Skip to main content

Software Update Management- SCCM 2012

The below post explains the end to end process of software updates management in SCCM 2012 Pre-requisites: 1.  WSUS Server (WSUS 3.0 SP2 ) should be installed on the SCCM site server or if you want to install WSUS on another server, it is important that you install WSUS administration console as the SCCM Server uses API. This  link explains the step by step procedure to install WSUS 3.0 SP2 2. Install SUP-Software Update Point on the SCCM Server . 3. Reporting Services Point: Install reporting services point role as described in this link . 4. Client agent: The software update client agent should be enabled(will be enabled by default) and the settings have to specified as per the requirement. On SCCM console, go to Administration>Site Configuration>Client settings>Right click on Default client settings> Click on Properties. If required, we can create custom client settings and then enable client settings for that settings. Unde
4 comments

Discover Resources-Post SCCM Installation -Configuration Task 3


Discovery Definition:
Discovery identifies computer and user resources that can be managed by a Configuration Manager 2007 site. When a resource is discovered, Configuration Manager creates a record in the database for the resource and its associated information called DDR (Data Discovery record) .You must run Discovery before you can install clients by using client push. However, the other client installation methods do not require that you run Discovery.

Resources might include systems, users, network devices and groups.

To discover resources, you must run at least one discovery method that is suitable for the resource that you want to discover.

Use the table in this link to decide which discovery method to configure in SCCM.

Prerequisites:

  • Site server computer account should have read permission on Active directory domain services if any of the AD discovery methods are being used.
  • Modify permission for the Site Security object class or instance to configure this discovery method.

Types of Discovery:

There are 6 types of Discovery methods 

1. Active Directory System Discovery 2. Active Directory System Group Discovery 
3. Active Directory Security Group Discovery 
4. Active Directory User Discovery 
5. Heart Beat Discovery 
6. Network Discovery 


Configuring Discovery methods:

1.       Active Directory System Discovery: Enable this discovery to find the computers in the AD Site or OU as specified.
This discovery method finds all the new machines and creates a DDR for the discovered resources.
        Logs: adsysdis.log  
        Location: SCCM Installation Directory\Logs folder

        Enabling AD System discovery:  General Tab

·         In the Configuration Manager console, navigate to System CenterConfiguration Manager / Site Database / Site Management /<site name>/ Site Settings / Discovery Methods.
·         Right click on AD system discovery>Click on Properties>Check “Enable Active Directory System Discovery” under General tab
·         Click on Yellow star button, select “Custom LDAP or GC Query” as shown and select the appropriate OU ( here I have selected Computers OU). Click OK.
·         Under “Search Options” check “Recursive” to discover the nested OU’s as well.
·         Click OK and verify whether the Distinguished name is the one that we have selected.




    Polling Schedule:

  • We can schedule the discovery to be run as per custom schedules.( By default is 1 day) 
  • Enable delta discovery to run every 5 minutes to discover any new resource which has been added to the AD DS Run a full discovery option- this will be unchecked once the full discovery is run

Active Directory attribute tab

This tab shows the attributes of the systems discovered and also allows us to configure more attributes.
By default, the following attributes are collected:
·         Computer name
·         Operating system
·         Object class
·         DNS Host name
·         Domain

2.       Active Directory System Group Discovery

Discovers additional information about previously discovered computers from the specified locations in Active Directory Domain Services. This information includes the OU and group membership of the computer. It does not discover information about new resources that did not previously exist in the Configuration Manager Site database.
Logs: adsysgrp.log
Location: SCCM Installation directory\logs
The configuration steps are same as shown in AD system group discovery method above except attribute tab. There is no Active directory attribute tab available for this discovery.

3.       Active Directory Security Group Discovery
It searches Active Directory Domain Services for security group information that can be used to create collections and queries. It discovers local groups, global groups, and universal security groups.
Logs: adsgdis.log
Location: SCCM Installation directory\logs
The configuration steps are same as shown in AD system group discovery method above except attribute tab. There is no Active directory attribute tab available for this discovery.

4.       Active Directory User Discovery
It searches Active Directory Domain Services for user accounts and associated attributes.
By default, the following attributes are collected:
·         User name
·         DNS host name
·         Object class
·         Active Directory domain
·         Active Directory container name
         Logs: adusrdis.log
         Location: SCCM Installation directory\logs
        The configuration steps are same as shown in AD system group discovery method above.

5.       Network Discovery
Network Discovery searches your network for IP-enabled resources by querying Microsoft DHCP servers, Address Resolution Protocol (ARP) caches in routers, and SNMP-enabled devices. Network Discovery can also search Active Directory domains and IP subnets.
Generally we don’t configure Network discovery since it generates lot of traffic, the devices discovered are unmanageable and also it is an administrative overhead.
For more information on Network discovery, check http://technet.microsoft.com/en-us/library/bb693986.aspx
         Logs: netdisc.log
         Location: SCCM Installation directory\logs

6.       Heart Beat Discovery:

·         This discovery is different from the rest of the SCCM discovery methods.
·         It is enabled by default
·         Doesn’t discover new resources
·         Sends a heartbeat pulse to existing SCCM client agents to check the status
Logs: Inventoryagent.log
Location:  32 Bit OS: %Windir%\System32\CCM\Logs 
                     64 Bit OS: %Windir%\SysWOW64\CCM\Logs

Note:

The default schedule for Heartbeat Discovery is set to every 7 days. If you change the heartbeat discovery interval, ensure that it runs more frequently than the site maintenance task Delete Aged Discovery Data, which deletes inactive client records from the site database.

To configure the Heartbeat Discovery schedule

·         In the Configuration Manager console, navigate to System CenterConfiguration Manager / Site Database / Site Management /<site name>/ Site Settings / Discovery Methods.
·         Right-click Heartbeat Discovery and then click Properties.
·         In the Heartbeat schedule group box, specify how often clients will create and send a heartbeat DDR to the management point.Click OK



7.       Site Systems Discovery:
In addition to these six discovery methods, Configuration Manager 2007 also uses a process named NT Server Discovery (SMS_WINNT_SERVER_DISCOVERY_AGENT) that creates resource records for computers that are site systems, such as the computer that is configured with the management point site system role. This method of discovery runs daily and is not configurable.
Site systems discovery is recorded in the log file ntsvdis.log in the <InstallationPath>\LOGS folder on the site server.
Labels:

Comments

  1. 21st Century Software Solutions21 August 2014 at 14:24

    ldap online training| ldap training| call us+919000444287 ...
    www.21cssindia.com/courses/ldap-online-training-103.html
    LDAP Online Training, LDAP training, LDAP course contents, LDAP , call us: +919000444287,dharani@21cssindia.com.

    ReplyDelete
  2. Unknown16 May 2017 at 15:41

    I really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in sccm , kindly contact us http://www.maxmunus.com/contact
    MaxMunus Offer World Class Virtual Instructor led training on TECHNOLOGY. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ trainings in India, USA, UK, Australlia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
    For Demo Contact us.
    Sangita Mohanty
    MaxMunus
    E-mail: sangita@maxmunus.com
    Skype id: training_maxmunus
    Ph:(0) 9738075708 / 080 - 41103383
    http://www.maxmunus.com/

    ReplyDelete

Post a Comment

Popular posts from this blog

Registering SPN for SQL Server for SCCM

If using a domain account to install SQL server 2008 R2 for SCCM, you have to register a SPN (Service Principal Name) in Active Directory for that domain account. Two SPNs for the account should be registered,     1. For NETBIOS name of the SQL Server     2. For the FQDN of SQL server. The procedure to do that is as follows 1. Log on to a domain controller; open a command prompt with administrative privileges. 2. Type the below commands replacing SQL server name. setspn –A MSSQLSvc/< SQL Server NETBIOS name >:1433<Domain\Account> setspn –A MSSQLSvc/< SQL Server FQDN >:1433 <Domain\Account> 3. As shown in the below screenshot, the server name here is  CM2012 for NETBIOS name and CM2012.CONTOSO.COM 4.  Verify the registration of SPN by typing the below command Setspn –L  <domain\account>
1 comment
Read more

Consistency validation for SQL Server registry keys failed error -SQL for SCCM

During installation of SQL server, "Consistency validation for SQL Server registry keys failed” error pops up in the below scenarios. 1.   Previous installation of SQL exists. 2.   Inappropriate permissions on the registry keys of Microsoft SQL server. Solution that worked me is explained below. A. Identify the issue: 1. Go to %Program Files%\Microsoft SQL Server\100\SetupBootstrap\Log\”date  and time of installation” 2. Search (in Detail_GlobalRules.txt) for lines containing the following string "Could not fix registry key" 3. Run “regedit”, s et full control permissions for the appropriate registry keys mentioned in "Detail_GlobalRules.txt" file. Re-run the installation. B. Modifying the registry: 1. Locate HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server in registry. (To open registry, run “regedit”) 2. Right click and go to Permission 3. Click on Advance tab and c heck the below options.     i. Include i
6 comments
Read more

Collection query to find Machines--based on GUID Criteria

You can use the below SQL query to create a new collection based on GUID. select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.SMBIOSGUID = " 18764D56-C91F-83A5-51FB-4AD4B6699D04 " Replace the GUID with the one that you intend to delete. This is particularly useful when performing OSD related tasks. To know how to create a collection , go through this link .
3 comments
Read more