Category Archives: SCCM 2012

SCCM 2012 SP1 and SQL Server

Posted on by
4

Here is an overview of the SQL Server configurations and requirements for supported SQL Server installations for ConfigMgr 2012.

Source: http://technet.microsoft.com/en-us/library/gg682077.aspx

 

Configurations for the SQL Server Site Database

Each System Center 2012 Configuration Manager site database can be installed on either the default instance or a named instance of a SQL Server installation. The SQL Server instance can be co-located with the site system server, or on a remote computer.

When you use a remote SQL Server, the instance of SQL Server used to host the site database can also be configured as a SQL Server failover cluster in a single instance cluster, or a multiple instance configuration. The site database site system role is the only System Center 2012 Configuration Manager site system role supported on an instance of a Windows Server cluster. If you use a SQL Server cluster for the site database, you must add the computer account of the site server to the Local Administrators group of each Windows Server cluster node computer.

Note
SQL Server database mirroring is not supported for the Configuration Manager site database.

 

When you install a secondary site, you can use an existing instance of SQL Server or allow Setup to install and use an instance of SQL Server Express. Whichever option that you choose, SQL Server must be located on the secondary site server. The version of SQL Server Express that Setup installs depends on the version of Configuration Manager that you use:

  • Configuration Manager without a service pack: SQL Server 2008 Express
  • Configuration Manager with SP1: SQL Server 2012 Express

The following table lists the SQL Server versions that are supported by System Center 2012 Configuration Manager.

SQL Server version SQL SP SQL CU ConfigMgr version ConfigMgr Site type
SQL Server 2008

  • Standard (1)
  • Enterprise
  • Datacenter
 SP2 Min CU9
  • ConfigMgr NO SP
  • ConfigMgr SP1
  • CAS
  • Primary
  • Secondary
SP3 Min CU4
  • ConfigMgr NO SP
  • ConfigMgr SP1
  • CAS
  • Primary
  • Secondary
SQL Server 2008 R2

  • Standard (1)
  • Enterprise
  • Datacenter
 SP1 Min CU6
  • ConfigMgr NO SP (2)
  • ConfigMgr SP1
  • CAS
  • Primary
  • Secondary
SP2 NO CU
  • ConfigMgr NO SP (2)
  • ConfigMgr SP1
  • CAS
  • Primary
  • Secondary
SQL Server 2012

  • Standard (1)
  • Enterprise
 NO SP Min CU2
  • ConfigMgr SP1
  • CAS
  • Primary
  • Secondary
SQL Server 2008 R2 Express SP1 Min CU6
  • ConfigMgr NO SP
  • ConfigMgr SP1
  • Secondary
SP2 NO CU
  • ConfigMgr NO SP
  • ConfigMgr SP1
  • Secondary
SQL Server 2012 Express NO SP Min CU2
  • ConfigMgr SP1
  • Secondary

 

  1. When you use SQL Server Standard for the database at the central administration site, the hierarchy can only support up to 50,000 clients. For more information, see Site and Site System Role Scalability.
  2. Configuration Manager with no service pack does not support the site database on any version of a SQL Server 2008 R2 cluster. This includes any service pack version or cumulative update version of SQL Server 2008 R2. With Configuration Manager SP1, the site database is supported on a SQL Server 2008 R2 cluster.

 

SQL Server Requirements

The following are required configurations for each database server with a full SQL Server installation, and on each SQL Server Express installation that you manually configure for secondary sites. You do not have to configure SQL Server Express for a secondary site if SQL Server Express is installed by Configuration Manager.

Configuration More Information
Database collation At each site, both the instance of SQL Server that is used for the site database and the site database must use the following collation: SQL_Latin1_General_CP1_CI_AS.
SQL Server features Only the Database Engine Services feature is required for each site server.

(Configuration Manager database replication does not require the SQL Server replication feature.)
Windows Authentication Configuration Manager requires Windows authentication to validate connections to the database.
SQL Server instance You must use a dedicated instance of SQL Server for each site.
SQL Server memory When you use a database server that is co-located with the site server, limit the memory for SQL Server to 50 to 80 percent of the available addressable system memory.

When you use a dedicated SQL Server, limit the memory for SQL Server to 80 to 90 percent of the available addressable system memory.

Configuration Manager requires SQL Server to reserve a minimum of 8 gigabytes (GB) of memory in the buffer pool used by an instance of SQL Server for the central administration site and primary site and a minimum of 4 gigabytes (GB) for the secondary site. This memory is reserved by using the Minimum server memory setting under Server Memory Options and is configured by using SQL Server Management Studio. For more information about how to set a fixed amount of memory, see How to: Set a Fixed Amount of Memory (SQL Server Management Studio).

 

SQL Server Optional Configuration

The following configurations either support multiple choices or are optional on each database server with a full SQL Server installation.

Configuration More Information
SQL Server service On each database server, you can configure the SQL Server service to run by using a domain local account or the local system account of the computer that is running SQL Server.

  • Use a domain user account as a SQL Server best practice. This kind of account can be more secure than the local system account but might require you to manually register the Service Principle Name (SPN) for the account.
  • Use the local system account of the computer that is running SQL Server to simplify the configuration process. When you use the local system account, Configuration Manager automatically registers the SPN for the SQL Server service. Be aware that using the local system account for the SQL Server service is not a SQL Server best practice.

For information about SQL Server best practices, see the product documentation for the version of Microsoft SQL Server that you are using. For information about SPN configurations for Configuration Manager, see How to Manage the SPN for SQL Server Site Database Servers. For information about how to change the account that is used by the SQL Service, see How to: Change the Service Startup Account for SQL Server (SQL Server Configuration Manager).
SQL Server Reporting Services Required to install a reporting services point that lets you run reports.
SQL Server ports For communication to the SQL Server database engine, and for intersite replication, you can use the default SQL Server port configurations or specify custom ports:

  • Intersite communications use the SQL Server Service Broker, which by default uses port TCP 4022.
  • Intrasite communication between the SQL Server database engine and various Configuration Manager site system roles by default use port TCP 1433. The following site system roles communicate directly with the SQL Server database:
    • Management point
    • SMS Provider computer
    • Reporting Services point
    • Site server

When a SQL Server hosts a database from more than one site, each database must use a separate instance of SQL Server, and each instance must be configured to use a unique set of ports.

 

Configuration Manager does not support dynamic ports. Because SQL Server named instances by default use dynamic ports for connections to the database engine, when you use a named instance, you must manually configure the static port that you want to use for intrasite communication.

 

If you have a firewall enabled on the computer that is running SQL Server, make sure that it is configured to allow the ports that are being used by your deployment and at any locations on the network between computers that communicate with the SQL Server.

For an example of how to configure SQL Server to use a specific port, see How to: Configure a Server to Listen on a Specific TCP Port (SQL Server Configuration Manager) in the SQL Server TechNet library.

SCCM 2012 SP1 Upgrade Checklist

Posted on by
Reply

This information was taken from Microsoft and could come in handy:

http://technet.microsoft.com/en-us/library/jj822981.aspx

Use the information in the following check list to help you identify and plan for pre-upgrade configurations and additional actions that are related to upgrading your sites and hierarchy to Configuration Manager SP1.

Step More Information
Ensure that your computing environment meets the supported configurations that are required for upgrading to System Center 2012 Configuration Manager SP1. Before you upgrade to Configuration Manager SP1, install the required prerequisites on each computer that hosts a site system role. Several site system roles require new or upgraded prerequisites.

For example, to deploy an operating system, Configuration Manager SP1 uses the Windows Assessment and Deployment Kit (Windows ADK) instead of Windows Automated Installation Kit (Windows AIK). Before you run Setup, you must download and install Windows ADK on the site server and on each computer that runs an instance of the SMS Provider.

For general information about supported platforms and perquisite configurations, see Supported Configurations for Configuration Manager.

For information about how to use the Windows ADK with Configuration Manager, see the Prerequisites For Deploying Operating Systems in Configuration Manager topic in the Deploying Software and Operating Systems in System Center 2012 Configuration Manager guide.
Review the site and hierarchy status and verify that there are no unresolved issues. Before you upgrade a site, resolve all operational issues for the site server, the site database server, and site system roles installed on remote computers. A site upgrade can fail due to existing operational problems.

For information about the status of sites and site system roles, see Monitor Configuration Manager Sites and Hierarchy.
Install all applicable critical updates for operating systems on computers that host the site, the site database server, and remote site system roles. Before you upgrade a site, install any critical updates for each applicable site system. If it is required by an update that you install, reboot the applicable computers before you start the service pack update.

For more information, see Windows Update.
Disable database replicas for management points at primary sites. Configuration Manager cannot successful upgrade a primary site that has a database replica for management points enabled. Disable database replication before you create the backup of the site database to test the database upgrade, and before you upgrade the production site to Configuration Manager SP1.

For more information, see Configure Database Replicas for Management Points.
Reconfigure software update points that use NLBs. Configuration Manager cannot upgrade a site that uses a NLB cluster to host software update points. For more information, see the Upgrading from Configuration Manager with No Service Pack to Configuration Manager SP1 section in the Planning for Software Updates in Configuration Manager topic.
Back up the site database at the central administration site and primary sites. Before you upgrade a site, back up the site database to ensure that you have a successful back to use for disaster recovery.

For more information, see Backup and Recovery in Configuration Manager.
Disable the site maintenance task Delete Aged Client Operations on primary sites. Before you upgrade any sites to Configuration Manager SP1, disable this site maintenance task on each primary site in the hierarchy. When this task remains active at a primary site that runs Configuration Manager with no service pack, this task deletes information about active client operations for clients that run Configuration Manager SP1. After all primary sites are upgraded to Configuration Manager SP1; you can enable this task for standard site maintenance at each primary site.

For more information about site maintenance tasks, see the Planning for Maintenance Tasks for Configuration Manager section in the Planning for Site Operations in Configuration Manager topic.
Create a copy of each built-in collection you have modified. When you upgrade to Configuration Manager SP1, the built-in collections are overwritten in the site database. If you have customized a built-in collection, create a copy of that collection before you upgrade.

In Configuration Manager SP1, the built-in collections are read-only and cannot be modified.
Run the Setup Prerequisite Checker. Configuration Manager SP1 introduces new prerequisite checks. Before you upgrade a site, you can run the prerequisite checker independently from Setup to validate that your site meets the prerequisites. When you upgrade the site, the prerequisite checker runs again.

For more information, see the Prerequisite Checker section in the Install Sites and Create a Hierarchy for Configuration Manager topic.

For information about prerequisite checks, see Technical Reference for the Prerequisite Checker in Configuration Manager.
Download prerequisite files and redistributable files for Configuration Manager SP1. Use the Setup Downloader from the Configuration Manager SP1 source media to download prerequisite redistributable files, Configuration Manager SP1 language packs, and the latest product updates for the service pack upgrade.

For information about Setup Downloader, see the Setup Downloader section in the Install Sites and Create a Hierarchy for Configuration Manager topic.
Plan to manage server and client languages when you upgrade a site. Configuration Manager SP1 supports the same server and client languages as Configuration Manager with no service pack and it also supports additional languages that are introduced with Configuration Manager SP1. However, when you upgrade to Configuration Manager SP1, the site upgrade installs new versions of each language pack.

When you run Setup, Setup reviews the current language configuration of your site, and then identifies the language packs that are available in the folder where you store previously downloaded prerequisite files. You can then affirm the selection of the current server and client language packs, or change the selections to add or remove support for languages. Only those language packs that are available with the perquisite files you download are available.

Important
Server and Client language packs are service pack version-specific. You cannot use the language packs from Configuration Manager with no service pack to enable languages for a Configuration Manager SP1 site.

If you have previously installed a language pack for servers or clients at a site and a Configuration Manager SP1 version of that language pack is not available with the prerequisite files, that language cannot be selected and support for that language is removed from the site when it upgrades.

For more information about language packs, see the Planning for Client and Server Operating System Languages in Configuration Manager section in the Planning for Sites and Hierarchies in Configuration Manager topic.

For information about Setup Downloader, see the Setup Downloader section in the Install Sites and Create a Hierarchy for Configuration Manager topic.
Plan for new site system role prerequisites.

Important
The Prerequisite Checker for Configuration Manager does not verify the prerequisites for site system roles on the site server or on remote computers.
Several site system roles have new prerequisites for Configuration Manager SP1. Before you upgrade a site, verify that each computer that hosts a site system role meets any new prerequisites for Configuration Manager SP1.

During a site upgrade, Configuration Manager automatically upgrades site system roles at the site by reinstalling each site system role. When prerequisites are not met, the site system role might not reinstall or might reinstall but fail to operate correctly.

For information about prerequisites for site system roles, see the Site System Requirements section in the Supported Configurations for Configuration Manager topic.
Review the list of considerations for site upgrades. When you upgrade a site, some features and configurations reset to a default configuration. To help you plan for these and related changes in Configuration Manager SP1, review the information in the Considerations For Upgrading to Configuration Manager SP1 section in this topic.
Test the database upgrade process on a copy of the most recent site database backup. Before you upgrade a Configuration Manager central administration site or primary site to a new service pack, plan to test the site database upgrade process on a copy of the site database. This is because when you upgrade a site, the site database might be modified and although a test database upgrade is not required, it can identify problems for the upgrade before your production database is affected. A failed site database upgrade can render your site database inoperable and might require a site recovery to restore functionality.

Note
Configuration Manager does not support the backup of secondary sites, nor the test upgrade of a secondary site database.

Although the site database is shared between sites in a hierarchy, plan to test the database at each applicable site before upgrading that site. If you use database replicas for management points at a primary site, disable replication before you create the backup of the site database.

Important
It is not supported to run a test database upgrade on the production site database. Doing so will upgrade the site database and could render your site inoperable.

For more information, see the Test the Configuration Manager Site Database for the Upgrade section in the Upgrade Configuration Manager to a New Service Pack topic.
Restart the site server and each computer that hosts a site system role to ensure that there are no pending actions from recent installation of updates or prerequisites. Internal process that is company-specific.
Install the service pack. Starting at the top-level site in the hierarchy, run Setup.exe from the Configuration Manager SP1 source media. After the top-level site completes upgrade to Service Pack 1, you can begin upgrade of each child site. Complete the upgrade of each site before beginning upgrade of the next site.

Until all sites in your hierarchy upgrade to the same service pack version, you hierarchy operates in a mixed service pack version mode.

For information about how to run the service pack installation, see the Upgrade a Configuration Manager Site section in the Upgrade Configuration Manager to a New Service Pack topic.

For information about operating a Configuration Manager hierarchy in mixed mode, see the Interoperability between Sites with Different Service Pack Versions in System Center 2012 Configuration Manager section in the Interoperability between Different Versions of Configuration Manager topic.
Upgrade stand-alone Configuration Manager consoles. By default, when you upgrade a central administration site or primary site, the installation also upgrades a Configuration Manager console that is installed on the site server. However, you must manually upgrade each Configuration Manager console that is installed on a computer other than the site server

Tip
When you use a Configuration Manager console that is of a lower service pack version than the site you connect to, the console cannot display or create some objects and information that are available in the new service pack version. When you use a Configuration Manager console that is of a higher service pack version than the site you connect to, the connection is blocked.

When you upgrade a Configuration Manager console, the installation process uninstalls the existing Configuration Manager console, and then installs the new version of the software. Therefore, to upgrade a Configuration Manager console on computers other than site servers, you can use any method that Configuration Manager supports to install the Configuration Manager console. This can include a manual installation, or a deployment that installs the console.

For more information about how to install the Configuration Manager console, see the Install a Configuration Manager Console section in the Install Sites and Create a Hierarchy for Configuration Manager topic.
Reconfigure database replicas for management points at primary sites. If you use database replicas for management points at primary sites, you must uninstall the database replicas before you upgrade the site. After you upgrade a primary site, reconfigure the database replica for management points.

For more information, see the Configurations for Using a Database Replica section in Configure Database Replicas for Management Points topic.
Upgrade clients. After you upgrade a primary site, plan to upgrade clients that are assigned to that site. Although a Configuration Manager primary site or secondary site can support communication from clients that have a lower service pack version, this should be a temporary configuration. Clients that run a previous service pack version of Configuration Manager cannot use the new functionality that is available with the new service pack version of Configuration Manager.

When you upgrade a client, the current client software uninstalls and the new client software version installs. To upgrade clients, you can use any method that Configuration Manager supports.

Tip
When you upgrade the top-level site of a hierarchy to a new service pack, the client installation package on each distribution point in the hierarchy updates as well. When you upgrade a primary site, the client upgrade package that is available from that primary site updates.

For information about how to upgrade existing clients and how to install new clients, see How to Install Clients on Windows-Based Computers in Configuration Manager.

SCCM 2012 SP1 Site Backup and Afterbackup.bat

Posted on by
2

It’s always better and a preventive thought to Back-up your Daily SCCM 2012 Backup, (keeping a daily copy on the server and copying the backups to an alternate location). Because if your SCCM server falls down you still have a back-up!

In the process of SCCM’s daily backup (visible in smsbkup.log), there’s an ‘AfterBackup.bat‘ file used to perform post-backup actions automatically after the Backup Site Server maintenance task runs successfully. By default, the AfterBackup.bat batch file does not exist. You have to create and place it manually.


As we all know there was a bug in the SCCM 2012 RTM Backup Site procedure. There was a workaround by creating a sub-folder underneath the Backup folder when using UNC paths.

This is described by Microsoft in: http://blogs.technet.com/b/configurationmgr/archive/2012/08/01/support-tip-a-backup-site-server-maintenance-task-may-fail-to-run-in-configmgr-2012.aspx

 

Microsoft stated this would be addressed in SP1 of SCCM 2012, well let’s take a look and check-out the use of the ‘AfterBackup.bat’ procedure!

Activating site backup

ConfigMgr console > Administration tab > Site settings > Site maintainance > Backup site server


Edit and fill out the needed values.


You can set a local or remote UNC backup path and the scheduling options. Whatever you decide you can use the AfterBackup.bat to move or archive it afterwards.

The computer account of the ConfigMgr server has to have been granted full control permissions on the remote backup location.

Creating the AfterBackup.bat file

Here is a simple script for ‘AfterBackup.bat’ written by ‘Garth Jones’, which saves 7 days backup to a folder named after the first 3 letters of the day of the week, and also deletes/overwrites the older ones.

***********************************************************************************

REM @echo off

setlocal enabledelayedexpansion

set target=\\Destination_Server\E$\AfterBackup\%date:~0,3%

If not exist %target% goto datacopy

RD %target% /s /q

:datacopy

xcopy “\\Source_Server\*” “%target%\” /E /-Y

***********************************************************************************

where, “Source_Server” is the Primary Server from which the backup has to be copied,

and “Destination_Server” is the Remote Server where you want to copy the Site Backup.

 

Source_Server (This is the UNC path specified in ConfigMgr)

\\SCCM2012\sccm$\_Backup

Destination_Server (This is where we store the backup)

\\FILE01\SCCM$\SCCM_Backup

 

Although the intended use of AfterBackup.bat is to archive SCCM backup snapshots, you can use that file for other tasks that you need to perform at the end of every back up operation, such as:

 

  • Run a SQL Server DBCC test to verify that there are no integrity problems with the SCCM Site database.
  • Run a site health tool, or other health tools.

 

Putting the AfterBackup.bat to work

ConfigMgr has the ability to run an after backup batch file which you can use to perform archiving and other administrative functions.

Start by creating the AfterBackup.bat and copy it to the location below.

{ConfigMgrInstallPath}\inboxes\smsbkup.box\AfterBackup.bat

Once it’s in place ConfigMgr will automatically execute its contents at the end of a sms_site_backup task. It runs as the computer system account.

ConfigMgr overwrites each backup when it runs the site backup task. You must use the AfterBackup.bat or manual copy to archive more than one backup.

Starting a backup outside of the schedule

You can start a backup at any time by going into the service manager which can be launched through the console.

Monitoring tab > System Status > Component State > Ribbon > Start > Configuration Manager Service Manager

Once in service manager, locate the SMS_SITE_BACKUP service and right click start. A backup will now start.


Another option is to go to Windows Services.msc and start the SMS_SITE_BACKUP service.


 

After a successful backup you will see this in your logs:

And the backup is copied over to your alternate backup location!

SCCM 2012 SP1 binaries released for re-download

Posted on by
Reply

There were some flaws in the initial download files for Config Manager 2012 SP1. Microsoft has released the new binaries according to Steve TH – MSFT.

The binaries for System Center Configuration Manager 2012 and System Center Endpoint Protection 2012 have been updated to correct some minor issues. The binaries have been updated at the Download Center, and also on the Technet and MSDN download sites. For Configuration Manager 2012 SP1, the updated download release of SP1 includes the following hotfix:

Installation error 0x800b0101: System Center 2012 Configuration Manager Service Pack 1 client

http://support.microsoft.com/kb/2801987

For Endpoint Protection, the new binaries include fixed files (Linux/iOS) that were corrupt in the initial release.

MSDN Download Link:

https://msdn.microsoft.com/en-us/subscriptions/securedownloads/hh442898#FileId=52479

Technet Download Link:

https://technet.microsoft.com/en-us/subscriptions/securedownloads/hh442904#FileId=52479

Microsoft System Center 2012 Service Pack 1 Configuration Manager – Clients for Additional Operating Systems

http://www.microsoft.com/en-us/download/details.aspx?id=36212

This means if you downloaded the binaries prior to today (1/25) – you will likely need to re-download them.

 

Full post at: http://blogs.technet.com/b/gladiatormsft/archive/2013/01/26/you-may-need-to-re-download-configuration-manager-2012-and-endpoint-protection-2012-sp1-binaries.aspx

SCCM 2012 SP1 Client push fails with Authenticode Signature error

Posted on by
Reply

There is a problem with Client Push installation in Microsoft System Center Configuration Manager 2012 SP1. One of the prerequisites, MicrosoftPolicyPlatformSetup.msi, which comes during the ccmsetup installation is digitally signed and the signature expired on 10-01-2012. Therefore Client Installation cannot be performed!

Following error will appear in the ccmsetup.log:

c:\windows\ccmsetup\logs\ccmsetup.log:

Couldn’t verify ‘C:\Windows\ccmsetup\MicrosoftPolicyPlatformSetup.msi’ authenticode signature. Return code 0x800b0101

 

Now what?!

 

Microsoft has released an update for this issue. Problem is that when you have your current images depending on SCCM for updates this will be a catch-22 situation!

Client will not install and updates will not be pushed to the clients…

You can off-line service your image with the following update, or use DSIM!

 

 

With this update installed you will be able to install your SCCM 2012 Clients again.

Let’s see if Microsoft will release an update for SCCM soon…

Well Microsoft was quick 😉

Hotfix available: http://support.microsoft.com/kb/2801987

Microsoft System Center 2012 Endpoint Protection Cookbook

Posted on by
Reply

Hi,

I have done a book review on the Microsoft System Center 2012 Endpoint Protection Cookbook which I wanted to share with you.

The auther, Andrew Plue, has done a great job on explaining the latest and greatest anti-virus and anti-malware product of Microsoft, Endpoint Protection.

The book was published by Packt Publishing and can be found here!

Microsoft Forefront EndPoint Protection 2010 Cookbook

Microsoft Forefront EndPoint Protection 2010 Cookbook

Have fun with it, I did!

Report Builder 2.0 is not installed as a click-once application on report server – SCCM 2012

Posted on by
Reply

When you click on Monitoring > Reporting and you want to create a new custom report, you could get a prompt with the message that Report Builder 2.0 is not installed as a click once application.

Error custom report - SCCM 2012

Error custom report – SCCM 2012

 

Do not type in the url in to Internet Explorer and start downloading and installing the Report Builder 2.0. Instead do this, because ConfigMgr 2012 has the Report Builder 3.0 application bundled:

  1. Open Regedit
  2. Browse to[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ConfigMgr10\AdminUI\Reporting]
  3. Double click on ReportBuilderApplicationManifestName
  4. Change the Value data from ReportBuilder_2_0_0_0.application to ReportBuilder_3_0_0_0.application
  5. Run the SCCM Console as Administrator
Regedit for Report Builder 3.0

Regedit for Report Builder 3.0

SCCM 2012 – ConfigMgr on a SQL 2008 R2 Named Instance

Posted on by
1

When you install ConfigMgr 2012 on a separate box with a separate SQL 2008 R2 Server in a named instance remember that ConfigMgr cannot handle Dynamic Ports used by SQL!

Furthermore note the prerequisites needed for SQL on a ConfigMgr installation:

  • A dedicated SQL server or Instance for each site with Configmgr 2012.
  • The instance of the SQL Server at each site must use the following collation: SQL_Latin1_General_CP1_CI_AS.
  • For SQL 2008 R2 SP1 Cumulative Update 6 is needed. (You can run the installer with CU4 actually..) NOT Supported though!
  • Set the memory requirements.

Microsoft SQL Server will only set and use the standard port TCP 1433 to the first Default Instance (MSSQLSERVER). The Instances installed afterwards get a dynamic chosen port.

Configmgr 2012 does not support dynamic port for SQL.


SQL ports can be set in the SQL Server Configuration Manager.
Select the name you choose to call the Instance. Then choose TCP/IP.
And for All the IP1, IP2, …   delete the TCP Dynamic Ports   (remove 0)   and set a port number you find appropriate for your environment.

Dynamic Ports:


 

Static Ports:


 

When SQL Service is restarted and firewall ports a opened we can start with the Configmgr Setup.

The SSB Port is the port you have chosen +1.

Based on the name of the Instance, Configmgr will detect the port configured automatically.

Exchange connector in SCCM 2012

Posted on by

Hi,

for mobile device management in ConfigMgr 2012 we need the Exchange connector.
The Exchange connector is transfers the mobile device administration from an Exchange administrator to SCCM.

This gives:

– Inventory and reporting possiblities
– ActiveSync policy
– Remote Wipe capability
– On-premise or Hosted Exchange are supported
– Support for all Exchange ActiveSync (EAS) devices like WP7, Symbian, Android etc.

Let’s take a look how to configure this.

In the Administration section of the Wunderbar we Add Exchange Server:

Exchange Server Connector

Exchange Server Connector

Here we have the possibility the choose the Exchange environment we like the connect to:

Exchange Environment

Exchange Environment

Select an (service) account which will communicate with the Exchange server. This account needs to be able to access the Exchange environment. With the nice new RBAC features of Exchange you can limit the access.

If you have multiple CAS server they can be added or not under the Advanced options.

Exchange Advanded options

Exchange Advanded options

The connector is now ready and can be used to synchronize with Exchange. Use the Synchronize Now button from the Ribbon 😉

Exchange Connector

Exchange Connector

After the sync is completed the resources will be visible in the All Mobile Devices Collection, found under Assets and Compliance.

All Mobile Devices

All Mobile Devices

There is no client on my iPhone, so only light management possible. Under Properties the settings are visible.

I can do a Remote Wipe, but let not do that now.

Remote Wipe

Remote Wipe

Mobile devices in SCCM 2012

Posted on by

Hi,

with the introduction of SCCM 2012 Microsoft Mobile Device Management in ConfigMgr is enhanced. Up until now the management of mobile devices was done by Mobile Device Management 2008 (MDM), SCCM 2007 R3 and/or Exchange 2007/2010.

Now an Exchange administrator has to manage mobile devices like Windows Moblie 6.0/6.1/6.5, WindowsCE 6.0, Nokia Symbian, Apple iPhone, Android, Windows 7 Phone etc. devices. With the new functionality in SCCM 2012 this is shifted towards the SCCM administrator, so we have 1 console to administer desktops, servers and mobile devices. Cool!

The topology needed for mobile device management consists of:

  • Web proxy for enrollment
  • Service point for enrollment
  • Management point
  • Distribution point
  • Software catalog if needed
  • SCCM site in HTTPs mode (Native mode)
  • Exchange connector

Then we have 2 options for mobile device management:

  1. Simple or light management
  2. Full or indepth management

What can we do with it?
Well here’s an overview:

 

Mobile overview
Mobile device management overview

(EAS = Exchange ActiveSync, WM = Windows Mobile)

Device information is collected through the Exchange connector.

For a device enrollment the proces for WinCE and WM 6.0 is the same as in SCCM 2007, WM 6.0/6.5 and Nokia have the capability of over-the-air enrollment via HTTPs.

Registered mobile devices are added to the SCCM site and deliver inventory information. This information is provided in the console like any other resource with can be accessed with the Resource Explorer.
This also means that mobile device settings can be evaluated. Things like baseline settings and monitoring are at hand in 1 console, nice.

Finally there is a possibility for a Remote Wipe. This comes in handy when a user loses his or her mobile device. Simple devices are wiped with the next policy and indepth devices are wiped with a next e-mail sync.
This simplifies the proces of mobile device security.

So mobile device management in SCCM 2012 is a nice feature for the Configuration Management administrator as well for the Exchange administrator.