Active Directory preparation prior to SCCM deployment
SCCM is a powerful tool for improving client management efficiency. We typically use the following basic features of SCCM: Collecting client hardware assets, collecting client software inventory, client software distribution, client update management, client operating system deployment, client Remote Assistance, and more
The deployment of SCCM requires Active Directory support, so you need at least one ad, one SQL Server, one Windows 10 client and one SCCM server in your lab environment.
Note: Many friends are accustomed to deploying the background database and SCCM server on one machine when deploying SCCM in an evaluation environment, but be aware that, in a production environment, the SCCM Management Server and the SCCM backend database must be deployed separately.
The virtual machine parameters in the lab environment are as follows:
Computer name |
Operating system |
Ip/dns |
Functions/Roles |
Note |
DC |
Windows Server R2 |
ip:192.168.1.2 dns:192.168.1.2 |
AD |
|
Sql |
Windows Server R2 |
ip:192.168.1.5 dns:192.168.1.2 |
Database |
SQL Server SP1 |
Sccm |
Windows Server R2 |
ip:192.168.1.6 dns:192.168.1.2 |
SCCM Primary Site |
SCCM TP4 (v:1511) |
Client-1 |
Windows 10 |
ip:192.168.1.15 dns:192.168.1.2 |
Client |
|
It's not easy to deploy SCCM, believing that SCCM2012 's deployed friends know it. There are a lot of things to do before you deploy SCCM2012: Active Directory,iis,sql,wsus,wds and so on. Let's introduce the Active Directory preparation for SCCM deployment today.
When SCCM is deployed, you need to extend the schema in Active Directory and also create objects in the system container of Active Directory. For the first time, SCCM2012 also needs to define boundaries using Active Directory sites. As a result, our readiness to work in Active Directory also starts with the following.
1. Extending the Active Directory architecture
Trust the friends who have deployed exchange to know that the deployment of Exchange requires an extension of the Active Directory schema. The extension of the Active Directory architecture is actually a matter of adding properties to Active Directory, which requires the permissions of the Schema Admins group to extend Active Directory.
Insert the SCCM installation image and open it as a folder, open and go to the folder with the path smssetup\bin\i386 , and locate the ExtADSch.exe:
650) this.width=650; "height=" 483 "title=" clip_image002 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image002 " Src= "http://s3.51cto.com/wyfs02/M00/7A/FC/wKioL1bELv7jl5TFAAFJCT9xqPY940.jpg" border= "0"/>
Click "File"-"Open command Prompt"-"open command prompt as administrator" in the upper right corner of the mouse
650) this.width=650; "height=" 483 "title=" clip_image004 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image004 " Src= "http://s3.51cto.com/wyfs02/M01/7A/FC/wKiom1bELpvgmumpAAB6swz95tI157.jpg" border= "0"/>
At the command prompt, type extadsch.exe:
650) this.width=650; "height=" 438 "title=" clip_image006 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image006 " Src= "http://s3.51cto.com/wyfs02/M02/7A/FC/wKiom1bELp6wetBwAAD9RKjYSX4869.jpg" border= "0"/>
After running Extadsch, to verify the results, you can open the ExtADSch.log file view under C drive. As shown in ExtADSch.log, the specific results of the extended schema are shown, which classes are added and which attributes are added. From the file content: "Successfully extended the Active Directory schema." It can be judged that the extended architecture is successful.
650) this.width=650; "height=" 409 "title=" clip_image008 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image008 " Src= "http://s3.51cto.com/wyfs02/M01/7A/FC/wKioL1bELwXRh3ASAAGF_tQbKZY620.jpg" border= "0"/>
2. Create the System container
As mentioned in previous operations, SCCM writes some properties and classes to Active Directory during deployment, so we need to create a container for the properties and classes written by SCCM, as follows:
Open ADSI Edit:
Right-click the ADSI Editor and tap Connect to:
650) this.width=650; "height=" 232 "title=" clip_image010 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image010 " Src= "http://s3.51cto.com/wyfs02/M01/7A/FC/wKiom1bELqKDeACjAACS6_j_Pm0329.jpg" border= "0"/>
Leave the default here and click Next:
650) this.width=650; "height=" 484 "title=" clip_image012 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image012 " Src= "http://s3.51cto.com/wyfs02/M00/7A/FC/wKiom1bELqPyaHk_AACy-yGIJUg690.jpg" border= "0"/>
As the way unfolds, and find Cn=system. Right-Cn=system, click New, click Object:
650) this.width=650; "height=" 484 "title=" clip_image014 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image014 " Src= "http://s3.51cto.com/wyfs02/M00/7A/FC/wKioL1bELwmDsIOCAAFLSK0WyRA605.jpg" border= "0"/>
Select "Container" in the Select Object class location and click Next:
650) this.width=650; "height=" 484 "title=" clip_image016 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image016 " Src= "http://s3.51cto.com/wyfs02/M01/7A/FC/wKioL1bELwvQ2Zg5AACoHRrBSmE068.jpg" border= "0"/>
Enter the object value: "System Management", click Next:
650) this.width=650; "height=" 484 "title=" clip_image018 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image018 " Src= "http://s3.51cto.com/wyfs02/M02/7A/FC/wKioL1bELwyB2LOVAACBIEutqTc688.jpg" border= "0"/>
Click Finish:
650) this.width=650; "height=" 484 "title=" clip_image020 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image020 " Src= "http://s3.51cto.com/wyfs02/M00/7A/FC/wKiom1bELqmB0T7-AAB-bbBWOOo329.jpg" border= "0"/>
3. Assigning System container Permissions
Some objects are created under the System Management container in Active Directory during SCCM deployment. To ensure that this process goes smoothly, we need to authorize the SCCM server in the System container in Active Directory. The steps are as follows:
Locate the newly created container "System Management" right-click on "Properties"-"Security" in ADSI Edit, add the computer account of the SCCM server and give it Full Control:
650) this.width=650; "height=" 484 "title=" clip_image021 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image021 " Src= "Http://s3.51cto.com/wyfs02/M00/7A/FC/wKiom1bELujxnzcPAAH7o1KQYHg329.png" border= "0"/>
Click "Advanced", select Apply permissions to "This object and all Descendants", click OK:
650) this.width=650; "height=" 480 "title=" clip_image023 "style=" Border-top:0px;border-right:0px;background-image: none;border-bottom:0px;padding-top:0px;padding-left:0px;border-left:0px;padding-right:0px; "alt=" clip_image023 " Src= "http://s3.51cto.com/wyfs02/M00/7A/FC/wKioL1bEL06xqCELAAFDWQbrhI4202.jpg" border= "0"/>
Today we will introduce you so much, other preparations for SCCM deployment we are going to introduce in the following blog post!
This article is from the "Wu Yuzhang Microsoft blog" blog, make sure to keep this source http://wuyvzhang.blog.51cto.com/9992636/1742727
SCCM TP4 Active Directory preparation prior to deployment