Configuring Discovery And Boundaries In SCCM

Configuring SCCM Discovery

Configure discovery methods to find resources to manage from from network and Active Directory. Discovery creates a discovery data record (DDR) for each discovered object and stores this information in the SCCM database. When a resource is discovered the information about the resource is put in a file that is referred to as a discovery data record (DDR).
For More Info:- https://docs.microsoft.com/en-us/sccm/core/servers/deploy/configure/configure-discovery-methods

Discovery Methods

Active Directory Forest Discovery – This method discovers Active Directory sites and subnets.
Active Directory Group Discovery – This method discovers groups from the defined location in the Active Directory.
Active Directory System Discovery –This method discovers the computers in your organization from specified AD locations.
Configuration Manager Active Directory User Discovery – This Discovery process discovers the user accounts from your Active Directory domain.
HeartBeat Discovery – This is the only discovery method that is enabled by default. The HeartBeat Discovery runs on every SCCM client and is used by Active Configuration Manager clients to update their discovery records in the database. Furthermore the records are sent to the management point in specified duration of time.
Network Discovery – The Network Discovery searches your network infrastructure for network devices that have an IP address. It can search the domains, SNMP devices and DHCP servers to find the resources. This includes printers, routers, and bridges.

Below is the discovery methods from Console

Enable Active Directory Forest Discovery

  In the Configuration Manager console, click on Administration and select Hierarchy Configuration, click on Discovery Methods. The first discovery method listed is Active Directory Forest Discovery. To discover Active Directory network locations and convert those locations into boundaries right click Active Directory Forest Discovery for the primary site and right click, choose Properties. Enable Active Directory Forest Discovery

 

Review the discovery of objects via ADForestDisc.log file located in <InstallationPath>\LOGS path

Enable Active Directory Group Discovery 

In the ConfigMgr console, in the Administration workspace, select Hierarchy Configuration, then select Discovery Methods and right click Active Directory Group Discovery and choose properties.  The Active Directory Group Discovery Properties window appears. Select the option to Enable Active Directory Group Discovery and click on Add to see two more choices, Groups and Location. Select Location and select the previously created windowsnoob Organizational Unit (OU) which will contain your servers, users, computers and devices.

Review the discovery of objects via ADsgDis.log file

Enable Active Directory System Discovery 

In the ConfigMgr console, in the Administration workspace, select Hierarchy Configuration, then select Discovery Methods and right click Active Directory System Discovery and choose Properties, place a check mark in Enable Active Directory System Discovery. Click on the yellow starburst to add Active Directory containers. For path click on browse and browse to the location you want to discover systems in.

Review the discovery of objects via ADsysDis.log file

Enable Active Directory User Discovery 

In the ConfigMgr console, in the Administration workspace, select Hierarchy Configuration, then select Discovery Methods and right click Active Directory User Discovery and choose Properties. Place a checkmark in Enable Active Directory User Discovery  and click on the yellow starburst to add active directory locations to discover users.

Review the discovery of objects via ADusrDis.log file

Review discovered resources in the console

Discover enabled view from Console

Discovered System resources

Discovered User resources

Configure SCCM Boundaries

As per Microsoft, a boundary is a network location on the intranet that can contain one or more devices that you want to manage. Boundaries can be either an IP subnet, Active Directory site name, IPv6 Prefix, or an IP address range.
To use a boundary, you must add the boundary to one or more boundary groups. Boundary groups are collections of boundaries. By using boundary groups, clients on the intranet can find an assigned site. In addition to that they can locate content such as applications, software updates, and operating system images. Active Directory Forest Discovery discovers boundaries automatically.

To create boundries in SCCM,
Open the SCCM Console-Go to Administration / Hierarchy Configuration / Boundary-Right-click Boundaries and select Create Boundary

Here i have used Active Directive Site

Here boundary has been created and reflected in Console

Create Boundary Group

We need to add the Boundary to the Boundary groups. To do so Select Boundary Groups, right Click and create a boundary group. Provide a name as First Boundary Group. Click Add. Select the boundary which we created Vcloud.com AD Site and Click OK. Click on references tab, check Use this Boundary group for site assignment. To add the site system servers, click Add and select the Site System Server. Click OK.

Newly Created Boundary group reflected in Console

System Center Operations Manager (SCOM) 2016 Installation Guide

Overview

The following installation guide will cover a basic install of System Center Operations Manager 2016 on Windows Server 2016 with SQL 2016.

In this article, we will be deploying a single Operations Manager that will contain all components of the solution on a single server. However, in a corporate environment, the administrator will plan to distribute the roles and design high availability to the monitoring system.

Single server deployment of Operations Manager

The single server management scenario combines all the management group roles that can coexist onto a single server running as a member server in an Active Directory domain. This instance can be on dedicated hardware or on a virtual computer. You can deploy the Operations console to computers other than the single server, and access the web console with a browser.

You deploy Operations Manager in a single-server management group when you want to use it for evaluation, testing, and management pack development, usually in a lab, development, or non-production environment.

Reference link:- https://docs.microsoft.com/en-us/system-center/scom/deploy-single-server?view=sc-om-2019

Operations Manager services

The single server management group configuration supports the following services:Monitoring and alerting

  • Monitoring and alerting
  • Reporting (available in the Operations console but not in the web console)
  • Audit collection
  • Agent-less exception management
  • Data (accessed by using the web console and the Operations console)

My LAB environment Setup

I have hosted all the servers in Hyper-V and Windows Server 2016 has been installed as the base OS for all Servers.
Installed two Windows 2016 servers for AD & SCCM
AD server Name : ADS01(Configured Active directory Domain services,DNS & DHCP)
Domain Name: VCLOUD.COM
SCOM Management Server Name : SCOM01 (SQL 2016 installed on the same Server)

Operations Manager service accounts

As part of the installation process, we must create the Service Accounts/Security Group from AD which will be used during Operations Manager installation

  1. DOMAIN\OMSAA              OM Server Action Account
  2. DOMAIN\OMDAS              OM Config and Data Access Account
  3. DOMAIN\OMREAD           OM Datawarehouse Reader Account
  4. DOMAIN\OMWRITE         OM Datawarehouse Write Account
  5. DOMAIN\MSSQL               SQL Service Account
  6. DOMAIN\OMAdmins        OM Administrators security group( Add the OMSAAOMDASOMREAD, and OMWRITE accounts to the “OMAdmins” global group)

SCOM server Prerequisites

1.Install Web Server Roles

Open Powershell and run the following command to Install required Web Server roles (IIS)

Add-WindowsFeature Web-Server, Web-WebServer, Web-Common-Http, Web-Default-Doc, Web-Dir-Browsing, Web-Http-Errors, Web-Static-Content, Web-Health, Web-Http-Logging, Web-Request-Monitor, Web-Performance, Web-Stat-Compression, Web-Security, Web-Filtering, Web-Windows-Auth, Web-App-Dev, Web-Net-Ext, Web-Net-Ext45, Web-Asp-Net, Web-Asp-Net45, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Mgmt-Tools, Web-Mgmt-Console, Web-Mgmt-Compat, Web-Metabase, NET-Framework-45-ASPNET, NET-WCF-HTTP-Activation45, WAS, WAS-Process-Model, WAS-Config-APIs

2.Install Microsoft CLR Types for SQL Server 2014
3.Install Microsoft Report Viewer 2014 Runtime

Install SQL 2016

In My lab, I have installed SQL 2016 on the same SCOM01 server. below are the step by step installation.

  • Run setup, choose Installation > New SQL Server stand-alone installation…
  • When prompted for feature selection, install ALL of the following:
    • Database Engine Services
    • Full-Text and Semantic Extractions for Search
    • Reporting Services – Native
  • On the Instance configuration, choose a default instance, or a named instance. Default instances are fine for testing, labs, and production deployments. Production clustered instances of SQL will generally be a named instance. For the purposes of the POC, choose default instance to keep things simple.
  • On the Server configuration screen, set SQL Server Agent to Automatic and type respective domain service account & password.
  • Check the box to grant Volume Maintenance Task to the service account for the DB engine.  This will help performance when autogrow is needed.
  • On the Account provisioning tab – add your personal domain user account and/or a group you already have set up for SQL admins. Alternatively, you can use the OMAdmins global group here. This will grant more rights than is required to all OMAdmin accounts, but is fine for testing purposes of the POC.
  • On the Data Directories tab – set your drive letters correctly for your SQL databases, logs, TempDB, and backup.
  • On the Reporting Services Configuration – choose to Install and Configure. This will install and configure SRS to be active on this server, and use the default DBengine present to house the reporting server databases. This is the simplest configuration. If you install Reporting Services on a stand-alone (no DBEngine) server, you will need to configure this manually.
  • Choose Install, and setup will complete.
  • When you complete the installation – Install SQL Server Management Studio Tools separatly to access the database. 

SCOM 2016 Step by Step Installation

Now we will start the SCOM installation, First extract setup file from the downloaded source. Once extraction complete, Run the setup now.
On the SCOM 2016 setup screen, Click Install (In order to get the latest update you can choose Download Check box and its an optional)

Here I am going to install all the features, select all the below features

Setup will verify hardware and software requirements

All prerequisites Passed, Click Next

Since its an new installation, Select Create the first management Server and Provide Management Group Name (Here i have used OPS-MGR)

Accept the license terms and click Next.

Provide Server Name and Instance Name and Click Next

Specify Server name and Click Next

Choose the SQL server instance for reporting services and click Next.

Select Default Web Site and click Next.

Select Mixed Authentication and click Next.

Enter respective Created service accounts as per below

Click Next.

You can choose use microsoft update to check for updates option If you enable internet, Otherwise Choose Off

Final check before you click Install.

Installation In progress

Setup is successfully Completed now and we have installed evaluation version of operations manager, hence its showing warning for management server

Lanch SCOM 2016 Console now. Below is the SCOM console View

Click Help > About to See the SCOM version. We have successfully installed SCOM 2016 now.

Thank you 🙂 Will post the configuration part soon.

Microsoft SCCM Current Branch 1902 Step-By-Step Installation Guide

Overview

The following guide will take you through the installation of SCCM Current Branch 1902 with a simple Primary Server approach and with the SQL 2016 server located on the same device hosted on Hyper-V

Setting Up the Lab

I have hosted all the servers in Hyper-V and Windows Server 2016 has been installed as the base OS for all Servers.

Installed two Windows 2016 servers for AD & SCCM

AD server Name : ADS01(Configured Active directory Domain services,DNS & DHCP)

Domain Name: VCLOUD.COM

SCCM Server Name : SCCM01

SCCM 1902 Prerequisites

1.Join SCCM01 to Domain, Create required Users,assign permissions and create the Systems Management container, delegate permission

2.Server role and feature installation

3.Install ADK and WDS

4. Install and configure SQL server (Here I have used SQL server 2016 SP2)

5.Download SCCM source from the below link

https://www.microsoft.com/en-us/evalcenter/evaluate-system-center-configuration-manager-and-endpoint-protection

Creating the System Management Container and SCCM configuration user accounts

Open ADSI Edit, click on Action, then Connect To and click Ok, Double Click on Default Naming Context and the DC= that appears below it. Click on the > and scroll down to CN=System. Right Click on CN=System and choose NewObject

choose Container from the options, click Next

Enter System Management

as the value then click Next and then click Finish.

Complete the wizard and close ADSIEdit.

Next, launch Active Directory Users and Computers, Select View, Advanced, and then find System Management.

Right-click on System Management, select Properties, and then the Security Tab. Add the SCCM admin account and the SCCM server name — Full control. Click OK to close.

Next, Delegate control to the SCCM site server (SCCM01) to System Management container in AD Users and Computers.

Click Next then select Create a Custom Task to Delegate, click Next, make sure This folder, existing objects in this folder and creation of new objects in this folder is selected.

Click next, select the 3 permissions General, Property-Specific and Creation-deletion of specific child objects are selected then place a check mark in Full Control.

Click Next then click Finish.

Then Create Configuration Manager User Accounts as per below for SCCM installation/Configuration

CM_Build – For Imaging

CM_Domain Join – For joining computers to the domain

CM_Reporting, For Reporting Services.

CM_Client Push, For SCCM Client Push.

CM_NAA, (Network Access Account) For OSD

Web Server IIS Installation and Feature installation

To enable Web server role and other features, login to SCCM server. Launch Server Manager and click Manage > Add Roles and Features. Select Web Server (IIS) server role and click Next.

Enable/Install the following features :

.Net Framework 3.5 Features [Install all sub features]

.Net Framework 4.5 Features [Install all sub features]

BITS

Remote Differential Compression

Enable/Install the following Roles Services :

Common HTTP Features – Default Document, Static Content.

Application Development – .NET Extensibility 3.5 and 4.5. Select ASP.NET 3.5, ISAPI extensions, ASP.NET 4.5.

Security – Windows Authentication.

IIS 6 Management Compatibility – IIS Management Console, IIS 6 Metabase Compatibility, WMI Compatibility and IIS Management Scripts and Tools.

Click on Close when the feature installation has succeeded.

Install Windows ADK 1903 and install WDS

Download the Windows ADK for Windows 10, version 1903 & Windows PE add-on for the ADK from Microsoft download Centre

Install Windows ADK version 1903. Run the ADK setup and select the following features.

Deployment Tools

User State Migration Tool

Imaging and Configuration Designer (ICD)

Configuration Designer

and click Install to start the download and Installation of the Windows ADK

Once the ADK installation is complete, click Close.

Install the Windows Preinstallation Environment (Windows PE)

Click Next at the License agreement and click Install when prompted.

Click Close Once installation complete

To install Windows Deployment Services (WDS), open Server Manager, select Add roles and features and select the Windows Deployment Services role.

When prompted click on Add Features to include management tools.

and click through the wizard until completion, close the wizard when installation complete

Install SQL Server 2016 SP2

Mount the SQL server ISO. Launch the SQL server setup (run as administrator). On the installation window, click Installation and then click New SQL server stand-alone installation.

Feature Selection – Select Database Engine Services and click Next

Instance Configuration – Select Default Instance. Click Next.

Specify the service accounts. Note the you must use a separate account for each SQL server service.

Click Add Current User to add the account to SQL server administrators. Click Next. Complete the remaining steps. Close the setup wizard and finally reboot the server once.

Click Next and and install and Complete the installation

To Access SQL server, Download and Install SQL Server Management Studio Separately

Install SCCM Current Branch 1902

Download SCCM 1902 baseline media from Microsoft download Center

Run the Splash HTML application from the setup folder. This brings up the System Center Configuration Manager install wizard.

Click Next. then Select Install a Configuration Manager primary site. Check the box “Install a Configuration Manager Primary site“. Click Next.

If you have the SCCM product key, enter it else install the evaluation edition and click Next

Accept the license terms. Click Next.

The Configuration Manager setup requires some prerequisite files. You can either download them now or if you have previously downloaded it, provide the path. Click Next.

Specify the Site code, Site name. Click Next. Here My SITE code is VC1

click Next

On the Settings Summary page, verify all the settings and click Next.

Skip this warning and Begin Install

Once Installation Completed, Click Close

During the installation, click on View Log (opens C:\ConfigmgrSetup.log) to review the installation progress and we could see installation completed Successfully.

Open Console, the below is the Console View

Thank You 🙂 I will post Sccm Configuration, Application Deployment, Updates deployment & Image Deployment Guide soon..!