Wally Mead Senior Program Manager Microsoft Corporation Session Code: MGT305 Session Agenda Overview of Configuration Manager client deployment Site system roles used in client deployment Client push.
Download ReportTranscript Wally Mead Senior Program Manager Microsoft Corporation Session Code: MGT305 Session Agenda Overview of Configuration Manager client deployment Site system roles used in client deployment Client push.
Wally Mead Senior Program Manager Microsoft Corporation Session Code: MGT305 Session Agenda Overview of Configuration Manager client deployment Site system roles used in client deployment Client push deployment Software update client deployment Group Policy client deployment Client upgrades Supported Configuration Manager Clients Windows 2000 Professional and Server SP4 Windows XP Professional SP2 and SP3 Windows Server 2003 SP1 and SP2 Windows Server 2003 R2 Windows Vista Business, Enterprise, and Ultimate Including Vista RTM and SP1 Supported Configuration Manager Clients (2) Windows Server 2008 No Server Core client support with Configuration Manager RTM Supported with Configuration Manager SP1 Windows XP Tablet SP2 Windows XP Embedded SP2 Windows Embedded Point of Sale (WEPOS) Windows Foundation for Legacy Platforms (WinFLP) Issues with SMS 2003 Client Deployment Client push issues Firewalls cause issues on Windows Vista / Windows XP SP2 Need to provision an admin push account Multiple binaries used for client deployment Client install is not bandwidth-aware No visibility into the progress of client install Client Deployment Methods Those that are the same as Systems Management Server (SMS) 2003: Client push installation Automated client push or admin controlled Can now use the site server computer account as the Client Push Installation account Logon installation for high-rights users No support for low rights installation Software distribution Upgrades from SMS 2003 Upgrades to Configuration Manager SP1 Manual installation Client Deployment Methods (2) Those that are new deployment methods in Configuration Manager 2007 Software update point (SUP) client deployment Client is installed through Windows Server Update Services (WSUS) Group policy installation Use software installation feature to deploy Ccmsetup.msi You can use whatever methods that meet your requirements Supported Client Numbers Site Role Maximum # of Client Systems Hierarchy (Central site) 200,000 Primary site 100,000 System Health Validator 200,000 Management point Distribution point (non-OSD) 25,000 4,000 Distribution point (OSD) Limited by Network & Disk I/O State migration point Limited by Network & Disk I/O Software update point (WSUS) Fallback status point Branch distribution point 25,000 100,000 Limited by OS License, Network & Disk I/O Components Used in Client Deployment Ccmsetup.exe Install, uninstall, upgrade Bandwidth aware Background Intelligent Transfer Service (BITS) BITS 2.0 for Windows 2000 clients BITS 2.5 for most other Windows clients BITS 3.0 already installed on Windows Vista Components Used in Client Deployment (2) Windows Installer 3.1 v2 KB893803 update to all except Windows Server 2003 SP1 and later Windows Update Agent For Windows Server Update Services 3.0 Installed if same or newer version not already installed Core XML Services (MS XML 6 SP1) MSXML6.msi Components Used in Client Deployment (3) MSRDC (Remote Differential Compression) Required for branch distribution points to support binary differential replication Wimgapi.msi Imaging API for custom tools for image management Client.msi Windows Installer package of the Configuration Manager 2007 client Client Assignment Configuration Manager clients can only be assigned to Configuration Manager sites They cannot be assigned to SMS 2003 sites In order to validate site assignment, they must verify the intended site’s version Required for automatic or manual assignment This occurs from one of two methods Active Directory if the schema is extended for Configuration Manager Configuration Manager server locator point Client Registration Configuration Manager clients must be registered as a client to be able to send data to it, or retrieve data from it Automatic process after assignment Client finds the default management and issues a registration request to the site This provides the client identity (self-signed certificate) to the site for validation Client Approval Method Configuration Manager clients must be approved to use the Network Access account Can’t download the policy that contains the account until the client is approved Approval has three options in mixed mode No automatic approval (manual) Automatic approval for domain joined clients Automatic approval for all clients Configuring the Client Approval Method Session Agenda Overview of Configuration Manager client deployment Site system roles used in client deployment Client push deployment Software update client deployment Group Policy client deployment Client upgrades Site System Roles Used in Client Deployment Site server When deploying via client push Management point Used to download client files for deployment Retrieve policies after deployment Server locator point Used to validate assignment to the site in a nonextended Active Directory environment Site System Roles Used in Client Deployment (2) Distribution point (including branch DP) Used for a software distribution client upgrade Can be used for operating system deployment Software update point Used when deploying the client through Windows Server Update Services Fallback status point (FSP) Client sends state messages for the deployment to the FSP if configured to do so Site System Roles Used in Client Deployment (3) PXE service point Can be used in operating system deployment in bare metal system scenarios State migration point Can be used in operating system deployment in machine replacement scenarios Site Systems used in Client Deployment SQL Server SQL Server Management Point Primary Site Server Branch DP Server Locator Point Distribution Point Fallback Status Point Software Update Point PXE Service Point State Migration Point Configuring a Fallback Status Point Session Agenda Overview of Configuration Manager client deployment Site system roles used in client deployment Client push deployment Software update client deployment Group Policy client deployment Client upgrades Client Push Installation Essentially the same as in SMS 2003 Automated push or Client Push Installation Wizard The default is now SMSSITECODE=local site code The SMS 2003 default was AUTO The site server computer account can be used as the Client Push Installation account Is tried automatically if all other accounts fail Client Push Installation (2) No longer uses Remote Registry to the target system Now use Remote WMI If Active Directory is extended for Configuration Manager, the Client Push Installation parameters are published Then used often when Ccmsetup.exe is run with no command line parameters Not used for push installs as they use the Client Push Installation method parameters Installing a client using the Client Push Installation Wizard Session Agenda Overview of Configuration Manager client deployment Site system roles used in client deployment Client push deployment Software update client deployment Group Policy client deployment Client upgrades Software Update Point Client Installation Client installed as a WSUS mandatory update to non-client systems No firewall issues if Windows Update Agent works No issues with low rights users Client must point to the SUP via Group Policy Client will then install automatically getting parameters from Active Directory Software Update Point Client Installation Configuration Site admin enables the Software Update Point Client Installation method Requires a software update point site system Publishes the current Configuration Manager client to WSUS as a mandatory application update Only required to publish at the central site All child sites sync content from the parent site Installing a Client Using a Software Update Point Session Agenda Overview of Configuration Manager client deployment Site system roles used in client deployment Client push deployment Software update client deployment Group Policy client deployment Client upgrades Group Policy Client Deployment True Active Directory client deployment integration Use software installation to deploy the Configuration Manager client CCMSetup.MSI for software installation package Auto publish client deployment settings to AD ADM templates for settings No more “auto removal” of clients Installing a Client Through Group Policy Group Policy Client Assignment Allows assignment of resources based on business model instead of network Not constrained to Boundaries ADM template for OU assignment configuration Assigning a Client to a Site Using Group Policy Client Assignment Session Agenda Overview of Configuration Manager client deployment Site system roles used in client deployment Client push deployment Software update client deployment Group Policy client deployment Client upgrades Client Upgrades The most common client upgrade methods are: Software distribution Can control targets and timing with advertisements Client push installation Use the Client Push Installation Wizard Can also use: Manual installation Automated push (must clear the Install flag) Service Pack 1 Client Upgrades There is a new client for Configuration Manager 2007 SP1 Configuration Manager RTM clients can exist in a SP1 site Configuration Manager SP1 clients not supported in an RTM site There is no new client with Configuration Manager R2 The client remains at Configuration Manager SP1 code base Upgrading Clients Using Software Distribution Client Deployment Tips Consider pre-deploying required client files For example, BITS may require a reboot Ensure that the Active Directory schema has been extended If not, you need a server locator point for client assignment Recommended to have a fallback status point available Provides access to great client deployment status reports Client Deployment Tips (2) Deploy clients in a phased manner Validate success throughout deployment No more than a few thousand a day After initial deployment, deploy a test application to upgraded clients Validates client can access the management point and distribution point For brand new installs, may want to consider configuring Heartbeat Discovery and inventory cycles for daily Validates client functionality and performance Session Summary There are many unique methods to deploy clients in Configuration Manager 2007 For the most part, the same methods as SMS 2003 supported are available to Configuration Manager 2007 No longer manual Client.msi deployment New methods for Configuration Manager Software update point client installation Group Policy client deployment Resources www.microsoft.com/teched www.microsoft.com/learning Sessions On-Demand & Community Microsoft Certification & Training Resources http://microsoft.com/technet http://microsoft.com/msdn Resources for IT Professionals Resources for Developers www.microsoft.com/learning Microsoft Certification and Training Resources Related Content MGT304, MGT305, MGT306 – Deploying System Center Configuration Manager 2007: Part 1 – Monday, 2:45 – 4:00 Part 2 – Wednesday, 1:00 – 2:15 Part 3 – Friday, 9:00 – 10:15 MGT05-INT – General Questions on Microsoft System Center Configuration Manager Tuesday, 10:15 – 11:30 MGT01-INT – Deploying Microsoft System Center Configuration Manager Thursday, 1:00 – 2:15 MGT03-HOL – Deploying Microsoft System Center Configuration Manager MGT12-HOL – Managing Microsoft Updates with System Center Configuration Manager MGT04-HOL – Deploying OS Images Using Microsoft System Center Configuration Manager and Network Boot MGT20-HOL – Upgrading from Microsoft System Center Configuration Manager 2007 to Microsoft System Center Configuration Manager SP1 MGT21-HOL – Upgrading from SMS S2003 SP2 to Microsoft System Center Configuration Manager MGT02-HOL - Microsoft System Center Configuration Manager: Migrating from Mixed Mode to Native Mode MGT05-HOL – Device Management with Microsoft System Center Configuration Manager Track Resources Key Microsoft Sites System Center on Microsoft.com: http://www.microsoft.com/systemcenter System Center on TechNet: http://technet.microsoft.com/systemcenter/ Virtualization on Microsoft.com: http://www.microsoft.com/virtualization Community Resources System Center Team Blog: http://blogs.technet.com/systemcenter System Center Central: http://www.systemcentercentral.com System Center Community: http://www.myITforum.com System Center on TechNet Edge: http://edge.technet.com/systemcenter System Center on Twitter: http://twitter.com/system_center Virtualization Feed: http://www.virtualizationfeed.com System Center Influencers Program: Content, connections, and resources for influencers in the System Center Community. For information, contact [email protected] Complete an evaluation on CommNet and enter to win! © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.