Installing SCCM Server, SQL, WSUS and SCCM prerequisites
Now that you have figured out your SCCM hierarchy and server requirements for your site its time to start building your servers. If you have not done this yep please review the Preparing for SCCM page before starting any installs Below is what I will be using for my own examples.
8. For Server Configuration you will want to change all services Account Names except for SQL Server Browser to SCCM_RSA and change there startup type to Automatic. (Be sure the SCCM_RSA account is a local administrator on the server you are installing SQL on)
9. Now we need to configure what accounts have access to the DB. One the Server Configuration tab click add. Then add Domain Admins and SCCM_RSA to the SQL Server administrators.
10. Change to the Data Directory tab can change the drive for User database log directory to the sql logs drive you created.
11. Next change the the TempDB tab and remove the Data directory that is listed and replace it with the drive you created for SQL temp data. Then Change the Log directory drive with the SQL logs drive letter. you can then click next.
12. Click next till you can install then click the Install button. SQL will now start the install process.
13. If you are using SQL 2016 or later you will need to install the SQL Server Management Studio on its own.
14. Under Microsoft SQL Server 2016 on the start menu run SQl Server 2016 Configuration Manager.
15. Expand SQL Server Network Configuration and click on Protocols for <instancename> and right click on TCP/IP and Choose Properties.
16. Under Protocol change Enabled to Yes
17. Then under the IP Addresses tab set IP1 to Active and Enable it
18. Click on SQL Server Services and right click on SQL Server (<instancename>) and choose restart.
1. Create the System Management Container
2. Extend the Active Directory Schema.
To do these tasks I will be using a tool created by Nickolaj Andersen and can be found on his Blog.
If you want to do these 2 steps manully click the link to the how to posts for each.
1. Log into CM-Setup or Your Primary Site Server and copy your SCCM install files to the server.
2. Copy the Config Manager Prereq tool .zip to CM-Setup and extract it to a folder on the Site Server
3. Run the ConfigMgrPrerequisitesTool as an administrator.
4. Open the Active Directory Tab
5. Browse SMSETUP\BIN\X64 on your SCCM install media then Click extend.
6. The tool will show you if the extend process was successful
7. Next you will Create the System Management container and grant the SCCM_Servers group full control to it. In the System Management container section of the tool search for the SCCM_Servers group. If the tool found the group it will place it in the next box
8. Check the box "Create the System Management container if it doesn't exist" then click Configure.
9. Look to the Log section if the configuration was successful.
On your Site servers you will need the following Roles and Features installed
Using this script on each of you Site servers should install all the roles and features you need with exception to WSUS you will want to install and configure WSUS through the Server Manager.
The next item you will want to do is create a no_sms_on_drive.sms file on each of the drives you do not want SCCM content on. The only drives that should not have this files on them is the drive that you want your distribution point content to be on.
Now you need to install ADK I will be using ADK 1607 due to a known issue with ADK 1703 if you want to use 1703 you need to disable SecureBoot on the system you are installing the ADK on before you start the install.
1. Download the version of ADK you want from Microsoft Hardware Dev Center
2. Run the installer as an administrator.
3. You will be prompted to Install the ADK or Download the setup files. If your server dosnt have
internet access you can download the files and copy them to the server. If you choose to install be sure to change the install path to your program files drive.
4. Choose "No" when asked to participate in the software improvement program.
5. Accept the EULA
6. You will want to only install the following features
7. Click Install, the process will take some time so this is a great time to take a brake
1. Run the Splash.hta located in the SCCM install files on the Server you want to install SCCM on
2. Choose "Get the latest Configuration Manager updates" and download the update to the server.
3. When the updates are completely downloaded Choose install from the SCCM Splash.
4. Read through the Before You Begin page and verify that you have done everything on the page.
5. Choose "Install a Configuration Manger primary site" if the "Use typical installation options for a stand-alone primary site" check box is unchecked then click next.
6. Enter your correct licensing information then click next.
7. Accept all Terms then click next.
8. Choose "Use previously downloaded files" and point the path to where you downloaded the updates to in step 2.
9. Choose the Languages you need for the Configuration Manger console, click next
10. Choose the languages you need to the Configuration Manager to support, click next
11. Set you Site code and the Site name, Change the Installation folder to your program files drive
12. If you are joining this server to an existing hierarchy you can specify the Central administration site server or if this is a stand-alone site you will choose "Install the primary site as a stand-alone site"
13. Enter the FQDN of your SQL server, If you have changed the instance name enter the name. You do not have to modify anything else on the page. Click next
14. Verify the paths to the SQL Server data file and SQL Server Log file are correct based on what you setup when you installed SQL. Click next
15. Enter the FQDN of your SQL server and click next
16. You will now choose weather or not you want to only use HTTPS for client communication. Please note if you choose to use HTTPS at all you must have a valid PKI certificate. If you do not want to limite your client communication to HTTPS then you will choose "Configure the communication method on each site system role"
17. You can install the management point on another different server then the one you are running the install on by specifying the FQDN of that server and you can do the same with your first distribution point. If you choose to do this then be sure you have ran the Roles&features setup script in the beginning of this How-To before you choose to install.
18. Click next until you get to the Service Connection Point Setup page. On this page you can configure the service connection point, This role is used to install all future updates for your SCCM install. You will need to install this role but you can do this at a later time if you wish.
19. Verify your setting are all correct then click next.
20. Let the Prerequisite Check run and address any issues that come up then click Begin Install.
The install process is only a small part of getting SCCM fully running in your environment, you still will need to configure many aspects of the server for you to be able to use SCCM.
OS - Server 2016 Standard
SQL - 2016 Standard
Site code - TST
Site Name - SCCMTST Lab
Servers:
SCCM-Setup - Primary Site Server, Distribution point, SQL and Software Update Point
Every server that is a part of your SCCM site will want to have 1 drive for the OS, 1 drive for the page file and 1 drive for the program files.
For your Distribution point you will want to add a drive for your SCCM content to sit on and a drive from the distribution point content. SCCM will story its one copy of the packages, Applications and Image files on the Distribution content drive.
For Your Software Update Point server you will want a drive for WSUS to download content to.
Since I am using 1 server for this lab (Not recommended for a production environment) my drive setup looks like this
3. Add SCCM_CPA to the Domain Admins security group
4. Add all 3 accounts to the Local Administrators group of all of your SCCM servers.
5. Create a Group in AD named SCCM_Servers place your SCCM servers in it.
Site Name - SCCMTST Lab
Servers:
SCCM-Setup - Primary Site Server, Distribution point, SQL and Software Update Point
Every server that is a part of your SCCM site will want to have 1 drive for the OS, 1 drive for the page file and 1 drive for the program files.
For your Distribution point you will want to add a drive for your SCCM content to sit on and a drive from the distribution point content. SCCM will story its one copy of the packages, Applications and Image files on the Distribution content drive.
For Your Software Update Point server you will want a drive for WSUS to download content to.
Since I am using 1 server for this lab (Not recommended for a production environment) my drive setup looks like this
Service Accounts to create
1. Create the Following accounts in AD- SCCM_NAA - Network access account for deploying content from DPs
- SCCM_CPA - Client push account to install the SCCM client on workstations
- SCCM_RSA - SQL reporting account for report access
3. Add SCCM_CPA to the Domain Admins security group
4. Add all 3 accounts to the Local Administrators group of all of your SCCM servers.
5. Create a Group in AD named SCCM_Servers place your SCCM servers in it.
Steps to install SQL
Be fore you start the install you will want to consult the Database Sizing Calculator Created by
2. Copy your SQL install files to the server you will be installing SQL to. You will want SCCM to have its own SQL instance so it is not recommended to install the data base to a already running SQL server and SQL clustering is not supported. A virtual SQL server is supported for SCCM so you can install it on its own VM or depending on the size of your environment you can install on your Primary Site server.
7. You can keep the Default instance name if you wish.2. Copy your SQL install files to the server you will be installing SQL to. You will want SCCM to have its own SQL instance so it is not recommended to install the data base to a already running SQL server and SQL clustering is not supported. A virtual SQL server is supported for SCCM so you can install it on its own VM or depending on the size of your environment you can install on your Primary Site server.
8. For Server Configuration you will want to change all services Account Names except for SQL Server Browser to SCCM_RSA and change there startup type to Automatic. (Be sure the SCCM_RSA account is a local administrator on the server you are installing SQL on)
9. Now we need to configure what accounts have access to the DB. One the Server Configuration tab click add. Then add Domain Admins and SCCM_RSA to the SQL Server administrators.
10. Change to the Data Directory tab can change the drive for User database log directory to the sql logs drive you created.
11. Next change the the TempDB tab and remove the Data directory that is listed and replace it with the drive you created for SQL temp data. Then Change the Log directory drive with the SQL logs drive letter. you can then click next.
12. Click next till you can install then click the Install button. SQL will now start the install process.
13. If you are using SQL 2016 or later you will need to install the SQL Server Management Studio on its own.
14. Under Microsoft SQL Server 2016 on the start menu run SQl Server 2016 Configuration Manager.
15. Expand SQL Server Network Configuration and click on Protocols for <instancename> and right click on TCP/IP and Choose Properties.
16. Under Protocol change Enabled to Yes
17. Then under the IP Addresses tab set IP1 to Active and Enable it
18. Click on SQL Server Services and right click on SQL Server (<instancename>) and choose restart.
Preparing AD for SCCM
There are Two things you need to do before anything else.1. Create the System Management Container
2. Extend the Active Directory Schema.
To do these tasks I will be using a tool created by Nickolaj Andersen and can be found on his Blog.
If you want to do these 2 steps manully click the link to the how to posts for each.
1. Log into CM-Setup or Your Primary Site Server and copy your SCCM install files to the server.
2. Copy the Config Manager Prereq tool .zip to CM-Setup and extract it to a folder on the Site Server
3. Run the ConfigMgrPrerequisitesTool as an administrator.
4. Open the Active Directory Tab
5. Browse SMSETUP\BIN\X64 on your SCCM install media then Click extend.
6. The tool will show you if the extend process was successful
7. Next you will Create the System Management container and grant the SCCM_Servers group full control to it. In the System Management container section of the tool search for the SCCM_Servers group. If the tool found the group it will place it in the next box
8. Check the box "Create the System Management container if it doesn't exist" then click Configure.
9. Look to the Log section if the configuration was successful.
Preparing the Site Server
We will now want to install the correct roles features along with the Windows ADK and WSUS.On your Site servers you will need the following Roles and Features installed
- .Net Framework 3.51 SP1
- .Net Framework 4
- IIS
- Remote Differential Compression
- BITS Server Extension
- Report Viewer
- ADK 1607 or later
<# .SYNOPSIS Installs roles and features for SCCM servers .DESCRIPTION The scrip will install all required features for a SCCM site server and other server roles .NOTES Created By: Kris Gross Contact: Krisgross@sccmtst.com Twitter: @kmgamd .LINK http://www.sccmtst.com/ #> Get-Module servermanager $DotNetSource = Read-Host ".Net 3.5 Source file Location" Write-Host "Installing Web-Windows-Auth" Install-WindowsFeature Web-Windows-Auth Write-Host "Installing Web-ISAPI-Ext" Install-WindowsFeature Web-ISAPI-Ext Write-Host "Installing Web-Metabase" Install-WindowsFeature Web-Metabase Write-Host "Installing Web-WMI" Install-WindowsFeature Web-WMI Write-Host "Installing BITS" Install-WindowsFeature BITS Write-Host "Installing RDC" Install-WindowsFeature RDC Write-Host "Installing NET-Framework-Features" Install-WindowsFeature NET-Framework-Features -source $DotNetSource Write-Host "Installing Web-Asp-Net" Install-WindowsFeature Web-Asp-Net Write-Host "Installing Web-Asp-Net45" Install-WindowsFeature Web-Asp-Net45 Write-Host "Installing NET-HTTP-Activation" Install-WindowsFeature NET-HTTP-Activation Write-Host "Installing NET-Non-HTTP-Activ" Install-WindowsFeature NET-Non-HTTP-Activ $reboot = Read-Host "A reboot is recomended, Would you like to reboot now ? (Y,N)" if ($reboot -eq "Y") {restart-computer}
Using this script on each of you Site servers should install all the roles and features you need with exception to WSUS you will want to install and configure WSUS through the Server Manager.
The next item you will want to do is create a no_sms_on_drive.sms file on each of the drives you do not want SCCM content on. The only drives that should not have this files on them is the drive that you want your distribution point content to be on.
Now you need to install ADK I will be using ADK 1607 due to a known issue with ADK 1703 if you want to use 1703 you need to disable SecureBoot on the system you are installing the ADK on before you start the install.
1. Download the version of ADK you want from Microsoft Hardware Dev Center
2. Run the installer as an administrator.
3. You will be prompted to Install the ADK or Download the setup files. If your server dosnt have
internet access you can download the files and copy them to the server. If you choose to install be sure to change the install path to your program files drive.
4. Choose "No" when asked to participate in the software improvement program.
5. Accept the EULA
6. You will want to only install the following features
- Deployment Tools
- Windows Preinstallation Enviroment (Windows PE)
- User State Migration Tool (USMT)
7. Click Install, the process will take some time so this is a great time to take a brake
Installing SCCM
Now that all of the Prerequisites are setup we can start the install process.1. Run the Splash.hta located in the SCCM install files on the Server you want to install SCCM on
2. Choose "Get the latest Configuration Manager updates" and download the update to the server.
3. When the updates are completely downloaded Choose install from the SCCM Splash.
4. Read through the Before You Begin page and verify that you have done everything on the page.
5. Choose "Install a Configuration Manger primary site" if the "Use typical installation options for a stand-alone primary site" check box is unchecked then click next.
6. Enter your correct licensing information then click next.
7. Accept all Terms then click next.
8. Choose "Use previously downloaded files" and point the path to where you downloaded the updates to in step 2.
9. Choose the Languages you need for the Configuration Manger console, click next
10. Choose the languages you need to the Configuration Manager to support, click next
11. Set you Site code and the Site name, Change the Installation folder to your program files drive
12. If you are joining this server to an existing hierarchy you can specify the Central administration site server or if this is a stand-alone site you will choose "Install the primary site as a stand-alone site"
13. Enter the FQDN of your SQL server, If you have changed the instance name enter the name. You do not have to modify anything else on the page. Click next
14. Verify the paths to the SQL Server data file and SQL Server Log file are correct based on what you setup when you installed SQL. Click next
15. Enter the FQDN of your SQL server and click next
16. You will now choose weather or not you want to only use HTTPS for client communication. Please note if you choose to use HTTPS at all you must have a valid PKI certificate. If you do not want to limite your client communication to HTTPS then you will choose "Configure the communication method on each site system role"
17. You can install the management point on another different server then the one you are running the install on by specifying the FQDN of that server and you can do the same with your first distribution point. If you choose to do this then be sure you have ran the Roles&features setup script in the beginning of this How-To before you choose to install.
18. Click next until you get to the Service Connection Point Setup page. On this page you can configure the service connection point, This role is used to install all future updates for your SCCM install. You will need to install this role but you can do this at a later time if you wish.
19. Verify your setting are all correct then click next.
20. Let the Prerequisite Check run and address any issues that come up then click Begin Install.
The install process is only a small part of getting SCCM fully running in your environment, you still will need to configure many aspects of the server for you to be able to use SCCM.
