System Center 2012 Configuration Manager exam:
70-243 Administering and Deploying System Center 2012 Configuration Manager
*Taken 23-02-2012* and passed
System Center 2012 Configuration Manager Survival Guide
MVP Raphael Blog
Nico Sienaert’s System Center Blog
MS Tech Blog
Windows-Noob.com step-by-step guides
Technet Virtual Labs
Configuration Manager TechCenter
Configuration Manager TechNet Library
System Center Configuration Manager 2012 Beta”How Do I?” Videos
System Center Configuration Manager 2012 Product Page
Microsoft Events regarding System Center Configuration Manager 2012
System Center Configuration Manager 2012 Forum
System Center Configuration Manager 2012 Blog
Technical Reference for Site Administration in Configuration Manager (ports, log files, accounts)
Microsoft System Center Self-Study Guide Part I – III
New and improved in 2012
- During setup the supplied parameters are saved to an answer file in %TEMP%\ConfigMgrAutoSave.ini so you can re-use it.
- To support the new 64-bit client, the location of the CCM folder for client-related files (such as the client cache and log files) has changed from %windir%\system32 to %windir%. If you reference the CCM folder for your own script files, update these references for the new folder location for Microsoft System Center 2012 Configuration Manager clients.
- Client health rules in %windir%\CCM\ccmeval.xml on the client.
- Client installation methods and their (dis)advantages
- Ccmsetup.exe switches
- Collections contain resources from all sites in the hierarchy.
- You can no longer combine user resources and device resources in the same collection. Also important for migration preparation.
- Use include rules to progressively increase the membership of a collection. You can include or exclude the contents of another collection from a specified collection.For by example phased deployments.
- A collection is always a subset of its limiting collection.
Compliance and settings management
- Previously called Desired Configuration Management (DCM)
- A new built-in security role named Compliance Settings Manager
- Alerts can be configured for exceeding thresholds (% of systems non compliant).
- Device and user focus.
- Compatible with managed mobile devices.
- Detect and report conflicting compliance rules.
- Not supported in 2012 anymore:
- Uninterpreted configuration items (remove before migrating)
- Settings groups
- Regular expressions for settings
- Using wildcards for registry settings
- The string operators Matches and Do not Match
- You can now download the Microsoft Volume Licensing Service (MVLS) license statement from the Microsoft Volume Licensing Service Center and import the license statement from the Configuration Manager console.
- Enrollment now natively supported by using the new enrollment point and enrollment proxy point and a Microsoft enterprise certification authority.
- Mobile device management responsibility can be moved from Exchange to configuration manager using the exchange server connector (supports Exchange 2010 and Exchange Online).
- Requires PKI (was not the case with 2007).
- Mobile device legacy clients can still be managed, but with limited functionality.
- System Center 2012 Endpoint Protection is now integrated with SCCM2012
- No seperate setup/dashboard. For the install just select the Endpoint Protection Point site system role. For the dashboard select the System Center 2012 Endpoint Protection Status node in the Monitoring workspace.
- No package and program used to install endpoint protection client (install using SCCM2012 client settings or manage existing cients).
- Endpoint Protection Manager role provides admin with minimum permission to manage Endpoint Protection.
- New integrated reports (including user centric).
- Auto update using automatic update deployment rules.
- Configurable SCCM2012 alerts and subscriptions.
- Uses Software Distribution Point site role (WSUS)
- Automatic approval and deployment.
- Improved search with expanded criteria.
- Greater user control for scheduling installation.
- Software update groups.
- Software update files are stored in the content library (single instance store for content files).
- Software deployment templates (by example template with deadline 0 days and allow restarts outside of maintenance windows for highly critical updates)
- Internet-based clients try to retrieve update files from the Internet first. If impossible will fallback to distribution point.
- Enhancements to software updates monitoring:
- Key software updates compliance+deployment views.
- Detailed state messages for deployments+assets.
- Software updates error codes with additional information to help identify issues.
- Status for software updates synchronization.
- Alerts for key software updates issues.
Applications are new in SCCM 2012 and have the following characteristics:
- Contain files + information to deploy software package to device.
- Multiple deployment types possible:
- Local install
- Virtual application package
- Mobile package
- Session virtualization (RDS/XenApp)
- Requirement rules define conditions that specify how applications are deployed. By example:
- Hardware requirements
- Primary device of user ?
- Global conditions are similar to requirement rules, but can be reused with any deployment type.
- User device affinity allows you to associate a user with specified devices, allowing you to deploy software to a user rather than a device. You could deploy an application so that it only installs on the primary device of the user. On non primary devices, you could deploy a virtual application that is removed when the user logs out.
- Deployments are used to distribute applications. A deployment can have an action which specifies whether to (un)install the application and a purpose whether the application must be installed or whether the user can choose to install it.
- Detection methods (script/product information) can be used to determine if a deployment type has already been installed.
- Status can be monitored directly in the configuration manager console (as opposed to only using reports).
- Packages and programs from 2007 are supported and can use some of the new deployment and monitoring features.
- Task sequences can be deployed on the internet like by example scripts. Operating system deployment over the internet is still not supported.
- Software Center is a new client interface that allows users to request and install applications, control some client functionality, and to access the Application Catalog, which contains details about all available applications.
- How-to for applications
Operating System Deployment
- Windows Updates can be applied offline directly to the WIM.
- Task Sequence Media Wizard includes steps to add prestart command files (formerly pre-execution hooks) to prestaged media, bootable media, and stand-alone media.
- Task Sequence Media Wizard option to suppress wizard. Unattended install.
- The same task sequence media can be used to deploy operating systems to computers anywhere in the hierarchy.
- Capture/Restore User State task sequence action supports new features from USMT 4.
- Use Install Application task sequence action to deploy applications from the Software Library when you deploy OS.
- Define user device affinity for a device during OS deployment.
- PXE service point configuration and functionality moved to the distribution point.
- Distribution point role
- Only one role (opposed to standard/branch role 2007).
- Can be installed on workstations+servers.
- Content library
- Where all content files are stored for software updates, applications, operating system deployment, etc.
- Located on the site server and each distribution point.
- Single instance store (no duplicate files as in 2007).
- Content storage
- Configurable drive (priority). Higher priority has preference until drive is below free space threshold (in 2007 the drive with most free space was used).
- Prestaging content
- Ensuring content is available even before it has been specifically requested.
- Can be used for all package types.
- Prestaged content is compressed and contains the files and associated metadata.
- Combined with bandwidth throttling and scheduling this gives you more control over bandwidth usage.
- The distribution point can be configured for prestaging.
- When you distribute content you can choose to:
- Always prestage the content on the distribution point.
- Prestage the initial content for the package but use the normal content distribution process for updates.
- Always use the normal content distribution process.
- During the import process, Configuration Manager detects version conflicts and will prevent the content for an older version of the package from being prestaged.
- Bandwidth throttling and scheduling between the site server and the distribution point.
- PXE service point
- Integrated in distribution point role. No seperate role.
- DP certificate is used for PXE as well.
- No PXE share for boot images. Instead an attribute of the boot image is used and the image is automatically deployed to the PXE store.
- Multicast options integrated with DP.
- BranchCache integration with more granular control. Configure on deployment type for applications and on deployment for package.
- Distribution point groups
- Logical grouping of content distribution points.
- Eases administration (assign content to group).
- Content validation
- Check integrity manually or scheduled.
- View status reports in the monitoring workspace.
- Management of content files
- Manage content from the properties of distribution points, distribution point groups, and package types (for example, application, deployment package, driver package, etc).
- From the distribution point and its properties, see all package types assigned for distribution.
- From the package properties, see all distribution points and distribution point groups in which the package has been distributed. You can redistribute, validate, or remove the content from the properties for the object.
- Content monitoring
- Reporting services point is the only site system role that System Center 2012 Configuration Manager uses for reporting.
- SQL 2008 Server Reporting Services (SRS) support and new added functionality.
- SQL 2008 SRS Report Builder 2.0 integration.
- SQL 2008 SRS report subscriptions (schedule and mail or put on share).
- Localized reporting depending on installation locale of:
- Configuration Manager Console
- SQL 2008 SRS
- New in SCCM 2012
- Provides near real-time awareness of current site operations and conditions in the configuration manager console.
- Alerts are stat-based and will automatically update.
- Database replication is new in SCCM 2012.
- Monitor the status using Database Replication node in Monitoring workspace of Configuration Manager console.
- Uses SSB (SQL Service Broker) on port 4022