Recently, I was asked to look into SCCM 2007 by my employer, having a degree of experience of earlier versions of SMS and some previous SCCM knowledge I didn't expect the procedure to involve to much time.
I read a number of guides concerning its installation and configuration, many of which had outdated information and omissions. Rather than leave the situation as is, I wanted to bring together the good bits of information I had found, remove any misleading or wrong facts and inject some of my own experiences.
Marketed as a tool to reduce administrative effort, you would assume the installation of SCCM2007 would be pretty uneventful - certainly not something that requires granular configuration and in some cases config file editing - unfortunately you would be wrong.
I've been working with SCCM for a while; recently though due to my upcoming move to Australia (and the associated job hunting) I thought it may be an idea to brush up on the specifics. As mentioned above, I've read many guide, some of which are good, some less so. On the whole, I noticed that they seem to assume a level of technical ability that ( in my experience ) is above those that need to install, or to simply play with SCCM.
This guide (or set of guides) hopes to change that, I hope that I’ve managed to capture the good points from other guides, removed the chaff and injected some of my own lessons and challenges along the way. As always I’d welcome any comments, or suggestions for changes.
Installing SCCM can be grouped into 5 stages:-
Windows 2008 Server Installation
Role and Feature Installation (SCCM pre-requisites)
SQL & WSUS Installation
Windows 2008 Server Installation
The simplest and quickest part of the process; Prepare the virtual or physical machine and install windows 2008 r2 standard or enterprise with default settings. Once installation has completed configure for the domain as appropriate (either scripted or using the GUI).
< netdom renamecomputer %computername% /newname:newname >
< netsh interface ipv4 set address name="local area connection" static address netmask (gateway) >
< netsh interface ipv4 set dnsservers name="local area connection" static address primary >
< netdom join %computername% /domain:FQDN for AD >
Assuming your site has no IPV6 deployment then you can safely remove any ipv6 bindings on the servers interfaces.
Role and Feature Installation
Start server manager and install the .Net Framework, Remote Differential Compression and BITS IIS Server extension feature.
Also within server manager, install the Windows Deployment Services (WDS) and Internet Information Services (IIS) with the following role features.
Windows & Basic Authentication
IIS6 Management Compatibility
Navigate to %windir%\System32\inetsrv\config\schema
on the SCCM server. Locate the webdav_schema.xml
file, take ownership and edit permissions for the currently logged in user. Remove the read-only flag to allow editing and make the following changes to the file.
<attribute name="allowAnonymousPropfind" type="bool" defaultValue="False" />
- Change the False to True
<attribute name="allowInfinitePropfindDepth" type="bool" defaultValue="False" />
- Change the False to True
<attribute name="allowCustomProperties" type="bool" defaultValue="true" />
- Change the true to False
Load IIS Manager, Select the Default site and locate the webdav item.
Double click WebDAV authoring rules and select 'Enable webDAV'
Select 'Add Authoring Rule' and create a rule with the following settings, paying special attention to this part as failure to follow it will cause issues further ahead.
Select webDAV settings and set 'Allow Anonymous Property Queries' to true, 'Allow Custom Properties' to False, 'Allow property queries with infinite depth' to False and finally 'Allow Hidden Files to be Listed, to True.
Again from within IIS Manager, highlight the default website and select Authentication. Double click windows authentication and enable the method.
SQL & WSUS Installation
SCCM requires two final components to ensure a smooth installation, SQL 2008 and WSUS 3.0SP2. Start with the SQL2008 DVD or installation ISO, install only the base database components, since we are using the service in a lab situation we can use windows authentication and the administrator use as the SQL admin
At this point we need to enable SQL-IP connectivity for the local loopback and IPV4 interfaces. Start SQL server configuration manager, SQL server network configuration, TCP/IP, 'ip addresses' tab and locate the 127.0.0.0 and ipv4 interfaces and enable them both.
Download and install WSUS 3.0 SP2 and install with default settings - be sure to select manual syncronisation at this point (unless you want the service to download and prepare updates). Select the product trees and type of updates before proceeding.
Begin the SCCM installation by running the requirements checker from the installation DVD - this should highlight any required or missing components prior to the installation process starting. At this stage the only thing missing should be the SCCM schema extensions.
SCCM schema extension is a simple enough process, begin by navigating to the < \SMSSETUP\BIN\i386\ >
folder on the installation DVD. Start the < EXTADSCH.exe >
and note down any errors or warnings, if all goes well it should quit, warning that some further configuration may be needed to allow SCCM to publish within Active Directory.
At this point to prevent future problems you shoud create the System Management container within the 'System' contained in AD and delegate the site server object (in this case CAN-DEV-DC2) the rights to create and modify objects within in.
1) Open ADSIEdit snap-in using MMC, and connect to domain which you would like to create the System Management Container.
2) In the console pane, expand Domain [computer fully qualified domain name], expand , and right-click CN=System. On the context menu, click New and then click Object.
3) In the Create Object dialog box, select Container and click Next.
4) In the Value field, type System Management and click Next, and then click Finish.
Once the container has been created, start AD Users and Computers, click View -> Advanced Features and locate the System -> Systems Management container. Right Click -> Delegate Control and select the SCCM site Server object in the dialogue box. Click next and Select 'create a custom task to delegate'.
Ensure the scope is set to ' This folder, existing objects and creation of new objects in this folder'.
Set the permissions as shown below - again ensuring that speical attention is given to this stage as any errors will cause problems with certain SCCM roles.
Finally begin the SCCM installation and complete options as appropriate for your environment, or follow my lab setup steps as indicated in the following screengrabs.
At this point, ensure the server (virtual or physical ) has internet access and choose to download updates to a folder - if you have performed the process before, and saved the updates the alternative option can be selected to avoid the need for another download.
That 'should' be it, at this stage the installation will begin, the completion time depends on hardware ( in particular disk speed during the boot image creation). Once completed the SCCM console will start and should look something like indicated below.
At this point the only thing which remains is a check on your component status. Within SCCM console select Site DB -> System Status-> Site Status -> Site -> Component Status. If any of your components are showing 'red' error or 'yellow' warnings you can right click show messages -> All Messages. Parse carefully and determine if the error conditions have been supersceded by informational events, if so you can select the errors and delete. After a period of time the error condition in component status should vanish.
I hope this was some help, if so I would appreciate any tweets, Facebook, or other shares. Please do visit my blog
and if you do want to share this article, some handy links are attached to the bottom of my blog where this article
I'll be posting my second guide 'a simple guide to SCCM2007 configuration' very soon, if you found this useful please lookout for my other guides coming soon.