Body
Note: We are no longer providing this service to new clients.
Installing the Admin Console
1. Obtain installer from Box: https://uofi.box.com/v/SCCMCB.
a. Download the "SCCM CB Console" folder.
b. Extract downloaded zipped folder.
2. Within the extracted folder from step 1.b., double-click on "ConsoleSetup.exe" to start the installation process.
3. Click "Next"
4. Enter your site-server name (SCCM-PSXX.ad.uic.edu) and click Next.
NOTE: The site server name will depend on your department. If you are unsure, please contact us for assistance.
5. Select the path where you would like the client installed or click "Next" to accept the default.
6. Click "Install" to start installation.
7. Click "Finish" to complete installation.
Turning on Auto-Discovery/Adding Computers
NOTE: The recommended way to add machines to SCCM is via autodiscovery.
1. In the admin console, click on "Administration".
2. Click on "Hierarchy Configuration" and then "Discovery Methods"
3. Right-Click on "Active Directory System Discovery" for your site and select "Properties".
4. Check "Enable Active Directory System Discovery" and click "OK". From this screen, you can also edit and add "Active Directory Containers". This setting tells SCCM which OU's to get the endpoints from. We will configure it initially for you, but you may edit this setting as you see fit.
5. Click "OK".
MANUAL ADDING:
1. Right-Click on "Devices" and select "Import Computer information"
2. Select "Import Single Computer" and click "Next"
NOTE: Alternatively, you can choose to manually add multiple computers using a file.
3. Enter the Computer Name and MAC Address of the machine and click "Next".
4. If everything appears correct, click "Next" on the "Data Preview" screen.
5. Click Next on the "Choose Target Collection" screen or click "Add" to add this machine to a collection.
6. On the final screen, click "Next" to add the machine.
NOTE: For PXEboot, import computers by name with the MAC Address.
Installing the Client
1. In the admin console, left-click on devices
2. Right-click on the computer and select "Install Client"
NOTE: Make sure your target computer(s) has the client certificate installed before initiating the Install Client process.
Adding a Computer to a Collection
1. Browse to the collection you need to add a client to.
2. Right click the collection and select “Add Resources”.
3. Make sure “System Resource” is selected as the Resource type (it should be by default).
4. Type in the name (or part of the name) of the computer you want to add to this collection. Click Search.
5. Select the correct machine and click "Add".
6. Click "OK".
7. Now, update the policy on your client to finish the deployment.
Adding multiple computers to a collection using Powershell.
Powershell can be used to easily add multiple computers to a collection. Below is an example of a simple powershell script that you can use to add multiple computers to a collection.
$computers = Get-Content "<path to text file containing list of computer names>"
foreach($computer in $computers) {
try {
Add-CMDeviceCollectionDirectMembershipRule -CollectionName $collectionname -ResourceId $(get-cmdevice -Name $computer).ResourceID
}
catch {
"Invalid client or direct membership rule may already exist: $computer" | Out-File "<path to text file to write errors to>" -Append
}
}
Deploying an MSI
Overview
- Create a new Application
- Create a target Collection
- Create a Deployment
- Monitor the Deployment status
I will assume you can handle downloading and storing the installation file by yourself, so I will begin with creating the new Application in Configuration Manager. Let's dive in.
Create a new application
- Store the source .MSI package file in a folder which is shared over the network. (You can only select content for making an Application deployment if it can be accessed via a UNC path reference, so drive letters are not allowed.)
- In the Configuration Manager Administrator Console (hereinafter referred to as the "Admin Console"), expand "Software Library" in the left-hand panel. Right-click on "Applications" and select "Create Application".
- Accept the default selection, and click the "Browse" button to locate and select the .MSI package file. Make sure you navigate to the source folder location using the UNC path, not by using a drive letter. Once selected, click Next. Click Next again on the confirmation page.
- On the "General Information" page, fill-in the form fields to describe the application as best as you can. The more information you provide, the more it can help with future tasks. Note: You do not need to append MSIEXEC user-interface options, such as "/q" or "/qn" since CM will do that automatically later in the process. In addition, the "Installation behavior" option allows you to target a User, a Device ("System") or a combination of the two; however, for this example I'm going to target a Device Collection, so I've chosen "System".
- On the confirmation page, click Next to continue. After the Application is created, click the Close button.
- Once the Application is created, click the "Deployment Types" tab at the bottom to see the results. Unlike a "Package" in CM 2007, an Application can have multiple Deployment Types, allowing you to configure actions relating to specific Operating Systems or Devices.
Staging the application content
The next step in the process is to make sure the Application content is placed where clients can access it when they're instructed to use it. This is referred to as "Distributing Content". Basically, the files associated with the Application are copied to selected Distribution Point servers, either explicitly, or by way of Distribution Point Groups. For this example, I will Distribute the content to a selected Distribution Point.
- Right-click on the Application you just created, and select "Distribute Content". This will allow you to stage the installation binaries and related files on your Distribution Point servers so that clients can access it when executing the installation requests.
- On the Content options page, accept the content confirmation and click Next to continue.
- On the Content Destination page, click the Add button to select the target Collection, Distribution Point server, or Distribution Point Groups, to stage the Application content. In this example, I've selected an individual Distribution Point server. Once you select all of the desired content locations, click OK and then click Next to continue.
- Check the boxes for each desired Distribution Point and click OK to continue.
- On the Summary page, click Next to continue. After a few seconds a progress bar will show the content begin copying to the Distribution Point.
- When the content has finished distribution, you will see the Confirmation page. Click Close to finish. The next step is to target the Application to desired Users or Devices (computers, etc.).
Deploying the application
If you already have a target Collection created, you can skip this step, as I'm only showing this to illustrate that I have a Direct Membership Device collection for use in targeting the Application "Deployment" in the next step.
- In the "Software Library" section of the Admin Console, under Applications, right-click on your new Application once again, and this time select "Deploy".
- Since I am deploying to a Device Collection, select "Device Collections" at top-left, and then select the appropriate target Collection on the right, and click OK, then click Next. You can just as well target a User Collection or a Query-based User or Device Collection. This is only for demonstration.
- Once you have selected the Software (Application) and the Collection, you now have the option of entering some comments to describe this particular Deployment if you desire. After this, click Next to continue.
- Confirm the Distribution Point selections, or click Add to select additional Distribution Points or Distribution Point Groups if desired, and click Next to continue.
- On the Deployment Settings page, select "Install" for the Action, and for the Purpose select "Required". If you aren't familiar with "Available" and "Required", you can think of them as synonymous with "Published" and "Assigned" as it pertains to Group Policy software installations. The first option makes the package available for users to choose when to install it. The second option runs the installation without requesting any approval or interaction from the users. For this example, I'm leaving the three checkboxes alone. I recommend reading up on each of them and testing them yourself to see if they benefit you within the context of your environment.
- On the Scheduling options page, you can specify a date and time for the Deployment to begin, as well as setting a specific deadline date. For this example I chose "As soon as possible", and then click Next to continue.
- Since I am deploying this installation to computers, I don't want it to interrupt the users, nor do I want it to display any prompts during the process. For this reason, select "Hide in Software Center and All Notifications". If you have specific Maintenance Windows in place, you should carefully consider the remaining three options; however, for this example, I'm leaving them as shown, and then click Next.
- On the Alerts settings page, you should select the first two threshold options so that you can properly monitor the Deployment when it becomes active. The default values are usually sufficient, but you may want to adjust them to suit your needs. If you are using System Center Operations Manager 2012, you may want to use the last two options, but I've skipped them for this exercise.
- On the Summary page, click Next to continue.
- After the progress bar finishes, you should see a successful Confirmation. Click Close.
- Click on the Application once again, and this time select the "Deployments" tab at the bottom. This will show all of the current Deployment configurations you have created for this Application. At this point, there should only be one Deployment for this Application.
From this point, you should now have an active Deployment which clients will begin evaluating and executing, as long as they are members of the target Collection and they meet any optional Global Conditions you may have set on the Deployment.
Monitoring the deployment
Now that the Application is in Deployment, the next step is to monitor its progress. Click on the Monitoring section in the Admin Console, and select Deployments. From here you can view the current status of each Deployment and see successes and failures. You can also drill-down into each status indicator to view more detail if needed.
Deploying an .EXE
Basic process
- Create/Edit/Test the Installation Script
- Create a new Application
- Create a Deployment
- Monitor the Deployment status
I’m not going to spend time on step 1 since this is really about the deployment aspects, so let's dive in.
Create a new Application
- Store the source files in a folder which is shared over the network. (You can only select content for making an Application deployment if it can be accessed via a UNC path reference, so drive letters are not allowed.)
- In the SCCM 2012 Administrator Console (hereinafter referred to as the "Admin Console"), expand "Software Library" in the left-hand panel. Right-click on "Applications" and select "Create Application". You can also click the "Create" button at the top-left end of the ribbon menu, and click the "Application" sub-option.
- Select "Manually specify the application information", and click Next to continue.
- On the "General Information" page, fill-in the form fields to describe the application as best as you can. The more information you provide, the more it can help with future tasks. Note that this is not specifying the script itself, but rather it describes the application. When finished, click Next to continue.
- On the "Application Catalog" page, specify the language and localization options. If you have online documentation to refer your users to, you can enter the URL or UNC path for providing access to it. You can also provide additional information if desired, such as Localized description, and keywords for catalog searching. Click Next to continue.
- On the "Deployment Types" page, click "Add".
- On the "General Information" page of the Deployment Type, select "Script Installer" from the "Type" drop-down list, and click "Next". Enter the Name and (optionally) Administrator comments, as well as selecting the default Language options. Click Next to continue.
- Specify the UNC path for the "Content Location" field, then click "Browse" to locate and select the installation script file.
- On the “Content” page, click Browse and select the script file to use for the Deployment. If you have an “uninstall” script (and you really should), specify that as well. When finished, click Next to continue.
- On the "Detection Method" page, if you want to create a detection rule, click the "Add Clause" button, and specify the properties to tell Configuration Manager whether or not the application has already been installed on a given client. In this example, I want to check for the existence of the "hwinventory.accdb" file in the default folder path. This step is not mandatory, but it is usually a good idea to instruct Configuration Manager on how to detect custom application bundles so it can track inventory accurately. When finished, click "Next" to continue.
- On the "User Experience" page, specify how you wish to deploy this application (per user, per device or mixed). In the example, I chose to deploy to the Device (computer), and have it install regardless of whether a user is actively logged on or not. Click Next to continue.
- On the "Requirements" page, you can specify any hardware or operating system requirements, however in this example I have no such requirements. Click Next to continue.
- On the "Dependencies" page, I am specifying that the client needs to have Microsoft Access 2010 installed. This is so it can properly handle opening the Access database file which is the core component of this "application" bundle. I could also specify the Access 2010 Runtime client, or even the entire Microsoft Office 2010 suite, since there is an Excel spreadsheet included. When finished, click Next to continue.
- Click Next to accept the confirmations and summary, and then click the Close button after the Application is created.
- Once the Application is created, click on it and review its properties to verify everything is as you expect it to be.
Staging and deploying the content
The next step in the process is to make sure the installation files are placed where clients can access them when needed.
The Deployment process is the same as with a .MSI or .EXE application. You can make the Deployment “available” or “required”, as well as having it install based upon a user logon or not.
From this point, you should now have an active Deployment which clients will begin evaluating and executing, as long as they are members of the target Collection and they meet any optional Global Conditions you may have set on the Deployment.
Monitoring the Deployment
Now that the Application is in Deployment, the next step is to monitor its progress. Click on the Monitoring section in the Admin Console, and select Deployments. From here you can view the current status of each Deployment and see successes and failures. You can also drill-down into each status indicator to view more detail if needed.
Removing Inactive Clients
NOTE: By default, a client is marked as inactive if they haven’t completed one of the following within seven days:
- Requested a policy update
- Sent a hardware inventory
- Sent a heartbeat message
1. Locate the device in devices.
2. Right click on it and select "Delete"