Imaging over WAN

[firstcom]

Hey all,

 

I manage SCCM in an environment that has traditionally been a low bandwidth environment with smaller multiple remote (but local) locations operating on a T1. As a result, we've utilized a lab and offline media to image workstations. We've used task sequence variables for each department/role to automatically install required applications.

 

However, we're finally upgrading the connectivity to these sites. As a result, I'd like to look at automatically imaging over the network.

 

I'd like to learn about the methods that folks use to image workstations over the network. This is new to me, so any guides, tips, or anything else would be incredibly helpful. In particular, I'd especially love to see example task sequences used in your environment and how you configure your SCCM environment and task sequence so that it knows what settings and individual applications a particular image needs.

 

Thanks in advance for your input and help!

[firstcom]

Hey all,

 

I manage SCCM in an environment that has traditionally been a low bandwidth environment with smaller multiple remote locations operating on a T1. As a result, we've utilized a lab and offline media to image workstations. We've used task sequence variables for each department/role to automatically install required applications.

 

However, we're finally upgrading the connectivity to these sites. As a result, I'd like to look at automatically imaging over the network.

 

I'd like to learn about the methods that folks use to image workstations over the network. This is new to me, so any guides, tips, or anything else would be incredibly helpful. In particular, I'd especially love to see example task sequences used in your environment and how you configure your SCCM environment and task sequence so that it knows what settings and individual applications a particular image needs.

 

Thanks in advance for your input and help!

 

I should also note that we do have a need to assign static IPs to some of these sites and workstations. We've had issues with this is in the past, so I thought I'd point it out.

[Apexes]

I wouldn't recommend imaging over the WAN, bad idea.

 

However, if you've got half decent connectivity at these sites, then get a distribution point setup on site and hook that into your current SCCM primary. You'll be able to image across the LAN from that DP rather than WAN on your primary.

 

If you're looking at customizing images based on locations, then you'll want to integrate MDT into your SCCM task sequences. Check in the how to guides for this forum, there are some novice guides on building out your first image and then using task sequences to deploy them to sites.

[firstcom]

Interesting -- I thought imaging over the network was a common practice with SCCM. How do large scale enterprises re-image or perform OS upgrades across their company if not by WAN? I'd love to hear feedback.

 

That said, our remote locations do not have any servers on-site either. We've just stuck with USB/offline media for our remote locations but would like to develop a more robust and efficient solution. What would you recommend? What do larger companies do that have many smaller remote offices? Our locations are generally too small to warrant a full-fledge server, i.e. only 5-10 workstations. But we have quite a few remote locations, so we'd like to figure out a concrete solution for imaging and upgrades.

 

 

 

I wouldn't recommend imaging over the WAN, bad idea.

 

However, if you've got half decent connectivity at these sites, then get a distribution point setup on site and hook that into your current SCCM primary. You'll be able to image across the LAN from that DP rather than WAN on your primary.

 

If you're looking at customizing images based on locations, then you'll want to integrate MDT into your SCCM task sequences. Check in the how to guides for this forum, there are some novice guides on building out your first image and then using task sequences to deploy them to sites.

[Apexes]

i think you're slightly confusing it, enterprises do indeed image over the network, but specifically the LAN, not the WAN. if i was to image a machine over our WAN at a branch office, it would transfer in the region of around 18-20GB of data, our site link is only 10mb at that branch - this would cause the latency to go through the roof for users and affect business processes.

 

Example of what i manage - a 10,000 client environment, with 20 branch offices.

 

I design the image and task sequence on our primary site in our data center, and distribute this content out to all site distribution points which act as a local cache.

 

Site boundaries are configured in SCCM to tell a client what server it retrieves it's content from. e.g. if my IP is 10.7.4.4 - i'd go to a specific site distribution point which is local to me. If i went to another office and got the IP of 10.8.3.3 - SCCM would tell me to swap my content location to the local server there, to avoid traffic going across the WAN.

 

Having setup a distribution point you distribute your content once. When you've sent that content, you can then image every machine on your site if you like, and the traffic would be local only, no WAN transfer of content.

 

Think of SCCM as a filtering down system. Content and Data starts at the top, then trickles down to child sites below it. Client computers below the child sites then connect in to them to get data on a local area network only.

 

You can setup an SCCM distribution point on a Windows 7 OS and run it on a desktop with minimal specs, a distribution point is just a glorified file server that hosts content for clients to retrieve locally

[firstcom]

Out of curiosity, for smaller branches do you actually utilize a server for the DP, or just use a desktop? What's a cost-effective and efficient solution for a smaller, 10mb branch besides a desktop?

 

 

i think you're slightly confusing it, enterprises do indeed image over the network, but specifically the LAN, not the WAN. if i was to image a machine over our WAN at a branch office, it would transfer in the region of around 18-20GB of data, our site link is only 10mb at that branch - this would cause the latency to go through the roof for users and affect business processes.

 

Example of what i manage - a 10,000 client environment, with 20 branch offices.

 

I design the image and task sequence on our primary site in our data center, and distribute this content out to all site distribution points which act as a local cache.

 

Site boundaries are configured in SCCM to tell a client what server it retrieves it's content from. e.g. if my IP is 10.7.4.4 - i'd go to a specific site distribution point which is local to me. If i went to another office and got the IP of 10.8.3.3 - SCCM would tell me to swap my content location to the local server there, to avoid traffic going across the WAN.

 

Having setup a distribution point you distribute your content once. When you've sent that content, you can then image every machine on your site if you like, and the traffic would be local only, no WAN transfer of content.

 

Think of SCCM as a filtering down system. Content and Data starts at the top, then trickles down to child sites below it. Client computers below the child sites then connect in to them to get data on a local area network only.

 

You can setup an SCCM distribution point on a Windows 7 OS and run it on a desktop with minimal specs, a distribution point is just a glorified file server that hosts content for clients to retrieve locally

[Apexes]

I use VM's running server 2012 on VMWare - however we've got servers in all branches for business functions meaning i can utilize space on these boxes, some sites only have a 5mb wan link for smaller ones - 20 machines or less.

 

to be cost effective, you're looking at a desktop to host a distribution point. However, a desktop opreating system, i.e. Windows 7 - won't support PXE or Multicast. PXE is required to boot from network and image. you need the windows deployment services role which is only part of server operating systems. see here for site server pre-requisites: https://technet.microsoft.com/en-in/library/gg682077.aspx#BKMK_SiteSystemRolePrereqs

 

If you're looking at primarily imaging, you'll need a server OS, that's not to say that you can't install a server os on a desktop machine, obviously depends on your licensing setup with Microsoft.

 

I've only got experience in using enterprise gear for servers, so all our site servers have HP DL380's running VMWare to host our site servers along with distribution points in those.

[firstcom]

I use VM's running server 2012 on VMWare - however we've got servers in all branches for business functions meaning i can utilize space on these boxes, some sites only have a 5mb wan link for smaller ones - 20 machines or less.

 

to be cost effective, you're looking at a desktop to host a distribution point. However, a desktop opreating system, i.e. Windows 7 - won't support PXE or Multicast. PXE is required to boot from network and image. you need the windows deployment services role which is only part of server operating systems. see here for site server pre-requisites: https://technet.microsoft.com/en-in/library/gg682077.aspx#BKMK_SiteSystemRolePrereqs

 

If you're looking at primarily imaging, you'll need a server OS, that's not to say that you can't install a server os on a desktop machine, obviously depends on your licensing setup with Microsoft.

 

I've only got experience in using enterprise gear for servers, so all our site servers have HP DL380's running VMWare to host our site servers along with distribution points in those.

 

Thank you for all of your help!

[YPCC]

You can use desktops too. For some of our remote sites that needed a DP, we requested actual server hardware but got rejected. Decided to stick a Dell PC in there and use that. Not the optimal solution but iof its a small remote site then works perfectly well.

 

You could even look at branch cache for those sites but not really looked into it so not sure if it would give you benefit in your case.