Install a New SCCM Management Point Role|ConfigMgr

0
Management Point SCCM

Configuration Manager|SCCM Management Point (MP) provides policy and service location information to clients client devices. In this post, you shall learn how to install a New Management Point Role.

The MP role installs on the site server when you install a new primary or secondary site. ConfigMgr Primary sites support multiple instances of this role. Secondary sites support a single management point.

Related Post FIX SCCM Management Point Issues Internal Server Error 500

NOTE! – A management point provides policy and content location information to clients. It also receives configuration data from clients.

Management Point Prerequisites

You need to confirm the operating system support for SCCM Management Point installation from here. The following are some of the other prerequisites of SCCM MP.

  • Windows Server roles and features
    • BITS Server Extensions or Background Intelligent Transfer Services (BITS)
  • .NET Framework
    • .NET Framework version 4.5 or later
    • .NET Framework 4.8 (ConfigMgr 1906 or later)
  • IIS configuration
    • Application Development:
      • ISAPI Extensions
    • Security:
      • Windows Authentication
    • IIS 6 Management Compatibility:
    • IIS 6 Metabase Compatibility
    • IIS 6 WMI Compatibility
  • SQL Server Native Client

More details about SCCM Management Point prerequisites.

Add Site Server Account

Make sure the your site server has administrative privileges on remote management point server before start of the activity.

  • Add Site Server Computer account to MP server’s local administrators Group
Administrators - Add Site Server
Administrators – Add Site Server
Altaro Office 365 Backup
Advertisement Altaro Office 365 Backup

Add New Management Point Role | ConfigMgr

You can install the Management point from Configuration Manager console. The following are the steps to install SCCM MP on a Windows server.

You want to install remote Management point and new site system server, then follow the steps.

NOTE! – When you already have remote site system server and want to install remote MP on the already existing SCCM site system, then you can skip following two steps.

  • Navigate \Administration\Overview\Site Configuration\Sites
  • Right click on site server and select Create Site System Server
 Create Site System Server - Management Point
Create Site System Server – Management Point
  • Enter remote Management Point (MP) server FQDN and click next
 Create Site System Server - Management Point
Select a server to use as a site system
  • Navigate \Administration\Overview\Site Configuration\Servers and Site System Roles
  • Select the Site System server and Right Click on the server – Select Add Site System Roles
Add Site System Roles
Add Site System Roles
  • Click NEXT to continue
Select a server to use as a site system
Select a server to use as a site system

Select Site System Role

  • Click NEXT on the proxy configuration page. Proxy is not required for this Management Point (MP) setup
  • Select Management Point option and click NEXT button
Specify roles for this server - Management Point
Specify roles for this server – Management Point
  • Specify Management Point Settings – A management point provides policy and content location information to clients. It also receives configuration data from clients
  • Select either HTTP or HTTPS client connections as per your requirement

NOTE! – For HTTPS configuration of Management Point – Setting up HTTPS MP SUP SCCM Site Systems.

Management Point Communication HTTP
Management Point Communication HTTP
  • Specify Management Point Database Settings – Select Use the site database
  • Select Management Point Connection Account – The Management Point Connection Account connects the management point to the SQL Server database
  • Select Use the computer account
  • Click NEXT to continue
MP Database Settings
MP Database Settings
  • Click NEXT and NEXT and CLOSE to complete the new management point creation process
Install a New SCCM Management Point Role|ConfigMgr 1

IIS Validation

The IIS component is the critical component for SCCM Management Point. The client can’t communicate with MP if IIS is down. The MP installation shall fail if the IIS is not working on the server. More details SCCM IIS configurations.

You can launch IIS from Server Manager -> Tools -> Internet Information Services (IIS) Manager. The following are the entries created during the ConfigMgr Management Point creation.

  • CcmSystemVDirName = CCM_System
  • CcmSystemRegVDirName = CCM_System_WindowsAuth
  • CcmSystemAltAuthVDirName = CCM_System_AltAuth
  • CcmSystemTokenAuthVDirName = CCM_System_TokenAuth
  • CcmSecurityTokenServiceVDirName = CCM_STS
  • CcmUserServiceVDirName = CMUserService
  • CcmUserServiceWinAuthVDirName = CMUserService_WindowsAuth
Install a New SCCM Management Point Role|ConfigMgr 2
IIS MP

Logs Verification

The logs are important to validate New Management Point installation in any of the SCCM|ConfigMgr|MEMCM|MECM environment. More details about SCCM Logs.

  • MPSetup.log (MP Install and Reinstall status)
  • mpMSI.log (MP MSI setup login for advanced troubleshooting)
  • mpcontrol.log (To confirm whether MP is working fine and clients are able to communicate with MP or not)

MPSETUP.LOG

The following some of the sample entries of MPSETUP.log:

Installing pre-req using command line "C:\Program Files\Microsoft Configuration Manager\CMUClient\ccmsetup.exe" /UpgradeWithServer:mp
Pre Req SqlNativeClient is already installed. Skipping it.
======== Completed Installation of Pre Reqs for Role SMSMP ========
Installing the SMSMP
Passed OS version check.
IIS Service is installed.
No versions of SMSMP are installed.  Installing new SMSMP.
Enabling MSI logging.  mp.msi will log to C:\Program Files\Microsoft Configuration Manager\logs\mpMSI.log
Installing C:\Program Files\Microsoft Configuration Manager\bin\x64\mp.msi CCMINSTALLDIR="C:\Program Files\SMS_CCM" CCMSERVERDATAROOT="C:\Program Files\Microsoft Configuration Manager" USESMSPORTS=TRUE SMSPORTS=80 USESMSSSLPORTS=TRUE SMSSSLPORTS=443 USESMSSSL=TRUE SMSSSLSTATE=1024 CCMENABLELOGGING=TRUE CCMLOGLEVEL=1 CCMLOGMAXSIZE=1000000 CCMLOGMAXHISTORY=1
mp.msi exited with return code: 0
Installation was successful.
~RoleSetup().

mpMSI.log

The following are some of the log snippets from mpMSI.log.

INSTALLLEVEL = 1
CcmAdministratorsGroupName = Administrators
CcmUsersGroupName = Users
CcmCreatorOwnerAccountName = CREATOR OWNER
PrimaryVolumePath = C:
SOURCEDIR = C:\Program Files\Microsoft Configuration Manager\bin\x64\
SourcedirProduct = {5111B577-B25C-4C45-8938-4D6319E6B672}
LASTSTATESERIALNUM = 0
CCMHTTPSSTATE = 224
ProductToBeRegistered = 1
CCMHTTPSPORT = 443
CCMHTTPPORT = 80
NOTIFYONLY = FALSE
MSI (s) (94:F4) [06:07:08:915]: Note: 1: 1707 
MSI (s) (94:F4) [06:07:08:915]: Product: ConfigMgr Management Point -- Installation operation completed successfully.
MSI (s) (94:F4) [06:07:08:917]: Windows Installer installed the product. Product Name: ConfigMgr Management Point. Product Version: 5.00.8953.1000. Product Language: 1033. Manufacturer: Microsoft Corporation. Installation success or error status: 0.
LOGS
LOGS

MPControl.log

The following log file entries confirms that MP is working fine after the new installation process. The status code 200 is one of the line you shall look into.

Successfully performed Management Point availability check against local computer.~  $$<02-16-2020 06:28:21.469-330>
SSL is not enabled.  $$<02-16-2020 06:28:21.471-330>
Using thread token for request  $$<02-16-2020 06:28:21.475-330>
Call to HttpSendRequestSync succeeded for port 80 with status code 200, text: OK  $$<02-16-2020 06:28:21.489-330>
Http test request succeeded.~  $$<02-16-2020 06:28:21.490-330>
STATMSG: ID=5465 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_MP_CONTROL_MANAGER" SYS=SCCMTP2.INTUNE.COM SITE=TP4 PID=8148 TID=8564 GMTDATE=Sun Feb 16 00:58:21.492 2020 ISTR0="" ISTR1="" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0  $$<02-16-2020 06:28:21.492-330>
Successfully performed User Service availability check against local computer for /CMUserService_WindowsAuth/applicationviewservice.asmx.~  $$<02-16-2020 06:28:21.496-330>

Resources

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.