Part 16: Reporting Services

Reporting Services are essential for getting data out of SCCM, this provides operational insights and assists in supporting and managing the platform.

  1. Install SQL Reporting Services feature – We already compeleted this in PART 4: INSTALLING SQL 2016.
  2. Open Reporting Services Configuration Manager – Start > All Programs Microsoft SQL Server 2016 > Reporting Services Configuration Manager
  3. Click Connect
    2017-09-25_17-13-40.png
  4. Click database
    2017-09-25_17-15-30.png
  5. Click change database
    2017-09-25_17-17-55.png
  6. Select ‘create a new report server database’
    2017-09-25_17-19-18.png
  7. Test Connection and click next
    2017-09-25_17-22-28.png
  8. Click Next
    2017-09-25_17-23-42.png
  9. Click Next
    2017-09-25_17-24-25.png
  10. Click Next
    2017-09-25_17-25-11.png
  11. Confirm successful
    2017-09-25_17-26-34.png
  12. Select Web Service URL and click apply
    2017-09-25_17-32-11.png
  13. Select Web Portal URL and click apply
    2017-09-25_17-34-01
  14. Open SCCM Console
  15. Browse to Administration > Sites Configuration > Servers and Site System Roles
  16. Select Add Site System role
  17. Click Next
    2017-09-25_17-43-57.png
  18. Click Next
    2017-09-25_17-44-40.png
  19. Select Reporting Service point and click next
    2017-09-25_17-45-09.png
  20. Click ‘Verify’ and set your reporting services account.
    2017-09-25_17-48-29.png
  21. Click Next
  22. Confirm successful
    2017-09-25_17-49-40.png
  23. After about 5 minutes you should start seeing reports populated under Monitoring > Reports.
    2017-09-25_17-55-42.png
Advertisements

Part 9: Boundaries & Boundary Groups

Boundaries have got to be one of the most overlooked and difficult to grasp concepts in ConfigMgr. While not overly complex a lot of people don’t really understand how they work, particularly IP Subnets which are unfortunately not an accurate representation of what they are.

What are they

The short answer is a boundary is a network location that a client can identify as being on. These are in turn grouped together so that resources like Distribution Points and site systems can be associated with them.

Why you need them

Without boundaries clients don’t know where to go to get content or what site they should connect to (only if you have multiple sites in your environment). When you configure a boundary, lets call it Boundary A and associate it with Boundary Group ‘Sydney’, Clients that identify as being on Boundary ‘A’ will go to the Distribution Point associated with Boundary group ‘Sydney’.

It’s critical for networks that boundaries be configured so that content distribution can be managed in a way that does not saturate WAN links. This can be particularly a problem for links that are small like 2Mb.

Types

  • IP Subnet – This is a bit of a misnomer, these boundaries are actually subnet ID’s NOT subnets. There is quite a bit of confusion around how these work, suffice it to say that you want to only use /24 subnets when using this type of boundary.
  • Active Directory Site – Imported directly from AD Sites and Services. Requires Forest discovery to be configured.
  • IPv6 Prefix – Like IP Subnets but for IPv6.
  • IP Address Range – Explicit range of IP addresses. Not recommended to be used due to the high SQL performance impact.

Bulk creation

Kaido Järvemets has written an excellent script for completing this, for all the details check it out here.

[Threading.Thread]::CurrentThread.CurrentCulture = 'en-US'
$XLSX = New-Object -ComObject "Excel.Application"

$BoundariesXLSXFile = "C:\Users\Administrator\Desktop\CM_Boundaries.xlsx"
$Path = (Resolve-Path $BoundariesXLSXFile).Path
$SavePath = $Path -replace ".xl\w*$",".csv"

$WorkBook = $XLSX.Workbooks.Open($Path)
$WorkBook.SaveAs($SavePath,6)
$WorkBook.Close($False)
$XLSX.Quit()

$Boundaries = Import-Csv $SavePath

foreach($Item in $Boundaries)
{
Switch($item.'Boundary Type')
{

"IP Subnet" {$Type = 0}
"Active Directory Site" {$Type = 1}
"IPv6" {$Type = 2}
"Ip Address Range" {$Type = 3}

}

$Arguments = @{DisplayName = $Item.'Display Name'; BoundaryType = $Type; Value = $Item.Value}

Set-WmiInstance -Namespace "Root\SMS\Site_PRI" -Class SMS_Boundary -Arguments $Arguments -ComputerName Server100
}

My Recommendation

There’s much to be said about using IP Subnets and how they’re evil. My experience is that if you’ve got them defined and you’re only using /24 addresses then you’ll be fine. Where this is not the case leverage IP Ranges.

Further reading:
ConfigMngrFTW – IP Subnet Boundaries Are Still Evil
TechNet – Planning for Boundaries and Boundary Groups in Configuration Manager

Part 8: Discovery Methods

SCCM has a number of discovery methods which it uses to populate SCCM with resource records. You need these so you can do good stuff like deploy apps, operating systems, software updates, compliance and do reporting. If you choose not to enable these you’ll have a very empty ConfigMgr environment.

  • Active Directory Forest Discovery
    • What: Discovers subnets via sites and services and forests/domains for publishing SCCM
    • Why: Required for SCCM to be published to the forest/domain. Also allows boundaries to automatically be created based on sites and services.
    • Best Practice: Enabled but without auto boundary creation (unless you have immaculate AD sites and services).
  • Active Directory Group discovery
    • What: Discover all AD groups and their members
    • Why: Essential for deploying things to AD groups and also reporting.
    • Best Practice: Enable it!
  • Active Directory System Discovery
    • What: Scans AD for all computer objects
    • Why: Essential for identifying all computers in the organisation before the client has been deployed.
    • Best Practice: Enable it!
  • Active Directory User Discovery
    • What: Scans AD for all user account objects
    • Why: Like computers chances are you’ll want to deploy or advertise software to users.
    • Best Practice: Enable it!
  • Heartbeat Discovery
    • What: Unlike other discovery heartbeat is all about the client sending a packet of info to the primary site server
    • Why: Provides health, client details, network location etc.
    • Best Practice: Don’t turn this off it’s required
  • Network Discovery
    • What: Queries DHCP, ARP Tables on Routers, SNMP and AD
    • Why:  May be useful if you need to discover workgroup compouters
    • Best Practice: Don’t use unless required, my experience has been that turning this on pollutes your DB.

Continue reading

Part 7: Software Update Point & SCUP (With HTTPS)

If you’re looking to manage patches with SCCM, and lets face it why wouldn’t you be, then you’ll need to install the software update point role. In this post we’ll install and configure everything you need to get started including the System Center Update Publisher which allows you to deploy non Microsoft updates via SCCM.

In Part 3: Prep & Pre-reqs we installed WSUS, lets get to configuring everything.

Continue reading

Part 5: Installing SCCM 1606

So far in the series we’ve run up all the infrastructure required and configured all prerequisites for SCCM. So lets set that up now….

  1. Download SCCM 1606 here.
  2. Run pre-req check tool –  M:\SMSSETUP\BIN\X64\Prereqchk.exe /AdminUI
    2017-04-25_19-41-01.png
  3. Run splash.hta
  4. Click Install
    2017-04-25_19-42-38
  5. Click Next
    2017-04-25_19-44-08
  6. Select Install a Configuration Manager Primary Site and click next.
    2017-04-25_19-45-26.png
  7. Enter a serial key if you have one otherwise select eval.
    2017-04-25_19-47-27.png
  8. Accept the terms and click next
    2017-04-25_19-50-35.png
  9. Select a download location and click next
    2017-04-25_19-52-12
  10. Select language and click next
    2017-04-25_20-10-48.png
  11. Select supported languages and click next, i like to check support for all languages on mobile devices.
    2017-04-25_20-11-30.png
  12. Set site code, site name an installation folder which should be the SCCM volume you created earlier.
    1. Site Code – P01
    2. Site name – Primary site 1
    3. Installation folder – D:\Program Files…..
      2017-04-25_20-13-42.png
  13. As this is the first primary site select install standalone primary site
    2017-04-25_20-15-59.png
  14. Define SQL server details, my SQL instance is local.
    2017-04-25_20-17-12.png
  15. Confirm locations are correct and click next
    2017-04-25_20-18-14.png
  16. Specify the FQDN and click next
    2017-04-25_20-19-12.png
  17. Select configure manually, we’ll setup HTTPS communication later.
    2017-04-25_20-20-48.png
  18. Specify server name and click next.
    2017-04-25_20-22-26.png
  19. Review usage data and click next
    2017-04-25_20-23-28.png
  20. Check install service connector and click next
    2017-04-25_20-24-26.png
  21. Review install summary and click next
    2017-04-25_20-25-44.png
  22. Confirm all pre-reqs have been met and click Begin install
    2017-04-25_20-33-17.png
  23. Confirm all features installed successfully
    2017-04-25_21-11-23.png
  24. You’re done for now!
    2017-04-25_21-13-44.png

 

Part 4: Installing SQL 2016

In the previous posts we’ve setup the lab and done the prep work for the SCCM Primary site. In my lab I’m installing SQL on the same server as the Primary Site server (SCCM-P01). There’s a fair bit of healthy debate as to whether it’s better to co-host or have a dedicated standalone SQL server. I’ve done both and can say that in my experience any performance improvement is negligible for the size environments I’ve seen it in.

So let’s get to it, jump on the server you’re going to install SQL on.

  1. Download SQL Server Standard, I’m using 2016. You can use any of the versions listed here.
  2. Run Setup.exe
  3. Click New Installation
    2017-04-24_14-40-43.png
  4. Enter product key details and click next.
    2017-04-24_21-19-39
  5. Accept license terms and click next
  6. Check use microsoft update and click next
    2017-04-24_21-21-47.png
  7. Check all updates and click next
    2017-04-24_21-22-50.png
  8. Review pre-req check and click next
    2017-04-24_21-27-42.png
  9. Check database engine services and reporting services  and change the feature installation directory to the SQL directory, mines ‘E:\’
    2017-04-24_21-32-11.png
  10. Specify an instance, I’m using the default.
    2017-04-24_21-34-19.png
  11. Set all services to start with the service account created for SQL earlier ‘SA_SCCM_SQL’ and automatic except the SQL Server Browser
    2017-04-24_22-32-03.png
  12. Select the collation tab and set it to ‘SQL_Latin1_General_CP1_CI_AS’. This is critical and if it’s configured incorrectly it can lead to a failed installation, unsupported by Microsoft and may prevent updates installing for SCCM.
    2017-04-24_22-37-59.png
  13. Add SCCM Server Admins to administrators list
    2017-04-25_9-19-57.png
  14. Under Data Directories tab change the locations to the below directories.
    2017-04-25_9-23-17.png
  15. Under the TempDB tab change the data directory for the TempDB to your tempDB volume and the log.
    2017-04-25_9-25-17.png
  16. On Reporting Services select install only
    2017-04-25_9-27-29.png
  17. Click Install
  18. Confirm all components installed successfully
    2017-04-25_9-35-08
  19. Set SPN by running the following commands:
    setspn -A MSSQLSvc/SCCM-P01:1433 LAB\SA_SCCM_SQL
    setspn -A MSSQLSvc/SCCM-P01.lab.local:1433 LAB\SA_SCCM_SQL

    2017-04-25_9-40-58.png

  20. SQL 2016 doesn’t install management studio as part of the install so you need to download and install manually. You can download it here.
  21. Click Install
    2017-04-25_15-36-35.png
  22. Click Close
    2017-04-25_15-46-43.png
  23. Configure Memory allocation
  24. Open SQL Server Management Studio (with an account that has admin rights to your SQL instance)
  25. Right click the server in object explorer and select properties
    2017-04-25_17-51-13.png
  26. Select memory and change the minimum to 8192 and the maximum to 12288 (should be 80% of the servers memory)
    2017-04-25_18-41-19.png
  27. Open SQL Server Configuration Manager
  28. Browse SQL Server Network Configuration>Protocols for instance and right click TCP/IP>Properties
    2017-04-25_18-44-34.png
  29. Configure protocol as per the below
    2017-04-25_18-46-55.png
  30. Select IP Addresses tab
  31. Under IP1 set to the below settings
    2017-04-25_18-51-20
  32. All other IP entries and IP All should be configured as per the below
    2017-04-25_18-52-10.png
  33. Dynamic ports should be configured as per the below
    2017-04-25_18-53-27
  34. Restart the SQL Server Service
    2017-04-25_18-54-26.png
  35. Ready for ConfigMgr!

Part 1: Hyper-V, Networks, DC, DNS

This post will really only be applicable where you are running this up at home or a lab. Please don’t use this as guidance on building a production domain…

Some details on my hypervisor spec –

CPU – Intel Xeon E5-1650 @ 3.5GHz
RAM – 64GB
C:\ – 256GB SSD
V:\ – 1TB SSD

Hypervisor

  1. Install Windows Server 2016 Datacenter, media can be downloaded here.
  2. Set a static IP address, mines 192.168.0.100 as it’s sitting on my home network.
  3. Give your server a name, mines HV01 as in hypervisor 1.
  4. Install Hyper-v, open PowerShell and run the below:
    Install-WindowsFeature –Name Hyper-V -IncludeManagementTools -Restart

    2017-03-13_12-24-54

  5. Open Hyper-V Manager
    2017-03-13_12-44-09
  6. Open Hyper-V Settings
    2017-03-13_12-46-35
  7. Change Virtual Hard Disks to ‘V:\Hyper-V\Virtual Hard Disks’
    2017-03-13_12-52-24
  8. Change Virtual Machines to ‘V:\Hyper-V\Virtual Machines’
    2017-03-13_12-56-22.png
  9. Open Virtual Switch Manager
    2017-03-13_17-55-53.png
  10. Select New virtual network switch, external and click Create Virtual Switch
    2017-03-13_17-53-35
  11. Give it a name and select external network.
    2017-03-13_17-59-32.png
  12. Install data deduplication, open PowerShell and run the below:
    Import-Module ServerManager
    Add-WindowsFeature -name FS-Data-Deduplication

    2017-03-13_15-24-50

  13. In Server Manager browse to File and Storage Services>Volumes
    2017-03-13_15-29-10.png
  14. Right click on the volume you’re storing your VM’s on, ‘V:’ in my case and select ‘Configure data deduplication’.
    2017-03-13_15-35-24
  15. Change Data Deduplication to Virtual Desktop Infrastructure and then click Set Deduplication Schedule.
    2017-03-13_15-39-04.png
  16. Configure an appropriate schedule, mines pretty aggressive because it’s a lab and I’m not fussed when it runs.
    2017-03-13_15-43-55.png
  17. Install all Windows Updates

Domain Controller 1

  1. Create a new Virtual Machine with the below
    Name: DC01
    Generation: 2
    Startup Memory: 1024
    Use Dynamic memory for this VM: Yes
    Connection: vNet External
  2. Install Windows Server 2016 Standard
  3. Set a static IP address, mines 192.168.0.101
  4. Give your server a name, mines DC01 as in Domain Controller 1
  5. Install Active Directory Domain Services, DNS, open PowerShell and run the below:
    Install-windowsfeature AD-Domain-Services
    Install-Windowsfeature DNS

    2017-03-13_22-05-34.png

  6. In Server Manager click on the flag and run Promote this server to a domain controller.
    2017-03-13_22-06-49
  7. Select Add a new forest and enter a domain name and click Next.
    2017-03-13_22-09-20
  8. Enter a password and click Next.
    2017-03-13_22-12-32
  9. Click Next.
    2017-03-13_22-14-06.png
  10. Set an NetBIOS name and click next.
    2017-03-13_22-15-31.png
  11. Configure locations, I’m using the defaults.
    2017-03-13_22-17-02.png
  12. Review options and click Next.
    2017-03-13_22-18-16.png
  13. Review pre-requisite check and click install.
    2017-03-13_22-24-25
  14. Server will be restarted
  15. Launch DNS from Server Manager
    2017-03-16_17-41-14.png
  16. Select DC01>Forwarders>Edit
    2017-03-16_17-43-23.png
  17. Enter Google or another external DNS server, I’m using 8.8.8.8 then hit enter.
    2017-03-16_17-45-58.png
  18. Confirm you can resolve your new domain with nslookup.
    2017-03-16_17-48-12

Domain Controller 2

  1. Create a new Virtual Machine with the below
    Name: DC02
    Generation: 2
    Startup Memory: 1024
    Use Dynamic memory for this VM: Yes
    Connection: vNet External
  2. Install Windows Server 2016 Standard
  3. Set a static IP address, mines 192.168.0.102
  4. Give your server a name, mines DC02 as in Domain Controller 2
  5. Join the server to your newly created domain
  6. Install Active Directory Domain Services, DNS, open PowerShell and run the below:
    Install-windowsfeature AD-Domain-Services
    Install-Windowsfeature DNS

    2017-03-13_22-05-34.png

  7. In Server Manager click on the flag and run Promote this server to a domain controller.
    2017-03-16_18-00-20.png
  8. Select Add a domain controller to an existing domain, enter your domain name and click Next.
    2017-03-16_18-02-01.png
  9. Enter a password and click next.
    2017-03-16_18-03-58.png
  10. Click Next
    2017-03-16_18-04-56.png
  11. Click Next
    2017-03-16_18-09-02
  12. Set paths and click Next
    2017-03-16_18-09-59.png
  13. Review config and click next.
    2017-03-16_18-10-19.png
  14. Confirm pre-reqs are met and click install.
    2017-03-16_18-12-00
  15. Confirm you can resolve your new domain with nslookup.
    2017-03-16_17-48-12

References:
Windows Server 2012 Hyper-V Best Practices (In Easy Checklist Form)