In the previous post we in this post we set boundaries and discovered some of the systems. In this post we will deploy the client to the servers.
Post 9 – Deploying Client and managing client settings
Deployment of the Client (Agent) to the computer. You can deploy by the agent by many different ways; Client pushing, group policy, software update point (Wsus), manually installing it, login script, software distrubition, OS deployment, or have it by part of the image placed on the computer.
There are three different client installation files in Configuration Manager:
Client.msi = never used directly, this is called by CCMsetup.exe during an install
CCMSetup.msi = Used exclusively by Group Policy. Used in addition with a pair of custom ADM files
CCMSetup.exe = Used for everything else
the Technet article helps explain more information about these different client installation files: http://technet.microsoft.com/en-us/library/gg699356.aspx
The first thing we have to do is set up Client Settings. Open Configuration Manager, select Administration and select Client settings. You can now set more than one client setting and set priorities. For example the default client settings aren’t set and have a priority of 10,000 (lowest priority).
BITS is a fantastic bandwidth throttling function. You can ensure your network will not become overburdened during the time-frame you specify and you can set up the maximum transfer rate. On a Wan you would probably want this value to be true, if the clients are on your local network you may want to leave it off.
Client Policy – The client policy is by default every 60 minutes. User policy polling helps deploy out applications to users.
Computer Agent- these identify what sorts of notification users will get. What is the organization name, What are the install permissions, etc. Other settings will be covered later.
Computer Restart – How do you want to notify users that a restart is pending? When do you want to notify users a restart is going to occur?
Power Management – Do you want to allow power management of devices? Do you want users to be able to turn this on and off?
Remote Tools – This determines the experience settings to remotely connect from ConfigMgr to someones computer. Some important settings for an Enterprise include allowing you to connect to someone’s computer, and will you prompt them when you connect to their computer or server.
State Messaging – How often do you want clients to report the current state?
Deployment to a client
To deploy new client, first you want to add a new site role to your server. The site role is called the Failback status point. When clients fail there needs to be another endpoint state message or errror messages when there are problems. We will install the failback status (FSP) role on our existing server (although you could install it to a different server to help generate a more streamlined environment.
Installing the Fallback Status Role
To add the fallback status Role go to:
Administration, Site Configuration, Servers and Site System Roles. Now right mouse click on site to bring up a menu. Select Add Site System Roles,
On the Add Site System Roles Wizard, Select Next.
Don’t specify a proxy, and select Next.
On Specify Roles for this Server, select Fallback status point and select Next.
10,000 state messages is the default. Select Next.
The confirmation of the settings is shown, select Next.
The role has been added to the server successfully.Select Close.
Install the configmgr client on servers
The share on your server is: \\configmgr\sms_bp1\client This is where ccmsetup is residing.
This is the main program share on your site server.
Sometimes it is helpful, to share out this folder to your environment. Do so by going to \\configmgr\sms_bp1 and selecting client.
On the folder properties select Advanced Sharing, Share this folder. On the Advanced Sharing select Permissions and set Everyone to read.
Also go to the security tab and make sure everyone has access to this folder. Select Allow, and read permissions for the users.
Method 1 Manual installation
The manual Mode of Client Installation is really just running this command:
CCMSetup.exe /mp:ConfigMgr /logon SMSSITECODE=BP1 FSP=ConfigMgr
Go to c:\Program Files\Microsoft Configuration Manager\Client and run:
CCMSetup.exe /mp:ConfigMgr /logon SMSSITECODE=BP1 FSP=ConfigMgr
This will run CCmsetup.exe on the computer to install the client.
It can take a couple of minutes to run. Once the client installs, it gets the policy from the configuration manager server. The entire process can take up to 20 minutes. If you check the Control Panel on your computer, you are looking for the Configuration Manager icon (which means Configuration Manager has been installed).
You can use this method to apply the client on your servers. However applying to a large amount of servers is time consuming.
Method 2 Client Push method
To use the client push method you have to first set up a couple things. Go to Sites, on the top of the page select Hierarchy Settings, and select to Use a failback site
Select the Client Approval and Conflicting Records tab. Here you can choose the client approval method. Most environments the default automatically approve computers in trusted domains is fine. If you want a lot more control you can manually approve each computer.
The Automatic client upgrade tab, is for automatically updating the clients.
Close this dialog box.
Select your site, and at the top of the screen select Client Installation settings,
This will give you the option of pushing the client to newly discovered machines.. this is basically the easy button of adding new machines and making sure they get the client pushed to them. I have used this option to ensure machines I just create and add to Active Directory will get the client pushed to them.
The second option of deploying the client to domain controllers is a tricky one. At times it’s not a good idea for Domain Controllers to receive the same update packages other servers may be getting. So keeping this off is generally recommended.
The accounts tab is critical to pushing out the client. A client account must be defined in order to push the package to machines in the domain. For example, I have set the following user account to push clients to users. You can also check to make sure everything is working correctly by selecting Test Connection at the bottom of the screen.
On the Installation Properties tab you can set specific installation properties to the client install. Add FSP=configmgr in order to set it to the fallback point.
Method 3 Installing client using the wizard.
Go to Assets and Compliance, and select devices. Select a computer without the configuration manager client.
Select Install client.
The defaults; always install the client software and install the software from the following site should be selected, if not select them. Select next.
Client push summary is presented, Select Next.
Client push summary success , select Next.
Select Close. The agent will now be pushed to the one object selected.
Of the different methods, the direct manual install method is the fastest, but may require more time. I have used pstools and psexec to connect to machines to install the client in the background however this may take time in a large environment. If you have a lab environment and can keep the computer on for extended periods of time you can try the second method and see if the computers get the client.
Method 4 Group policy push to clients
Log on to your domain controller,in this case DC1.
Connect to your configuration manager server, and browse to: \\configmgr\SMS_BP1\bin\i386 and run the ccmsetup.msi package. This will install the needed adm objects to create a configuration manager installation policy.
Go to your domain controller, open the group policy management icon.
Go to domains, your domain, group policy objects,and right click to select New.
Name the group policy Install ConfigMgr Client and select Ok.
Two things need to happen to make this work you need to use the group policy software installation piece, the second is the pair of the custom ADM files will be used to manage the installation.
Select Edit on the Install ConfigMgr client and you are presented with the definition of the policy.
Expand Policies under Computer configuration by selecting it. Under the Software Settings, this is where you can create a new software installation. Selecting Software installation and New, Package will define the software package for all of the machines that will be given this policy. This location has to be accessible to the machines that will receive this policy. I have copied the ccmsetup.msi package to the configmgr\share directory. I changed the directory on open to \\configmgr\share, and have selected the ccmsetup.msi package.
Select Open after selecting the package.
The ConfigMgr Client Setup Bootstrap properties dialog box has the following tabs; General, Deployment, Upgrades, Categories, Modifications and Security. Deployment identifies how the package will be deployed. You aren’t modifying things so there is nothing in the Upgrades or Modifications tab. Click OK.
You can now see the agent linked in the software installation.
Just adding the package doesn’t seem to work as you will need to add additional ADM management templates in order to configure the client installation.Go to Administrative Templates, and right click to select Add/Remove Templates. In the Add/Remove Templates Dialog box, select Add. You can find the needed administrative templates on the configmgr server located at \\configmgr\SMS_BP1\tools\ConfigMgrADMTemplates
Select Close. One template is for assignment and another is for installation. Go to Classic Administrative Templates (ADM), Configuration Manager 2012, Configuration Manager 2012 Client, and you can see the Site Assignment and Client Deployment Settings.
Select the Site Assignment tab, Set to enabled, and enter BP1 as the assigned site.
Click on the Next Setting Tab. The Client Deployment settings tab allows you to set specific instructions for the client, in this case where we define the sitecode and the fallback status point. Click on enabled, and in CCMsetup type:
Select Apply to save the changes, and close.
The group policy has now been defined. Now select File and Exit to save the changes to the group policy. Selecting Group Policy Objects under Group the bluepalace lab domain, let me know that the policy has been enabled.
Next we will learn more about Hardware and Software Inventory. Where we can create collections of the Hardware and Software running on our domain.