SCCM checklist for client infra setup to propose a GO or NOGO
I am working with a new client and answering lot of questions. Do any once have a checklist of questions to share to client to know the current infra setup and based of that we can say yes your backend infra is good to go with SCCM implementation. As of now with couple meeting, they have server 2012 r2, domain and functional level is still 2003, kerboros 2003 functional level, all OS is on prof not enterprise.
Answers ( 6 )
This question really has a wide scope, other than what collegues have posted here few points that comes in my mind.
1. Check the accounts which are used in SCCM infrastructure ( service accounts, DB access accounts etc).
2. If using OSD check Boot images are updates with latest ADK.
3. Check if any GPO’s are implemented and are in place.
4. Go throught the network infrastructure and how it is been used with sccm ( firewalls,exceptions etc.)
5. Check if heirarchy components are healthy.
6. Do they include CAS, if yes how many clients are in environment , check is CAS really necessary, go with the consideration of CAS in an environment
The question is very generic question, as mentioned by friends here you may refer to the link https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/configs/recommended-hardware
Also strongly recommended to see the possibilities of upgrading dependent environment like AD etc.
Per your questions there are unsupported running.
This is a very open ended question and really depends on:
1. The intentions and purposes of your client wanting to use ConfigMgr
2. Your skills and levels of knowledge of ConfigMgr in order to provide the skillsets they will need for the implementation.
Bottom line, it’s about determining their infrastructure.
1. VM or hardware
3. Processing resources such as CPU, Memory, storage
4. Levels of administration
This may help you.
A single set of client settings applicable to all managed devices in the environment will be configured based on a combination of best practices and customer specific requirements defined in this document.
Solution shall be designed to support approximately 3,000 clients in a single AD forest with consideration for future expansion.
Windows 7 and Windows 10 workstations.
Basic client health and status reporting will be provided in the console by default
The solution shall provide the ability to manage in-scope devices connected to the VPN
Active Directory Sites and Services must be established and functioning
A list of anti-virus exclusions will be provided for ConfigMgr server and ConfigMgr clients
The solution architecture shall use a common, global standard for all ConfigMgr infrastructure servers and configurations.
The solution shall provide the ability to utilize, during distributions, a specified amount of the available network bandwidth (measured in Kbps) both within and between sites.
The solution will provide a central repository for all applications and patches to be distributed from and inventory and other CI info to be collected.
The solution shall be configured to deploy with minimal impact to the End User experience, such that productivity is not adversely affected.
Provide automated discovery of devices and users from active directory. Discovery frequency to be configured to maximize refresh time while ensuring minimal impact to performance and network utilization.
Installation and configuration of Configuration Manager Current Branch.
Solution shall follow WMS best practices to perform a side-by-side migration from the current to new environment using a phased approach. Required software packages, collections and advertisements will be migrated if eligible.
Site Server backup and recovery shall be designed per WMS and Microsoft best practices.
Role Based Administration (RBA) provides Configuration Manager Administrators with a security model that provides the ability to assign and manage administrative permissions – Delegation. Security Roles, Security Scopes and Collections in Configuration Manager will be created per WMS best practices. Only authorized personnel will have access to ConfigMgr data through database views and extracts.
Standard ConfigMgr ports will be used for ConfigMgr related communications throughout the ConfigMgr infrastructure and with clients.
The solution shall perform hardware inventory management for in scope devices. Default hardware inventory will be used.
The solution shall perform software inventory management for in scope devices. All .exe files will be inventoried by default.
In addition to default software inventory, the following files must be captured:
Customer shall procure and maintain all software licenses for the Services, and for applications managed by the Services.
The Windows Assessment and Deployment Kit (Windows ADK) is a collection of tools for customizing, assessing, and deploying Windows operating systems to new computers.
The solution shall perform security patch updates for in scope devices.
Security Patch updates from Microsoft that provide catalog integration to the solution via a COTS product
Active Directory authentication shall be used as the mechanism for authorizing user access to the solution’s console
Ability to install and remove software (including upgrades) from a centrally managed location to users or computers.
Users of Windows-based computers can manage their software deployment experience by using the client interface, Software Center. Software Center is automatically installed on client computers so that users can manage their own software. They can perform the following actions: Install software, schedule software for automatic installation outside of working hours, configure when Configuration Manager can install software on their device, configure access settings for remote control if enabled and configure options for power management if enabled
Identifies application usage patterns across the in scope devices within the limits of the solution.
Allows clients to initiate an OS deployment (task sequence) from network boot
Ability to deploy operating system (task sequences) from ConfigMgr
Install ConfigMgr Current Branch on lab server. ConfigMgr will be installed new (no migration of existing data from Old SCCM)
3rd party tool integrated with ConfigMgr to more efficiently manage delivery of content
3rd party tool integrated with ConfigMgr to more efficiently manage delivery of content
Multilingual support. Configuration Manager uses the display language of the server or client computer when support for that language exists. English is the default language used
Windows Server 2012
Users who have mobile devices that are enrolled by Intune and Android devices that are managed by the Exchange Server connector can install apps from the company portal. The company portal is the Application Catalog equivalent for these mobile devices.
When capturing user state, user state data can be stored on the destination computer (suitable for update deployments) or on a user state migration point (required for side-by-side deployment).
3rd party tool integrated with ConfigMgr (WSUS) that works by subscribing to partner catalogs to deploy updates. Vendor catalogs include hardware partners Dell, HP, Intel and some software companies such as Citrix and Adobe
Remote control can be used to troubleshoot hardware and software configuration problems on client computers and to provide help desk support when access to the user’s computer is required
Any custom reports not included with ConfigMgr
Compliance settings provides a unified interface and user experience to manage the configuration and compliance of servers, laptops, desktop computers, and mobile devices.
The solution shall provide an application catalog repository for end users as an option to install applications from. Application Catalog feature will be configured and will be ready for use (applications will be added outside of the scope of this project)
Associates specific users with specific devices. This mapping of devices to users can remove the need to know the names of a user’s devices when you deploy applications. You can define primary devices for a user. These are typically the devices that users use daily to perform their work.
you can refer the document on Microsoft’s site and prepare your own list of hardware and OS requirement considering performance and stability, that you can share with the client.
Let’s start with these questions to understand their environment and health
Check the ConfigMgr Architecture Document
Check ConfigMgr implementation Document
Check SCCM Server OS Versions
Check whether AD Schema extended
Check ADK and WinPE version
Check whether SQL server versions
Check the Status Messages from ConfigMgr console
Check Role-Based Access permissions
Check SCCM client health reports