_PC_BIOS.SerialNumber0 IS NOT NULL)
)

UPDATE @TempTable
SET CPU = (
SELECT DISTINCT
dbo.v_GS_PROCESSOR.Name0
FROM
dbo.v_GS_PROCESSOR
INNER JOIN dbo.v_R_System ON dbo.v_GS_PROCESSOR.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_R_System.Name0 = HostName) AND
(dbo.v_GS_PROCESSOR.Name0 IS NOT NULL)
)

UPDATE @TempTable
SET CPUCores = (
SELECT DISTINCT
dbo.v_GS_PROCESSOR.NumberOfCores0
FROM
dbo.v_GS_PROCESSOR
INNER JOIN dbo.v_R_System ON dbo.v_GS_PROCESSOR.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_R_System.Name0 = HostName) AND
(dbo.v_GS_PROCESSOR.NumberOfCores0 IS NOT NULL)
)

UPDATE @TempTable
SET CPULogical = (
SELECT DISTINCT
dbo.v_GS_PROCESSOR.NumberOfLogicalProcessors0
FROM
dbo.v_GS_PROCESSOR
INNER JOIN dbo.v_R_System ON dbo.v_GS_PROCESSOR.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_R_System.Name0 = HostName) AND
(dbo.v_GS_PROCESSOR.NumberOfLogicalProcessors0 IS NOT NULL)
)

Update @TempTable
SET VolumeSize_C = (
SELECT TOP (1)
dbo.v_GS_LOGICAL_DISK.Size0
FROM
dbo.v_GS_LOGICAL_DISK
INNER JOIN dbo.v_R_System ON dbo.v_GS_LOGICAL_DISK.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_GS_LOGICAL_DISK.Size0 IS NOT NULL) AND
(dbo.v_GS_LOGICAL_DISK.DeviceID0 = N'C:') AND
(dbo.v_R_System.Name0 = HostName)
)

Update @TempTable
SET VolumeFree_C = (
SELECT TOP (1)
dbo.v_GS_LOGICAL_DISK.FreeSpace0
FROM
dbo.v_GS_LOGICAL_DISK
INNER JOIN dbo.v_R_System ON dbo.v_GS_LOGICAL_DISK.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_GS_LOGICAL_DISK.DeviceID0 = N'C:') AND
(dbo.v_R_System.Name0 = HostName)
)

Update @TempTable
SET RAM = (
SELECT
SUM(dbo.v_GS_PHYSICAL_MEMORY.Capacity0)/1024
FROM
dbo.v_GS_PHYSICAL_MEMORY
INNER JOIN dbo.v_R_System ON dbo.v_GS_PHYSICAL_MEMORY.ResourceID = dbo.v_R_System.ResourceID
WHERE
(dbo.v_R_System.Name0 = HostName)
)

SELECT *
FROM
@TempTable

ORDER BY
Hostname

Or you can download the .rdo here and install. One note using this report you must have the OperatingSystem attribute being discovered by AD System Discovery.

If you have questions or want to see extra detail in these reports feel free to comment below and I can assist in extending.

Part 16: Reporting Services

Reporting Services are essential for getting data out of SCCM, this provides operational insights and assists in supporting and managing the platform.

  1. Install SQL Reporting Services feature – We already compeleted this in PART 4: INSTALLING SQL 2016.
  2. Open Reporting Services Configuration Manager – Start > All Programs Microsoft SQL Server 2016 > Reporting Services Configuration Manager
  3. Click Connect
    2017-09-25_17-13-40.png
  4. Click database
    2017-09-25_17-15-30.png
  5. Click change database
    2017-09-25_17-17-55.png
  6. Select ‘create a new report server database’
    2017-09-25_17-19-18.png
  7. Test Connection and click next
    2017-09-25_17-22-28.png
  8. Click Next
    2017-09-25_17-23-42.png
  9. Click Next
    2017-09-25_17-24-25.png
  10. Click Next
    2017-09-25_17-25-11.png
  11. Confirm successful
    2017-09-25_17-26-34.png
  12. Select Web Service URL and click apply
    2017-09-25_17-32-11.png
  13. Select Web Portal URL and click apply
    2017-09-25_17-34-01
  14. Open SCCM Console
  15. Browse to Administration > Sites Configuration > Servers and Site System Roles
  16. Select Add Site System role
  17. Click Next
    2017-09-25_17-43-57.png
  18. Click Next
    2017-09-25_17-44-40.png
  19. Select Reporting Service point and click next
    2017-09-25_17-45-09.png
  20. Click ‘Verify’ and set your reporting services account.
    2017-09-25_17-48-29.png
  21. Click Next
  22. Confirm successful
    2017-09-25_17-49-40.png
  23. After about 5 minutes you should start seeing reports populated under Monitoring > Reports.
    2017-09-25_17-55-42.png

Part 9: Boundaries & Boundary Groups

Boundaries have got to be one of the most overlooked and difficult to grasp concepts in ConfigMgr. While not overly complex a lot of people don’t really understand how they work, particularly IP Subnets which are unfortunately not an accurate representation of what they are.

What are they

The short answer is a boundary is a network location that a client can identify as being on. These are in turn grouped together so that resources like Distribution Points and site systems can be associated with them.

Why you need them

Without boundaries clients don’t know where to go to get content or what site they should connect to (only if you have multiple sites in your environment). When you configure a boundary, lets call it Boundary A and associate it with Boundary Group ‘Sydney’, Clients that identify as being on Boundary ‘A’ will go to the Distribution Point associated with Boundary group ‘Sydney’.

It’s critical for networks that boundaries be configured so that content distribution can be managed in a way that does not saturate WAN links. This can be particularly a problem for links that are small like 2Mb.

Types

  • IP Subnet – This is a bit of a misnomer, these boundaries are actually subnet ID’s NOT subnets. There is quite a bit of confusion around how these work, suffice it to say that you want to only use /24 subnets when using this type of boundary.
  • Active Directory Site – Imported directly from AD Sites and Services. Requires Forest discovery to be configured.
  • IPv6 Prefix – Like IP Subnets but for IPv6.
  • IP Address Range – Explicit range of IP addresses. Not recommended to be used due to the high SQL performance impact.

Bulk creation

Kaido Järvemets has written an excellent script for completing this, for all the details check it out here.

[Threading.Thread]::CurrentThread.CurrentCulture = 'en-US'
$XLSX = New-Object -ComObject "Excel.Application"

$BoundariesXLSXFile = "C:\Users\Administrator\Desktop\CM_Boundaries.xlsx"
$Path = (Resolve-Path $BoundariesXLSXFile).Path
$SavePath = $Path -replace ".xl\w*$",".csv"

$WorkBook = $XLSX.Workbooks.Open($Path)
$WorkBook.SaveAs($SavePath,6)
$WorkBook.Close($False)
$XLSX.Quit()

$Boundaries = Import-Csv $SavePath

foreach($Item in $Boundaries)
{
Switch($item.'Boundary Type')
{

"IP Subnet" {$Type = 0}
"Active Directory Site" {$Type = 1}
"IPv6" {$Type = 2}
"Ip Address Range" {$Type = 3}

}

$Arguments = @{DisplayName = $Item.'Display Name'; BoundaryType = $Type; Value = $Item.Value}

Set-WmiInstance -Namespace "Root\SMS\Site_PRI" -Class SMS_Boundary -Arguments $Arguments -ComputerName Server100
}

My Recommendation

There’s much to be said about using IP Subnets and how they’re evil. My experience is that if you’ve got them defined and you’re only using /24 addresses then you’ll be fine. Where this is not the case leverage IP Ranges.

Further reading:
ConfigMngrFTW – IP Subnet Boundaries Are Still Evil
TechNet – Planning for Boundaries and Boundary Groups in Configuration Manager

Part 7: Software Update Point & SCUP (With HTTPS)

If you’re looking to manage patches with SCCM, and lets face it why wouldn’t you be, then you’ll need to install the software update point role. In this post we’ll install and configure everything you need to get started including the System Center Update Publisher which allows you to deploy non Microsoft updates via SCCM.

In Part 3: Prep & Pre-reqs we installed WSUS, lets get to configuring everything.

Continue reading

Part 6: Upgrading SCCM Current Branch

Now that you have ConfigMgr setup it’s time to upgrade it to the latest version. This is a relatively straight forward process and applies to all versions of current branch from 1511 onward. In the last post I installed 1606 so that’s what we’ll be using.

NB: You must have the Service Connection point installed and configured to upgrade.

At a glance:

  1. Confirm no operational issues with SCCM sites
  2. Review new SCCM version requirements, 1702 for example removes support for 2008 server. So you will need to upgrade these sites to 2012 or 2016 before upgrading.
  3. Patch, patch, patch!
  4. Uninstall any deprecated SCCM Sites system roles before upgrading
  5. Disable DB replicas on all primary sites (if you’re using them)
  6. Disable maintenance tasks
  7. Run Pre-req check for update
  8. Backup DBs (CAS and Primary)
  9. Test DB Backups
  10. Backup any custom .mof files
  11. Restart all Site Systems
  12. Upgrade
  13. Deploy new SCCM Admin Console
  14. Reconfigure DB Replicas
  15. Upgrade Clients
  16. Reconfigure clients

Continue reading

Part 5: Installing SCCM 1606

So far in the series we’ve run up all the infrastructure required and configured all prerequisites for SCCM. So lets set that up now….

  1. Download SCCM 1606 here.
  2. Run pre-req check tool –  M:\SMSSETUP\BIN\X64\Prereqchk.exe /AdminUI
    2017-04-25_19-41-01.png
  3. Run splash.hta
  4. Click Install
    2017-04-25_19-42-38
  5. Click Next
    2017-04-25_19-44-08
  6. Select Install a Configuration Manager Primary Site and click next.
    2017-04-25_19-45-26.png
  7. Enter a serial key if you have one otherwise select eval.
    2017-04-25_19-47-27.png
  8. Accept the terms and click next
    2017-04-25_19-50-35.png
  9. Select a download location and click next
    2017-04-25_19-52-12
  10. Select language and click next
    2017-04-25_20-10-48.png
  11. Select supported languages and click next, i like to check support for all languages on mobile devices.
    2017-04-25_20-11-30.png
  12. Set site code, site name an installation folder which should be the SCCM volume you created earlier.
    1. Site Code – P01
    2. Site name – Primary site 1
    3. Installation folder – D:\Program Files…..
      2017-04-25_20-13-42.png
  13. As this is the first primary site select install standalone primary site
    2017-04-25_20-15-59.png
  14. Define SQL server details, my SQL instance is local.
    2017-04-25_20-17-12.png
  15. Confirm locations are correct and click next
    2017-04-25_20-18-14.png
  16. Specify the FQDN and click next
    2017-04-25_20-19-12.png
  17. Select configure manually, we’ll setup HTTPS communication later.
    2017-04-25_20-20-48.png
  18. Specify server name and click next.
    2017-04-25_20-22-26.png
  19. Review usage data and click next
    2017-04-25_20-23-28.png
  20. Check install service connector and click next
    2017-04-25_20-24-26.png
  21. Review install summary and click next
    2017-04-25_20-25-44.png
  22. Confirm all pre-reqs have been met and click Begin install
    2017-04-25_20-33-17.png
  23. Confirm all features installed successfully
    2017-04-25_21-11-23.png
  24. You’re done for now!
    2017-04-25_21-13-44.png