Kent Agerlund
Configuration Manager
Advanced Infrastructure
Who am I
•
•
•
•
•
Kent Agerlund
Profession
•
•
•
Chief System Management Architect & Co-founder of Coretech
Coretech A/S, System Center Gold Partner
Work as consultant and trainer
•
•
•
Microsoft MVP: Configuration Manager
Microsoft Certified Trainer
MCITP Enterprise Administrator
•
•
•
•
Founder of SCUG.dk
Moderator on Microsoft TechNet Forums
Member of the System Center Alliance Team
Member of the System Center Influencers Team
•
•
Mastering System Center 2012 Configuration Manager
System Center 2012 Configuration Manager Mastering
the fundamentals
Titles
Communities
Author
Agenda
• SQL and Configuration Manager
• Placement of the site system roles
• Load balancing
• Fault tolerance
• Forest support
SQL server considerations
•
•
•
•
•
•
•
Standard edition max 50.000 clients in the hierarchy
Dedicated SQL instance for each site
Collation Case-insensitive collation (SQL_Latin1_General_CP1_CI_AS)
SQL Server version
•
•
Minimum SQL Server 2008 SP2 with CU7
Recommended SQL Server 2012 CU3
•
•
Local VS remote (1 GB connection between site server and site DB)
Cluster support
•
•
Depends on several factors like inventory frequency, AI, maintenance tasks etc.
Rule of thumb is 5 mb pr. client
SQL server location
Plan the Site Maintenance tasks and status filter rules carefully
Estimate DB size
SQL Server considerations
• Limit SQL memory
• 2 GB for OS/4 GB for CM and the rest for SQL
• Reserve min 8 GB RAM in the buffer pool for
the CAS/Primary Site and min 4 GB RAM for
secondary sites.
• 1 database file pr. core
• 1 tempDB file for every two CPU’s
• Change Autogrowth to 1 GB
Disk layout example
Enterprise disk layout
•
If cost is an issue or site is
medium consider
•
•
•
•
Combining the TempDB and log
files on the same drive
Combining the database files on
the same drive
Combining all non OS files on the
same drive (small site or lab
environment)
Always plan for contentlibrary
Disk layout
I need to design my site for max
uptime
Headaches
• Complex environments
• The DBA battle
• Latency and replication
Solution = Keep It Simple
Fault tolerance – what are my options
Multiple instances
•
•
•
•
•
•
•
•
•
Distribution Point, 250
Management Point, 10
Software Update Point, 8
State Migration Point
SMS Provider, 2
Application Catalog web service
point
Application Catalog website
point
System Health Validator
Reporting Services
Non-Fault Tolerance
• Site Server
• Endpoint Protection
Point
• Asset Intelligence Point
• Enrollment Point
• Enrollment Proxy Point
• Fallback status Point
• Out of band service
Point
Site Systems
Cloud Based
Distribution Point
Asset Intelligence sync point
Out of band service point
SMS Provider
Enrollment proxy point
SQL
Server
Distribution Point
PXE
Enrollment point
Primary Site Server
Application catalog
Web services point
Reporting
Services point
Application catalog
Web site point
Management Point
System Health Validator
Fallback Status Point
Software Update Point
State Migration Point
Site systems and performance
• Non-user facing site systems
can be installed on the primary
site server
• Offload user facing site system
roles first
•
•
•
•
Distribution point
Management Point
Software Update Point
Application Catalog
• Use SQL replicas on the
Management Points
• If needed offload reporting
SQL DB
Primary site server
SMS Provider
Endpoint
Asset Intelligence
Management Point
Software Update
Distribution Point
Application Catalog
Management Point
• Primary point of contact for clients
• Support for 10 Management Points pr. primary
site
• Support for 1 Management Point pr. secondary
site
• Role is not “site aware”
• Offload SQL use a database replica
DB replica on Management Point
• Why
• Performance
• Fault tolerance
• Additional SQL license
• Not required
• Requirements
•
•
•
•
SQL replication
SQL Agent
Share to store replica data
Uses traditional SQL replication
• BGB Support needed for SP1
• Prepare Broker service and exchange certificates
Distribution Points
• On premise
• Remote location support
• throttling and scheduling
• NO_SMS_ON_DRIVE.SMS
• Cloud based
• Pull Distribution Points
Cloud Distribution Point
• Purpose and Benefit
• Use as fallback distribution point
• 99.9% availability
• Easy to scale
• Requirements
•
•
•
•
Azure Subscription
Management Certificate
DNS
Client Settings
Distribution Point WAN considerations
•
•
•
•
Preferred distribution point
•
Assigned using boundary groups
•
Formerly known as protected
boundaries
Allow fallback source location
for content
Distribute the content for this
package to preferred
distribution points
•
On demand content push
•
Offloads processing on the site
server
Daisy Chaining
Do not honor rate limits
Pull Distribution Points
•
•
No local Distribution Points
• Alternate Contentprovider
• Nomad from 1E
• OneSite from Adaptiva
• Benefits
• Eliminates the need for a local DP
• PXE lite
• Fault tolerance
• Microsoft BrancheCache
Software Update Points
• Multiple Software Update
Points in SP1
• All Software Update
Points are Active
• Client will stay with the
same SUP until it fails
• Client randomly select a
SUP
• Multiple SUP’s are not as
robust as NLB
Forest and Workgroup Support
Workgroup support
• Installing the client
• Client push doesn’t work in ConfigMgr 2012.
• Accounts
• Network Access Account
• Device Oriented
Cross Domain/Forest support
• All site servers must be in a fully two way trusted domain
• User facing site systems can be deployed in untrusted
forests
• DMZ
• Deploy remote site roles in DMZ for managing Internet-Based
Clients.
• All Internet based clients receives machine policies
• User policy requires:
• One way trust between DMZ and the forest to which the client
belongs.
• Extend AD schema is remote forest
Cross Domain/Forest
CAS, Primary and
secondary site must
reside in a fully two way
trusted Active Directory
Domain/Forest.
CAS
PR1
DP
MP
PR2
DP
MP
corp.sc2012.lcoal
corp.contoso.com
PR2
DP
MP
hr.sc2012..local
SC2012.lcoal
Q&A
28