wally mead senior program manager microsoft corporation session code: mgt303

Deploying System Center Configuration Manager 2007: Part 2

Wally MeadSenior Program ManagerMicrosoft CorporationSession Code: MGT303

Session Agenda

Overview of Configuration Manager client deploymentSite system roles used in client deploymentClient push deploymentSoftware update client deploymentGroup Policy client deploymentClient upgrades

Supported Configuration Manager Clients

Windows 2000 Professional and Server SP4Windows XP Professional SP2 and SP3Windows Server 2003 SP1 and SP2Windows Server 2003 R2Windows Vista Business, Enterprise, and Ultimate

Including Vista RTM and SP1

Supported Configuration Manager Clients (2)

Windows Server 2008No Server Core client support with Configuration Manager RTMSupported with Configuration Manager SP1

Windows XP Tablet SP2Windows XP Embedded SP2Windows Embedded Point of Sale (WEPOS)Windows Foundation for Legacy Platforms (WinFLP)

Client Deployment MethodsThose that are the same as Systems Management Server (SMS) 2003:

Client push installationAutomated client push or admin controlledCan now use the site server computer account as the Client Push Installation account

Logon installation for high-rights usersNo support for low rights installation

Software distributionUpgrades from SMS 2003Upgrades to Configuration Manager SP1

Manual installation

Client Deployment Methods (2)

Those that are new deployment methods in Configuration Manager 2007

Software update point (SUP) client deploymentClient is installed through Windows Server Update Services (WSUS)

Group policy installationUse software installation feature to deploy Ccmsetup.msi

You can use whatever methods that meet your requirements

Site Role Maximum # of Client SystemsHierarchy (Central site) 200,000Primary site 100,000System Health Validator 200,000Management point 25,000Distribution point (non-OSD) 4,000Distribution point (OSD) Limited by Network & Disk I/OState migration point Limited by Network & Disk I/OSoftware update point (WSUS) 25,000Fallback status point 100,000Branch distribution point Limited by OS License, Network & Disk I/O

Supported Client Numbers

Components Used in Client Deployment

Ccmsetup.exeBackground Intelligent Transfer Service (BITS)Windows Installer 3.1 v2Windows Update AgentCore XML Services (MS XML 6 SP1)MSRDC (Remote Differential Compression)Wimgapi.msiClient.msi

Client Assignment

Configuration Manager clients can only be assigned to Configuration Manager sites

They cannot be assigned to SMS 2003 sitesIn order to validate site assignment, they must verify the intended site’s version

Required for automatic or manual assignmentThis occurs from one of two methods

Active Directory if the schema is extended for Configuration ManagerConfiguration Manager server locator point

Client Registration

Configuration Manager clients must be registered as a client to be able to send data to it, or retrieve data from it

Automatic process after assignmentClient finds the default management and issues a registration request to the site

This provides the client identity (self-signed certificate) to the site for validation

Client Approval Method

Configuration Manager clients must be approved to use the Network Access account

Can’t download the policy that contains the account until the client is approved

Approval has three options in mixed modeNo automatic approval (manual)Automatic approval for domain joined clientsAutomatic approval for all clients

Configuring the client approval methoddemo

Session Agenda


Site System Roles Used in Client Deployment

Site serverWhen deploying via client push

Management pointUsed to download client files for deploymentRetrieve policies after deployment

Server locator pointUsed to validate assignment to the site in a non-extended Active Directory environment

Site System Roles Used in Client Deployment (2)

Distribution point (including branch DP)Used for a software distribution client upgradeCan be used for operating system deployment

Software update pointUsed when deploying the client through Windows Server Update Services

Fallback status point (FSP)Client sends state messages for the deployment to the FSP if configured to do so

Site System Roles Used in Client Deployment (3)

PXE service pointCan be used in operating system deployment in bare metal system scenarios

State migration pointCan be used in operating system deployment in machine replacement scenarios

Configuring a fallback status pointdemo

Session Agenda


Client Push Installation

Essentially the same as in SMS 2003Automated push or Client Push Installation Wizard

The default is now SMSSITECODE=local site codeThe SMS 2003 default was AUTO

The site server computer account can be used as the Client Push Installation account

Is tried automatically if all other accounts fail

Client Push Installation (2)

No longer uses Remote Registry to the target system

Now use Remote WMIIf Active Directory is extended for Configuration Manager, the Client Push Installation parameters are published

Then used often when Ccmsetup.exe is run with no command line parameters

Not used for push installs as they use the Client Push Installation method parameters

Installing a client using the Client Push Installation Wizard

demo

Session Agenda


Software Update Point Client Installation

Client installed as a WSUS mandatory update to non-client systems

No firewall issues if Windows Update Agent worksNo issues with low rights users

Client must point to the SUP via Group PolicyClient will then install automatically getting parameters from Active Directory

Software Update Point Client Installation Configuration

Site admin enables the Software Update Point Client Installation method

Requires a software update point site systemPublishes the current Configuration Manager client to WSUS as a mandatory application updateOnly required to publish at the central site

All child sites sync content from the parent site

Installing a client using a software update point

demo

Session Agenda


Group Policy Client Deployment

True Active Directory client deployment integration

Use software installation to deploy the Configuration Manager client

CCMSetup.MSI for software installation packageAuto publish client deployment settings to ADADM templates for settings

No more “auto removal” of clients

Installing a client through Group Policydemo

Group Policy Client Assignment

Allows assignment of resources based on business model instead of network

Not constrained to BoundariesADM template for OU assignment configuration

Assigning a client to a site using Group Policy client assignment

demo

Session Agenda


Client Upgrades

The most common client upgrade methods are:Software distribution

Can control targets and timing with advertisementsClient push installation

Use the Client Push Installation Wizard

Can also use:Manual installationAutomated push (must clear the Install flag)

Service Pack 1 Client Upgrades

There is a new client for Configuration Manager 2007 SP1Configuration Manager RTM clients can exist in a SP1 site

Configuration Manager SP1 clients not supported in an RTM site

There is no new client with Configuration Manager R2

The client remains at Configuration Manager SP1 code base

Upgrading clients using software distribution

demo

Client Deployment Tips

Consider pre-deploying required client filesFor example, BITS may require a reboot

Ensure that the Active Directory schema has been extended

If not, you need a server locator point for client assignment

Recommended to have a fallback status point available

Provides access to great client deployment status reports

Client Deployment Tips (2)

Deploy clients in a phased mannerValidate success throughout deploymentNo more than a few thousand a day

After initial deployment, deploy a test application to upgraded clients

Validates client can access the management point and distribution point

For brand new installs, may want to consider configuring Heartbeat Discovery and inventory cycles for daily

Validates client functionality and performance

Session Summary

There are many unique methods to deploy clients in Configuration Manager 2007For the most part, the same methods as SMS 2003 supported are available to Configuration Manager 2007

No longer manual Client.msi deploymentNew methods for Configuration Manager

Software update point client installation Group Policy client deployment

question & answer

www.microsoft.com/teched

Sessions On-Demand & Community

http://microsoft.com/technet

Resources for IT Professionals

http://microsoft.com/msdn

Resources for Developers

www.microsoft.com/learning

Microsoft Certification & Training Resources

Resources

http://www.microsoft.com/teched

http://microsoft.com/technet

http://microsoft.com/msdn

http://www.microsoft.com/learning

Related Content

Breakout Sessions (session codes and titles)

Whiteboard Sessions (session codes and titles)

Hands-on Labs (session codes and titles)

Track Resources

Resource 1

Resource 2

Resource 3

Resource 4

A slide outlining the 2009 evaluation process and prizes will be provided closer to the event.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,

IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

wally mead senior program manager microsoft corporation session code: mgt303

Documents

assignment client

client deployment methods

client numbers

configuration manager

configuration manager

server core client support

sp2 windows server

sp1 slide