Configuring roles and managing collections 4sysops.We will master Windows Updates in SCCM in a three part series.In part one, we will be unifying SCCM and WSUS in particular, we will configure the Software Update Point role, modify Group Policy, and design our update collections.System Center Configuration Manager SCCM can bring Windows Update management to a whole new level.It includes dozens of reports, fine scheduled installation schedules, and easier troubleshooting methods.In this series, we will be working with an existing SCCM setup running SCCM 2.Clear Windows Update Cache Sccm Software UpdatesR2.Like many organizations, our WSUS infrastructure existed before our SCCM implementation, and we are now looking at unifying the two.Configuring the SCCM software update role To get started, ensure that the WSUS role is installed on your primary server.If it isnt, add the Windows Server Update Services role through Server Manager and accept the defaults for the role installation.The WSUS role installed on our SCCM primary server.Hello, I dont even understand their motives.Especially when the given answers make clear that there already has been this feature, but it was removed for whatever.Responses to SCCM Configmgr Manage Workgroup Computers for Deployment,Remote tools etc.Qrb-WJkIETA/0.jpg' alt='Clear Windows Update Cache Sccm Software Inventory' title='Clear Windows Update Cache Sccm Software Inventory' />If you change any option on the Web Site Selection window such as the port, be sure to note the changes.They will be needed when you reconfigure your Windows Update Group Policy settings.You dont need to go through the additional WSUS configuration wizard.Configuration-Manager-Update-1702-Awesome-Features-Snap8.jpg' alt='Clear Windows Update Cache Sccm Software Deployment' title='Clear Windows Update Cache Sccm Software Deployment' />Update configuration wont be done in the WSUS management console.Instead, launch the Configuration Manager console and navigate to Administration Site Configuration Servers and Site System Roles.Right click your primary server and select Add Site System Roles.Adding a new role to our primary server.In the Add Roles Wizard, proceed past the first two pages.Under Role Selection, select Software Update Point.In this post, you will learn how to disable Windows Update in Windows 10 with Registry settings.I also posted a little PowerShell script that allows you to.Last week, Microsoft announced the final release of Windows Server 2016 the bits can be downloaded here.In addition, Microsoft has announced that Windows Server.Continue through the wizard until your reach the Classifications page.Most organizations will choose all classifications or all classifications minus tools.With your classifications selected, head to the Products page.To prevent update bloat, be careful to select only the Microsoft products that you currently support.If you are unsure if older versions of Office or operating systems exist, you can create collections in SCCM later to query for this information.Go ahead and finish the Role Wizard.You will need to deploy updates for new products added to your environment for example, a new operating system.To change the products or classifications that are deployed, navigate to Site Configuration Sites Configure Site Components.Select Software Update Point in the dropdown menu to edit these settings.Adding additional product updates for the SCCM software update point.Before we leave the SCCM console, select Client Installation Settings on the current Sites window.Under Software Update Based Client Installation, select Enable software update based client installation.Group Policy changes needed for SCCM update management Any environment currently using WSUS also uses Group Policy to configure update installation settings.These administrative templates are found under Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows Updates.You will need to edit your existing Windows Update GPO to point to your SCCM primary server.Launch the Group Policy Management Console and navigate to the location above.Select Specify intranet Microsoft update service location.From here, you have two choices you can add your primary server and port name, or you can change the Group Policy setting back to Not Configured and allow the SCCM client to configure the correct server and port.Most organizations go with the first option because Group Policy overwrites the SCCM setting.Once you make your switch over to SCCM, you can set any other Windows Update Group Policy settings to Not Configured.Syncing and deploying an update from the software update point Head back to the SCCM console and navigate to Software Library Software Updates All Software Updates.On the Home tab, select Synchronize Software Updates.A successful update synchronization on our primary server This initial synchronization can be a bit slow if you are syncing across many categories or products.While we wait, head to Assets and Compliance Device Collections.To keep update groups manageable, create a new folder named Software Updates.From here, I prefer to create a subfolder for each operating system or product as seen in the picture below.Software Update folders for each OS that we support.Within each folder, create two collections.The first collection should be a direct rule collection and should include the words Test Group in the name.To this collection, add specific machines that you have easy access to.Virtual machines make good candidates.The second collection should populate on a query that includes certain operating systems.Two common OS queries are below.The first query will include all Windows 8.The second query will grab any Windows 7 machines.SMSRSYSTEM. Resource.ID,SMSRSYSTEM. Resource.Type,SMSRSYSTEM. Name,SMSRSYSTEM.SMSUnique. Identifier,SMSRSYSTEM.Resource. Domain.ORWorkgroup,SMSRSYSTEM.Client from SMSRSystem inner join SMSGSystemOPERATINGSYSTEM on SMSGSystemOPERATINGSYSTEM.Resource. ID SMSRSystem.Resource. Id where SMSGSystemOPERATINGSYSTEM.Version like 6. SMSGSystemOPERATINGSYSTEM.Caption like Windows 8.SMSRSYSTEM. Resource.ID,SMSRSYSTEM. Resource.Type,SMSRSYSTEM. Name,SMSRSYSTEM.SMSUnique. Identifier,SMSRSYSTEM.Resource. Domain.ORWorkgroup,SMSRSYSTEM.Client from SMSRSystem inner join SMSGSystemOPERATINGSYSTEM on SMSGSystemOPERATINGSYSTEM.Resource. ID SMSRSystem.Resource. Id where SMSGSystemOPERATINGSYSTEM.Caption like Windows 7select SMSRSYSTEM.Resource. ID,SMSRSYSTEM.Resource. Type,SMSRSYSTEM.Name,SMSRSYSTEM. SMSUnique.Identifier,SMSRSYSTEM.Resource. Domain.ORWorkgroup,SMSRSYSTEM.Client from SMSRSystem inner join SMSGSystemOPERATINGSYSTEM on SMSGSystemOPERATINGSYSTEM.Resource. IDSMSRSystem.Resource. Id where SMSGSystemOPERATINGSYSTEM.Version like6. 3and.SMSGSystemOPERATINGSYSTEM.Caption likeWindows 8.SMSRSYSTEM. Resource.ID,SMSRSYSTEM. Resource.Type,SMSRSYSTEM. Name,SMSRSYSTEM.SMSUnique. Identifier,SMSRSYSTEM.Resource. Domain.ORWorkgroup,SMSRSYSTEM.Client from SMSRSystem inner join SMSGSystemOPERATINGSYSTEM on SMSGSystemOPERATINGSYSTEM.Resource. IDSMSRSystem.Resource. Id where SMSGSystemOPERATINGSYSTEM.Caption likeWindows 7The end result should look like the screenshot above.In this guide, we configured WSUS and SCCM for update synchronization.We changed the required Group Policy settings and created a granular update collection hierarchy.In our next post, we will look at automatic deployment rules, how updates actually install, and how to configure update schedules.If you have any questions or issues, leave a comment belowWin the monthly 4sysops member prize for IT pros.Related Posts. SCCM and Group Policy update rings make updates easier.Pushing HP BIOS settings and updates with SCCM.Windows Server 2.Last week, Microsoft announced the final release of Windows Server 2.In addition, Microsoft has announced that Windows Server 2.I can now publish the setup of my lab configuration which is almost a production platform.Only SSD are not enterprise grade and one Xeon is missing per server.But to show you how it is easy to implement a hyperconverged solution it is fine.In this topic, I will show you how to deploy a 2 node hyperconverged cluster from the beginning with Windows Server 2.But before running some Power.Shell cmdlet, lets take a look on the design.Design overview. In this part Ill talk about the implemented hardware and how are connected both nodes.Then Ill introduce the network design and the required software implementation.Hardware consideration.First of all, it is necessary to present you the design.I have bought two nodes that I have built myself.Both nodes are not provided by a manufacturer.Below you can find the hardware that I have implemented in each node CPU Xeon 2.Motherboard Asus Z9.PA U8 with ASMB6 i.KVM for KVM over Internet Baseboard Management ControllerPSU Fortron 3.W FSP FSP3. 50 6.GHCCase Dexlan 4.U IPC E4. 50. RAM 1.GB DDR3 registered ECCStorage devices 1x Intel SSD 5.GB for the Operating System.Samsung NVMe SSD 9.Pro 2. 56. GB Storage Spaces Direct cache4x Samsung SATA SSD 8.EVO 5. 00. GB Storage Spaces Direct capacityNetwork Adapters 1x Intel 8.L 1. GB for VM workloads two controllers.Integrated to motherboard.Mellanox Connectx.Pro 1. 0GB for storage and live migration workloads two controllers.Mellanox are connected with two passive copper cables with SFP provided by Mellanox.Switch Ubiquiti ES 2.Lite 1. GBIf I were in production, Id replace SSD by enterprise grade SSD and Id add a NVMe SSD for the caching.To finish Id buy server with two Xeon.Below you can find the hardware implementation.Network design. To support this configuration, I have created five network subnets Management network 1.VID 1. 0 Native VLAN.This network is used for Active Directory, management through RDS or Power.Shell and so on. Fabric VMs will be also connected to this subnet.DMZ network 1. 0.VID 1. 1. This network is used by DMZ VMs as web servers, AD FS etc.Cluster network 1.VID 1. 00. This is the cluster heart beating network.Storage. 01 network 1.VID 1. 01. This is the first storage network.It is used for SMB 3.Live Migration. Storage.VID 1. 02. This is the second storage network.It is used for SMB 3. Adobe Flash Player 2009 Kostenlos Downloaden Mp3 more. Live Migration. I cant leverage Simplified SMB Multi.Channel because I dont have a 1.GB switch. So each 1.GB controller must belong to separate subnets.I will deploy a Switch Embedded Teaming for 1.GB network adapters.I will not implement a Switch Embedded Teaming for 1.GB because a switch is missing.Logical design. I will have two nodes called pyhyv.Physical Hyper V.The first challenge concerns the failover cluster.Because I have no other physical server, the domain controllers will be virtual.I implement domain controllers VM in the cluster, how can start the clusterSo the DC VMs must not be in the cluster and must be stored locally.To support high availability, both nodes will host a domain controller locally in the system volume C.In this way, the node boot, the DC VM start and then the failover cluster can start.Both nodes are deployed in core mode because I really dont like graphical user interface for hypervisors.I dont deploy the Nano Server because I dont like the Current Branch for Business model for Hyper V and storage usage.The following feature will be deployed for both nodes Hyper V Power.Shell management tools.Failover Cluster Power.Shell management tools.Storage Replica this is optional, only if you need the storage replica featureThe storage configuration will be easy Ill create a unique Storage Pool with all SATA and NVMe SSD.Then I will create two Cluster Shared Volumes that will be distributed across both nodes.The CSV will be called CSV 0.CSV 0. 2. Operating system configuration.I show how to configure a single node.You have to repeat these operations for the second node in the same way.This is why I recommend you to make a script with the commands the script will help to avoid human errors.Bios configuration.The bios may change regarding the manufacturer and the motherboard.But I always do the same things in each server Check if the server boot in UEFIEnable virtualization technologies as VT d, VT x, SLAT and so on.Configure the server in high performance in order that CPUs have the maximum frequency availableEnable Hyper.Threading. Disable all unwanted hardware audio card, serialcom port and so onDisable PXE boot on unwanted network adapters to speed up the boot of the server.Set the datetime.Next I check if the memory is seen, and all storage devices are plugged.When I have time, I run a memtest on server to validate hardware.OS first settings.I have deployed my nodes from a USB stick configured with Easy.Boot. Once the system is installed, I have deployed drivers for motherboard and for Mellanox network adapters.Because I cant connect with a remote MMC to Device Manager, I use the following commands to list if drivers are installed.Win. 32System. Driver select name,nversion egi.Version. Info. File.Version. gwmi Win.Pn. PSigned. Driver select devicename,driverversion.After all drivers are installed, I configure the server name, the updates, the remote connection and so on.For this, I use sconfig.This tool is easy, but dont provide automation.You can do the same thing with Power.Shell cmdlet, but I have only two nodes to deploy and I find this easier.All you have to do, is to move in menu and set parameters.Here I have changed the computer name, I have enabled the remote desktop and I have downloaded and installed all updates.I heavily recommend you to install all updates before deploying the Storage Spaces Direct.Then I configure the power options to performance by using the bellow cmdlet.POWERCFG. EXE S SCHEMEMIN.Once the configuration is finished, you can install the required roles and features.You can run the following cmdlet on both nodes.Install Windows. Feature Hyper V, Data Center Bridging, Failover Clustering, RSAT Clustering Powershell, Hyper V Power.Shell, Storage Replica.Once you have run this cmdlet the following roles and features are deployed Hyper V Power.Shell module. Datacenter Bridging.Failover Clustering Power.Shell module. Storage Replica.Network settings.Once the OS configuration is finished, you can configure the network.First, I rename network adapters as below.Name notlike v. Ethernet Interface.Description like Mellanox2 Rename Net.Adapter New. Name Storage 1.Name notlike v. Ethernet Interface.Description like Mellanoxdapter Rename Net.Adapter New. Name Storage 1.Name notlike v. Ethernet Interface.Description like Intel2 Rename Net.Adapter New. Name Management.Name notlike v. Ethernet Interface.Description like Intelonnection Rename Net.Adapter New. Name Management.Next I create the Switch Embedded Teaming with both 1.GB network adapters called SW 1.G. New VMSwitch Name SW 1.G Net. Adapter. Name Management.Management. Enable.Embedded. Teaming True Allow.Management. OS False.Now we can create two virtual network adapters for the management and the heartbeat.Add VMNetwork. Adapter Switch.Name SW 1. G Management.OS Name Management 0.Add VMNetwork. Adapter Switch.Name SW 1. G Management.OS Name Cluster 1.Then I configure VLAN on v.NIC and on storage NIC.Set VMNetwork. Adapter.VLAN Management. OS VMNetwork.Adapter. Name Cluster 1.Access Vlan. Id 1.Set Net. Adapter Name Storage 1.Vlan. ID 1. 01 Confirm False.Set Net. Adapter Name Storage 1.Vlan. ID 1. 02 Confirm False.Below screenshot shows the VLAN configuration on physical and virtual adapters.Next I disable VM queue VMQ on 1.GB network adapters and I set it on 1.GB network adapters.When I set the VMQ, I use multiple of 2 because hyperthreading is enabled.I start with a base processor number of 2 because it is recommended to leave the first core core 0 for other processes.Disable Net. Adapter.VMQ Name Management Core 1, 2 3 will be used for network traffic on Storage 1.Set Net. Adapter.RSS Storage 1. 01 Base.Processor. Number 2 Max.Processors 2 Max.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |