Jump to content


SCCM 2007 SP2 R2

Recommended Posts

Good day,



I have SCCM 2007 SP2 R2 running within a VM at our HQ location. The system is on Server 2003 and works fairly well for what I am doing so far. Currently, I deploy applications based off of AD Groups and some are assigned to specific users. I have plans to tie WSUS in there and also have working OSD’s for bare metal builds and also deployment of WIMs. I plan to upgrade to Server 2008 soon to make use of multi-casting technology as 2003 does not support this feature.



Our company has 5 external sites that are all connected via lease lines (all have at least 3mb WAN) and are laid out in a typical hub and spoke design. I do not want to deploy OSDs and large applications over the WAN even though BITS does a pretty good job for us.



For my “site servers” I want to be able to do everything locally that I can do from the HQ location. I believe I need parent servers and need to attach them to the “central” server as children. I build a device with server 2003, SQL 2005 MSDE and have WAIK, MDT and all the rest installed. I believe everything is working correctly. I went into the server properties and specified that the site server was child to my central. In this case, I’ll call the HQ location RO and the external site CO. CO is a child to RO. After doing this, nothing seems to be happening that tells me it was successful. I’m sure that theres more work needed but I am not having much luck finding tutorials on how to do this. In my plans, I would like to be able to add DP, MP, PXE, OSD, WSUS and so on from one console. How do I attach one site server to another and how do I integrate them into one console?



As an experiment, I was in the RO SCCM interface and had it add a secondary site. Eventually, this was installed on the CO device. I wasn’t able to do much with it as I had no idea what was really supposed to be doable. The ultimate goal is that I should be able to see collections from the entire domain and specify that a package be sent to each DP for local delivery to the local clients. I should mention that currently all clients report to the RO server. I am preparing for a hardware refresh and can handle if the clients need to be repaired or redeployed. My timeline is getting tight. I believe we will start deploying new devices within the next two weeks. Any help you can offer is greatly appreciated.






Share this post

Link to post
Share on other sites

Good day,

Howdy :-)



After doing this, nothing seems to be happening that tells me it was successful. I'm sure that theres more work needed but I am not having much luck finding tutorials on how to do this. In my plans, I would like to be able to add DP, MP, PXE, OSD, WSUS and so on from one console. How do I attach one site server to another and how do I integrate them into one console?

To start with, if you jump on the console in RO and expand the Site Database, Site Management menu's you should be able to see like attached. If not, we'll go through a few things.


If not, Under the Central Server, have you created any sender addresses?


when you create them, ensure you have updated your SMS_SiteToSiteConnection_<CHILD> on the child sites and SMS_SiteToSiteConnection_<CENTRAL> with the appropriate values.



The ultimate goal is that I should be able to see collections from the entire domain and specify that a package be sent to each DP for local delivery to the local clients.

For this to work, I believe all of the collections and packages need to be created in the Central Site, and they will be inherited automatically by the child sites. As seen below.



Share this post

Link to post
Share on other sites

Let me begin by saying thanks for the assistance.


I am looking at the HQ device. In this case I'm calling it the central only to ensure I am describing this correctly. I don't want to mix up the terminology.


On the RO site, I had created a standard sender with CO1 as the site and the server name entered. This shows an unknown in the console. Also note that nothing for CO1 is visible in the RO1 console. I seem to be missing something that ties the two together.




One thing to mention is that I also had previously set the site database to be replicated. I assumed this was how things would be replicated to the child sites.




I'm changing this back to the local site database since it isn't working this way.


I verified that I have the SMS_SiteToSiteConnection_CO1 set with the computer object ROSCM1 (Central server device name) and COSCCM1 (Child server name). The same are set on the SMS_SiteToSiteConnection_RO1 side.

Share this post

Link to post
Share on other sites

Update: Whiile looking in the system status alerts, I see one from SMS_DESPOOLER.


SMS Despooler received an instruction and package file from site CO1 that contains either software distribution data or inter-site replication data, however the despooler does not have the public key to verify the signature of the package. The instruction cannot be processed and will be retried.


Solution: Extend the Active Directory schema to allow sites to publish their public keys into AD, or use the preinst.exe tool to manually replicate the public keys.


When SCCM was originally installed on RO1, I did extend AD so this is not the issue. I Googled the topic and performed the manual steps to replicate the keys but this has also not produced a positive outcome. I'm going to try and research this further as I believe this is why the CO1 site is not showing in the RO1 console.





Share this post

Link to post
Share on other sites

Additional Updates: What a great tool Google is! I was able to use preinst to manually send the keys and the CO1 site is now in the RO1 console. Things are looking up.




Additional Questions:


I have each subnet specified as an AD site. My sites are:


RO1 - Royal Oak

CO1 - Chicago

AA1 - Ann Arbor

PE1 - Peoria

LV1 - Las Vegas

KZ1 - Kalamazoo


For each sites boundaries, is it correct that I will set CO1 to only discover within the Chicago AD Site? My thought is that this will then propogate up to RO1 as the central site. The other AD sites would be configured in the same manner.


While looking in the RO1 boundaries, I see that CO1 is added twice. I added Chicago originally to the RO1 site because this was the only server available. Now that CO1 is online there is a boundary as well for Chicago on the CO1 site. If the plan is to have CO1 manage the Chacago AD site, can I remove the Chacago boundary listed for RO1?




On the CO1 side of things, there are boundaries set for Chicago and also for RO. Does the CO1 site need a boundary for RO? I am not certain if this is necessary for communication purposes.



Share this post

Link to post
Share on other sites



After adding the COSCCM1 to AD so it can create the System Management objects, everything is workign correctly with one exception. I'll get to that later. All the collections can across and show up as locked in CO1 as they should. I was able to make a new DP on CO1 for a package and it was created correctly. I waited for the system status to settle down and went back into the eents. I see the following as the nly item of concern.


Severity Type Site code Date / Time System Component Message ID Description

Error Milestone CO1 7/16/2010 12:39:46 PM COSCCM1 SMS_AMT_OPERATION_MANAGER 7204 WinRM out of band service is not enabled. Solutions: Install WinRM out of band service manager and start it in out of band service point site role machine.





The upadte is now on CO1 and I'm waiting to see what happens.



Share this post

Link to post
Share on other sites

As an addon to your question about the boundaries, only add the Boundary of an AD Site to the Primary Site that has to manage the clients. So remove the CHICAGO Boundary for the R01 Site.



I'm not certain I understand 100%....




This is the console of the RO1 device and site. I have a boundary set for Chicago and it specifies site CO1. I previously also had a boundary where the site for Chicago was set to RO1. Are you saying to remove this Chicago boundary even though it is listed as being on the other site?



Share this post

Link to post
Share on other sites

So far everything looks good. One issue I have is that I want to install PXE on the new parent servers in my remote locations. I can do this from the remote site if I RDP into the server and open the SCCM console. From the Central Server console, PXE is not available as an option. Why is this? I guess that because this binds with the local DHCP server the action has to occur from the device on the local subnet. It would be nice to have this specified so that I do nto make an error.


Earlier I asked about the database settings. Should I leave them as local or use the replicated settings? What is the difference?



Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.