Planning the Server Infrastructure for Configuration Manager v.Next
Published: May 24, 2010
Send suggestions and comments about this document to . Please include the name of the document with your feedback.
This document is provided “as-is”. Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it.
Some examples depicted herein are provided for illustration only and are fictitious. No real association or connection is intended or should be inferred.
This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. You may modify this document for your internal, reference purposes.
© 2010 Microsoft Corporation. All rights reserved.
Microsoft, Access, Active Directory, ActiveSync, ActiveX, Authenticode, BitLocker, Excel, Hyper-V, Internet Explorer, JScript, Microsoft Press, MSDN, Outlook, SharePoint, SoftGrid, SQL Server, Visio, Visual Basic, Visual C++, Visual Studio, Win32, Windows, Windows Mobile, Windows Server System, and Windows Vista are trademarks of the Microsoft group of companies.
All other trademarks are property of their respective owners.
Contents
Planning the Server Infrastructure for Configuration Manager v.Next
In This Section
Introduction
Terminology
Hierarchy-Related Terms Used in Configuration Manager v.Next
Data Replication Terms Used in Configuration Manager v.Next
Concepts
Sites in Configuration Manager v.Next
Central Administration Site
Primary Site
Secondary Site
Site Systems Roles in Configuration Manager v.Next
Site Support for Site System Roles
Features and Functionality in Configuration Manager v.Next
Active Directory Schema
Client Agent Settings
Configuration Manager Console
Role-Based Administration
Discovery
Active Directory Delta Discovery
Discovery Processing Site
Alerts
Content Distribution in Configuration Manager v.Next
Distribution Points Enabled for Bandwidth Control
Distribution Point Groups
Copy Content to Distribution Points Manually
Windows BranchCache Support
Branch Distribution Points
Multicast Distribution Points
Reporting
Site-to-Site Communication in Configuration Manager v.Next
Database Replication
Global Data
Site Data
Replication Monitoring
File-Based Replication
Planning the Hierarchy and Site Design
What’s Changed from Configuration Manager 2007
Changes to the Site Hierarchy
Changes to Central Sites
Changes to Primary Sites
Changes to Secondary Sites
Changes to Site Management
Changes to the Administrator Console
Changes to Inter-Site Communication
Changes to Security Management
Changes to Client Agent Management
Design Considerations
Determine Whether You Should Install a Central Administration Site
Determine Whether You Should Install a Primary Site
Determine Whether You Should Install a Secondary Site
Determine Whether You Should Install a Site or Use Content Distribution Options
Determine Where to Install Site System Servers and Site System Roles
Examples
Scenario 1: Remote Office Optimization
Current Situation
Business Requirements
Planning Decisions
Steps Taken
Business Benefits
Scenario 2: Infrastructure Reduction and Custom Client Agent Settings
Current Situation
Business Requirements
Planning Decisions
Steps Taken
Business Benefits
Appendices
Appendix A: Data Replication Details
SQL Server-Based Terminology Used in Configuration Manager v.Next
Publishers and Subscribers by Site
Types of Replication in Configuration Manager v.Next
Database Replication
File-Based Replication
This is pre-release documentation and is subject to change in future releases.
Planning the Server Infrastructure for Configuration Manager v.Next
In This Section
Introduction
Terminology
Hierarchy-Related Terms Used in Configuration Manager v.Next
Data Replication Terms Used in Configuration Manager v.Next
Concepts
Sites in Configuration Manager v.Next
Site Systems Roles in Configuration Manager v.Next
Features and Functionality in Configuration Manager v.Next
Site-to-Site Communication in Configuration Manager v.Next
Planning the Hierarchy and Site Design
What’s Changed from Configuration Manager 2007
Examples
Scenario 1: Remote Office Optimization
Scenario 2: Infrastructure Reduction and Custom Client Agent Settings
Appendices
Appendix A: Data Replication Details
Introduction
Microsoft SystemCenter ConfigurationManagerv.Next allows you to simplify the management of your hierarchy by reducing the number of sites and servers required to manage devices.
This guide is an introduction to the server infrastructure requirements for ConfigurationManagerv.Next to help you plan your ConfigurationManagerv.Next hierarchy.
Terminology
The terms that are used in this documentation are included in the following sections.
Hierarchy-Related Terms Used in Configuration Manager v.Next
The hierarchy-related terms that are used in this documentation are included in the following table.
Term / Definitioncentral administration site / The site at the top of the hierarchy.
discovery processing site / A hierarchy-wide role that is assigned to a primary site and that is responsible for processing all new discovery data records and creating new database entries for discovered resources.
primary site / A ConfigurationManagerv.Next site that has clients assigned to it and that processes client-generated data.
role-based administration / A way to secure objects in ConfigurationManagerv.Next by using security scopes to limit access to the securable objects and the security roles that provide typical permissions to administrative users.
secondary site / A child of a primary ConfigurationManagerv.Next site that is administered only through the central administration site or its parent site and that propagates data to its primary site’s database.
security role / A set of permissions that defines what an administrative user can do and see in the ConfigurationManagerv.Next console.
security scope / A feature that, when used in conjunction with security roles, limits what an administrative user can do and see in the ConfigurationManagerv.Next console.
Data Replication Terms Used in Configuration Manager v.Next
The data replication terms that are used in this documentation are included in the following table.
Term / Definitiondatabase replication / A type of data replication in ConfigurationManagerv.Next that uses SQL Server replication.
file-based replication / A type of replication in ConfigurationManagerv.Next that is used for content, discovery data records, and state messages to a fallback status point in a parent site. This information is replicated at the file level.
global data / A set of administrator-created objects that are replicated to all sites throughout the hierarchy. Secondary sites receive a subset of the data.
local data / A set of objects that are automatically created by Configuration Manager. This data is not replicated to other sites.
site data / The operational information that is created by a Configuration Manager site and that is replicated to the central administration site. Site data includes hardware inventory data, status messages, alerts, and the results of query-based collection rules.
Concepts
Review the following concepts to help you plan and deploy a ConfigurationManagerv.Next site and hierarchy.
ConfigurationManagerv.Next does not support upgrades from previous versions of the product and requires that you deploy a new hierarchy. To implement ConfigurationManagerv.Next and maintain continuity from an existing Configuration Manager 2007 deployment, you must migrate existing data to ConfigurationManagerv.Next. For more information about migration and migration strategies, see the “Migrating Configuration Manager 2007 to ConfigurationManagerv.Next” guide from the Microsoft Connect site (
Sites in Configuration Manager v.Next
ConfigurationManagerv.Next introduces the central administration site and some changes to primary and secondary sites. It is important to review these changes before you design your ConfigurationManagerv.Next site hierarchy.
The following table provides information about the three types of sites in ConfigurationManagerv.Next.
Site / Purpose / Differences from Configuration Manager 2007Central administration site / Recommended location for all administration and reporting for the hierarchy / Does not process client data.
Does not accept client assignments.
Not all site system roles are available.
Participates in database replication.
Primary site / Manages clients in well-connected networks / Additional primary sites allow the hierarchy to support more clients.
Cannot be tiered below other primary sites.
No longer used to segment client agent settings or security.
Participates in database replication.
Secondary site / Manages clients in remote locations where network control is needed / SQL Server is required and SQL Server Express will be installed during site installation if required.
A proxy management point and distribution point are automatically deployed during the site installation.
Secondary sites can be tiered to support content distribution to remote locations.
Participates in database replication.
Central Administration Site
In a hierarchy that will contain two or more primary sites, the top-level site must be a central administration site. Unlike a Configuration Manager 2007 central site, the central administration site is a distinct site type that is used only for administration and reporting in ConfigurationManagerv.Next. The central administration site coordinates intersite data replication across the hierarchy by using Configuration Manager database replication and enables administration of hierarchy-wide configurations for client agents, discovery, and other operations.
Before you install a central administration site, review the following functional and deployment considerations.
Functional Considerations:
The central administration site must be the top-tier site in a hierarchy.
The central administration site supports only primary sites as child sites.
The central administration site cannot have clients assigned to it.
Not all site system roles can be installed on the central administration site. For more information, see Site Systems Roles in Configuration Manager v.Next.
The central administration site can manage clients from any primary site in the hierarchy.
The central administration site can perform any client or site management task that you can perform from a primary site.
The central administration site is the only place where site data from all sites is visible. This includes information such as status messages.
The central administration site can configure discovery for the hierarchy and assign discovery-related roles to other sites but does not support discovery methods running locally at the central administration site.
Deployment Considerations:
The central administration site must be the first site deployed when configuring a site hierarchy that will contain more than a single primary site.
Primary Site
In ConfigurationManagerv.Next, you deploy primary sites to support a higher number of clients in the hierarchy. Unlike Configuration Manager 2007, primary sites do not provide a partition for security, administrative roles, or client agent settings. Each primary site in ConfigurationManagerv.Next is responsible for processing its assigned clients’ data and for replicating this data to other sites. These changes help to eliminate the need to tier primary sites and require fewer site system servers in the hierarchy.
Before you install a primary site, review the following functional and deployment considerations.
Functional Considerations:
A primary site can only have a central administration site as a parent site.
A primary site can only have secondary sites as child sites.
A primary site cannot change its parent site relationship after installation.
Primary sites are responsible for processing all client data from their assigned clients.
Primary sites replicate changes to information in their database to other sites using database replication.
In a site hierarchy, the first primary site installed is designated as the discovery processing site and it is responsible for processing all new Active Directory discovery records. Updates to existing Active Directory records are processed at the primary site that receives them.
Deployment Considerations:
Database replication is automatically configured when a primary site installs as a child of the central administration site.
Primary sites can have one or more secondary sites installed as child sites.
Typically required site system roles can be installed in the primary site during site installation. For a list of site system roles that are supported on primary sites, see Site Systems Roles in Configuration Manager v.Next.
Secondary Site
Secondary sites in ConfigurationManagerv.Next are used to manage the distribution of content flowing down the hierarchy and client data flowing up the hierarchy. Unlike Configuration Manager 2007, ConfigurationManagerv.Next secondary sites require SQL Server or SQL Server Express to enable participation in database replication.
Secondary sites can be tiered to route content to remote locations by using the bandwidth control that can be configured between secondary sites. This same tier structure enables client information, such as inventory data and status messages, to be routed to the primary site, where this information is processed. Regardless of a secondary-site-to-secondary-site tier relationship, each secondary site communicates directly to its primary parent site for database replication.
Before you install a secondary site, review the following functional and deployment considerations.
Functional Considerations:
Secondary sites require SQL Server Express or an instance of SQL Server to be available on the designated site server.
Secondary sites use database replication to communicate directly with their parent primary site.
Secondary sites support the routing of content to other secondary sites.
Uninstalling a secondary site will not remove content that has been distributed to distribution points in that site.
A site reset is supported for secondary sites and can be used, for example, when the secondary site’s SQL Server security accounts are changed.
Deployment Considerations:
Secondary sites automatically install SQL Server Express during site installation if a local instance of SQL Server is not available.
Secondary site installation is initiated from the Configuration Manager console at a primary site to enable the configuration of database replication during installation.
You can use scripts to automate the installation of secondary sites.
Secondary site installations automatically deploy a proxy management point and distribution point on the secondary site server.
Secondary sites can be installed in a different forest than the parent primary site.
Secondary site installation status is available in the Configuration Manager console.
Other improvements to installing secondary sites include improved prerequisite checks, the use of remote installation source media from a network location, and the ability to stop and restart site installation without recopying installation files.
Site Systems Roles in Configuration Manager v.Next
ConfigurationManagerv.Next introduces new site system roles and new capabilities for distribution points.
Site Support for Site System Roles
The following table identifies the site system roles that can be installed at each type of site.
Site System Role / Central Administration Site / Primary Site in Hierarchy / Stand-alone Primary Site / Secondary SiteAsset Intelligence Synchronization Point / Yes / No / Yes / No
Distribution Point1 / No / Yes / Yes / Yes 2
Fallback Status Point / Yes / Yes / Yes / No
Management Point1 / No / Yes / Yes / Yes 2
Mobile Device Enrollment Point / No / Yes / Yes / No
Mobile Device Enrollment Proxy Point / No / Yes / Yes / No
Out of Band Service Point / No / Yes / Yes / No
PXE Service Point / No / Yes / Yes / Yes
Reporting Services Point / Yes / Yes / Yes / No
Server Locator Point / Yes / Yes / Yes / No
Software Catalog Web Service Point / No / Yes / Yes / No
Software Catalog Web Site Point / No / Yes / Yes / No
Software Update Point / Yes 3 / Yes 3 / Yes / Yes
State Migration Point / No / Yes / Yes / Yes
System Health Validator Point / Yes / Yes / Yes / Yes
1There are variations of this site system role, such as a branch distribution point and a management point that supports mobile devices. However, these are not listed as separate site system roles in the Create Roles Wizard. Instead, they are listed as configuration options in the wizard. Because selecting any one of these options can change where the site system role can be installed, these have not been listed as separate site system roles in the preceding table.
2When you install a secondary site, a management point and a distribution point is automatically installed in that site.
3In a hierarchy, install a software update point in the central administration site and then install a software update point on child primary sites. Synchronize the software update point on the central administration site with Windows Software Update Services (WSUS). Then synchronize all software update points on primary sites with the software update point on the central administration site.
Features and Functionality in Configuration Manager v.Next
Use the following information about features and functionality in ConfigurationManagerv.Next to help you plan a successful Configuration Manager hierarchy.
Active Directory Schema
The Active Directory schema extensions for ConfigurationManagerv.Next are unchanged from those used by Configuration Manager 2007. If you have already extended the Active Directory schema for Configuration Manager 2007, no further action is required to publish ConfigurationManagerv.Next site information. For more information about extending the ActiveDirectory schema and benefits of publishing to ActiveDirectory DomainServices, see the following in the Configuration Manager Document Library:
Decide If You Should Extend the Active Directory Schema (
How to Extend the Active Directory Schema for Configuration Manager (
Client Agent Settings
In ConfigurationManagerv.Next, you configure client agent settings at the central administration site and these settings are applied to all clients in the hierarchy. You can customize these settings for individual collections and apply them to collection members. This is an important change from Configuration Manager 2007, where client agent settings were defined at each site and customizations were not configurable.