configmgr hints allegations and things left unsaid l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
ConfigMgr : Hints, Allegations, and Things Left Unsaid PowerPoint Presentation
Download Presentation
ConfigMgr : Hints, Allegations, and Things Left Unsaid

Loading in 2 Seconds...

play fullscreen
1 / 35

ConfigMgr : Hints, Allegations, and Things Left Unsaid - PowerPoint PPT Presentation


  • 118 Views
  • Uploaded on

ConfigMgr : Hints, Allegations, and Things Left Unsaid. Kim Oppalfens, MVP Principal Consultant Inovativ. ConfigMgr. Hints, Allegations, and Things Left Unsaid. Jason. Boundaries. AD Site. IP Range. IP Subnet. The Problems with Boundaries. IP Subnet. AD Site.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'ConfigMgr : Hints, Allegations, and Things Left Unsaid' - dyre


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
configmgr hints allegations and things left unsaid

ConfigMgr: Hints, Allegations, and Things Left Unsaid

Kim Oppalfens, MVP

Principal Consultant

Inovativ

boundaries

Jason

Boundaries

AD Site

IP Range

IP Subnet

the problems with boundaries
The Problems with Boundaries

IP Subnet

AD Site

“Converted” to IP Subnets

192.168.15.0/23 = 192.168.15.0

Cannot use “Super-nets”

Workgroup clients aren’t part of an AD Site

  • Cannot use “Super-nets”
  • Based on Subnet/Network ID
  • Are subjective
    • Subnet IDs are based on IP Address + Subnet Mask
super net example
Super-net Example

IP Subnet: 10.0.0.0

AD Site Subnet: 10.0.0.0/8

Subnet ID: 10.0.0.0

Subnet ID: 10.0.0.0

IP Address: 10.0.1.27/24

Subnet ID: 10.0.1.0

discovery example
Discovery Example

Discovered IP Address: 192.168.16.27

AD Site Subnet: 192.168.15.0/23

Subnet ID: 192.168.15.0

Discovered Subnet ID: 192.168.15.0

IP Address: 192.168.16.27/24

Subnet ID: 192.168.16.0

boundaries8
Boundaries
  • IP Address Ranges FTW
    • Do not rely on AD Sites
    • “Super-netting” is fine
    • No ambiguity
    • What you see is what you get
    • Very granular and exact
    • No subnet calculator needed
high availability and site resiliency

Kim

High Availability and Site Resiliency

Site Functionality

Client Functionality

Inventory

Previously scheduled actions

Remote Control

Key Roles

Distribution Point

PXE Service Point

Software Update Point

State Migration Point

  • Policies
  • Packages
  • Site Settings
  • Key Roles
    • Database
    • Management Point
    • SMS Provider
    • Reporting Point (Classic and SSRS)
the easy button solution
The Easy Button Solution
  • Out of box solution != Site Resiliency
  • Hyper-V and Quick/Live Migration
    • Provides both high availability and site resiliency
    • Site Resiliency will require some network “magic”
software updates and task sequences

Jason

Software Updates and Task Sequences
  • Yes, they work
  • Target the same Collection as your OSD Advertisement
  • Client Agent Install Public Properties
    • SMSMP and SMSSLP
  • Install the latest Windows Update Agent
    • 7.4.7600.229
    • http://support.microsoft.com/kb/949104
  • Increase the WSUS maximum XML size per request
  • Use IP Address Range boundaries
  • Wait for the Hotfix
wmi health

Kim

WMI Health
  • ConfigMgr is a WMI aggregator and automator
no magic b ullet

Kim

No Magic Bullet
  • Install the XP Hotfix
    • KB 933062
  • Don’t automatically flush the Repository
    • Fixes the symptom, not the problem
    • Don’t ever flush the repository on a site server
fixes
Fixes
  • Re-register
  • Built-in Repair
    • XP SP2+
      • rundll32 wbemupgd, UpgradeRepository
    • Vista/7
      • winmgmt /salvagerepository
  • Delete CCM namespace (Client only)

FOR /f %s in ('dir /b /s *.dll') do regsvr32 /s %s

Net stop /y winmgmt

FOR /f %s in ('dir /b *.mof *.mfl') do mofcomp %s

Net start winmgmt

program execution
Program Execution
  • Local SYSTEM account
  • Current user
  • Run Command-line task in a Task Sequence allows alternate credentials
network access account
Network Access Account
  • Generally a fallback account
  • Used to access content
  • Not used to run programs
  • Required for Operating System Deployment
the system account

Jason

The SYSTEM Account
  • Local Actions -> SYSTEM account
  • Network Actions -> Active Directory computer account
    • Includes UNCs on local system
  • All AD computer accounts are automatically members of Domain Computers group
drivers
Drivers
  • Uses system account of server hosting SMS Provider

SMS Provider

Site Server

Driver Package Source

DP

Driver Source

software updates
Software Updates
  • Uses user account of user running the console
  • Uses system account of server hosting SMS Provider

SMS Provider

Current User

Update Package Source

Microsoft

backup
Backup
  • SMS_SITE_BACKUP Service runs as local SYSTEM
  • SMS_SITE_SQL_BACKUP Service runs as local SYSTEM

AD Computer

SYSTEM

AD Computer

SYSTEM

Local

UNC

client
Client
  • Indicative of client agent installation status
  • Not real-time
  • Can be cleared by the “Clear Install” maintenance task
approved
Approved
  • Is a black-box and is not documented in detail
  • Meant to mimic PKI certificate revocation
  • N/A only affects OOB Management
inactive
Inactive
  • When a client is flagged as obsolete it is also marked as inactive
  • Client Status Reporting (R2 & R3)
  • Deleted resources in child domains
  • Used in conjunction with Delete Inactive Client Discovery Data task

?

obsolete
Obsolete
  • Resources are marked as obsolete when they are superseded by newer resources
  • Used in conjunction with Delete Obsolete Client Discovery Data task
slide34

© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.