SCCM

SCCM (A.K.A ConfigMgr) Explained
SCCM is Microsoft Microsoft Endpoint Manager Configuration Manager. This solution is used by most of the organizations in the world to manage their enterprise devices. This is the best resource to Learn and troubleshoot on issues.

How is SCCM (A.K.A ConfigMgr) Used?
SCCM solution is mainly used to manage Windows devices. But it has rich capability to manage and Mac OS devices as well. As per Microsoft, this tool is managing more than 75% of enterprise devices of the world. Linux and Unix devices are not supported by MEMCM (A.K.A Microsoft Endpoint Manager Configuration Manager)

How CAN SCCM Be Applied to Your Organization?
This solution can be used to install the application within your organization. OS deployment is another feature of this solution used within most of the enterprises. Another important use of this solution is to deploy patches across the enterprise and secure those devices.

There are 1000000 devices managed by this solution around the world. And SCCM device management solution is used within organizations to deploy millions of applications.

Server Client Application
This solution is a server-client application. All the managed clients’ inventory is stored in the CM SQL database.

SCCM Core infrastructure, Updates for Configuration Manager, Supported configurations for Configuration Manager, Cloud-attached management of CM, Co-management for Windows 10,
Manage clients on the internet, Windows as a service, CMPivot, Application management.

Other Uses for SCCM

SCCM can used for Manage apps from the Microsoft Store for Business, OS deployment, Introduction to OS deployment, Upgrade to Windows 10, Phased deployments, Software update management, Introduction to software updates management, Manage Office 365 ProPlus updates.

SCCM MVP community group is one of the known community groups in the IT Industry.

Bangalore IT Pro Full Day User Group Event on Intune and SCCM 2

Bangalore IT Pro Full Day User Group Event on Intune and SCCM

Bangalore IT Pro Full Day User Group Event on Intune and SCCM? On March 18th, 2017, the BLR IT Pro group conducted a free full-day Bangalore IT Pro User Group event. At this event, we covered Intune’s new Azure portal features.

We also covered the newest additions to SCCM/ConfigMgr CB 1702 TP. Ninety per cent of the sessions were demos, and attendees had some hands-on experience with Android for Work devices.

Bangalore IT Pro Full Day User Group Event on Intune and SCCM?

  • Join the SCCM/ConfigMgr Professional Group for updates about future events – here.
  • Follow the Facebook page to get notified about similar events – here

I had a great experience interacting with and sharing knowledge with more than 40 attendees. Most of them are SCCM admins planning to move to the Intune world. Some already have significant experience with Intune iOS management, Application wrapping, the Apple DEP program, etc. Some others are Airwatch admins and have had good new experiences with Intune features.

Full Day BLR ITPro Device Management UG Meet

I have created a quick video of some lively moments of the event. The Full Day BLR ITPro Device Management UG Meet is an engaging event for IT professionals specializing in device management. This comprehensive gathering allows attendees to immerse themselves in the latest industry trends, best practices, and emerging technologies.

Bangalore IT Pro Full Day User Group Event on Intune and SCCM – Video 1

Bangalore IT Pro Full Day User Group Event on Intune and SCCM Configuration Manager Endpoint Manager

The full-day free event covered a wide range of topics relevant to IT professionals and device management. These topics included the latest advancements in device management technologies, best practices for ensuring security and compliance, and strategies for optimizing device performance and lifecycle management.

Topics

The following are the topics I covered during the free full-day event. You can get the presentation link below.

Modern Device Management (MDM) is an advanced approach to managing and securing devices within an organization. It uses cloud-based technologies to provide comprehensive management of a wide range of devices, including desktops, laptops, tablets, and smartphones.

Key Components of Modern Device Management
Cloud-Based Management
Unified Endpoint Management (UEM)
Security and Compliance
Device Enrollment and Configuration
Application Management
Monitoring and Reporting
Bangalore IT Pro Full Day User Group Event on Intune and SCCM – Table 1
What is Modern Device Management?
 Basic Understanding Intune
 Azure Active Directory AAD Overview
 Create AAD Dynamic Device/User Groups
 Intune Silverlight Portal Overview
 Intune Azure Portal Overview
 What is Conditional Access?
 Configure Conditional Access
 Configure Compliance, Configuration Policies
 Table - Compliance Policies – Remediated/Quarantined
 Windows 10 Modern Device Management
 iOS/MAC OS Management
 Android for Work Management 
 Troubleshooting?
 SCCM CB 1702 TP New Features
Bangalore IT Pro Full Day User Group Event on Intune and SCCM Configuration Manager Endpoint Manager
Bangalore IT Pro Full Day User Group Event on Intune and SCCM – Fig.1

https://www.slideshare.net/slideshow/embed_code/key/4t1BmahfsEu3Tc

Bangalore IT Pro Full Day Event on Intune and SCCM from Anoop Nair

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

How to Integrate ConfigMgr SCCM CB with Azure AD 3

How to Integrate ConfigMgr SCCM CB with Azure AD

How do I integrate ConfigMgr SCCM CB with Azure AD? The SCCM ConfigMgr 1702 Technical Preview version was released a few weeks before.

For more details about the SCCM 1702 Technical Preview version, refer to the article “SCCM ConfigMgr Comes with Azure AD Domain Services Support.” This article provides information on the new features and enhancements in Configuration Manager and Endpoint Manager, including Azure AD Domain Services support.

Last weekend, I got to look at the SCCM 1702 TP version. My SCCM/ConfigMgr TP lab expired as I haven’t upgraded it since last November (1611). The technical preview versions are accumulated, but if you don’t upgrade to the latest version within 90 days, it will expire, and you will need to build one from scratch.

How do we know whether your SCCM CB TP lab has expired? You can see the expiry duration on the top tab of your SCCM console (evaluation 10 days left), or SMS executive and other services will start getting stopped every hour (I’m not sure whether it’s every hour or less).

Apart from the abovementioned points, it won’t get the latest TP updates/build version. If your SCCM TP lab expires, enjoy installing the new one!

How to Integrate ConfigMgr SCCM CB 1702 TP Azure AD Integration

Let’s discuss integrating ConfigMgr SCCM CB 1702 Technical Preview with Azure AD. The video provides detailed instructions on the integration process, showing how to connect ConfigMgr SCCM with Azure AD in this version.

How to Integrate ConfigMgr SCCM CB with Azure AD – Video 1

SCCM CB 1702 TP Console View – Integrate ConfigMgr SCCM CB with Azure AD

In the SCCM CB 1702 Technical Preview console, you can view and manage the integration of ConfigMgr SCCM CB with Azure AD. The console provides a straightforward interface for setting up and configuring the integration, making it easier to manage and secure your devices and applications.

Add Azure Active Directory
Sign in with AAD admin credentials to initiate SCCM onboarding
How to Integrate ConfigMgr SCCM CB with Azure AD – Table 1
How to Integrate ConfigMgr SCCM CB with Azure AD - Fig.1
How to Integrate ConfigMgr SCCM CB with Azure AD – Fig.1

So, returning to the topic “How to integrate Azure AD with SCCM/ConfigMgr?” This is a very straightforward process if you already have an Azure subscription and are a global admin.

The add Azure Active Directory button has been made available in the SCCM CB 1702 TP console ribbon menu under the Cloud services section, as shown in the above picture. Click the sign-in button and enter your Azure subscription (probably with global admin access).

How to Integrate ConfigMgr SCCM CB with Azure AD - Fig.2
How to Integrate ConfigMgr SCCM CB with Azure AD – Fig.2

Once the above step has been completed, two Azure Applications appear in the SCCM console. These apps are registered during the Azure AD integration path SCCM/ConfigMgr CB. The first app you can see is the SCCM server app, and the second is the SCCM client app.

Another option in the SCCM console is to renew the secret key to register the app in Azure. By default, the secret key has one-year validity.

Azure AD – App Registration View

I could see two apps created in the Azure portal as part of AAD integration with SCCM CB 1702 TP. My Azure Active Directory has three apps—App Registration: the SCCM client, the SCCM server, and the P2P server.

I’m unsure whether the P2P server was created during the Azure AD integration process with SCCM CB. I can confirm that it was not made during SCCM and AAD integration. Also, I’ve not tested the end-to-end scenario of Azure AD domain services integration.

With the SCCM CB 1702 technical preview version, you can manage devices joined to an Azure Active Directory (AAD) Domain Services managed domain. You can also discover devices, users, and groups in that domain with various SCCM Discovery methods.

How to Integrate ConfigMgr SCCM CB with Azure AD - Fig.3
How to Integrate ConfigMgr SCCM CB with Azure AD – Fig.3

Conclusion

Is this actual integration with Azure AD and SCCM in all terms? Would SCCM be able to discover the devices and users from Azure AD? The answer to both questions is NO. This feature enables the discovery of Azure AD domain services-managed devices. Azure AD (SaaS identity solution) devices and Azure AD domain services are “Domain Domain Controller installed inside a virtual server hosted in Azure.”

References

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform 8

ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform

Let’s look at the SCCM Server Hardware Migration Step by Step Guide. Moving an SCCM/ConfigMgr server from one hardware to another is a common scenario in the enterprise world.

There could be several reasons for this kind of SCCM/ConfigMgr server hardware migration. Server OS upgrade is one of the most common scenarios. Yes, SCCM CB 1606 and later versions support the in-place upgrade of server OS. However, I’ve seen that most of our server teams don’t want to perform a place OS upgrade.

We have an article about the SCCM 2012 to CB Current Branch Upgrade | Migration | Possible Issues | ConfigMgr. In this post (SCCM 2012 to CB upgrade checklist), you will see the steps to upgrade SCCM 2012 to SCCM CB’s latest baseline (1606) and then the Latest Baseline to the newest version of CB (1610/1702).

This post provides a step-by-step guide for migrating ConfigMgr SCCM server hardware. It provides all the details you need to perform this migration smoothly and efficiently.

The Migration Process is into 5 Phases – ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform

I have completed similar migration activities many times in my career. Following these steps is crucial when migrating or server hardware changes to your SCCM server.

I’m not covering SQL migration in this post. In this scenario, SQL is on the remote box. If the SQL is on the same box, things will be easier. I’ve divided the migration process into 5 phases:-

  1. Pre-SCCM Migration Activities
  2. Start of SCCM Migration Activities – Downtime starts from here
  3. SCCM Installation activities on the new server
  4. SCCM/ConfigMgr Recovery/Restore activities
  5. Post SCCM/ConfigMgr Repair/Recovery activities
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform - Fig.1
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform – Fig.1

Pre-SCCM Migration Activities

  • Create new servers with new names – check whether the SCCM version you will install supports the OS version of the servers.
  • Make sure new servers are created in the same VLAN, making life much easier.
  • Ensure the drive letters of newly provisioned servers are the same as those of existing ones.
  • You can request a storage extension to keep 3 or 4 copies of the SCCM full backup on the new server.
  • Document the SMS Groups and security settings of existing servers and configurations of the SCCM console.
  • SCCM Site backup and store remotely (confirm success) – Probably a day before the actual migration schedule.
  • 4 to 5 days before actual SCCM server migration, replicate all the Data SCCM Package folders, drivers, etc (all data except those NOT covered as part of SCCM Full backup) to the Newly provisioned server.
  • Make sure the copy of SCCM source files and prerequisites are already copied to new SCCM servers.
  • Perform a differential copy of Data SCCM Package folders, drivers, etc., to newly provisioned servers (maybe a few hours before, depending on the data size).
  • Document current servers, AD membership in groups, OU, etc., and IP information.
  • Remove remote site system roles like SUP/RP. Make sure the site system details are removed from the SCCM console.
  • Please take a couple of extra Site backup copies and store them on the newly provisioned SCCM server.
  • Take a Snapshot of existing SCCM servers (include the drive where SCCM is installed).
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform - Fig.2
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform – Fig.2

Start of SCCM Migration Activities – Downtime Starts from Here

  • Remove existing SCCM servers from the domain, ensuring you know local admin account details.
  • Shut down existing SCCM servers.
  • Rename existing SCCM servers in Vcenter or HyperV to old.
  • Rename the new SCCM server in Vcenter/HyperV to the existing SCCM server names.
  • Delete existing SCCM servers from AD.
  • Remove new SCCM/ConfigMgr servers from the domain and reboot, ensuring you have local admin account details.
  • Log onto new SCCM/ConfigMgr servers using the local admin account.
  • Change IPs of new SCCM servers to reflect old SCCM server IP details.
  • Change new SCCM server names to existing SCCM server names and reboot.
  • Log on to new SCCM servers using the local admin account.
  • Add new SCCM servers to the domain and reboot.
  • Verify the OU, System Management Access, and AD membership information for the new SCCM/ConfigMgr servers. If you have made any changes above, reboot.
  • Storage migrates any back-end storage in VMware/HyperV to ensure that vmdk and vmx/VHDX files are named correctly.
  • Take a full backup of the Remote SQL Database (confirm success).
  • Archive this SQL backup so the old server can be reinstated as a backup plan if the site is not working correctly.
  • Delete SCCM Databases (SCCM and SUSDB) from the remote SQL server.
  • Delete SQL logins for existing SCCM computer objects using SQL Management Studio.
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform - Fig.3
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform – Fig.3

SCCM Installation Activities on the New Server

  • Ensure all security permissions and security groups/computers are added to the new SCCM servers.
  • Install the WSUS admin console.
  • Depending on the SCCM version, install WAIK 2.0 (SCCM 2007) or ADK (SCCM 2012 or CB).
  • Install all the prerequisites like IIS, Bits, etc…on new servers.
  • Install WSUS on the remote WSUS server.
  • Install SCCM/ConfigMgr Software on the new SCCM server – Make sure you install the exact version of the existing SCCM server. For SCCM CB versions, source files are part of the SCCM Full backup.
  • Ensure that everything works fine after installing SCCM/ConfigMgr on new servers.
  • Take a copy of the SRVACCT folder from the new installation (<Install Path>\Microsoft Configuration Manager\SRVAcct) N.B. This is a hidden folder.
  • Re-populate the local SMS group memberships as they were (not all site roles may be installed, so repeat the task at the end).
  • Take a Snapshot of the server pre-site recovery.
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform - Fig.4
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform – Fig.4

SCCM/ConfigMgr Recovery/Restore Activities

  • Make sure the servers are restarted.
  • Restore/attach databases (SCCM and SUSDB) from backup (use SQL to restore if it is a remote SQL box).
  • Run the SCCM/ConfigMgr site REPAIR wizard. Select the “Do not restore database” check box to skip the database restoration.
  • Please ensure you have started the REPAIR wizard with administrator access and provide the exact path of the SCCM backup folder.
  • Stop the SCCM services and copy the previously archived SRVACCCT folder back over.
  • Start SCCM services and monitor the sitecomp.log as components are re-installed.
  • Once sitecomp.log is complete, perform a site reset to repair file and registry permissions.
  • Install SCCM RP.
  • Install SCCM SUP on a remote server.
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform - Fig.5
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform – Fig.5

Post SCCM/ConfigMgr Repair/Recovery Activities

Ensure all package sources, including classic and software update packages, are restored with the same share names and permissions. Repopulate the local security groups on SCCM servers.

  • Check the sender.log to ensure the restored SCCM servers can communicate with the child’s primary sites. Sometimes, we need to delete the addresses from the SCCM console and recreate it.
Post SCCM/ConfigMgr Repair/Recovery activities
Ensure all accounts with passwords in the SCCM console have been removed and recreated.
Please create a new package or collection and replicate it to downstream servers.
Please start a new WSUS Sync and check whether it works fine. You may need to wait for hours before completing the sync.
Make sure the replication of old and OSD-related packages is replicated OK or not.
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform – Table 1
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform - Fig.6
ConfigMgr SCCM Server Hardware Migration Step by Step Guide to Perform – Fig.6

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

SCCM ConfigMgr Current Branch Backup Recovery Options 13

SCCM ConfigMgr Current Branch Backup Recovery Options

Let’s discuss the SCCM ConfigMgr Current Branch Backup Recovery Options | Configuration Manager | Endpoint Manager. This post contains a collection of video tutorials that I created last year to help you better understand the backup and recovery process of the SCCM ConfigMgr Current Branch (CB).

As part of the website revamp, I checked whether the posts were okay, and this series of SCCM/ConfigMgr CB backup and recovery posts came to my attention. SCCM ConfigMgr Current Branch Backup Recovery Options?

These videos should give you an overview of the entire backup and recovery process, with different scenarios, such as restoring with a full native SCCM ConfigMgr CB backup.

Also, backup and restore only using SQL backup, etc..CD.LATEST folder is another big change in the backup and recovery process if you compare SCCM 2012 and SCCM CB. I wish that none of us (SCCM Admins) should be in a situation where we must restore our site from backup! But be ready for the worst case.

How to Recover or Restore the SCCM CB Primary Server using SQL Database Backup

In this video, I’ll show you how to restore your SCCM CB 1606 primary server, especially if you’re using Intune Hybrid, using an SQL database backup. The key is that you don’t need a full backup of SCCM CB to get your primary server back up and running.

SCCM ConfigMgr Current Branch Backup Recovery Options – Video 1

Introduction – SCCM ConfigMgr Current Branch Backup Recovery Options | Configuration Manager | Endpoint Manager

The following are the posts you can refer to for each scenario. I’m still planning to create the last couple of videos in this series, which will cover the backup and restore of the SCCM/ConfigMgr CB CAS server either from native SCCM backup or from SQL backup.

How to Plan Backup and Recovery for SCCM ConfigMgr CB

SCCM ConfigMgr Current Branch Backup Recovery Options | Configuration Manager | Endpoint Manager? This post contains a collection of video tutorials that I created last year to help you better understand the backup and recovery process of the SCCM ConfigMgr Current Branch (CB).

As part of the website revamp, I checked whether the posts were okay, and this series of SCCM/ConfigMgr CB backup and recovery posts came to my attention.

CD.LATEST?

These videos should give you an overview of the entire backup and recovery process, with different scenarios, like restoring with a full native SCCM ConfigMgr CB backup, backup and restore only using SQL backup, etc. The CD.LATEST folder is another big change in the backup and recovery process if you compare SCCM 2012 and SCCM CB.

I wish we (SCCM Admins) would never be in a situation where we must restore our site from backup, but be ready for the worst case.

SCCM ConfigMgr Current Branch Backup Recovery Options | Configuration Manager | Endpoint Manager - Fig.1
SCCM ConfigMgr Current Branch Backup Recovery Options | Configuration Manager | Endpoint Manager – Fig.1

The following are the posts you can refer to for each scenario. I’m still planning to create the last couple of videos in this series, which will cover the backup and restore of the SCCM/ConfigMgr CB CAS server either from native SCCM backup or from SQL backup.

How to Plan Backup and Recovery for SCCM ConfigMgr CB

SCCM ConfigMgr Current Branch Backup Recovery Options | Configuration Manager | Endpoint Manager? More details in the following link https://www.anoopcnair.com/what-are-the-options-for-sccm-cb-1606-backup-and-recovery/

How to Restore or Recover SCCM ConfigMgr CB Standalone Primary Server

This video tutorial explains restoring or recovering an SCCM/ConfigMgr CB standalone primary server. Some prerequisites are needed to ensure a smooth and successful recovery of your SCCM/ConfigMgr CB standalone primary server. It helps maintain consistency and compatibility with your existing setup.

How to Recover SCCM CB Primary Server Using SQL Database Backup 

SCCM ConfigMgr Current Branch Backup Recovery Options | Configuration Manager | Endpoint Manager? The following Link will have more details – https://www.anoopcnair.com/how-to-recover-sccm-cb-primary-server-using-sql-database-backup/

More details in the following link https://www.anoopcnair.com/what-are-the-options-for-sccm-cb-1606-backup-and-recovery/

How to Recover SCCM CB Primary Server Using SQL Database Backup 

The following Link will have more details – https://www.anoopcnair.com/how-to-recover-sccm-cb-primary-server-using-sql-database-backup/
https://www.youtube.com/embed/4aZFSPI3x1I

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.