SCCM 2007(System Center Configuration Manager 2007) The Versions of SCCM: SCCM 2007: before this it is called as SMS

3(System Management Server).SCCM 07 i s a system management software by Microsoft to manage windows network including Desktops/Laptaops/Servers and networking devices like printers etc., SITE: site consists of a site server and site system roles, clients and clients. Site always needs communication to SQL data base. Site can be identified with 3 letters coded and name. Clients can access/communicate the site using the site code. Types of Sites: CENTRAL SITE: There is no central site in reality. Central site is the Primary site in sccm is called. or if the site is have no secondary site or primary the n it is also called as Central or Standalone site. PRIMARY SITE: the server is having connection to the Data base and Configuration manger console is installed. Parent site: A primary site is a parent site and it is having one or child sites (secondary stie). A parent site will store the information of the SECONDARY SITE: in secondary site there is no data base and it is reporting to P rimary Site. for secondary site we dont require the license for SCCM there may b e any number of secondary sites. Once the clients contacted the secondary site then it will report this info to primary site then the primary site stores the p rimary and secondary site data into the data base. Primary site will reduce the Usage of Bandwidth and load on the servers. The secondary site will not contain the secondary sites under it and it cant be moved to another primary site. SITE SYSTEM Each site contains one site server and one or more site systems. Site server is nothing but where the we install the sccm. Site system is a system running a sup ported version of server os and hosting the site system roles. Site system role is nothing but the feature of SCCM. We can host all the roles in single site o r we can split the roles to different sites(secondary ) The features of SCCM are (by using the sccm we can do the following things): 1. Software distribution Distribution Softwares/Application and Installing 2. OS deployment(bare metal we use PXE & Up gradation we USMT) 3. Software update(Patch management integration with wsus) - Patching 4. Software metering To meter the softwares usage 5. Software/Hardware Inventory Taking the H/w and S/w information 6. Desire configuration management we can define the Configuration of machi nes to meet the certain requirements. 7. Network access protection 8. Remote Management to provide the Remote assistance to clinet desktops an d servers. What is SCCM client? IF a computer is running with windows based OS and it is got installed t he SCCM Clients then it can be called as SCCM Client, To manage the Windows based platforms the client/servers need to be installed th e SCCM client SCCM Client software can be installed on Windows Client/Server/Notebook OS , Win dows Mobiles. New in SCCM 07 is Wake on lan, Branch Distribution Point, Desired Configuration Management, Network Access Protection ROLES OF SCCM 07 Bellow roles are all Site System Roles MANAGEMENT POINT: it is a primary contact between clients and SCCM Configuration manager 2007. If management point have any problems the SCCM will not work. Management point can provide the installation prerequisites, Client Installation files, Package locations, additional management point, software inventory data. SERVICE LOCATER POINTS: It locates the manage points for the clients to communic ate with sccm. It is a mediator between the clients and SCCM. SLP is used to co mplete the Site CODE assignment to the clients in intranet and help to locate th

e management point the when they not find the information through AD. DISTRIBUTION POINT: it will store the Packages to distribute to the clients(we c an also install this role in secondary site or individually). Software update po int it will store the software updates to distribute to clients REPORTING POINT: it is used to web based reporting functionality. The report vi ewer component must be installed for this. PXE Service Point: is used to OS deployment(for bare metal only). FALL BACK STATUS POINT: This role will gather the fail messages from the Clients like if the client agent is not installing on the Machines then Fall back statu s point will gather the messages and send it to the SCCM. STATE MIGRATION POINT: This role will save the user state data Migrate the OS(W indows XP to Windows7) The Clients will communicate with Configuration manger using the Server Message Block(SMB), HTTP or HTPS Boundaries: it means the We can define the boundaries using IP subnets, Active Directory Sites.

INSTALLATION REQUIREMENTS: AD Tasks: If we are using the SCCM into AD,, we need to extend the Active Directory Schema to have the read and write access to Active Directory by SCCM. EXTADSCH.EXE is the required to extend it and it is available in SMSsetup\I386\Bin folder. It will generate a log after ran it the log file name extadsch.log. Before running Extadsch.exe we have to take the backup of Schema master Domain c ontroller (if we extadsch.exe is not successful we restore the backup. To backup the DC we have to use the NTBACKUP (system state backup) to restore the backup we using AD restore mode). After that we have to create a System Management Container on target AD partitio ns where we are installing the SCCM and we have to create to groups and the full permission to the group on System Management Container SCCM Clint Agent Installation: We can install the clients 5 ways. These are: 1. Client push installation 2. Group Policy based Installation 3. Software update based installation 4. Manual installation 5. Windows Imaging Based instllation. SCCM CLIENT Dependencies or PREEQUIREMENTS on Client side: BITS 2.5 or higher: Background Intelligent Transfer is used to allow the throttl ed data transfer between the Client Machine and Configuration manger site system Windows installer: windows installer 3.5 or higher and it is required to used .m sp files for the softwares and updates. MSXML: MSXML 6.0 or higher and it is required to process the xml files WMI: Microsoft Remote differential compression (RDC):it will optimize the data transf er over the network. The above requirements are will supplied during the SCCM client installation(CCM SETUP.Exe). If BITS is not installed on the client installation before SCCM clie nt installation and BITS will be distributed with the CCMSETUP.eXe, in this case client machine requires the reboot until the reboot the client machines sccm cl ient installation is not completed. So to avoid the restart we need to install t he BITS before the client installation(BITS installation requires the reboot). Configuration manger Requirements for Client Installation or Dependencies: MANAGEMENT POINT:MP is not required to install the sccm client on machines. But it is primary access point to the clients to locate the Configuration manger and to transfer the Packages, policies, data between the server and clients. FALL BACK STATUS POINT(FLP): FLP is an optional site system role, but recommende

d to have this role, it will send the status message when the clients unable to communicate with clients. Server Locater points(SLP):SLP is required to clients to assign the Site code to communicate with the MP when the AD schema is not extended or if some computers are not joined in the domain. : gpresult /SCOPE MACHINE | more PORTS TO BE OPEN FOR SCCM CLIENTS: One of the most important files in MDT (and in SCCM with MDT) is customsettings. ini, it is the rule file to rule your deployment. Yesterday Johan and I did a se ssion at MMS and besides getting great scores and that is always fun. During tha t session I did a couple of demos around customsettings.ini and I would like to explain this a bit more. Because if you do understand the rules you can become m uch more dynamic and that will hopefully lead to less hassle and more work done in less time. So, lets start from the beginning: When you use the MDT Toolkit (standalone, with WDS, with SCCM, it does not matte r) the toolkit will as a part of the process run a script called ZTIGather.wsf, this script will do an asset inventory and also read the customsettings.ini file . This will result in a massive amount of information stored in memory (and in a file) during deployment that we then can use to dynamically update the unattend .xml file on the fly and also control conditions and that way also settings and steps in the TaskSequence The best thing is that you can run this script without deploying any OS, so this way you can test the rules before you even begin deploying, and you can also te st thousands of deployments in a couple of hours. (Here is a blog post on thatht tp://deploymentbunny.com/2011/04/27/quick-and-dirty-testing-customsettings-ini-v ariables-in-mdt) CustomSettings.ini Act I The basic Customsettings.ini looks like this In the first row we see the section called [Settings] and this is what the scrip t are looking for and on the next row you can see Priority=Default. That means t hat it will now consume everything in that section and convert all those lines i n to varables in MDT. All the Properties you see under the Section [Default] is built into MDT, there are +100 properties that can be used and most of them are documented in the help file, just search for Properties and you will find a huge list. If we run ZTIGather.wsf against this file we will get the following outpu t And as you can see, it is using my customsettings.ini file that I pointed out by runningcscript.exe ZTIgather.wsf /Inifile:..\Control\customsttings.ini, we can al so see that the script is reading settings and finding the priority and then pro cess the [Default Section] CustomSettings.ini Act II Now let us assume that you would like to automatically set some settings based o n location, things like computer name, language, time zone, something like that In that case, we would use the default gateway as an identifier for the location and would use part of the serial number to calculate a unique name for the comp uter that is based on the location and the serial number, but hey, let us do som ething crazy here, let us also add laptop or desktop into the name, so if the la ptop is located in Stockholm the name should be STH-LT-0123456 and if a desktop is located in Redmond it would be called RDM-DT-0123456. So, that would look lik e this Now, this is slightly bigger, but let me guide you through this one, it is not tha t hard. The Settings Section In the [Settings] section we added Init, ByLaptop, ByDesktop and DefaultGateway. The [Init] Section is things that I would like to be set in any situation, like

default, but BEFORE default is running. The ByLapTop and ByDesktop contain some thing called SubSection and we will get back to that. DefaultGateway is a proper ty in MDT so the script will take my current default gateway and match that to w hat I really have, more on that later. Next line is the CustomProperties= and here we added a couple of properties that we will fill with data so that we later can use them to populate many variables into one, thats how we can build the computer name, since that will be a combinati on of computer location + computer type + the first 7 characters in the serial n umber. So the complete Settings section look like this: [Settings] Priority=Init, ByLaptop, ByDesktop, DefaultGateway, Default Properties=ComputerLocationName, ComputerTypeName, ComputerSerialNumber The Init Section The Init section will use the serial number (that has been inventoried by the sc ript already), pick the 7 characters to the left and put that into my custom pro perty ComputerSerialNumber, so that section would look like this: (You can to ba sically any kind of calculations like this, just go ahead and play with it) [Init] ComputerSerialNumber=#Left(%SerialNumber%,7)# The ByLapTop Section and the ByDeskTop Section These two sections are a bit fun, what we do here is that we tell the script to jump to a subsection called LapTop-%IsLapTop% and %IsLapTop% will either be true or false and we will tell it to do the same for Desktop, and will also return t he value of True or False, and since it cannot be a Laptop and an desktop at the same time, either will LapTop-True be true or DeskTop-True be true, so it will pick up regarding case type and then set the name to match that, like this: [ByLaptop] SubSection=Laptop-%IsLapTop% ComputerTypeName=LT [ByDesktop] SubSection=Desktop-%IsDesktop% ComputerTypeName=DT In my case I have a laptop, so it will set the value of %IsLapTop% to True and t he value of %IsDeskTop% to false, resulting in that the ComputerTypeName will be set to LT The Default Gateway Section This section will use the value from the gather script regarding the Default Gat eway and based on the set jump to the name I have set for that Gateway, so in th is case it will go to the section Stockholm if my Default gateway happens to be 10.2.0.4 and in that case it will set the Swedish keyboard and compterlocationna me to STH and that part looks like this: [Stockholm] ComputerLocationName=STH UserLocale=sv-SE UILanguage=sv-SE KeyboardLocale=041d:0000041d The Default Section This section will run last, not because it is last, it will be the last section since it is last on the priority line. That also means that if I have any proper ty value here that has already been set the rule of thumb is that First Writer Wi ns, so they will not be over written (there are exceptions). Here you can see tha t I have property values for ComputerLocationName and ComputerTypeName, so why d o I have that? Well I will set the name to UNK (Short for Unknown) if the comput er is not a Laptop and neither a Desktop (Could be a Server? And yes, we could c reate rules for that to), also if the default gateway is something that I did no t add in the customsettings.ini file, and then it will get the location name set to UNK to. So here is how it looks: [Default] OSInstall=Y ComputerLocationName=UNK

ComputerTypeName=UNK OSDComputername=%ComputerLocationName%-%ComputerTypeName%-%ComputerSerialNumber% SkipCapture=NO SkipAdminPassword=YES SkipProductKey=YES SkipComputerBackup=NO SkipBitLocker=NO The fun part is that OSDcomputername is built by parts of location, type and ser ial number. Running the Script will result in this: So, here is how you could create dynamic deployment rules using notepad and a te xtile, I think that is really cool, but hey, Im just a Bunny anyway (if you would like more samples, let me know) One of the fastest Quick n Dirty you can do to test the behavior of customsetting. ini when you are on the deployment server is to create a batch file and store th at in the scripts folder that will run the gather process and display the result s. To be honest, make a good test bed is my number one priority, time is the ene my and testing just eats up the time. Here is how-to: Download and install Trace 32 (you should have this already, but in case you dont have, get it) Create a batch file called testini.cmd that looks like this del C:\MININT\SMSOSD\OSDLOGS\VARIABLES.DAT /q cscript ZTIGather.wsf /inifile:..\Control\CustomSettings.ini C:\Program Files (x86)\ConfigMgr 2007 Toolkit V2\Trace32.exe c:\minint\smsosd\osdl ogs\bdd.log Now, just run it from an elevated command prompt in the scripts folder of your d eployment root and you are done. If you dont have trace 32 in hand, use notepad.e xe instead, that is second best If you need more logging and use notepad instead (I dont recommend that) just ad d /debug:true on ztigather.wsf part and replace trace32.exe with notepad, like t his del C:\MININT\SMSOSD\OSDLOGS\VARIABLES.DAT /q cscript ZTIGather.wsf /Debug:True /inifile:..\Control\CustomSettings.ini notepad.exe c:\minint\smsosd\osdlogs\bdd.log Windows 7 Background Customization RATE THIS lutz seidemann 22 Aug 2011 1:58 AM 5 One of the most requested windows7 customization in every deployment projects is the OS branding. Here is a quick step by step guide. Windows Background Picture: If you want to assign a Win7 Background & Logon picture based on the size of the Monitor we recommend to create a picture that looks good with the FILL option on different screen sizes. Here are the recommendations for a nice lookin g picture Create a picture with a resolution of 2560x1440 Use the attached win7 background template o The black lines defines the different sizes o The best place for customer Logo is in the middle white area o The top and bottom area (marked with the red line) should not contain an y information , this is a cut off area based on the screen size Push the picture to your clients via GPO o "\User Configuration\Policies\Administrative Templates\Desktop\Desktop\D esktop Wallpaper" o Enable the Active Desktop Setting as described in KB977944

- Or you could use a .reg file: Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Control Panel\Desktop] "Wallpaper"="C:\\Windows\\Web\\Wallpaper\\MyWallpaper.jpg"

where "Wallpaper"="<path to your wallpaper>" Windows Logon Screen: The graphics in the Windows 7 Login Screen Templates. zip file show the different resolutions Ensure you dont change the names, only on the default file you can have a higher resolution Again, dont add information, logos , etc in the red area because those can have a n overlapping with windows default elements Copy the jpg files to %windir%\system32\oobe\info\Backgrounds. You need to creat e the folder if it does not exist. Open the Registry Editor Navigate to (If you cannot find the path or the key go ahead and create it) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Logo nUI\Background Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Logo nUI\Background , If the key does not exist, create it Double click on key named OEMBackground and change its value dword:00000001 If t he key does not exist, create it. If you use Themes (including win7 default Theme), ensure that in the [Theme] are a SetLogonBackground=1 is set. This will prevent any change of the Logon screen. You can also tie your login ba ckground to a specific theme if you change themes frequently but always return t o your standard. To do this open your favorite .theme file with a text editor (notepad will do), which, if you ve saved your theme, you will find in the folder at C:\Users\Your User Name\AppData\Local\Microsoft\Windows\Themes [Theme] ; Windows 7 - IDS_THEME_DISPLAYNAME_AERO DisplayName=Woodgrove IT Theme SetLogonBackground=1 BrandImage=%systemdrive%\Windows\System32\OOBE\Info\Backgrounds\Windows 7 Backgr ound.png This post was contributed by Lutz Seidemann a Architect with Microsoft Services ed by the work of german collegue Lars Iwer