Junior SCCM guy to top dog.

Posted on 2016-08-23
Medium Priority
Last Modified: 2016-10-13
Greeting Experts,

I've been prepping a wim/task sequence for a USMT migration from Windows 7 to Windows 10, then my main SCCM Architect left. I was just told I'm inheriting the entire SCCM environment. Its a small shop about 250 users. They have 1 primary and 1 secondary servers. The main site has 240 users and the offsite datacenter has maybe 10 users. I've been packaging and deploying apps and OS's once before, but now I'm asked to upgrade all the Win Servers OS's from 2012 R2 to CB,  in addition to upgrading the SCCM servers to CB 1607 before the migration starts. I read up that all the CM Servers that are running Windows Server 2012 R2 need to be upgraded and all problems fixed before the SCCM servers are upgraded to CB 1607.  

I looked in the All Devices collection and there are over 650 pc/laptops and 350 servers so the SCCM guy that just left was not cleaning up AD or SCCM and I have a ton of duplicates devices to clean up and we don't have anything like a Nagios server to scavenge pcs that haven't been logged into in over 90 days.

Could you please point me in the right direction on maybe a PS script to check and see if the pc's in SCCM and AD are valid, logged into in the pass 90 days, are in a proper Computer AD-OU and don't have the Machine Account disabled?

Also all the monthly OS/Office monthly updates groups for the past year have a 36% to 54% success compliance rate. What else should I check on a daily bases?

Question by:Robbie Razor
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 22

Accepted Solution

Adam Leinss earned 2000 total points
ID: 41768601
If you go into the SCCM console, it will say "Yes" or "No" under the client installed field.  SCCM uses a heartbeat to determine whether a client is still active or not.   You probably want to go to the Devices collection and look at the computers where the client installed field is set to No and investigate those.  I would be careful about running any script and deleting any computer accounts.  You can get false timestamps depending on what DC the computer last logged into (this information is replicated every few months between DCs: it is not real time).

In terms of a health check...look under the Monitoring>System Status tab and and see if any errors pop up.  Everything should be green (hopefully).
LVL 23

Expert Comment

ID: 41769417
How long have you been working with SCCM ?

Author Comment

by:Robbie Razor
ID: 41769447
Deploying apps 5 years & deploying OS's 3.
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.


Author Comment

by:Robbie Razor
ID: 41769462
Thanks Adam!

Is it possible to do a In-place upgrade on the Servers OS version, SQL versions and SCCM version? I'm having 2 servers created to replace my Primary and Secondary servers.  

I have to move from these older version to newer, I'm 13 versions away from CB 1606.

1.) Move from Windows Server 2008 R2 to a new Windows Server 2012 R2 Datacenter.
Can I keep the current site codes?

2.) Upgrade and move DB from SQL 2008 Express to SQL 2012 R2.
How should I export the old CM database and then Import into the new SQL database?

3.) SCCM 2012 R2 to a new SCCM CB 1606 server.
What should I export from the old CM box and then Import into the new CM box?

Any links or guides would be great.

Thanks in advance!
LVL 22

Assisted Solution

by:Adam Leinss
Adam Leinss earned 2000 total points
ID: 41769479
If you have 250 users, I would personally just build a new SCCM server and then just push out the new client from the new server, unless you have a lot of customization on your current server.  Since you said your SCCM guy left, it would probably be a great time to do a little house keeping and you would then understand how SCCM works from the ground up.  You can actually erect a new SCCM server in your environment and have it disrupt nothing: just don't update AD with the new site code information (it should give you an option to defer this option) and don't allow automatic client push.

Then you can spin up VMs or go to clients and manually input the site code from your new server to do testing and when you are ready, then you can update AD with the site code information and then re-push the client to your 250 users.

Author Comment

by:Robbie Razor
ID: 41778650
Thanks Adam.

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question