It’s time to look into the Top 50 Latest SCCM Interview Questions. This is my first blog in the HTMD community post. I thought of starting the post with the questions that helped me to understand SCCM better.
These SCCM Interview questions must be treated as SCCM FAQs or Frequently Asked Questions. You will get all the details if you go through the questions and associated links in each question.
I have shared the Top 50 latest interview questions and answers in this post. We have an SCCM Vs. Intune Jobs‘s post in the HTMD community and that post inspired me to share the SCCM question bank with you all to crack SCCM interviews.
SCCM Hands-on experience is mandatory for all the Job assignments. Again I don’t think you can just learn these questions and crack the interviews. You must set up an SCCM LAB and test all these configurations and settings explained below.
I don’t think you could crack the SCCM interview by just learning the interview questions. This is not the intention of this post or sharing this content with the HTMD community. Refer to Top 50 Latest Intune Interview Questions And Answers.
HTMD Team created a set of video tutorials to get you onboard with SCCM learning. You can refer to Free SCCM Training 37 Hours of the latest technical content from this post. You can also refer to the HTMD community‘s free Intune Training material from the following post – 63 Episodes of free Intune Training Endpoint Manager.
The following is a video review of this post by Anoop and he provided another dimension to the interview questions and tips on cracking the SCCM interview from a technical and non-technical experience.
Top 50 Latest SCCM Interview Questions and Answers
Let’s go through the top 50 latest SCCM interview questions & answers in the below section of the post. I hope these questions are helpful. Let us know if you would like to add additional details to each question’s answers.
What is SCCM?
MCM is the product’s official name, previously known as System Center Configuration Manager(aka SCCM). It’s part of Microsoft’s Unified Endpoint Management (UEM) solution.
SCCM is an on-prem device management solution, and Intune is Microsoft’s cloud-based device management solution. According to Microsoft stats, most organizations use SCCM to manage their enterprise devices.
It is commonly used for patch management, software distribution, operating system deployment, hardware & software inventory, and much more.
What is the SCCM Architecture?
You need to setup a server infrastructure for SCCM and then install SCCM client software on the client devices to manage those devices from SCCM.
SCCM server infrastructure follows a Tiered hierarchy a simple example would be:
1. Tier 1 – Standalone Primary Server
2. Tier 2 – Secondary Server
3. Tier 3 – Remote Site Components (MP, DP, SUP)
What are SCCM Sites?
1. CAS (Central Administration Site) Optional Component: CAS is a top-level site in the SCCM hierarchy. It is an optional site in the SCCM hierarchy. It is required when a number of clients are more than 150000, and there is more than one primary site.
It supports up to 25 child primary sites. Also, it can manage up to 700000 devices in the SCCM hierarchy. It can only be installed on a windows server and requires an SQL server database.
2. Primary Site (Mandatory): It is a mandatory site in SCCM. It can support more than 250 secondary sites. It can manage up to 150000 devices. It replicates its data to the CAS site if part of a hierarchy.
3. Secondary Site (Optional): It is also an optional site in the SCCM hierarchy. It can only be installed when there is Primary Site. It can support up to 5000 devices.
What are SCCM Site Roles?
Avoid mentioning site roles that you can’t explain. The easy and most important ones are MP, DP, and SUP.
1. Management Point (MP)
2. Distribution Point (DP)
3. Software Update Point (SUP)
4. SMS Provider
5. Service Connection Point
Difference between Site System and Site Server Roles in SCCM?
Start answering the question with examples and then elaborate on each point as discussed in the above questions:
1. Site Servers are -> CAS, Primary Server, and Secondary Server.
2. Site System Servers are -> MP, DP, SUP, etc…
What are the Discovery methods in SCCM?
The interviewer might ask to explain some of the discovery methods. So make sure that you are confident in these discovery methods.
Basically, SCCM discovery methods are to discover the devices/objects that you want to use in SCCM. As part of the discovery mechanism, SCCM will create an object for each discovered item in the SCCM SQL DB.
1. Active directory system group discovery
2. Active directory security group discovery
3. Active directory user discovery
4. Active directory system discovery
5. Network discovery
6. Heartbeat discovery
What are the different ways to install SCCM Client?
The best method is to install SCCM’s latest client using the Logon Script method or OS deployment. But the best method depends on the organization and environment that you are working on.
1. Client Push Installation
2. SUP based Installation
3. Group Policy based Installation
4. Logon Script Installation
5. Manual Installation
6. Upgrade Installation
7. During OS deployment process
8. Intune client installation method
What is the log file for SCCM client installation on devices? Where is it stored, and what is the exit code for a successful installation?
The exit code (0) means the client installation is successful. The successful installation client doesn’t mean that the client is fully functional.
What are the Inventory Methods available in SCCM?
The two types of inventories are as follows:
1. Hardware Inventory: It collects information about the SCCM client’s software and hardware. Software and Hardware configurations are collected using the hardware inventory process.
2. Software Inventory: It collects file-based info from the SCCM client machine. But you don’t need to enable this inventory method to collect the installed application details from the Windows client computer.
Why do we extend Schema in SCCM?
Do you want to extend the AD Schema to SCCM to work?
You can set up other methods like DNS to locate services and site system servers when you don’t use an extended schema. These methods of service location require different configurations and aren’t the preferred method for service location by clients.
What is WSUS?
WSUS (Windows Server Update Services) allows administrators to deploy Microsoft software updates (patches) to systems.
You can use WSUS as a standalone patching solution or integrate it with SCCM for better features and controls.
WSUS communicates with Microsoft Updates Service and syncs all the available updates into its server.
What is SUP?
A site system server role in the SCCM helps with the SCCM patching process. The SUP component is tightly integrated with WSUS to provide rich patch management capabilities.
This is the SCCM component that helps the SCCM server to configure WSUS without even opening the WSUS console.
What is SCCM CMG (Cloud Management Gateway)?
The Clients from the internet can contact the CMG assigned for that client and get the policies and all the other instructions without contacting the on-prem SCCM server infra.
SCCM CMG can also provide application content to the client devices using Cloud DP features available in the CMG.
What are SCCM Collections?
There are different types of collections. You can’t mix two kinds of resources into one collection. The device collection will only have devices, and the user collection will only have users.
1. User Collection
2. Device Collection
There are different types of device/user collections:
1. Dynamic Collections
2. Static Collections
What is SCCM CMPivot?
The CMPivot uses KQL queries to get the real-time status from SCCM Online Clients.
What is the SCCM patching procedure (Server Side)?
NOTE! – All deploy patches to the small number of test devices first and confirm whether the devices receive the patch or not. This is the change management process that you need to follow. Once the patch is successfully deployed to those devices, you can deploy it to production devices.
1. WSUS runs the scheduled synchronization to get the metadata from Microsoft Catalogue with the help of WSUS.
2. WSUS connects to the Microsoft Update service to get the data. The SUP gets connected to WSUS and syncs metadata of patches with the SCCM console.
3. Based on the selected products and update categories, the required updates are as per the environment and requirement, you can create an SCCM Software Update Group and patch packages.
4. During the patch package creation process, the patches will be downloaded and stored on the SCCM server.
5. Once downloaded, you can deploy it to a collection of devices.
What is SCCM Cloud Attach?
You can sync the device records from SCCM to Intune using the Cloud Attach feature. This feature also allows the management of SCCM clients from Intune portal. This mainly enables helpdesk team profiles to manage SCCM devices.
What is the path for logs at the SCCM server side?
What is the location for logs at the Client site?
Which is the Best SCCM Log File Reader Tool?
Onetrace (CMPowerLogViewer.exe) is the latest one that Microsoft is promoting with recent versions of SCCM.
Location of the Log Reader file <Install Directory>\Program Files\Microsoft Configuration Manager\tools\
Name the logs used to verify the Management Point (MP)?
1. MP log files at %ProgramFiles%\SMS_CCM\Logs\
2. Or Here %windir%\ccm\logs.
MPsetup.log: This log gives status if MP is installed.
MP-msi.log: MP.msi log is for advanced troubleshooting.
MPcontrol.log: This log checks whether MP works fine and clients can communicate with it.
What is an SMS Provider in SCCM?
The SMS provider is a site system server; you can install it on a remote server. SMS provider functionality is required for SCCM Console connectivity.
How to backup the SCCM server manually?
1. Open services.msc
2. Look for the service called sms_site_backup and start this service.
One can also check smsbackup.log for any warnings or errors.
What is SCCM Co-Management?
Co-management is dual management (with SCCM and Intune) capability available with Windows 10 1709 version (Fall Creators Update).
Which log file to check when not able to connect hardware inventory?
What to do if the application is not showing in Software Center?
You can get the deployment ID and check it with Appenforce.log and App_discovery.log.
Which log file to check for failure in SCCM Task Sequence?
1. SMSTS.log is the log file that helps you to get the details of Task Sequence failure.
What to do if the application is stuck at 0% downloading?
2. Check whether the client can reach the DP or not. After this, check CAS.log and locationservices.log.
What to do in the case when the application is downloaded and fails during installation?
Some of the application provides additional app-specific logs in different location. One example is given below. Open the below-mentioned log, and it shows the status why it is getting failed:
C:\ Windows\Temp\Date\Unique ID
What is the SCCM Content Library?
Content Library included in SCCM from 2012. It stores everything related to SCCM at the distribution point. The content library does not store duplicate content that is already available.
The Content library consists of three folders:
i) Pkg lib
ii) Data lib
iii) File lib
Which log to check whether content has been added to the Content library (DP) successfully or not, and what is the location of that log?
You will have to check SMSDPPROV.log at remote DP. The location for the same is as follows:
SMSdpprov.log on remote DP (Windows 11 PC) – Location of the log
Drive:\SMS_DP$\sms\logs.
How to Monitor Usage of the SCCM DP?
Location of the log Drive:\SMS_DP$\sms\logs.
What are the logs to check on the SCCM Client side for the patching process?
a) Policyagent.log
b) Scanagent.log
c) Wuahandler.log
d) Windowsupdate.log (Use PowerShell to enable this logging)
e) Updatedeployment.log
f) Updatestore.log
Which log to check whether a reboot is required for the client or not?
You can also check Wuahandler.log and Updatedeploymen.log for the same.
What are the logs to check on the client side for application deployment?
a) Policyagent.log
b) Appdiscovery.log
c) AppIntentEval.log
d) AppEnforce.log
Which log generates DTS Job Id during application deployment?
Where can you get the Content ID details during the SCCM Application Deployment process?
What are possible scenarios when software is not showing in SCCM Software Center?
a) Check if the user or system is in the correct Collection.
b) Check the device’s state, i.e., online or offline.
c) Check the SCCM client connectivity with server/firewall/proxy.
What are some common issues for failed scans during the patching procedure?
a) Wrong Group Policy Configurations
b) Wrong proxy configuration
c) Firewall Issues
d) Wrong port Configuration
e) Data corruption
f) Windows Update Agent (WUA) version issues
What are the ports used for SCCM Server and Client communication?
It’s important to understand other Firewall port communications required between SCCM server infra and client devices.
What are the different detection methods during application creation in SCCM?
a) File System
b) Registry
c) Windows Installers
d) Custom Detection
What are the Boundaries in SCCM?
1. Active Directory site name
2. IP subnet
3. IP address range
4. IPv6 Prefix.
What is SCCM client policy?
There are different types of client actions available:
1. Application Deployment Evaluation Cycle
2. Discovery Data Collection Cycle
3. Hardware Inventory
4. Machine Policy Retrieval & Evaluation Cycle
5. Software Updates Deployment Evaluation Cycle
6. Software Updates Scan Cycle
7. User Policy Retrieval & Evaluation Cycle
8. Windows Installer Source List Update Cycle
Why is the use of BITS in SCCM?
Data Transfer Service downloads the application content by creating a BITS job and waiting for the download to complete.
This BITs activity can be tracked in DataTransferService.log on the client using the DTS Job ID obtained from ContentTransferService.log.
How to Deploy PowerShell Script in SCCM?
You can create and deploy SCCM PowerShell Script using SCCM run script options. This is the quickest method to deploy fixes without waiting for the client’s policy evaluation cycle.
What is Windows Servicing in SCCM?
SCCM Windows servicing is the modern way of upgrading Windows 10 or 11 PCs to the latest version of Windows 10 or 11 without using the in-place upgrade (IPU) Task Sequence.
What is SCCM Community Hub?
The community hub helps to avoid downloading and creating CMPivot queries, Scripts, Console extensions, and Reports from scratch. Microsoft built a community hub in SCCM where SCCM Admins can share.
What is Maintenance Window in SCCM?
The maximum duration of maintenance windows is 24 hours; if you have an entire weekend as a maintenance window, you have to create two schedules.
What is BDP?
This helps with package distribution to a small office with limited bandwidth. The Branch DP takes the content from the standard distribution point.
By default, in how much time does the user Group Policy refresh/apply in the background?
Which inventory collects files from the client machine and database?
Software inventory is collected when you select the Enable software inventory on clients setting in client settings. Software inventory is enabled, and the client runs a software inventory cycle, which sends the information to the client’s management point. Management points forward inventory information to Configuration Manager site servers, which store it in the site database.
Name the site to which clients are directly assigned.
What is the ‘All Unknown Computers’ collection?
Name the nodes in SCCM Console which includes the CMG connection analyzer.
What is the primary point of contact between the site server and the configuration manager?
Name the type of discovery method which is enabled by default and provide details about the client installation status.
What is the standard size of the client cache?
Tips and Tricks to Crack SCCM Interview
Let’s see some of the Tips and Tricks to Crack SCCM interviews using SCCM Interview Questions and Answers. In the enterprise world, you always need to test your solutions in pre-production or staging environments first with fewer users.
There should be a ring approach to all the deployments such as application, patch, OS, etc. I recommend starting with a small set of users first, and then everything is ok; then you can proceed with ring-wise production rollout. Only SCCM Interview Questions and Answers will not help you get an SCCM job.
Understanding change management and incident management processes are important for those attending SCCM interviews. Just learning SCCM Interview Questions and Answers alone will not help you.
SCCM Co-Management Related Logs
Check out the ConfigMgr client Co-Management related log file details. This should also be part of the Top 50 Latest SCCM Interview Questions and Answers.
Log | Description |
---|---|
CcmCloud.log | Co-Management – CCM_Cloud Client Config |
DdrProvider.log | Co-Management – MDM enrolment details. SCCM manages records Workloads |
ComplRelayAgent.log | Co-Management – Records information for the co-management workload for compliance policies |
CoManagementHandler.log | Co-Management – Use to troubleshoot co-management on the client |
SCCM Client Side Policy Related Logs
Check out the SCCM client Policy related logs in this post section. The policy-related logs and troubleshooting are among the most common SCCM interview questions.
Log | Description |
---|---|
setuppolicyevaluator.log | Policy – Records configuration and inventory policy creation in WMI |
PolicyEvaluator.log | Policy – Records details about the evaluation of policies on client computers |
PolicyAgentProvider.log | Policy – Records policy changes |
PolicyAgent.log | Policy (Content) – Records requests for policies made by using the Data Transfer Service |
Author
Abhinav Rana is working as an SCCM Admin. He loves to help the community by sharing his knowledge. He is a BTech graduate in Information Technology.
Wonderful list of questions. Very helpful.
Thank you.
Thank You sir
Great job done, thank you.
very informative and helpful
Very grateful for your contribution and this site in general, keep up the great work!
This was really helpful.. Thanks for creating very good stuff. I learned a lot from this article.
Please add more scenario based questions, like replication failure, sync issues, managing unknown machines for getting good patching compliance.