How to Install MECM-SCCM 2103 Step by Step Best Practice Harender Jangra

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone my name is jangra and in this video i'm going to show you how to install sccm current branch 2103 [Music] uh i already taken two virtual machines i already created these two virtual machines uh nothing else i installed in these two machines i just installed two virtual machines in these two virtual machines i have installed windows server 2019 and the ip address will be 100 50 and this will be the server where we will install active directory so our host name will be ad and our domain name will be cisco.com so guys you can install you can use any name so in this lab we will use these naming conventions and this is my second virtual machines where uh same os is installed windows server 2019 and ipad does will be 100 51 and this will be the dns ip so host name will be mecm and our fkdn name is macm.cisco.com [Music] let me show you these two virtual machines before that let me show you the configuration of these two virtual machines so in 80 machines i have provided 4 gb ram and 4 virtual processor and in mecm machines i have provided 8gb ram and for logical processor virtual processor so this is my ad machine let me show you the property of this virtual machine so we need to change the computer name before proceeding further and the 4gb ram we have so let me change the host name first [Music] so our hostname will be 80. just to restart and this is my sec machine where we will install ssm server let me show you the property of this virtual machines in this machine i have provided 8gb ram and you can see windows server 2019 standard os is installed so let me change the host name of this machine also so we will use mecm name just apply and just do restart your machine i just installed windows server 2019 in these two machines and did all windows update so the first thing we need to install active directory so guys i am just writing all the steps that we will use to follow we will follow to install our ssm server install active directory and configure dns server so let's do this thing go to your ad machine and to install active directory there is some prereq so first you should have a static ip address so static ip address will be we will use 100 50 and our router ip address is 1001 so i am providing it and same ip address of [Music] this machine you will have to enter in dns server because this server will also going to become a dns server [Music] and password should be enabled whenever you install any server operating system so in first attempt it will ask to provide the password so i already provided the password and uh second you should have a dhcp you should have a static ipa address that's it so server operating system is already there and these are the prereq to install active directory so now uh we can install active directory in this machine guys so how you can install active directory just open server manager click on add roles and features next next this is the server where we are installing active directory yes uh on servers role selection page you will have to select active directory domain services role add feature next uh nothing else you need to take just to click on next next and install [Music] once you install this role then you will have to configure it so click on prompt the server to a domain controller and choose add a new forest provide the domain name any any name you can use so in my case i am using cisco.com functional level you can use as per your requirement actually this task is taken care by vintel or ad team so uh we are we are using higher forest functional level so don't do any change and just provide the srm password so same password i am writing here you can enter any password next so it will automatically pick its net bios domain name next so in this folder actually its database is uh going to create so this is our test machine so we can use this directory otherwise microsoft recommend you should never you should know uh you should not use a c drive for active directory database and log files folder because this is operating system drive and if operating system get corrupt so your whole database will get lost so in our case we can use it because this is our test machine next next [Music] click on install now we can see it has been successfully completed so simply click on close automatically it will restart this machine just wait [Music] [Music] it is applying computer settings so you just need to wait little bit more it's taking too long time yeah so finally we can see uh it is asking us to login with the domain credentials so we will log in with administrator domain administrator now it has become active directory it has become domain controller login with the domain administrator and to close verify your active directory has successfully installed or not so simply you will have to follow some steps so first of all you just need to open local area connection so that your domain name can be visible here when when you install active directory and you restart this machine so by default our dns ip will get changed so we have to revert back it 10 00 50 so you are original ip address and then you can [Music] disable once and you can enable it so that your domain name can be visible on ethernet yeah now we can see cisco.com is visible for us and after that you just need to open windows admin tools and open active directory users and computers so here our domain name is visible and when you expand this you can see these are the or you end containers so you can create your own oh you so let's create a ou with the name of mecm or any name you can so in this ou i am going to create a service account so through the service account i will install secm server and provide the password and just ensure password never expire should be marked so scc admin is a domain user so through this user account we will install the sccm server so let me [Music] uh this is not a best practice actually you can you can add this user under a domain admin groups but this is not a recommended method ideally you should not use a domain admin account to install any service or any anything because domain admin uh can have a lot of different different powers so to install that particular service we just need the rights of that particular service we don't need full domain admin rights but in in our lab scenario we can use it so that every time we don't need to add it in local admin so let me add this under domain admin scroll so now you have to configure dns server so when whenever you open command prompt and you type ns lookup there is a command line through which you can you can check your dns server is working is responding or not so you can use this command line to test it so ns look up just press enter and it will show you uh the request timed out so it means our dns server is not responding properly or not configured so let me open local area connection again and let me disable ipv6 because we are not going to use ipv6 and it is still picking ipv6 in nslookup so we can untick this and now we have to configure dns server so how you can configure dns server so just open windows admin tool and there is a option for dns just expand it so dns is a server which is uh used to mainly use for uh domain naming conventions so there uh there has two zone forward lookup and reverse lookup so forward lookup zone is automatically configured we don't need to configure it and there is an entry with of our host name of our ad and you have to create a reverse lookup zone and then you have to create a pdr record so how you can create reverse lookup zone right click on reverse look up john click on next next yes primary zone we are going to create and default option we are taking yes ipv4 and provide the your network id so just provide the three octet first three octet and then click on reverse uh look up john name next and it depends on you guys how do you want to configure your dns server in my case i am using allow both non-secure and secure dynamic updates but in production you should not use this option because your dns server can update all records that is non-secure so non-secure means uh that is uh the machine that is not in our domain so maybe there is a scenario where a outsider client machine can get an from our dhcp server so that machine entry also will be updated on our dns server so that's why we should not use this option but this is our test machine so we can use this next and finish now we have to create a ptr record so expand this and just right click on free space and click on new pointer so why we are creating pointer record actually for one time uh we are mapping a manual entry for our ip2 host name so provide the complete ip address of your domain and just click on browse click on double click on 80 and forward look up double click on your domain name and go bottom and just choose the host name of your ready machine so this is one time activity manual you are mapping a ipad this to host name entry so that in uh next time it can automatically uh get update other records so now again we need to check ns lookup so right click on this and click on launch ns lookup now we can see our dns server is responding with our domain name and ipad does if you write here your ip address so it should show your fqdn so we have successfully configured our dns server so now let's come on our second steps so join mecm machine into domain so now our second step will be we have to join our mecm machine into domain let's come on our sec machine and login with local admin provide the same series of ipad static ip address so i will use 10 0 0 51 and i will use 1001 as a gateway and in dns server i will have to provide our active directory ip address 100 50. okay okay [Music] both machine should be communicated with each other means i mean to say like both machine should be in same network so before domain join you can test it 100 50 and machine is being able now i can join this machine into domain so how you can join a machine into domain just open the property of this pc and go to change setting and change and click on domain and just provide your domain name so my domain name is cisco.com and just click on ok so it will ask us to provide domain credentials who have rights to join this machine into domain so i will use ssm admin account to join this machine into domain and it has successfully joined machine into domain so just restart this machine [Music] uh guys now you can login with that particular service account so i will login with ssm admin account because everything i will have to do with this account in this machine i'm going to off our firewall so that communication will not break because by default your firewall blocks a lot of thing so in both machines you can do firewall off if you don't want to uh to firewall off then you will have to configure some rules and then uh you have to configure some inbound outbound rules allow some ports so next step is you have to extend active directory schema on your ad machine [Music] extend 80 schema on ad machines and create system management container [Music] and delegate it so why we need to extend active directory schema so guys when whenever you install ssm client agent so if you directly if you run ccm setup.txc so it contact to active directory to obtain some other information like site code sms mp name and all required all other required things so in case if your ad schema is not extended then your machine won't be able to get those information automatically so in that case we will have to provide those information manual so that's why we have to extend active directory schema so that our ssm can publish its required information on system management container so that's why we extend active directory schema so how you can do it first we need to extend schema and then we need to create a system management container so how you can do this go to active directory machine and you have to extend active directory schema on ad machine this is one time activity guys so this is my sec machine and in my ssm machine nc drive i already copied some media so i already copied all ssm installation media so if you open this so you will see there is a installer file for our secm 2103 so whenever you extract this file automatically it will be extracted on c roots so in this folder so there is a folder sms setup bin x64 and in this particular part there is a file ext adscs so uh this exe will have to run on ad machine to extend active directory schema so we will use this exe to extend active directory schema on ad machine so i will browse this path let's come on our system sorry ad machine and just browse your mecm folder mecm yeah in this file sms setup bin x64 and just ext adscs right click on this and right click on this exe and click on run as admin run so it will take two to three second and once it will complete it will create a log file text file on see root ext adscs so through this logs you can verify your schema has extended or not so now you can verify your schema is successfully extended so what it has added it has added these attributes and classes in uh site boundary mp site code and your all these though all these information now we have to create system management container so how you can create it go to windows admin and there is a option for adsi edit right click on this and click on connect to default naming context you will have to choose just expand this expand this so in this part we have to find a system yeah system cn equal to system there is a container and under this container we will have to create a new container with the name of system management so right click on this and click on new and click on object and choose container option from this list and click on next now provide the name system and space management so name should not be incorrect system space management and click on next and finish so now we have to delegate some writes on this container so on which for which object we need to delegate it actually we have some objects like ssm admin is also account which uh where we need to give some rights on the system management container and there is a machine mecm so in this machine also we have to delegate it and all some other things you can use like let me create a group servers and in this group let me add all these uh of all those objects which we have to delegate it so click on members and click on add so first i will use ssm admin and second i can use administrator and i will use computer account for a mission and any machine i also i will take ad machine yeah so these four objects uh i i'm taking in this group okay apply okay now simply i can delegate this group so all these four objects will get rides on system management container how you can do this so simply open active directory users and computers click on views and click on advanced features so once you click on advanced features you will see all the hidden items so expand system and open the system management container which we created earlier so there is a container system management right click on this and click on delegate control click on next and provide the all four objects or a particular group where you have added these objects so yeah i already created a group servers so rather than to add all four objects individually so simply you can use group and yes i want to delegate this group click on next and you have to choose create a custom task to delegate next don't need to do anything in on this page simply click on next and in this page we have to choose all options full control make sure all options should be selected simply click on next and click on finish so we have created system management container and we have delegated it that's it so uh the thing which we had to done on 80 machines we already covered now we need to do some other tasks on our sec machine so what other tasks we need to use so we need to install some roles and features on macm machines like iis dotnet framework [Music] and bits remote differential compression and guys there is some small is features which you need to choose you don't need to select all is features so simply you can use a powershell script which can enable only required components so let me show you that so guys there is a powershell command line i will add this command line on youtube description so you can use this [Music] so this is a command line and this is a powershell command line you can use it to install all these features like what exactly it is doing um and all all these things so there is a source path so you can use this path if internet is not working in your machine or you can skip it if internet is working in your machine so let me use it open powershell run as admin and just paste it and click on what it is saying [Music] okay [Music] so if it is not working maybe there is some problem in command line so guys simply you can find this powershell script from google let me find it again maybe there is some syntax error [Music] [Music] [Music] yeah so in this page and get it [Music] yeah this one we can use it and in this path you can use any drive so let me check if we have d drives mounted in this machine or not so we don't have windows server iso file mounted in this machine so we can add it go to hyper v virtual machine property and go to your dvd drive image path without just add your windows server iso apply okay and now we can see d drives there just uh open it short switch sxs so guys this is the part actually we needed this path to install some roles and features so you can add this path yeah d sources sx that's it so now you can use this command line powershell script go to powershell try to run it okay yeah now it has started to install all these things so you can see right now it is installing uh this feature web windows earth so it will show all the installation status in top so let it be finished so now it is adding a remote differential compression rdc you can see you must restart the server to finish the installation process okay so it has given some warnings uh you must restart the server to finish the installation process so let it be complete and once it will complete then we will restart the server so now it is adding dot net framework features and mainly for this feature only it require shows folder so we can see it has added remote differential compression uh bits background intelligent transfer service and these are the some iis features so is 6 wmi compatibility metadata compatibility and application development i i s api extensions and windows along with dotnet framework features so finally we can see it has been completed this process now we can restart this machine so it is completed actually yo sorry still it is running so it has started installation now it is adding this feature web asp.net [Music] [Music] [Music] [Music] [Music] okay so the last line it's i guess there is something is missing [Music] maybe there is active so let me again copy this yeah okay again it gives some error the name was not found okay let me restart this machine and before restart this machine just open local users and groups of this machine just open administrators group property and add your servers group which you created earlier so that computer account cm computer account also can get admin rights of this machine and in future we can use machine account to install any roles and features [Music] and now restore this machine after that we need to install some uh roads we need to install some software the first we need to install adk and win b and then we need need to install sql server so why we require adk and what is adk and win b actually adk is a software of microsoft which provides some operating system deployment features so this is a prereq and without install adk we cannot install secm server so this is must predict and it provides operating system deployment mainly it will be used for operating system deployment so in earlier versions microsoft was giving both features in a single iso file but now microsoft has separated these two things so separately we have to download adk and win p so i i already downloaded these two things in our ss machine let me login in ssm machine on c drive cm media folder i already copied our adk installation media so adk 2004 version we will use and i guess right now microsoft has released adk for windows 11 they have released so we can use it adk 2004 just open it and double click on adk setup file yes we want to install on this folder next we can use any option and accept so there is a lot of features and not all the features are mandatory but yeah there is some features are mandatory like a deployment tool is mandatory usmt is mandatory and what others [Music] so these two things are mandatory deployment tools and usmt is mandatory features that you need to select and all other features you can unselect but it depends on you guys how do you want to use it so i am using all the features because in future i can use these features like uh isd is a feature which is used to customize your image so that in future i can maybe i can require this so that's why i'm taking this so that again i don't need to install it click on install click on yes it has successfully completed click on close go to back and now install win pe so this is also a mandatory feature which you need to install and separately you will have to download it so just double click on adk winp setup file yes we want to install this on the same folder next next accept and this is a heavy feature so around 5.5 gb it will take uh this space uh estimated uh it require 5.5 gb so this is the only feature in this installer file and click on install uh vin p is also has been successfully installed close it now we need to install sql server so we will install sql server 2019 in this machine i already copied our installer media sql server 2019 enterprise so this is the iso just mount it and uh double click on your setup file yes so sql server will actually in sql server we create a database and in database we will have all the data of our ssm like inventory data applications data patching data so all other all all those details uh will get stored in this database so how you can install sql server and which version of sql server you can use it so sql server 2019 i guess it is the latest version um so i will use the latest version because we will install the ssm mecm2103 so you can check its compatibility on google like which version it can support so in our case we will install sql server 2019 just open uh a double click on your setup file and click on installation and there is a option new sql server standalone installation or add feature to an existing installation click on this [Music] click on next if you have license key you can enter otherwise you can use it for evolution version it will be free for around 180 days i guess next and next [Music] now we need to choose some feature that is mandatory so there is a mandatory feature uh database engine services so this is the mandatory feature which we must uh select and all other things it depends on you guys like if you want to use those features then you can check it otherwise don't select all uh other things uh in earlier versions of sql server we had included sql server management studio and reporting services but in the latest version they have uh differentiated they have separately launched it and now we just need to choose database engine services and we need to install sql server management studio and reporting services later on through different installer file in our case we can install it on c drive but yes we have some different drives so we have e drive where we have around 40 gb space and f try 40 gb space and g drive we have around 70 gb space so in g drive we will use we will create its database and other drive we will use for our other services so this is e drive and simply replace e drive instance root directory or the site yeah [Music] in e drive we will create it [Music] instance root directory so this is not a drive where our database will get created so simply it will create instance root directory and some shared features directory so we will [Music] configure it on e drive click on next so automatically it will create other folders like program files microsoft sql server and all other things we can take default instance like default instance it will create with the name of ms sql server and you can create your own custom instance just click on named instance and provide the uh any any custom instance name but for this you will have to configure some extra things like um but in my case i will use default instance ms sql server so instance is the thing under instance of our database will get create click on next in uh service account we will have to provide the service account through which we want to manage our sql services so let me use our ssm admin account yes we want to [Music] manage our sql services with the same account so you can copy it you can paste it and you can try the password so this is my password and you can control you can copy it and provide in both location in startup type let me use automatic and make sure in collision it should be sql latin general cp1cis this should be collision name if your installer file have different collision then you will face some problem to install ssm server so ensure collision name should be this click on next now we can use windows authentication mode and just click on add current user you can add one more user yes i will use administrator account and in data directories guys there are some other options in data directories like where your data root directory and where you will store your database so i will use our g drive for this so just write the g part and for other things you can okay so user database directory will get create on the same drive it's fine and user database log directory yes we want to change it uh we will use other drive photos f try so let me use f try simply you can change the folder name also like same name like microsoft sql server and log and you should define a different directories so that your backup or db backup should be created so in my case i can use the same drive like g drive because i don't have motorized i just have e f and g drive so let me use the same drive for backup yeah then go to tamp db actually you also can customize something and database directly ensure your database directory should be this and this one also should be and total initial sides okay it is fine so guys stamp db data files actually these um ndf file will get created so you can change the size of these log files and uh database size so initial size is uh 8 mb auto growth it can auto growth up to like 64 you can configure it and initial sides you can check it like 1024 or any other so default is okay max dope like this is the processor so that your sql server can use how many uh processor your sql server can use simultaneously so that you can configure it and click on memory and in earlier versions we had to change it later through sql server management studio but now in sql server 2019 we can we can set our memory at the time of installation so just click on recommended automatically it will calculate so there is minimum server memory and maximum server memory so you automatically it will calculate minimum uh and maximum so in minimum it it takes default zero so let uh let us provide some value for 0 9 6 so that minimum a 4 4 gb ram it can take and maximum around 6 gb uh it can take so then click on click here to accept the recommended memory configuration for the sql server database engine why we are set this why we are using this recommended method because sql server have a habit like it consumes all resource including ram and cpu so that we can define a limit so that sql server cannot use more than the specified ram and simply click on next click on install [Music] finally we can see our sql server has been successfully installed click on close close it now we have to install sql server management studio so yes we have sql server manual studio is just a tool to access your database and some roles informations so once it will complete then click on close and now you can install sql server cumulative update so i already downloaded a sql server 2019 um latest completed update so how you can apply this simply double click on this click on yes ensure if you already install reporting services it it will remove reporting services feature so we didn't install reporting services feature yet so we can install we can apply the soft fix completed to update i accept next and it is asking on which instance you want to use yes in this instance we want to use and click on next the checking [Music] and click on next update it will take some time so after applying this update simply we need to uh we need to install we need to start our ssn installation so at the time of system installation we will have to [Music] uh choose something like what would be our site code what would be our site name and uh role selection on which server so this uh type of things we have to keep in mind so let it be complete and then i will show you how to install ssm so this will be our last step so finally we already uh finally we applied our update for fix on this machine click on close and click on cancel so let it restart final because we have installed our roles and features we have added a lot of thing so before installing csm server just restart last time again login with ssm admin account so now go for ssm installation before that users can ensure your sql server services should be in running mode so yeah our sql server ms sql server services is a running mode so guys uh reporting services we will install in uh later and it is not a mandatory feature we can install it later and in my second video i will show you how you can configure and how you can install reporting services thing so in c drive i already extracted our ssn installation media in c drive we have a folder mem configmgr2103 so just open this and double click on your surplus file this is installer file so double click on plus file and click on install button yes [Music] click on next uh now we have to def uh define uh which type of structure you want to create so do you want to create a gas site or do you want to create a primary site so yes we want to create a primary standalone site so i'm taking this option install a configuration manager primary site and don't use this typical installation option because i am not going with typical installations so click on next and if you have license key you you can provide license key otherwise you can use the evaluation edition so it will be free for 180 days so next and choose the license agreement and click on next so now uh actually this is also a important thing so sim requires some language file for our server and client so it needs to download those file from internet so if you already have downloaded those files from any other machine then you can use this option and you can provide that part where you have downloaded those files but if you haven't downloaded those files earlier then you can use this option and then simply provide the path uh like where it can download those by so i already downloaded those files for this you should have internet connection and i already downloaded those files so i will use this option and let me show you guys where i play those files so in cm media i have created a folder prereq so in this folder i already downloaded those files okay so just copy this path and provide this path and click on next so guys like if internet is not working in your ssm machine so how you can download these files from a other machine where internet is running so let me show you in our ssm installation media there is a folder sms setup bin x64 so there is a file setup dll setup dll so you just need to double click on this file [Music] and then it will ask you to provide the location uh very where you can where you want to download those files so you just need to run this exe on a machine where internet is working and just click on download so it will download all required files and then you can copy those files on your ssa machine so now you can see uh it is uh for server language selection so by default english language is selected yes i want to use only english language so click on next and now it is saying for client language selection so yes it is for english language if you want to use any other then you can check that checkbox and in my case i i want to use only english language so next now it is a very important page and it is asking us to provide site code and site name so site code will be three digit uh code uh any any name you can like ind gg and bri or any anything you can try like let me provide ind android your site name so for example i want to use gluegram and now it is asking where do you want to install your ssm server so in my case guys i have g drive so let me install our system server on g drive because uh g drive is around 70 gb so just change the g name and yes we want to install this console as well so select this option click on next now it is saying uh do you want to join this machine into an existing hierarchy no we don't have any cash and we don't want to join this primary site under a guest site we want to create a primary standalone site so choose this primary standalone site option next and this is just a information or do you want to continue yes because right now we can have an option like later we can expand our hierarchy we can add cache site later so yes we want to continue now it is saying where you have installed sql servers if in in your case uh like if you have install sql server in different machine then you will have to provide sql server path here so simply provide the sql server name and instance name instance name you don't need to provide if you are using default instance in my case i am using default instance ms sql server so i don't need to provide it manually so uh it will be the data database so cm cm means configuration manager underscore ind ind means the site code which you have provided so it will create a ssm database with the name of cm underscore ind and this is the default port simply click on next and yes we proceed further so earlier at the time of sequel installation we have provided the g path so yeah it already taken g path and click on next and yes this is the server where we are installing sms provider so if in your case if you want to install sms provider on any different server then you will have to provide the different server name but yes we want to use sms provider is a very important role it provides read and write access on our objects so yes we want to install sms provider on the same row same machine next and this is also very important thing how do you want to communicate your client machine to server so do you want to communicate your client to server with https or http so if you want to communicate your your client machine with secm to with http then you will have to select this option otherwise you will have to choose https but for https you will require some extra configuration you should have a pki infrastructure but yeah i can configure it later so as of now i want to use http so choose the second option and click on next yes we want to install management point and dp these are the optional but important roles management point ndp it is saying do you want to install these roles on the same machine yes next and next this is for service connection point role actually it is saying uh do you want to install this role also it is uh this is the this is a role through which we get the updates of secm we get the information about updates of secm so that we can we can get up to date of our system yes we want to install it next and this is the summary click on next now it will check all the things and it is saying a warning ws on site server uh actually uh this is you can ignore it ws on site you can ignore it because uh we can install it later and the second verify site permission so if you are able to see begin install then you are um good to go but if you are getting multiple errors and warnings and begin install option is not coming then you will have to fix those things so right now it is saying sql server memory allocation because we uh don't have enough ram so we can skip it and simply click on begin install so once you click on begin install it will take around one hour and two hour depends on your system speed um so it will take uh around uh one and two hour to complete it then you can check it so as of now if you want to track it like how the installation is running so you can read some logs that will create it on c drive config mgr prereq setup and setup wizard so right now like what it is doing so you can read it through these logs so i am i'm just pausing this video as of now so i will resume it once it will complete its process so guys finally we can see cm had successfully installed and it took around 44 minutes to complete this process so click on close cancel and now simply you can check after open ssm console now you can see it is trying to connect its uh site database memcmecm.cisco.com and it has successfully uh connected me reopen this yeah so you can see it is for 180 days and it is connected to its ind site code and grugram is the site name so you can open administration expense site configuration and click on site so you can see this is your primary site and which version you have installed so click on this and click on about configuration manager so now you can see the current branch 2103 version has been successfully installed in this question so guys uh thank you for watching this video in this video we have learned about how to install ssm2103

Info

Channel: Harender Jangra

Views: 583

Rating: undefined out of 5

Keywords:

Id: xE1ePseCaag

Channel Id: undefined

Length: 94min 43sec (5683 seconds)

Published: Tue Sep 28 2021