Step By Step Guide Install and Configure ConfigMgr 2007 Part 2
This guide assumes you've installed ConfigMgr 2007 SP1 (Part 1)
In this part we will cover:
- Configure Boundaries
- Configure Site Server Components
- Configure Client Agent Components
Configure Boundaries
We will start with the most important setting to configure first setting the (Site Boundaries) to do so, go to ConfigMgr Console > Expand the Site Management > Site Setting > Boundaries node, right click the node and select New Boundary
New Site Boundary will appear it contains description, site code, type of boundary as we can see we've 4 types you can choose:
- 1. IP subnet
- 2. Active Directory Site
- 3. IPv6 Prefix
- 4. IP Address
I'm going to chose Active Directory Site and click on browse to select site name and click Ok
Note: by default the Active Directory called (Default-First-Site-Name) you can change that in my lab AD site name Ektifan
Choose the type of network connection Fast (LAN) and click Ok
We have configured the Site Boundary and you can see we've the boundary listed in the console
Configure Site Server Components
Now we'll move to setting and configure the Site System Roles.
To do so go to the Site Settings > Site Systems right click on the server and select New Roles
When you select the New Roles a wizard will start this will take us into another list of sequences to configure each role individually accept the defaults and click next
We'll select all the roles will run on the server:
- Server Locator Point (SLP)
- Reporting Point (RP)
- Software Update Point (SUP)
And click next
First sequence installs the Server Locator Point (SLP) use the site database and click next
Next up is the Reporting Point (RP) leaves the default and click next
Software Update Point (SUP) I would like to talk a little about (SUP) a required component of software updates on primary sites, the software update point site system role must be created on a server that has Windows Server Update Services (WSUS) 3.0 SP1 installed. The software update point interacts with the WSUS services to configure update settings.
Because we only installed the WSUS 3.0 SP1 the SUP Role will allow you to do that how so:
Proxy Settings, settings you may need to specify proxy server settings if you need to in order to get out to the Internet, click next
Put a checkmark in Use this server as the active software update point, and click next
Then leave the Sync source settings as default and click next
Then accept the Sync Schedule as defaults and click next
The Update Classifications allows you to choose what classes of updates you want to download choose the following Critical Updates, Definition Updates, Security Updates, Service Packs, Update Rollups, and Updates, and then click next
The Products you want to downloads updates for, choose (Office, SQL, Windows Server 2003 and Windows XP) and click next
The Languages to download the updates I am going to specify only English and click next
Now we are at the Summary page and you can review the settings and go back if you need to make any changes, and then click next
The install process begin
We are done...with Server Roles of the configuration click close
Now you can see the new roles are listed in the console. Go to the Site Settings > Site Systems
Lest go back to Active Directory server to check the System Management container to see what we have new added to the container?
You can notice we've Server Locater Point (SLP) because we added the (SLP) role
Now we need to check the log file to see our installation status, got to C:\program files\Microsoft Configuration Manager\logs
Server Locator Point (SLP) Log
Reporting Point (RP) Log
Software Update Point (SUP) Log
Now we need to configure:
- Distribution Point (DP)
- Management Point (MP)
Go to the Site Settings > Site Systems, we can see in the right pane we will see the role's we have already installed
Double click on ConfigMgr Distribution Point (DP) and click Allow clients to transfer content from this distribution point using BITS
Double click on Configmgr Management Point (MP) click Allow devices to use this management point and click Ok
Now we need to Configure Client Agents:
We will configure:
- Hardware Inventory
- Software Inventory
- Advertised Programs
- Computer Client
- Remote Tools
- Software Update Client Agent
Go to the Site Management > Site Name > Site Settings > Client Agents
Double click the Hardware Inventory Client Agents
Click Enable hardware inventory on client, set the inventory schedule to 1 Day. And click Ok
Software Inventory agent, verify the schedule is set to 7 Days
Click on the inventory collection tab, click on File types and delete the default scan listed
Click on the yellow star and add files of type *.exe then click on Set beside location, select
Variable or Path name and enter %ProgramFiles%\ as the program path location so that it only scans that area for EXE files,
Remove the tick from the windows directory and then click Ok
Then click Ok
Double click on Advertised Programs Client Agent
Under the General tab, enable software distribution to clients, select New Program notification icon opens Add or Remove Programs. And click Ok
We will configure the Computer Client Agent Properties
We'll specify the Network Access Account, click on Set enter an account (ektifan\smsadmin) to be used by ConfigMgr client computers to communicate with network resources and must be member of Domain Admin, domain\user
You can also modify the client polling time for policy updates in this window, the default is 60 minutes the max is 1440 minutes. Click Ok
On Customize tab the message that is displayed to the users when they are notified of a new advertisement. You can change the message in our lab I'll choose the default and click Ok
Remote Tools Client Agent enable the remote tools client agent and to configure settings for access, security, notification and remote assistance
Click on Users cannot change Policy or Notification settings in the Remote Control Panel
- Specifies the level of access sessions running on Windows 2000 client computers Full control
- Specifies the level of access sessions running on Windows XP or later client computers View Only and click Ok
Security Permitted viewers Windows user names and user group names that may remotely access client computers add permitted viewers (blank by default)
Click on yellow star to specify user (smsadmin) and click Ok and Ok
Software Update Client Agent click enable software update on clients scan schedule 7 Days click Ok
Client Installation Methods to push ConfigMgr client software to discovered computer or resources
Note:
If clients are running the Windows Firewall, this can prevent client push installation from succeeding until a Firewall disabled. To do so using Group Policy
Go to Run, type > gpedit.msc
Go to the Site Management > Site Name > Site Settings > Client installation methods and double click on Client Push Installation.
Enable Client Push Installation to assigned resources, warning note appear click Ok,
We need to select the system types that ConfigMgr will push the client software
On the Accounts tab, we need to specify account for ConfigMgr to use when connecting to the computer to install the client software Click on Yellow Star to specify user (ektifan\smsadmin) Pass, click Ok
Note:
The account specified must have administrative rights on the computer that will have the client software installed
Client tab, we need to specify SMS cache size on the client to something like 8GB
SMSSITECODE=JED SMSCACHESIZE=8000 and click Ok
Configure Discovery methods to set discovery type, discovery schedule, and other elements, such as Active Directory containers; we need to configure the discovery method to do so:
Go to the Site Management > Site Name > Site Settings > Discovery Methods
Duple click on Active Directory System Group Discovery and click on Enable, and click on the Yellow star to add an Active Directory Container where the ConfigMgr will search for these computers
Active Directory Containers window comes up, select Local Domain and click Ok
Select New Container window comes up, you can chose the Active Directory or by OUs
In my lab I will select AD and click ok
OUs example
OUs
In my lab, I will select AD and click Ok
In the Polling Schedule tab, click on Run discovery as soon as possible and click Ok
We need to do the same configuration to
•1. Active Directory System Group Discovery
•2. Active Directory Security Group Discovery
•3. Active Directory System Discovery
•4. Active Directory User Discovery
Heartbeat Discovery is how often clients send an updated data discovery record (DDR) to the Management Point.
By default, it is enable with a standard Configuration Manager Site installation. We need to configure only the schedule for my lab I will change to 1 Hours
We need to check in the clients PC if the Configuration Manager Client installed or not, to do so;
Go to Control Panel, Okay... we can see 4 new icons listed in the control panel
- 1. Configuration Manger
- 2. Program Download Monitor
- 3. Remote Control
- 4. Run Advertised Programs
Duple click on Configuration Manager in General tab we can see the system properties such as;
Active Directory Site Name, ConfigMgr Site Code, IP, domain
Components tab
Actions tab
Advanced tab
We need to go back to the ConfigMgr Server to check the client's status to do so:
Go to the Site Database > Computer Management > Collections
We are done… [:)]<o:p></o:p>
<o:p> </o:p>
Part 2 covered: <o:p></o:p>
· Configure Boundaries<o:p></o:p>
· Configure Site Server Components<o:p></o:p>
· Configure Client Agent Components<o:p></o:p>
I wish this part be helpful
Regards’<o:p></o:p>
<o:p></o:p>
MAzen
Home