CEP Configuration Manager 2012 Hierarchy Technical Overview summary

Today another Live Meeting session of the Configuration Manager 2012 Community Evaluation Program was held. The subject this time: Hierarchy Technical Overview. With Configuration Manager 2012 lots of nice things in the Configuration Manager Hierarchy are changing. Let’s see which nice things will change :)

Today D.C. Tardy, Senior Program Manager of the Configuration Manager team guided us the through the changes.

Key takeaway for today are simplification of infrastructure and simplification of administration!

Configuration Manager 2012 will have the following Infrastructure promises

  • Modernizing architecture
    • Minimizing infrastructure for remote offices
    • Consolidating infrastructure for primary sites
      • Central Administration Point is just for administration and reporting.
      • File processing occurs once at the primary site and uses replication to reach other sites
      • System generated data (Hardware and software inventory and Status) can be configured to flow to the CAS directly.
    • Be  trustworthy
      • Interactions with SQL DBA are consistent with SCCM 2007
      • Configuration manager admin can monitor and troubleshoot new replication approach directly

Simplify your hierarchy! Collapse the multi-tier approach to a CAS with Primaries.

  • Use Primary sites for:
    • Scale more than 100.000 clients
    • Reduce impact of site failure
    • Local point of connectivity of administration (political)
    • Political reasons
    • Content regulation
  • Use primary sites not for:
    • Decentralized administration
    • Logical data segmentation
    • Client settings
    • Languages
    • Content routing for deep hierarchies
  • Use Secondary site for:
    • Manage upward flowing wan traffic
      • Sensitive networks
  • Tiered content routing for deep network topologies
  • No local administrator
  • Secondary Site servers support and uses SQL  Express, MP, DP, SUP and PMP
  • Use Distribution points for
    • Sites with not enough bandwidth for BITS
    • Multicast for operating system deployment
    • App-v streaming
  • Not use Distribution Points for
    • When BITS provides enough control for WAN traffic
    • When BranchCache is deployed
      • DP on Windows Server 2008 R2
      • Vista SP2 KB960568
      • Windows 7
  • Distribution Points provide
    • Scheduling and throttling data synchronization
    • PXE and multicast properties
    • Role can be installed on clients and services
    • Specify drives for content storage
  • There is no support anymore for all the old prestaging technology (courier senders, pkgPreLoadOnSite tools, manual prestaging)

Content Prestaging

  • New for Configuration Manager 2012
  • One feature that can preload on a site srver or distribution point
    • All package types supported
    • Content library and package share
    • Registers package availability with site server
    • Prestaged content file is compressed
    • Singe action to load multiple prestaged content files
    • Conflict detection to ensure latest package version

Forest discovery

  • Discovers site servers forest plus any trusted forests
  • Manually adds forests that are not trusted
    • Forests for a perimeter network
    • Supports both publishing and discovery
  • Discovery returns; domains, IP Subnets and AD Sites
  • Supports boundary creation, on demand selection or automatically

Boundaries

  • Retained same boundaries as SCCM 2007
    • Active Directory Site
    • IP Address range
    • IPv4 subnet
    • IPv6 prefix
  • Boundary management has been simplified
    • Automatically create boundaries as part of forest discovery
      • Enable AD forest discovery
    • Separated client assignment and content lookup
    • Added boundary groups to keep boundaries organized in logical containers
    • Boundary groups are the primary object for client assignment and content lookup ( not the boundary itself)
  • Automatically create a boundary group and associated boundaries from Configuration Manager 2007 site during migration

When you need a Central Administration Site?

  • More than one primary site in a single hierarchy
  • Off-load reporting and administration from you Primary Site
  • Migration consideration: The Central Administration Site must always be installed on new hardware.
  • You can move administrators from primary sites to the CAS for reducing

SQL for Configuration Manager 2012

  • One configuration Manager site per SQL Server instance
  • All database communication is encrypted
  • TCP/IP ports for service broker need to be opened in the firewall (1433 4022)

Replication of Configuration Manager data

  • Global data is replicated via SQL
    • Collection rules, package metadata, software update metadata, deployments
    • Found on Central Administration Site, All Primary Sites and Secondary sites (subset of global data)
  • Site data is replicated via SQL
    • Created by system
    • Collection members, Hardware inventory, alert messages
    • Found on Central Administration Point, Originating Primary Site
  • Content is replicated via file based replication
    • Software packages, installation bits, software updates, boot images
    • Found on Primary Sites, Secondary Sites and Distribution Points
  • For more information about the replication you can find there.

Monitoring replication

 

  • Is done in the Configuratino Manager Management Console
  • Administration Node shows disk space problems at site for instance SQL database
  • Monitoring node shows us alerts set for instance disk space
  • Monitoring can be done in the Hierarchy Diagram
  • Database Replication node gives replication information about site to site replication (global replication status
  • Diagnostic information can be saved to CSV files

Client settings

  • Easiest step to infrastructure reduction; stop using primary sites for different client settings
  • Default client settings for the entire hierarchy
  • Custom client settings assigned to collections
    • Priority-based conflict resolution
      • Custom settings override default settings
    • Resultant settings can be an aggregation of both default and one or more custom settings

Hardware inventory client settings

  • No editing .mof files because of the console experience in the Configuration Manager Console :)
  • Browse WMI namespace to select the classes you need
  • Backward compatible (you can import existing .mof files)

Client Settings & collection assignment

  • Collections are global data
  • Collections are bow globally evaluated at all sites
    • Clients from any site can be members and receive targeted deployments
    • Change focus from site-centric administration to client-centric
  • Remember:
    • global data: collection rules & counts
    • Site data: collection members

Role based administration

Role based administration is a very important peace for allowing hierarchy simplification. The concept is based on “Display what’s relevant to me”

Role Based Administration allows:

  • Mapping organizational roles of administrators to security roles
  • Hierarchy-wide security management from a single management console
    • RBA is global data
    • Concept of RBA:
      • Security Roles, what types of object can I see and what can I do to them?
      • Security Scopes, Which instances can I see and interact with?
      • Collections, Which resources can I interact with?

Collection limiting

With Configuration Manager 2012 you are able to limit collections.

  • Every collection is limited by another
  • Assigning a collection to an administrator automatically assigns all limited collections
  • Ship with to read-only root collections
    • All systems
    • All users and user groups

Promises for Configuration Manager 2012 vs 2007

  • Scalability and data latency improvements
  • Consolidating infrastructure for primary sites
  • Minimizing infrastructure for remote offices

Migration thoughts

Be sure to see the Migration Session and my movie about migrating Configuration Manager 2007 to Configuration Manager 2012. To further prepare your SCCM 2007 environment please look at the following:

  • Flatten your hierarchy where possible
  • Plan for Windows Server 2008, SQL 2008 and 64-bit
  • Start implementing BranchCache with Configuration Manager 2007 SP2
  • Move from web reporting to SQL Reporting Services
  • Avoid mixing user & device collection definitions
  • Use UNC path’s to MSI in package source path instead of  local paths

The question I asked about when a client receives more client settings via different collections, if there is a way to view the resultant set of client settings is passed to the Client Settings part of the Configuration Product Team. If it’s not there yet, I think that it would be a nice feature for in Configuration Manager 2012 ;)

Next session is about June 8, Application Management part 2. Be there! :)

Comments

 
Comments

Trackbacks for this post

Leave a Reply


9 − = one