How to Migrate SCCM CB Primary server to New Hardware Configuration Manager ConfigMgr? How to Migrate SCCM CB 1606 primary server to new hardware or a new virtual server?
How to restore SCCM CB primary server from the full SCCM backup? I’ll try to answer these two questions in this blog post and the video.
I used SCCM CB full backup to migrate the primary server into a virtual server. In this scenario, I’ve SCCM CB primary site server and Database server on the same box.
After the migration, Intune/cloud communication was not working, and all the logs (CloudUserSync.log, DMPUploader.log, and DMPDownloader.log) filled with “Certmgr has not installed certificate yet, sleep for 1 minute.“.
The resolution was to remove Intune subscription and add it back. More details about “Migrate SCCM CB Primary server to New Hardware or new virtual server”. How to Migrate SCCM CB Primary server to New Hardware Configuration Manager ConfigMgr.
Prerequisites Migrate SCCM CB Primary server to New Hardware
Following are the prerequisites which we need to follow while migrating the SCCM CB primary server to new hardware:- How to SCCM CB Primary server to New Hardware Configuration Manager ConfigMgr.
- FQDN Hostname Should be the same :
- Drive Letters should be the same :
- The installation path should be the same:
- Should have the same patch level:
- Better to have the same IP:
Tips – Migrate SCCM CB Primary server to New Hardware
- The following steps will help to complete the migration steps easily
- 1. Document local SMS group memberships of existing server
- 2. Perform differential Robocopy of the backup folders to the new server (Package Source\DP files\WSUS)
- 3. Shutdown Current SCCM CB Server
- 4. Delete AD object of existing SCCM Server from Active Directory Users and Computers
- 5. Rename the new server to the old SCCM CB server name
- 6. Give New Server OLD IP address (Optional)
- 7. Perform Domain Join of new SCCM CB server. Provide FULL ACCESS to new SCCM CB computer object in System Management container and also add to respective AD groups wherever required.
- 8. Install all the prerequisites – ADK, WSUS, SQL, etc…
- 9. Run the setup from CD.Latest folder to get the latest binaries of the existing CB site.
Video
(1) How to Migrate ConfigMgr SCCM CB Primary Server to New Hardware – YouTube
Resources
SCCM Related Posts Real World Experiences Of SCCM Admins (anoopcnair.com)
Author
Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is a blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. E writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…
Hi
I want to migrate sccm 1606 to new server – but old OS is Windows server 2008 R2.
are this steps well ?:
new server is w2012 R2. Should I uninstall WSUS on old server and then do full backup ?
thanks
I don’t think you need to do uninstall of WSUS to take full back. You should take full backup with WUS and SUP etc… Also WSUS uninstallation is recommended only for in place upgrade of OS 2008 R2 to OS 2012 R2. Otherwise it’s normal process.
Hey Anoop, thanks for the guide. Do you have anything in relation to this about migrating your on-prem primary to Azure?
Hey! I don’t think there is any difference between the migration apart from some FW port opening or VPN tunnel creation etc…and those are all external to SCCM/ConfigMgr
Hi Anoop,
Currently, I’m managing several departments (which are located in different regions) using SCCM 2012 R2 with a single Primary site and a Distribution Point in each department. SCCM is installed on Windows Server 2008 R2 and plan is to install CM1606 on a new server (Windows Server 2016). I’m asked to move each department gradually to new site. How should I plan for this?
Thank you.
Hi Anoop,
Currently, I’m managing several departments (which are located in different regions) using SCCM 2012 R2 with a single Primary site and a Distribution Point in each department. SCCM is installed on Windows Server 2008 R2 and plan is to install CM1606 on a new server (Windows Server 2016). I’m also asked to create a new primary site and move each department gradually to new site. How should I plan for this?
Thank you.
I’m in preparation of a post for the same. Planning to publish this on next week. “SCCM CB Migration Unofficial Checklist “
concerning the migration and the intune subscription, you state: “remove Intune subscription and add it back”
I suppose you must use the same .PEM file you used in the original environment.
and for the record: this will not result in having to unenroll/re-enroll devices, right?
Anoop need your help due to some issues we had to uninstall and install our primary, but the site code is same and it has been attached under our CAS.Clients have started reporting, but this primary was having 20+ DP’s. Now after installation none of DP’s are showing, how to proceed? Do we need to configure DP’s again, but what about the content library that was previously created? Or after configuring these DP’s will SCCM will know it was previously configured and start working?
Ankit, How did you install the primary site? Have you completed the restoration of primary site? I suppose, you need to have a good backup of the primary server to restore. Have you completed the supported way of SCCM restoration of primary server? If so the DPs should work without any issue. This is very complex scenario and I don’t think it will be easy to troubleshoot here. Rather I would recommend to raise a ticket with Microsoft.
Hi Anoop,
We are planning to Upgrade our SCCM to 1702 below are the challenges we see , need your inputs on how can we handle them,
1. We are currently on SCCM 2012_1602 on Windows_Server_2008 and SQl 2008
we are planning to build a new 2012 server and use site backup of old server to restore , and do the upgrade on it and if no issues found we will bring down the physical box and starting using virtual , will the Site backup allow us to configure a new SIte Code ?
Did you already made the migration ?
I’m facing the same situation…
Hi Anoop,
Tried the steps and i am getting error “Fail to create SQL Server Certificate”.
Step up logs show,
– SQL Server login failed for account corp\SMSAdmin
– Cannot open the database CM_P01 requested by the login. Login failed.
Environment details,
– Moving Server OS 2012 R2 VM to OS 2012 R2 VM
– ConfigMgr CB 1702 primary SA and SQL 2014 on same box
– Using Default instance of SQL.
– Using CM backup.
Any suggestions.
PD, is your SQL server instance local on your SCCM server or are is the database on another server? If it is on the other server then you need to make the SCCM server computer account an admin on the SQL server and to generate a self signed cert from the SCCM server that you then install on the SQL broker.
corp\SMSAdmin account has sys admin access on SQL ?
Yes, corp\SMSAdmin account has sys admin.
I tried following steps in the blog,
http://henkhoogendoorn.blogspot.com/2013/01/fail-to-create-sql-server-certificate.html
– But i could not add the local server account to SQL login. It only allows to add users & groups.
– Also the error that shows up inside the log is, which is different from the above blog. In my case, the log file has following error.
– SQL Server login failed for account corp\SMSAdmin
– Cannot open the database CM_P01 requested by the login. Login failed
This is the way to create system account or machine account login in SQL for SCCM
“Create SQL login for new computer object:\$]from Windows
a. Using SQL Script CREATE login [
“
Thanks for this post. it really worked for my migrating sccm primary server to new the server.
Thank you much for the feedback! Really appreciate taking time to send a positive note !
Hello Anoop Nair, thank you for all the guides and videos, they are very helpful. Mr. Nair, do you have a guide or steps on how to move an existing primary site server (virtual) database to a new stand-alone SQL server (also virtual)?
I need to expand an existing primary site server to a CAS. The existing primary site has SCCM, WSUS, IIS, DP, some other roles, and SQL database installed and configured on the same server.
Here is what I am planning on going:
• Move the primary site server database to stand-alone sql server
• Build the CAS using the cd.latest
• Point the CAS to the new SQL stand-alone server that has the database I moved from the primary
• Build a new stand-alone sql server and install sql 2017 to serve as the database for the existing (old) primary site server that no longer has a database, since it was moved to served at the CAS database.
• Point the existing primary (old) server to the its new stand-alone sql server and enable replication with the CAS sql server.
At the end of the day, I am changing from 1 primary site server (all in one server) to a CAS, a Primary Server, and 2 stand-alone SQL servers.
Will this work?…I am a bit concern on how to properly move the database to its own server and also spin a new database to replace the one I am taking away from the old primary site server.
Thank you in advance for your time and support.
Thank you for the comment. Will following blog series help you ?
https://www.anoopcnair.com/complete-guide-sccm-server-migration-part-1-sql-2017/
Hello again Anoop, thank you for your prompt reply. The link you provided filled the gap of what I need to do…specially part 2
https://www.anoopcnair.com/the-complete-guide-for-sccm-server-migration-part-2-database-migration/
Thank you, for sharing your knowledge. If you ever come to Las Vegas, NV, email me, and I will take you out to lunch…on me.
That is great to know Ronald. All credit to Rajul for that post 😉
I was there in Las Vegas back in 2015. Thank you for the lunch offer.
Anoop or anyone that can answer this…Client install on non-trusted and workgroup machine. The environment has one primary and 3 additional site servers that has the MP, SUP, etc, roles installed.
Question 1: SCCM Client install on workstations
I have 300-400 machines that are on workgroups (no necessarily the same either) and I need to install the sccm client on them so my question is, do I need to move the sccm client files to each machine OR I place it in the site server they will be managed with and run script on each machine to perform the install?
I am assuming I will need to include the network location where the files reside and the site server information in the script using a syntax such as this “network location\ccmsetup.exe /mp: SMSSITECODE=PPP SMSMP= DNSSUFFIX=” — now in case those machines can’t contact a DNS server, will I need to add the site server to the host file on each machine?
Question 2: SCCM Client install on non-trusted domain
I have about 500-700 devices that are part of different domains with-out trust with the domain the SCCM is on (non-trusted domains). I am thinking I will need to place the sccm client install files on a network location on each domain where devices can get to and create a GPO on each domain to push the client to each machine…if this is correct, where do I specify the site server information if I want to point half to one site server and the other half to another site server?…will I need to attach script such as the one above to point to the correct site server?
Please note: I have experience pushing the SCCM client from within SCCM, have done GPO, and also manual installs but all in a trusted domain settings.
Thank you in advance for your time and support.
Hey, Anoop, long time fan of your work here. Your guides have been invaluable to my job.
Would it be possible to use this method to install SCCM CB on a new OS? I’d like to move my standalone install from 2016 to 2019? Also, can I have a the latest SQL on the 2019 server, or should the SQL version be updated separately?
Hi Anoop,
I need your with SCCM DB issue, One of my ex-colleague had setup sccm db sa password and no other account with db admin role. Now we have lost access to sa password, Luckily one of the secutrity group has read only permissions so we can perform daily functions. I have tried starting sql sccm db in single user mode to create new sa or to change sa password but no luck. After trying for couple of weeks finally installed new site with new site code parallel to existing one.
Question-How can I transfer data between two site without manually going into each object?
I have already tried sccm inbuilt site migration but it failed with read/write permissions. currently we have only read only permission.
Thanks in advance for any help.
Try building a passive server and cut over?
Hi Anoop. I am moving my primary to new VM. I have run robocopy for SMS_DP$, SMSPKG, SMSPKGE$, SMSPKGSIG, SMSSIG$ and WSUS. Will the content library be created during the installation/recovery of configmgr. I have never done this and I have no test site. I have followed all of the instructions but no where do I see that the sccmcontentlib will be created. Thanks.
HI Anoop,
Thanks for all your fantastic information provided here.
I have a question, is it possible to migrate from an out-of-support CB version, to the latest version (2303)
at the same time as moving to a new server? Rather than In-place upgrade we were hgoping to build a new server and copy our data accross/migrate accross to the latest version and the latest version with as little effort as possible. Do you have a suggestion?
Hi Anoop –
We have to do this as we are running CB 2207 on Server 2012 R2 and need to move to Server 2019. Since our SQL Database is on another server (SQL Cluster) can we simply perform this and select ‘Do not recover database as it was unaffected’ during the recovery operation. We plan on using the same Name/IP for the Server 2019.
Thanks
Hi Anoop,
This is a question around migrating SCCM. We’ve created a passive server up in Azure and will be failing over to the new server and shutting down the onpremise server. I did move the content library to a remote location. However, I have this foler calld SMSPKGSIG folder on the main server that is still updating. There is NO Distribution point role obviously on the primary. If I shut that server down this will potentially break the infrastructure. How do I move that folder to the same remote location as the content library and what is that SIG folder for? It seems it’s also tied to the content library. I’m running SCCM 2211 with all hotfixes. Thanks for the advice.