Ronni Pedersen's Blog Site

Microsoft Corp. today announced the release to manufacturing of Microsoft SQL Server 2008, the new version of the company’s acclaimed data management and business intelligence platform. This version of SQL Server provides powerful new capabilities such as support for policy-based management, auditing, large-scale data warehousing, geospatial data, and advanced reporting and analysis services. SQL Server 2008 provides the trusted, productive and intelligent platform necessary for business-critical applications.

Continue at source.

SQL Server 2008 is now available to MSDN and TechNet subscribers and will be available for evaluation download on Aug. 7, 2008.

SQL Server 2008 Express and SQL Server Compact editions are available for free download today at http://www.microsoft.com/sqlserver.

In the Introduction to System Center Configuration Manager 2007 – Part 1, we learned how to prepare Active Directory and how to configure Windows Server 2008 for hosting the Site Server role. In this part we’ll learn how to install and configure the Microsoft SQL Server 2005, Windows Server Update Service (WSUS) and finally System Center Configuration Manager 2007.

Installing and configuring Microsoft SQL Server 2005

In this test lab, the Domain Controller, the database and the Site Server will be installed on the same virtual machine. I wouldn’t recommend this in production, but for a testing scenario it’s just fine.

	Inset the installation media or mount the ISO file to the virtual machines DVD drive. If the “auto run” feature is disabled browse to the DVD drive and launch \Servers\default.hta
	Click “Install – Server components, tools, Books Online, and samples”.
	Click “Run program”.
	Select “I accept the licensing terms and conditions” and click “Next”.
	Click “Install”.
	Click “Next”.
	Click “Next”.
	Review the System Configuration Check and click “Next”.
	Type the Name and the Company and click “Next”.
	Select “SQL Server Database Services” and “Workstation components, Books Online and development tools” and click “Next”.
	Make sure that “Default instance” is selected and click “Next”.
	Select “Use the built-in System account” and click “Next”.
	Make sure that “Windows Authentication Mode” is selected and click “Next”.
	Accept the default settings and click “Next”.
	Select if you want to help Microsoft build better products and click “Next”.
	Click “Install”
	Click “Run program”.
	When the setup progress is completed click “Next”.
	Click “Finish” to complete the installation.
	It’s not required to restart the server, but I always do it anyway.

Installing Microsoft SQL Server 2005 Service Pack 2

Service Pack 2 for SQL Server 2005 is required to support both Windows Server 2008 and System Center Configuration Manager 2007.

Download Microsoft SQL Server 2005 Service Pack 2 here:
http://www.microsoft.com/downloads/details.aspx?FamilyId=d07219b2-1e23-49c8-8f0c-63fa18f26d3a&DisplayLang=en

	Launch “SQLServer2005SP2-KB921896-x86-ENU.exe”
	On the Welcome Screen click Next to continue.
	Select “I accept the agreement”, and click Next.
	On the “Feature Selection” page, accept the defaults and click Next.
	On the Authentication page, accept the defaults and click Next.
	On the “Error and Usage Reporting Settings” page, accept the defaults and click Next.
	Click “Next”.
	Click “Install”.
	Click “Run program”.
	Click “OK”.
	Click “Next”.
	Click “Next”.
	Unselect “Launch the user Provisioning Tool” and click “Finish”.
	Restart the server.

Installing Windows Update Service 3.0 SP1

Microsoft Windows Server Update Service 3.0 SP1 (WSUS) is required in order to deploy patches to the Configuration Manager Clients.

Windows Server Update Service 3.0 SP1 can be downloaded her: http://go.microsoft.com/fwlink/?linkid=93750

	Launch the WSUSSetup_30SP1_x86.exe
	Click “Next”.
	Select “Full Server installation” and click “Next”.
	Select “I accept the terms of the License agreement”, and click “Next”.
	Select “Store updates locally“and type the location where you want to store the updates. Choosing a separate (dedicated) drive is highly recommended in production, but not required. Click “Next”.
	Select Use an existing database server on this computer, and click “Next”.
	Click “Next”.
	Select “Create a Windows Server Update Service 3.0 SP1 Web Site” and click “Next”.
	Review the installation summary, and click “Next” to begin the installation.
	Click “Finish” to complete the installation.
	When the “Windows Server Update Service Configuration Wizard” appears click “Cancel”.

Installing System Center Configuration Manager 2007

Installing System Center Configuration Manager is very simple in a test setup, where everything is installed on the same box. In a production environment, you properly want to use more than one server, and you need to consider how to secure the communication between these servers and what service accounts is running the services, and what security permissions is required on the remote servers.

In this setup we use the same account (Administrator) for everything, so we´re ready to continue.

The valuation version of System Center Configuration Manager can be downloaded here:

http://technet.microsoft.com/configmgr/bb736730.aspx

	Inset the installation media or mount the ISO file to the virtual machines DVD drive. If the “auto run” feature is disabled browse to the DVD drive and launch \splash.hta
	Click “Install – Configuration Manager 2007 SP1”.
	Click “Next”.
	Select “Install a Configuration Manager site server” and click “Next”.
	Select “I accept these license terms” and click “Next”.
	Select “Custom settings” and click “Next”.
	Select “Primary site” click “Next”.
	Select “No, I do not want to participate right now” and click “Next”.
	Click “Next”.
	Accept the default destination folder and click “Next”.
	Type the Site code (LAB) and the Site name (Demo Site) and click “Next”.
	Select “Configuration Manager Mixed Mode” and click “Next”.
	Accept the defaults and click “Next”.
	Type the SQL server name (SERVER1) and the ConfigMgr site database name (SMS_LAB) and click “Next”.
	Type the SMS Provider (SERVER1) and click “Next”.
	Select “Install a management point” and type the FQDN name of the management point (SERVER1.CORP.DEMO.LAB) and click “Next”.
	Select “Use the default port (80)” and click “Next”.
	Select “Check for updates…” and click “Next”.
	Type the path where the updates should be saved (C:\Downloads) and click “Next”. Important The folder specified must exist. Otherwise the step will fail.
	When the prerequisite components has been downloaded click “OK”.
	Review the Settings Summary page and click “Next”.
	If all required prerequisite test has completed successfully click “Begin Install”.
	After about 15 to 30 minutes all action should be completed. Click “Next”.
	Click “View Log” or open the C:\ConfigMgrSetup.log if you want to review the setup log file. Click “Finish” to close the wizard.

Congratulation. You’ve now installed System Center Configuration Manager 2007 with Service Pack 1 on a Windows Server 2008 box.

Summary

This completes part 2 of this article. In the next part we’ll configure the Site Settings and install new site roles.

Introduction
When people that are new to Microsoft System Center Configuration Manager 2007, start playing around with the product in a test lab, they often want to start with a simple OS deployment setup. But if you are new to the product and wants to deploy Windows XP, getting started could be a bit challenging. This article (not sure how many parts it will contain yetJ), will be a guide through the basic steps, that needs to be configured in order to successful deploy Microsoft Windows XP Professional with Service Pack 3 and Windows Vista Enterprise with Service Pack 1.

This article is based on System Center Configuration Manager 2007 with Service Pack 1 and Windows Server 2008 RTM. All roles will be installed on a single box (virtual machine). Installing everything on the same box is not “best practice” in production.

The headlines for the first parts are:

• Part 1: Pre-Configuration Manager Installation tasks
• Part 2: Installing and Configuring Configuration Manager 2007 with Service Pack 1.
• Part 3: Preparing and Configuring Configuration Manager for OS deployment
• Part 4: Building the reference image
• Part 5: Deploying the client Operating System

Before we get started there are a few things that need to be configured. In my test lab I’m running Windows Server 2008 Enterprise Edition with Hyper-V, and I recommend the following settings for the virtual machine:

• CPU: 1 core (2 core recommended)
• RAM: min. 1024 MB (2048 recommended)
• Disk: 127 GB
• Network: 1 adapter (local only)

This guide assumes that Windows Server 2008 Enterprise Edition x86 with Service Pack 1 is installed and configured with the following settings:
(Installing Windows Server 2008 and Active Directory is not within the scope of this article).

• Static IPv4 address: 192.168.0.10
• Subnet mask: 255.255.255.0
• Default Gateway: 192.168.0.1
• Server name: SERVER1
• Active Directory Domain Service
  • Domain DNS name: corp.demo.lab
  • Domain NetBIOS Name: CORP
  • Forest Functional Level: Windows Server 2008
• DNS Server
• DHCP Server
  • Scope Name: SCCM Lab
  • Starting IP Address: 192.168.0.50
  • Ending IP Address: 192.168.0.99
  • Subnet Mask: 255.255.255.0
  • Default Gateway: 192.168.0.1
  • Subnet Type: Wired (lease duration will be 6 days)
  • Activate this scope: Yes

Part 1: Pre-Configuration Manager Installation Tasks

The System Center Configuration Manager 2007 requires a few things to be configured before installing the product. This part will guide you through these steps.

Extending the Active Directory Schema

Extending the Active Directory schema is a forest-wide action and must only be done once per forest. Extending the schema is an irreversible action and must be done by a user who is a member of the Schema Admins Group or by someone who has been delegated sufficient permissions to modify the schema.

Four actions need to be taken in order to successfully enable Configuration Manager Clients to query Active Directory Domain Services to locate site resources:

• Extend the Active Directory schema.
• Create the System Management container.
• Set security permissions on the System Management container.
• Enable Active Directory publishing for the Configuration Manager site.

How to Extend the Active Directory Schema Using ExtADSch.exe

You can extend the Active Directory schema by running the ExtADSch.exe file located in the SMSSETUP\BIN\I386 folder on the Configuration Manager 2007 installation media. The ExtADSch.exe file does not display output when it runs; however, it does generate a log file in the root of the system drive called extadsch.log, which will indicate whether the schema update completed successfully or any problems were encountered while extending the schema.

Step by step guide

• Backup the System State on the Domain Controller that holds the Schema Master role.
• Disconnect the Schema Master Domain Controller from the network.
• Run extadsch.exe, located at \SMSSETUP\BIN\I386 on the installation media, to add the new classes and attributes to the Active Directory schema.

• Verify that the schema extension was successful by reviewing the extadsch.log located in the root of the system drive.
• If the schema extension procedure was successful, reconnect the schema master domain controller to the network and allow it to replicate the schema extensions to the global catalog servers throughout the Active Directory forest.
• If the schema extension procedure was unsuccessful, restore the schema master's previous system state from the backup created in step 1 to reverse the schema extension actions before reconnecting the schema master domain controller to the network.

How to Create the System Management container using ADSIEdit

Configuration Manager does not automatically create the System Management container in Active Directory Domain Services, when the schema is extended. The container needs to be created once for each domain that includes a Configuration Manager Site server that will publish site information to Active Directory Domain Services. To manually create the System Management container using ADSI Edit, do the following steps:

• Log on as an account that has the Create All Child Objects permission on the System container in Active Directory Domain Services.
• Open the ADSIEdit MMC console, and connect to the domain in which the site server resides.

• In the console pane, expand Domain [computer fully qualified domain name], expand <distinguished name>, and right-click CN=System. On the context menu, click New and then click Object.
• In the console pane, expand Domain [computer fully qualified domain name], expand <distinguished name>, and right-click CN=System. On the context menu, click New and then click Object.
• In the Create Object dialog box, select Container and click Next.

• In the Value field, type System Management and click Next.

• Click Finish.

How to configure the security permissions on the System Management container.

After the System Management container has been created in Active Directory Domain Services, the primary site server's computer account must be granted the necessary permissions to publish site information to the container.

• Click Start, click Run, and enter adsiedit.msc to launch the ADSIEdit MMC console.
• If necessary, connect to the site server's domain.
• In the console pane, expand the site server's domain, expand DC=<server distinguished name>, expand CN=System, and right-click CN=System Management. On the context menu, click Properties.

• In the CN=System Management Properties dialog box, click the Security tab.
• Click Add to add the “SCCM Servers” Security Group and grant the account Full Control permissions.

• Click Advanced, select the “SCCM Servers” Security Group, and click Edit.
• In the Apply onto list, select “This object and all child objects”.

• Click OK. (3 times)

Enable Active Directory publishing for the Configuration Manager site.

Before Configuration Manager can publish site data to Active Directory Domain Services, the Active Directory schema must be extended to create the necessary classes and attributes, the System Management container must be created, and the primary site server’s computer account must be granted full control of the System Management container and all of its child objects. Each site publishes its own site-specific information to the System Management container within its domain partition in the Active Directory schema.

This part cannot be completed before Configuration Manager has been installed.

Configuring Windows Server 2008 for Site System Roles

Configuration Manager requires the WebDAV component to be installed and enabled on the management points and BITS-enabled distribution points. The WebDAV component is not included in Windows Server 2008 operating system and must be downloaded and configured manually.

Installing and configuring WebDAV for BITS-enabled distribution points and management points

• In Server Manager, on the Features node, start the Add Features Wizard.
  • On the Select Features page, select BITS Server Extensions.
  • When prompted, click Add Required Role Services to add the dependent components, including the Web Server (IIS) role.
  • On the Select Features page, select Remote Differential Compression, and then click Next.
  • On the Web Server (IIS) page, click Next.
  • On the Select Role Services page, under IIS 6 Management Compatibility, select IIS 6 WMI Compatibility.
  • Under Application Development, select ASP.NET and, when prompted, click Add Required Role Services to add the dependent components.
  • Update: Add ASP (required for ConfigMgr Reporting Point to function - thanks to Jens Ole Kragh for pointing this out)
  • Under Security, select Windows Authentication, and then click Next.
  • On the Confirmation page, click Install, and then complete the rest of the wizard.
• Download the x86 or x64 version of WebDAV at http://go.microsoft.com/fwlink/?LinkId=108052.
• Run either webdav_x86_golive.msi or webdav_x64_golive.msi, depending on your processor.
• Enable WebDAV and create an Authoring Rule, as follows:
  • Open Internet Information Services (IIS) Manager.
  • In the Connections pane, expand the Sites node in the tree, and then click SMSWEB if you are using a custom Web site or click Default Web Site if you are using the default Web site for the site system.
  • In the Features View, double-click WebDAV Authoring Rules.
  • When the WebDAV Authoring Rules page is displayed, in the Actions pane, click Enable WebDAV.
  • After WebDAV has been enabled, in the Actions pane, click Add Authoring Rule.
  • In the Add Authoring Rule dialog box, under Allow access to, click All content.
  • Under Allow access to this content to, click All users.
  • Under Permissions, click Read, and then click OK.
• Change the property behavior as follows:
  • In the WebDAV Authoring Rules page, in the Actions pane, click WebDAV Settings.
  • In the WebDAV Settings page, under Property Behavior, set Allow anonymous property queries to True.
  • Set Allow Custom Properties to False.
  • Set Allow property queries with infinite depth to True.
  • If this is a BITS-enabled distribution point, under WebDAV Behavior, set Allow access to hidden files to True.
  • In the Action pane, click Apply.
• Close Internet Information Services (IIS) Manager.

Summary

This completes part 1 of this article. In the next part we’ll install Microsoft SQL Server 2005, Windows Server Update Service (WSUS) 3.0 and System Center Configuration Manager 2007 with Service Pack 1.

Enjoy.

Multiple Group Policy Preferences have been added to the Windows Server 2008 Group Policy Management Console (which are also available through the Remote Server Administration Toolset (RSAT) for Windows Vista SP1). Group Policy Preferences enable information technology professionals to configure, deploy, and manage operating system and application settings they previously were not able to manage using Group Policy.

A few days ago Microsoft released a new version of the Group Policy Preference Client Side Extensions.

Microsoft Windows XP (x86):
http://www.microsoft.com/downloads/details.aspx?FamilyID=e60b5c8f-d7dc-4b27-a261-247ce3f6c4f8&DisplayLang=en

Microsoft Windows XP (x64):
http://www.microsoft.com/downloads/details.aspx?FamilyID=249c1aed-c1f1-4a0b-872e-ef0a32170625&DisplayLang=en

Microsoft Windows Server 2003 (x86):
http://www.microsoft.com/downloads/details.aspx?FamilyID=bfe775f9-5c34-44d0-8a94-44e47db35add&DisplayLang=en

Microsoft Windows Server 2003 (x64):
http://www.microsoft.com/downloads/details.aspx?FamilyID=29e83503-7686-49f3-b42d-8e5ed23d5d79&DisplayLang=en

For more information on Group Policy Preference:

Group Policy Preference Overview:
http://www.microsoft.com/Downloads/details.aspx?familyid=42E30E3F-6F01-4610-9D6E-F6E0FB7A0790&displaylang=en

Windows Server Group Policy:
http://technet.microsoft.com/en-us/windowsserver/grouppolicy/default.aspx

I’ve just got an email from Microsoft, saying that I’ve received the Microsoft MVP Award on System Center Configuration Manager. I'm truly honored…

Thanks to my lovely wife and to my son, for being so patient when I spend (too much) time working for the Danish IT community.

Living in a non-english speaking country like Denmark, I often have to deal with deploying English versions of Windows XP and/or Windows Vista, with other Regional Settings, Keyboard Settings, Time Zones etc.

In the past I've created a VBScript to modify the sysprep.inf or the unattend.xml, after laying down the image on the client. The values were configured with Collection Variables or Computer Variables. The script collected the value during deployment, and replaced the value in the sysprep.inf or unattend.xml file before restarting into mini setup.

This year at TechEd in Orlando, I attened a great session on Windows Deployment with Configuration Manager (Part 1 of 4) with Michael Kelly. In this session he showed a demo, where he created a custom variable ("XRes" and "YRes"), and typed the variable direct in sysprep.inf like this:

sysprep.inf:
[Display]
   XResolution=%XRes%
   YResolution=%YRes%

This was a simple example, but it gave me a lot of ideas to work with. And as a result of this, I no longer need my "fancy" script to take care of my deployments anymore. This is how I do it now (example):

For my Windows XP deployments I've created a sysprep.inf that looks like this:
(This can also be done with Windows Vista deployments, but you’ll need to use the unattend.xml and the format should be in XML).

sysprep.inf:
[GuiUnattend]
   TimeZone=%LAB_OSDTimeZone%
[ResionalSettings]
   SystemLocale=%LAB_OSDSystemLocale%
   SystemInput=%LAB_OSDSystemInput%
[Display]
   XResolution=%LAB_OSDXResolution%
   YResolution=%LAB_OSDYResolution%

The sysprep.inf file should be place in a package in order to use it from the task sequence.

In the “Deploy Windows XP” Task Sequence, you need to specify the sysprep.inf file in the “Apply Operating System” section, like this:

In order to use the sysprep.inf containing the variables we need to assign some variables to our collection first.

How to Create Collection Task Sequence Variables:

	In the Configuration Manager console, System Center Configuration Manager / Site Database / Computer Management / Collections.
	To assign a variable to a collection, right-click the collection, and then click Modify Collection Settings.
	Open the <New> Variable dialog box, click the Collection Variable tab, and then click the New icon.
	In the New Variable dialog box, specify a name (example: “LAB_OSDSystemInput”) for the variable. On the Value line, specify the Value (Example: 0406:00000406 for danish keyboard) of the variable, and if the value is masked, enter the value again to confirm the variable on the Confirm Value line, and then click OK.

You can also specify Precedence by selecting a numeric value from the drop-down list, where 1 is the lowest precedence, and 9 to specify the highest precedence. The Precedence level will be used when a computer is a member of multiple collections with differing precedence levels assigned.

You can also specify per-computer task sequence variables, by right-clicking the computer object, click Properties, and then click the Variables tab. Per-computer variables will allways overwrithe per-collection variables.

That’s all folks… No more scripting for modifying the sysprep.inf file during deployment :-)

Additional resources:

TimeZone codes: (scroll down to the end where you’ll find “TimeZone”)
http://technet2.microsoft.com/windowsserver/en/library/1cd05ce1-7eaa-4b03-bef5-772bb2d799eb1033.mspx?mfr=true

Locale ID’s and Input Locale:
http://www.microsoft.com/globaldev/reference/winxp/xp-lcid.mspx

A few weeks ago Don Hite ran across my blog on Windows Live. He liked the information on the blog, and asked me if I would be interested in moving my blog to myITforum.com.

I mainly blog about System Center Configuration Manager and other desktop management technologies, so moving to the myITforum.com site feel like the right thing to do.

The next 2-3 months I’ll cross-post all my post on both myITforum.com and my current blog.

Thanks to both Don Hite and Rod Trend for this great opportunity.

Hyper-V, one of the key features of Windows Server 2008, has now released to manufacturing (RTM) and is available for deployment into production environments. A beta of Hyper-V was included with Windows Server 2008 and this update provides the final release. The Hyper-V update will be available through Windows Update from July 8th.

I’ve upgraded my test lab running Hyper-V RC1 to the RTM version, and so far everything is running smoothly.

The official Press Release from Microsoft.

Additional information:

• http://www.microsoft.com/virtualization/default.mspx
• http://support.microsoft.com/kb/950050
• http://technet2.microsoft.com/windowsserver2008/en/library/c513e254-adf1-400e-8fcb-c1aec8a029311033.mspx?mfr=true
• http://download.microsoft.com/download/2/e/7/2e7387d3-1391-4176-abe8-44e481100694/relnotes.htm

Download:

• http://www.microsoft.com/downloads/details.aspx?FamilyId=F3AB3D4B-63C8-4424-A738-BADED34D24ED&displaylang=en