Following on from my previous article on System Center 2012 Configuration Manager where I talked about the pro’s and con’s of having a Central Administration Site, we will implement the CAS to get the full spread of functionality from ConfigMgr during the walk-through.

Some basic rules:

  • Download all the kits mentioned below before you begin. If you use the kits mentioned and keep things in their vanilla state, and follow the guide exactly, you should have a fruitful evaluation!
  • Since we’re installing into a lab there are a huge set of assumptions made based on being in a virtual environment. We won't be following configuration or security best-practices aside from keeping the firewall up, this guide is not entirely fit for production usage. The Online documentation Library (and the offline documentation) lays everything out in amazing detail, pretty much all the answers are there.
  • When installing anything in this guide, if I don't specifically start talking about the installation process, it is because the defaults just need to be selected. Keep this in mind, and don't fiddle around choosing random "that looks interesting" tick boxes and some such, head straight for a solid and usable first build, then later on refine your own installation process. This way you'll get through to the end of the guide without being interrupted by any lengthy remediation that needs to take place
  • A pristine default configured Active Directory is a good first start, and will lead to less problems occurring during your evaluation. If you've done a lot of Group Policy and other finessing then this could lead to installation or operational failure. This is a very complicated product, don't be fooled by what appears to be a simple installation. That is what is so rewarding about specialising in it, there is always something new to learn
  • Perform VM snapshots after major milestones, OS, SQL, WSUS, ConfigMgr, as rollback points. Be aware, don't roll a CAS back without rolling everything attached to it back as well, or you may\will lose information or even sites.
  • Make sure you are logged in using the domain administrator account all the way through this guide to keep the experience smooth

Download kits and Virtual Machine Requirements

We are going to be installing the following installation kits, you will need to download and extract them first

Media

Download

Windows 2008 R2 with SP1

http://technet.microsoft.com/en-us/evalcenter/dd459137.aspx
WSUS 3.0 SP2 X64 If your Windows 2008 R2 server does not have internet access you will need to download WSUS 3.0 SP2 X64 edition manually
http://www.microsoft.com/en-us/download/details.aspx?id=5216

.NET 4.0

http://www.microsoft.com/en-gb/download/details.aspx?id=17718

SQL 2008 R2 RTM

I'll leave it up to you to get RTM

SQL 2008 R2 SP1

http://www.microsoft.com/en-us/download/details.aspx?id=26727

SQL 2008 R2 SP1 CU6

http://support.microsoft.com/kb/2679367

ConfigMgr 2012 RTM

http://technet.microsoft.com/en-US/evalcenter/hh667640.aspx?wt.mc_id=TEC_105_1_5

ConfigMgr 2012 RTM Prerequisites

Check out my guide on downloading these here

For my lab I have a single forest and a single domain running on Windows 2008 R2 Enterprise at R2 functional level, as a Virtual Machine, with 512MB of memory allocated.

The following Virtual Machines will need to be assigned and built:

Purpose

OS for the LAB

Usage and configuration recommendations for this LAB guide only

Domain Controller

Windows 2008 R2 SP1

Assign 1024MB of memory

Post-build you can reduce this to 512MB if you want but it'll thrash the disk a bit if it becomes too active.

Configure a static IP address, do not use DHCP address for these Lab servers.

DC Promo the server to become a Domain Controller for a new forest\domain called SMSLAB.COM, or whatever you want to call your lab

This quick guide on how to DCPromo a server from Ilija Brajkovic should help you get this done if it’s the first time.

CAS

Windows 2008 R2 SP1

Assign 4GB of Memory

Microsoft recommends 32GB for the CAS, and 8GB of that should be set aside for SQL. Since we're in a lab and unlikely to service many Clients, we'll be fine with 4GB for the CAS and SQL restricted to using 2GB.

Configure a static IP address, do not use DHCP address for these Lab servers.

Join this server to your new Domain

Before we move on, let's cover hard drives. It is important to make it clear that we are not deploying to production, we wouldn't put a CAS in a VM if we were. So, since we're in a lab we can be a bit liberal when it comes to honouring best practices. Thus, all VM's for my Lab have a single disk, and for my lab server I use a Windows Server 8 Storage Pool containing x2 SATA3 disks to manage the Disk I/O. I would not implement any of this in production without honouring the hardware requirements of the product.

OK, once the Domain Controller has been built, you'll need to do the following to get the Active Directory forest and domain ready for ConfigMgr:

Task

Description

Create Domain User and Groups

Setup the following Domain Accounts and Domain Groups on the new Domain Controller

User

ConfigMgrAdmin

This will be our ConfigMgr administrator

Group

ConfigMgrAdmins

We'll add our ConfigMgr administrator to this group, and give the group full administrative access to the Site server once it has been installed

Group

ConfigMgrServers

We'll add our ConfigMgr Site servers to this group and permission it against the System Management container so that the Site servers can publish to Active Directory.

Extend the AD Schema

You can run ConfigMgr without extending your AD schema, but life doesn't have to be that hard in the lab.

Extending the Schema

This is the same procedure as you'd apply for SMS2003 and ConfigMgr 2007. This guide for ConfigMgr 2007 will help you along if you haven't done this before.

http://technet.microsoft.com/en-us/library/gg712264.aspx#BKMK_PrepAD

This is the same procedure since SMS2003, you either extend using the ExtADSch.exe utility, or you use the LDF file.

Both approaches yield the same result, but the option is there to choose which method you feel comfortable using.

It is pretty important to know what will happen when you extend the AD Schema, so take a look at the LDF file, and you'll see several classes defined and various attributes being created.

SMSSETUP\BIN\i386\ConfigMgr_ad_schema.ldf

Create the System Management Container

Create the System Management container and configure its permissions.

Creating the System Management container

This is the very same container used by SMS2003 and ConfigMgr 2007.

You cannot go wrong following the existing documentation on how to create this container

http://technet.microsoft.com/en-us/library/gg712264.aspx#BKMK_CreateSMContainer

Setting permissions on the new System Management container

You can either permission each individual Site servers computer account for access to the container, or setup a group, add the

Site server computer accounts to the group, and permission the container with the group

Another guide from ConfigMgr 2007 which will help you along

http://technet.microsoft.com/en-us/library/gg712264.aspx#BKMK_SetSMContainer

For this lab we've created a group called ConfigMgrServers and we'll be using this as the group mentioned above.
Once all the above is ready, you can begin preparing the CAS.

Preparing Windows 2008 R2 SP1

Not all of the requirements for ConfigMgr 2012 can be installed using Windows 2008 R2 Server Manager, but those that we can install using this method are .NET Framework 3.51, BITS, Remote Differential Compression, WMI Management for IIS and Windows Deployment Services.

Use the PowerShell Server-Manager module to install these ConfigMgr  product requirements

Open a PowerShell prompt and type
            Import-Module servermanager
To install the features run this command line in the PowerShell window:

            Add-WindowsFeature NET-Framework,BITS,RDC,Web-WMI,WDS

Once done if you open Server Manager you'll see the following:

clip_image001

clip_image002

Install .NET Framework 4.0

Pretty simple installer, takes a while, install this next.

Configure the Windows Firewall

A CAS will have Child sites, and thus, SQL replication will need to take place across ports 1433 and 4022.

We will need to open these ports, one way is to use NETSH:

netsh advfirewall firewall add rule name="SQLServer" dir=in action=allow protocol=TCP localport=1433

netsh advfirewall firewall add rule name="SQL Service Broker" dir=in action=allow protocol=TCP localport=4022

The rules should both be accepted with an OK message:
clip_image003

You can check out the Windows Firewall console to see the rules have been created:

image

Get a copy of CMTrace for log viewing

You can find the CMTrace tool on the ConfigMgr 2012 RTM Media in the Tools directory. Copy CMTrace.exe somewhere like C:\TEMP. If you've never used CMTrace before, and not sure what it does, read here and come back to continue.

Install SQL

ConfigMgr 2012 RTM supports SQL 2008 R2 SP1 CU 6, which is great, as SQL 2008 R2 comes with a really nice edition of the Management Studio (SSMS). ConfigMgr has very strict SQL collation requirements, essentially only SQL_Latin1_General_CP1_CI_AS.

Something handy to know ahead of the installs is that you can use CMTrace to view the resulting log files from the RTM, SP1 and CU6 installations. Each execution creates a new folder on the following path called detail.txt:

C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log

You can read a bit more about SQL 2008 R2 logging over on MSDN.

Begin by installing RTM, SP1 then finally CU6.

SQL 2008 R2 RTM - version 10.50.1600.1

To kick off the silent installation, open a CMD prompt, navigate to the SQL 2008 R2 media directory,  then paste the following command line into the prompt:

setup.exe /q /ACTION=Install /ERRORREPORTING="False" /FEATURES=SQLENGINE,RS,AS,IS,SSMS,TOOLS,BIDS,ADV_SSMS,CONN /INSTANCENAME=MSSQLSERVER /INSTANCEDIR="C:\Program Files\Microsoft SQL Server" /SQLSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /SQLSVCSTARTUPTYPE=Automatic /AGTSVCACCOUNT="NT AUTHORITY\SYSTEM" /AGTSVCSTARTUPTYPE=Automatic /RSSVCACCOUNT="NT AUTHORITY\System" /RSSVCSTARTUPTYPE=Automatic /ASSVCACCOUNT="NT AUTHORITY\System" /ASSVCSTARTUPTYPE=Disabled /ASSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /ISSVCACCOUNT="NT AUTHORITY\System" /ISSVCSTARTUPTYPE=Disabled /ASCOLLATION="Latin1_General_CI_AS" /SQLCOLLATION="SQL_Latin1_General_CP1_CI_AS" /TCPENABLED="1" /NPENABLED="1" /IAcceptSQLServerLicenseTerms

Install SQL 2008 R2 SP1 - version 10.50.2500.0

Next up, the Service Pack, as before paste the following command line into the prompt

SETUP.EXE /Q /IACCEPTSQLSERVERLICENSETERMS /ACTION=PATCH /INSTANCENAME=MSSQLSERVER

Install SQL 2008 R2 SP1 CU 6 - version 10.50.2811

Finally, Cumulative Update 6 needs to go on, and as before simply paste the following command line into the prompt

SQLSERVER2008R2-KB2679367-X64.EXE /Q /IACCEPTSQLSERVERLICENSETERMS /ACTION=PATCH /INSTANCENAME=MSSQLSERVER

Configure SQL 2008 servers Maximum server memory

Once SQL 2008 R2 is installed, we need to change the maximum allowed memory setting for the SQL engine, there are two ways to do this

Method 1

Open the SQL Server Management Studio (SSMS) and set maximum allowed memory to something other than the default

clip_image005

Method 2

Use OSQL to make the change to the maximum allowed memory

Open a CMD prompt and type OSQL -E

Paste the following

sp_configure 'show advanced options', 1

GO

RECONFIGURE

GO

sp_configure 'max server memory', 1024

GO

RECONFIGURE

GO 

WSUS

We install WSUS so late in the process due to it requiring a SQL database, it can go on.

There are two ways to install WSUS on Windows 2008 R2:

  • The server has access to the internet and is activated

To do this the server itself has to have access to the internet because it uses Update Services to download the WSUS binary. To see the download activity for WSUS using Update Servers check out the Update Services log here %WINDIR%\WINDOWSUPDATE.LOG

Launch Windows 2008 R2 Server Manager
Click Add a new Role
Choose Windows Server Update Services

  • No internet access but you have the installation binary

Firstly install all the WSUS prerequisites needed for WSUS, these are:

Short Form name

Friendly Name

Web-Metabase

IIS 6 Metabase Compatibility

Web-Windows-Auth

Windows Authentication

Web-Asp-Net

ASP.NET

Web-Dyn-Compression

Dynamic Compression

Web-Static-Content

Static Compression
You can translate the short form names into friendly names here

I found a really cool one-liner PowerShell command to perform the installs (from the One Bored Admin website)

Get-WindowsFeature OOB-WSUS | select -exp DependsOn | Add-WindowsFeature

Now run the standalone WSUS 3.0 SP2 X64 installer and begin the installation.

Either way, when the WSUS wizard appears, go through making the selections shown below and accepting all the others:

Database Options

Use an existing database server on this computer

Web Site Selection

Create a Windows Server Update Services 3.0 SP2 Web site
Using a custom website will force WSUS to use ports 8530 and 8531

Once the WSUS wizard has completed it'll load the Configuration wizard, cancel this.Why?

Well, if you make changes in the WSUS console you invalidate support with Microsoft as well as introducing unexpected behavior in ConfigMgr. There is a rare circumstance where you would go into the WSUS console, but, I mean rare, as in, rocking horse doo-doo rare for most of us.

Install the ConfigMgr 2012 Central Administration Site

Now it is time to install the ConfigMgr 2012 RTM Central Administration Site.

Fire up the ConfigMgr 2012 Splash by running D:\splash.HTA

clip_image006

Select Assess server readiness

The prerequisite checker can be run independently of the splash screen using command line parameters, but, for now we'll stick with the clicky method.

clip_image007

One of these Warnings will always show, verify permissions, the SQL server warning is because I haven't allocated 8GB of memory to SQL server. Since we're a lab, we'll move on.

Note: If you have other warnings here, you haven't done something right, the kits and this guide all line up and as long as the same versions are used it'll work. Take a look back and see if there is anything you've missed.

clip_image008

Select Next

clip_image009

Before we move on, let's look at what the wizard is offering us

Install a Configuration Manager Primary Site

We can either go for typical installation options, or perform a custom installation and specify some installation options

Install a Configuration Manager central administration site

This is how you would install your CAS

For more information on Sites and Hierarchies, especially the CAS, follow this link

Upgrade an existing Configuration Manager 2012 installation

It's there, but for now we don't need it. This will be used to upgrade an existing site when a service pack comes out

Recover a site

We can perform Site Disaster Recovery using this option

Perform site maintenance or reset this site

This is how we perform a site reset, move the provider etc

Uninstall a Configuration Manager site

If we want to remove the product, we'd do it from here

Select Install a Configuration Manager Central Administration Site

Select Next

clip_image010

Enter your product key if you have one, or go for the 180 day evaluation (This is a lab build and we wouldn't expect it to have much of a life time for an evaluation, so 180 days is ample)

Select Next

clip_image011

Accept the agreement and Select Next

clip_image012

Accept more agreements and Select Next

clip_image013

You should already have these prerequisites available, so select "Use previously downloaded files", navigate to and select the folder containing the files, and Select Next

clip_image014

Tea time!

clip_image015

There has been a major change in how language support for both the Console, Client, web-based Application Catalogue and SQL Reporting Services reports is implemented. Check out the following under Sites and Hierarchies \ Language Pack Support

Select Next

clip_image016

Select Next

clip_image017

Enter your site code, your site name (display name) and the installation folder.

We'll use AAA as the Site code, and as usual accept all defaults

Keep Install the Configuration Manager console ticked and Select Next

clip_image018

Accept the defaults but note the following:

  • The server name uses the FQDN and not just a hostname!
  • Instance name, if we had created our own instance on SQL server, we would specify it here
  • The database name is formed exactly the same way as it was in previous versions of the product
  • SQL Server Service Broker port number, keep it at the default of 4022

clip_image019

As in previous versions of the product, we need to install the SMS provider, and in this case we'll be installing it locally so accept the default here.

clip_image020

We should always opt-in and give the Product Group some telemetry on the products use if at all possible. Its all anonymised and really helps the Product Group.

Select Next

clip_image021

Review what we're about to do and then Select Next

clip_image022

Select Begin Install and the installer will begin working through the list of tasks it needs to perform to complete the installation.

It's worth noting that a configuration file will have been written to %TEMP% called ConfigMgrAutoSave.ini, so you can automate a similar Site server build next time.

clip_image023

Keep an eye on the ConfigMgrSetup and ConfigMgrSetupWizard log files in the root of the System Drive, and the Setup screen itself for installation completion.

Yep, you read that right, we have a new setup log, ConfigMgrSetupWizard.

clip_image024

The great thing about this new log is that we can see the sites progression through the installation in a summarised form, while the classical ConfigMgrSetup log gives us the actual detail.

I also think the ConfigMgrSetupWizard log was designed to control the output from the installation such that you shouldn't see any warning or error text unless something has gone wrong. The ConfigMgrSetup log is an example of very verbose output, you will see a lot of red scrolling past, It doesn't mean failure unless the installation stops prematurely as a result.

The installation time I'd say is pretty much dependent on your hard drive performance. I say that because the bulk of the installation time is spent dealing with WAIK and creating the new boot images for X86 and X64 architectures generates lots of disk I/O.

clip_image025

When I installed ConfigMgr 2012 RC1 into the lab it took 23 minutes and 17 seconds to complete the installation. It took 28 minutes and 35 seconds  this time around for RTM, I put that down to having changed the Hyper-V hosts disk configuration by implementing a Storage Pool instead of allowing the VM to write directly to one physical disk.

That's it, the CAS is installed.

clip_image026

Open the Console and it'll connect to the new Site:

clip_image027

You can do a health check by passing over the Site Status, Component Status and running a Status Message Query to see what the last few hours worth of status messages are, but it should be good for supporting further guides in the series.

Next guide Configuring the CAS

That covers the setting up of the CAS in the lab, we still have some way to go before looking fabulous with the CAS, enough that I thought I'd make it a separate guide.

Check out the System Center 2012 Configuration Manager Documentation Library for further reading on the product.

Useful resources

SQL versions (SQLTeam.com)