System Center Configuration Manager Installation - PandaM0nium/MEMC GitHub Wiki
Capacity Planning
Use excel spreadsheet provided before for resource planning
SQL planning
In most scenario, co-locate your SQL installation on your SCCM Primary Server. This is always debatable and often an unpopular topic among Database Administrators. DBA likes to have control and centralized databases as much as possible, however, co-location ensures better performance of you SCCM server.
Config Mgr Disk layout
C:\ Operating System
E:\ Config Manager Installation
F:\ SQL Installation and Backup
G:\ SQL Data (64KB allocation)
H:\ SQL Log (64KB allocation)
I:\ SQL TempDB (64KB allocation)
J:\ SQL TempDB Log (64KB allocation)
K:\ WSUS Contents
L:\ Config Manager Sources
M:\ ContentLib
Require artifacts
SQL Installation media
SQL Report Service Installation media (if require)
SQL Management Studio Installation media
SQL Report Builder Installation media (Report Builder3, ReportViewer, SQLSysClrType)
Config Mgr Installation media
Config Mgr pre-req file (if no internet connection)
ADK Installtion file
WinPE add on
MDT Installtion media
Active Directory Preparation Steps (On Domain Controller)
Create ConfigMgr_Admin Security Group
Create CM_ADM user, Create CM_CP user, Create CM_DJ user, Create CM_NAA user, Create CM_RP user
Create managed service account to be used with SQL installation: http://www.rebeladmin.com/2018/01/active-directory-managed-service-accounts-powershell-guide/
Assign ConfigMgr server object (CM01$) and CM_ADM user to ConfigMgr_Admin security group
Extend Active Directory Schema
Create System Management Container using ADSI and assign ConfigMgr_Admin group full access
SQL Installation
Installation resources: https://www.systemcenterdudes.com/sccm-2012-sql-install-guide/
Install (enable) Managed Service Account on ConfigMgr server
Install SQL Database Engine and SQL Report (if report is bundle with SQL installation media). Assign the following component to these disks:
- SQL Installation --> F:\
- SQL Data --> G:\
- SQL Log --> H:\
- SQL TempDB --> I:\
- SQL TempDB Log --> J:\
- SQL Backup --> F:\
Sizing TempDB and TempDB log during SQL installation per excel spreadsheet recommendation
SPN Creation
When you configure SQL Server to use the local system account, a Service Principal Name (SPN) for the account is automatically created in Active Directory Domain Services. When the local system account is not in use, you must manually register the SPN for the SQL Server service account.
Since we are using a domain account, we must run the Setspn tool on a computer that resides in the domain of the SQL Server. It must use Domain Administrator credentials to run.
Run both commands to create the SPN, Change the server name and account name in each commands.
setspn -A MSSQLSvc/yourservername:1433 yourdomain\SQLSA
setspn -A MSSQLSvc/yourserver.fullfqdn.com:1433 yourdomain\SQLSA
To verify the domain user SPN is correctly registered, use the Setspn -L command
setspn –L yourdomain\SQLSA
Install SQL supporting components
Install SQL Management Studio
Install SQL Report Builder, Report Viewer, and SQLSysClrType
Install SQL Server Report Service (if separate)
Configure SQL, SSRS and Pre-Create Config Manager Database
Set up SQL memory for minimum of 8192 MB and maximum of 80% of available memory of the server
Pre-create Config Manager DB per excel spreadsheet
Right click on Databases
Select New Database
Database name is "CM_<3 digit alpha numerics site code>
Add more database according to excel spreadsheet --> CM_xxx>1, CM_xxx_2, CM_xxx_3, CM_xxx_4 and specify data location
Set Autogrowth/maxsize according to excel spreadsheet
Verify that the file is located on your SQL Volume
Change the database owner to SA. By default the owner will be the account which created the database.
Change Database recovery model to simple
Configure SQL Server Reporting Service
Configure SQL Server Reporting Service with default set up and create new DB
Change Database recovery model to simple
Set SQL Communication
Make sure TCP/IP property of SQL server network configuration --> Protocol for MSSQLSERVER specify TCP port 1433 for all sections
Install required feature for Config Manager
Use below PowerShell to enable all required features on Config Manager server.
Add-WindowsFeature Web-Windows-Auth,Web-ISAPI-Ext,Web-Metabase,Web-WMI,BITS,RDC,NET-Framework-Features,Web-Asp-Net,Web-Asp-Net45,NET-HTTP-Activation,NET-Non-HTTP-Activ,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-Http-Redirect,Web-App-Dev,Web-Net-Ext,Web-Net-Ext45,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-HTTP-Tracing,Web-Security,Web-Filtering,Web-Performance,Web-Stat-Compression,Web-Mgmt-Console,Web-Scripting-Tools,Web-Mgmt-Compat
Install ADK 10, MDT, and WinPE Addon
Install ADK 10, MDT , and WinPE addon - required prior download of offline files if internet connection is not available
Enable WSUS role
Enable WSUS role with SQL connectivity
Install System Center Configuration Manager
Place "NO_SMS_ON_DRIVE.SMS" file on drive C:, F:, G:, H:, I:, J:, K:, L:, M: to prevent installer placing content lib on those drives
Install Config Manager
Download System Center Configuration Manager toolkit from https://www.microsoft.com/en-us/download/details.aspx?id=50012
Install ConfigMgrTools.msi and run ContentLibraryTransfer.exe from C:\Program Files (x86)\ConfigMgr2012 Toolkit R2\ServerTools folder -- ContentLibraryTransfer.exe -SourceDrive <> -DestinationDrive <> to move ContentLib to M:\
Enable Software Update Point role
Monitor COMPMON.log, HMAN.log
Adjust IIS --> WSUS App pool queue length to 3000 and private memory to 0 per https://www.anoopcnair.com/best-practices-related-iis-sccm-sup-wsus-setup/
Enable Reporting Service Point role
monitor SRSRP.log, SRSRPSETUP.log, SRSRPMSI.log