book

Microsoft System Center Configuration Manager Cookbook - Second Edition

Name: Microsoft System Center Configuration Manager Cookbook - Second Edition
ISBN: 9781785881206

by Samir Hammoudi, Chuluunsuren Damdinsuren, Brian Mason, Greg Ramsey

November 2016

Intermediate to advanced

354 pages

7h 3m

English

Packt Publishing

Read now

Unlock full access

Microsoft System Center Configuration Manager Cookbook - Second Edition
Microsoft System Center Configuration Manager Cookbook - Second Edition
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Getting readyHow to do it…How it works…There's more…See also

Conventions
Reader feedback
Customer support
ErrataPiracyQuestions
1. Designing a System Center Configuration Manager Infrastructure
Introduction
What's changed from System Center 2012 Configuration Manager?
Getting readyHow to do it...Whats new in CM CapabilitiesRemoved featuresSee also
System Center Configuration Manager's new servicing models
Getting ReadyWindows 10's new servicing modelsHow to do it...How will CM support Windows 10?Why is there another version called Configuration Manager LTSB 2016?
Keeping your CM deployment up-to date
Getting readyHow to do it...How it works...There's more...See also
Infrastructure sizing considerations
Supportable size and scaleHardware recommendationSee also
Dividing up site system roles
Getting readyHow to do it...How it works...There's more...Offloading the SUPOffloading Endpoint ProtectionOffloading SQL Reporting ServicesSee also
Upgrading in-place from Configuration Manager 2012
Getting readyHow to do it...Starting the upgrade installation at the CAS or primary siteStarting the upgrade installation at a secondary siteStarting the upgrade installation of clientsHow it works...There's more...See also
Installing SQL the right way
Getting readyHow to do it...How it works...There's more...Installing SQL with an unattended fileSetting some limitsSQL file layoutHelping SQLSee also
Managing Internet-facing clients
Getting readyHow to do it...How it works...See also
Using remote and workstation distribution points and BranchCache
Getting readyHow to do it...How it works...There's more...When to choose BranchCacheWhen to choose a workstation distribution pointWhen to choose a server-class distribution pointSee also
2. Deploying Windows 10 with Operating System Deployment
Introduction
Creating an OSD test environment
Getting readyHow to do it...How it works...There's more...The reference image in a VMThe production build in a VM
Leveraging the build and capture process
Getting readyHow to do it...How it works...There's more...Creating bootable mediaDeploying the task sequence to a device collectionStarting the build process and troubleshooting informationSee also
Migrating user state
Getting readyHow to do it...How it works...There's more...See also
Managing drivers
Getting readyHow to do it...How it works...There's more...Auto Apply DriversApplying Driver PackageCustomizing with WMI conditional statementsSee also
Customizing the build process with prestart hooks
Getting readyHow to do it...How it works...There's more...See also
Patching your reference build
Getting readyHow to do it...How it works...See also
Using the new Windows 10 in-place upgrade task sequence
Getting readyHow to do it...Deploying the upgrade TS to a device collection containing Windows 7/8/8.1 clientsHow it works...There's more...
Leveraging the Microsoft Deployment Toolkit with CM OSD
How to do it...How it works...There's more...See also
3. Deploying Applications and Software Updates
Introduction
Creating applications and deployment types
Getting readyHow to do it...How it works...There's more...Creating deployment typesSpecifying application settingsDistribute an application to your DPsDeploying an application to workstationsSee also
Deploying Store Apps - Windows, iOS, Android
Getting readyHow to do it...Deploy Apps directly from Stores - Deep LinkDeploy Apps by Side-LoadingHow it works...There's more...See also
Creating Mobile Application Management Policy
Getting readyHow to do it...How it works...There's more...See also
Managing Software Center and Application Catalog
How to do it...There's more...See also
Reducing collection dependencies with conditional rules and global conditions
Getting readyHow to do it...How it works...There's more...Testing the application using a Simulated Deployment
Converting classic packages to applications
Getting readyHow to do it...How it works...There's more...
Creating and deploying Virtual Applications - App-V
Getting readyHow to do it...How it works...
Superseding applications
Getting readyHow to do it...How it works...
Monitoring content and deployment status
Getting readyHow to do it...How it works...
Preparing for software updates
Getting readyHow to do it...How it works...There's more...The Active Software Update PointEnable software updates on clients
Creating and monitoring software updates
Getting readyHow to do it...How it works...There's more...Create a software update deploymentMonitor the deploymentSee also
Leveraging Automatic Deployment Rules - ADRs
Getting readyHow to do it...How it works...There's more...
Deploying custom updates
Getting readyHow to do it...How it works...There's more...See also
Leveraging Windows 10 Servicing to deploy features upgrades
Getting readyHow to do it...How it works...There's more...See also
4. Managing Compliance Settings
Introduction
Building Configuration Items the old way
Getting readyHow to do it...How it works...There's more...Disabling the local guest accountDisabling Internet Connection SharingVerifying recent antivirus definitionSee also
Building Configuration Items for Windows 10
Getting readyHow to do...How it works... There's more...
Creating and deploying a baseline
Getting readyHow to do it...How it works...There's more...Piloting the baselineTesting the baselineManaging revisionsSee also
Leveraging Security Compliance Manager
Getting readyHow to do it...How it works...There's more...Adding an additional CI to the baselineSee also
Monitoring compliance with SSRS
Getting readyHow to do it...How it works...There's more...Creating an e-mail based subscriptionCreating a file-based subscriptionSee also
5. Managing Mobile Devices using Configuration Manager with Microsoft Intune
Introduction
Creating a Microsoft Intune subscription
Getting readyHow to do it...How it works...There's more...See also
Connecting Microsoft Intune to CM
Getting readyHow to do it...Android management setupWindows 10 management setupWindows 10 Mobile management setupiOS management setupHow it works...There's more...See also
Creating and deploying MDM policies
Getting readyHow to do it...How it works...There's more...Deploying the MDM policyVerifying the application of the MDM policySee also
Using Conditional Access to control devices' access to Office 365 services
Getting readyHow to do it...How it works... There's more...See also
Managing mobile devices enrolled in Microsoft Intune via the CM console
Getting readyHow to do it...Full wipe actionSelective wipe actionRemote lockPasscode resetHow it works... There's more...
6. Managing Sites
Introduction
Managing collections
Getting readyHow to do it...How it works...There's more...Creating maintenance windowsConfiguring power managementConfiguring alertsImport/export and copying collectionsSee also
Configuring site maintenance
Getting readyHow to do it...How it works...There's more...Setting up a Network Access AccountDisabling unused Status Filter RulesDesignating a fallback siteSee also
Managing site communications
Getting readyHow to do it...There's more...Configuring bandwidth restrictions on standalone DPs
Configuring Discovery
Getting readyHow to do it...How it works...There's more...Enabling Active Directory System DiscoveryEnabling Active Directory User DiscoveryEnabling Active Directory Group DiscoverySee also
Managing Boundary Groups
Getting readyHow to do it...How it works...There's more...Adding or editing Boundary Groups from the Boundaries nodeSee also
Managing role-based security
Getting readyHow to do it...How it works...There's more...Creating scopes to manage security boundariesDefining administrator groupsSetting security scopes on DPsSee also
Configuring the Application Catalog
Getting readyHow to do it...How it works...There's more...See also
Managing and validating content for DPs and DP groups
Getting readyHow to do it...How it works...There's more...Monitoring the content statusMonitoring DP group statusMonitoring the DP configuration statusValidating the contentSee also
7. Managing Clients
Introduction
Deploying clients
Getting readyHow to do it...How it works...There's more...Discovering computersConfiguring securityPushing the client to a collectionPushing the client to all computers automaticallySee also
Upgrading client agents
Getting readyHow to do it...How it works...There's more...See also
Managing client health
Getting readyHow to do it...How it works...There's more...Viewing health in the consoleViewing health in SRS reportsViewing alerts in the consoleDisabling client remediationSee also
Managing client settings
Getting readyHow to do it...How it works...There's more...Hiding all notificationsDeploying Endpoint ProtectionSee also
Enabling Device Health Attestation in Windows 10
Getting readyHow to do it...How it works...There's moreSee also
Monitoring client installation and activity
Getting readyHow to do it...How it works...There's more...See also
Making use of user-centric improvements
Getting readyHow to do it...How it works...There's more...Associating users to devicesEnable the new Software CenterSee also
Configuring power management
Getting readyHow to do it...How it works...There's more...Copying power management settings from another computerEnabling users to opt out of power managementCreating an "always on" collectionConfigure wakeup time, but no other settingsMonitoring Power Management with ReportingSee also
8. Managing Inventory
Introduction
Managing hardware inventory
Getting readyHow to do it...How it works...There's more...Extending hardware inventoryUsing RegKeytoMofBacking up your classesSee also
Managing software inventory
Getting readyHow to do it...How it works...There's more...Adding new software inventory rulesCreating a software inventory rule with a custom client policyIgnoring other optionsSee also
Managing software metering
Getting readyHow to do it...How it works...There's more...Automatically create metering rules based on recent usage dataReviewing metering reportsAutomating uninstall processes to remove unused softwareLeveraging CCM_RecentlyUsedApps
Monitoring inventory data flow
Getting readyHow to do it...ClientManagement PointSiteHow it works...There's more...
Integrating Asset Intelligence
Getting readyHow to do it...How it works...There's more...Submitting applications to Microsoft for categorizationSee also
9. Managing Reports and Queries
Introduction
Installing SQL Server Reporting Services - SSRS
Getting readyHow to do it...How it works...There's more...Remote SSRS - remote RSPSee also
Configuring reporting services
Getting readyHow to do it...Making the SSRS server an RSPSaving resources of your CAS or Primary - cache reportsSee also
Sharing your reports with others
Getting readyHow to do it...
Configuring report subscription
Getting readyStep 1: Enable e-mail notification for alertsStep 2: Configure E-Mail Settings of Reporting Services Configuration ManagerStep 3: Configure SQL Server Agent ServiceHow to do it...There's more...See also
Building queries
Getting readyHow to do it...How it works...There's more...Creating subselect queries in T-SQLCreating a WMI queryCreating a WMI-based query collectionCreating subselect queries in WMISee also
Editing and creating reports
Getting readyHow to do it...How it works...There's more...Creating a new report with Report Builder 3.0Incorporating readability aids in your reportUploading reports to the RSPSee also

Content preview from Microsoft System Center Configuration Manager Cookbook - Second Edition

Managing role-based security

Role-based Access Security (RBAC) is new to CM12. It offers the ability to segregate administrators with ease. In CM07 admins either used extra primary sites or scripts kicked off by status filters to separate admins from each other. Now it can be done in just a few minutes, right from the console.

We are going to use RBAC to divvy up roles for workstation and server admins so that neither sees the other's assets.

Getting ready

Create two AD user groups-CM Wkstn Admins and CM Server Admins. Populate each with a unique test account or real user accounts.

How to do it...

We start by creating one collection for workstations and one for servers:

In the admin console, navigate to Assets and Compliance | Device Collections and ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Microsoft System Center Endpoint Protection Cookbook - Second Edition

System Center 2012 R2 Configuration Manager Unleashed: Supplement to System Center 2012 Configuration Manager (SCCM) Unleashed

Kerrie Meyler, Jason Sandys, Greg Ramsey, Dan Andersen, Panu Saukko, Kenneth van Surksum, Michael Wiles

Publisher Resources

ISBN: 9781785881206

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design