Yeah -- in Paris was realy cool ;)

Not so long ago has started the implementation of the Microsoft product -- System Center Configuration Manager 2007 SP2 (SCCM 2007). SCCM -- is a very powerful tool for centralized deployment of various software (including operating systems), as well as a means of collecting statistics and various reports. More detailed overview of the features can be found online at Microsoft. Here I will try to describe problems with which I have faced during installation \ configuration SCCM and a way of their decision.

Case 0. Useful command for download prerequest files in some folder (for example C:\SCCM_DOWNLOAD):

D:\SMSSETUP\BIN\i386\SETUP /download C:\SCCM_DOWNLOAD

One of the most important points before you install and configure SCCM is infrastructure planning. It is necessary to understand clearly what infrastructure you want to build and for what. How this infrastructure will serve the customer and what role will perform specific servers. Infrastructure planning -- 50 % of all work.

In my case it was necessary to deploy Multi Site structure. In multi site structure may be either Primary (with its own database) and Secondary (without database) sites. Hierarchically sites are divided into Parent and Child. Child site can be both Primary and Secondary.
In my case the connection to MSSQL database has only Primary Site. MSSQL server is located on a separate server and is connected to the Primary site through high-speed channel.

Case 1. Primary Site, among other things should serve as Software Update Point (SUP) and the Software Distribution Point (DP). In an existing infrastructure has already been deployed server WSUS which daily carried out synchronisation with Microsoft servers. Therefore it has been decided to try to connect the Primary SCCM server with the given server. After installation of package WSUS, whose functional is used by SUP role, has been made successful (but very long -- an order of 5 hours) synchronisation of WSUS and SUP servers. However, after creation of the first Update List and Deployment Package it was found out that despite that synchronisation was made from WSUS server and the given server is configured as main \ upstream, primary SCCM server (with installed SUP role) tries to download updatings not from WSUS server, but directly from Microsoft servers. I.e. primary Site server with installed SUP role need direct access to Microsoft for download updates.

Case 2. Another problem arose during the installation of the primary server SCCM -- error when trying to install Managment Point (MP) role. Doubtless advantage of SCCM is a large number of event logs in which you can always find detailed information about errors and stages of their occurrence. In this case the error was caused by incorrect configuration of WebDAV. For Default Site it is necessary to make the following:

Add Authoring rules:

• Allow access to: All content
• Allow access to this content to: All user
• Permissions: Read

WebDAV Setting\Property Behavior:

• Allow Anonymous Property Queries: TRUE
• Allow Custom Properties: FALSE
• Allow Property Queries with Infinite Depth: TRUE

WebDAV Setting\WebDAV Behavior:

• Allow Hidden Files to be Listed: TRUE

Case 3. During installation and configuration can be problems due to lack of permission at the SCCM server account to make changes to the directory System\System Managment (CN=System Management,CN=System,DC=YOUR_DOMAIN).

It is also necessary to add primary SCCM server computer account record to Local Administrator group on MSSQL server, if the server is located separately.

Case 4. To display Russian characters in the names of Organization Units (OU), various security groups and reports do the following:

• choose Russian as System Locale (language for non-Unicode programs);
• add the key /sms:providerlocale=0419 in console start command;
• in the registry change key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\CodePage for 1252 to с_1251.nlc (for correct display Russian font in the reports).

Case 5. After configuring detection of client computers in Active Directory (AD) in logs began to appear such errors:

SMS_Discovery_Data_Manager Error ID 620

Analysis of log-files showed that these errors are caused by Russian netbios-name of one computer account. Which, it must be noted, was immediately removed from AD;)

Case 6. At creation Secondary Site there can be problems with an exchange of messages between Primary and Secondary sites. The error can be found in despool.log. For the problem decision it is necessary to generate keys manually -- with Preinst.exe utility. You can find this utility in a \\SMS_sitecode\bin\i386\language_code folder. Keys are generated as follows:

• Preinst /keyforparent -- after generation move the .CT4 file to the parent site's \inboxes\hman.box directory;
• Preinst /keyforchild -- after generation move the .CT5 file to the \inboxes\hman.box directory on the child site.

In the conclusion some useful links on a theme:

• Virtual Labs on TechNet;
• Microsoft SCCM 2007 SP1 Intel vPro Training Videos;
• Configuration Manager Documentation Library on TechNet

Song about war by Motor-Roller -- Almaty rock band: