locked
SCCM 2012 - Planning for the unknown and best way to build? RRS feed

  • Question

  • Hi All,

    I’m looking for some advice on Planning, Designing and building a new SCCM server\instance.

    We inherited this Windows environment which had been both neglected and poorly built. When I started for this company, they had 3 domain controllers on 3 different OSs 2003, 2008, 2012. A 365-subscription setup in hybrid and a single SCCM server appears to be treated as a File server.

    Fast-forward a year and in-between providing user support and various unrelated projects we have built 2 new Domain Controllers, decommissioned the old DCs, ASDI-EDIT about 50 or so objects(including Tombstone DC) migrated roles over, raised the DFL to 2012, built new DHCP, NPS and Print servers and Repaired replication, DNS, DHCP, GPO issues, and I probably forgotten a few things.

    Now the core infrastructure is a bit more stable we are currently looking to get SCCM in working order. The things that currently work on it are the ones we either built or repaired ourselves, however there are still a lot of issues with it hence why we would like to build a new SCCM server\instance.

    I have not built nor designed a SCCM server\instance before, however I have done basic administration. I have done a fair bit of research but I’m currently at a stumped on the best method to move forward with this project.

    Here are some more details on the environment we are working with which need to be factored in for the planning and design:

    • We currently have 3 sites. (1 Headquarters and 2 smaller sites)
    • There is a chance that the HQ will be relocated down the track to a new site and we will downsize the current HQ. However, this has not been decided as of yet.
    • There are currently about 500 devices spread across the 3 sites (Computers only).
    • We would like to use more of the features of SCCM such as MDM so this would add potentially another 500 mobile devices.
    • The organization is expected to grow.
    • We also don’t have capacity on our SQL server, so we will need to build a new one as well.
    • We also need to replace our desktop\laptop fleet soon as the they at EOL.
    • The currently the SCCM server is used to deploy images and deploy AV.
    • We may also bring in under us a department which will require their packages

    My thoughts\current plans are:

    • Build new a hierarchy SCCM environment, parallel with the current one, consisting of a CAS (Central Administration Site) and a single PS (Primary Site) for the time being as more can be added afterwards.
    • Build a standalone SQL server.
    • Manually transfer and recreate the working packages, Task Deployments etc. as there isn’t that many.

    My questions are:

    1. First thing does my current plans sound reasonable?
    2. If I build the SCCM server\instance in my current HQ will I be able to relocate the CAS to the new HQ later if required? If so, are there any limitations to performing this?
    3. Are there any benefits to having the CAS at the new HQ as opposed to leaving it where I built it originally the future?
    4. Is building a standalone SQL server the best option? If not, where should I deploy the database? CAS or the first PS? Is that how it works?
    5. In terms of hardware resourcing (CPU, RAM, HDD and etc) how should I spec the VM for each role (CAS, PS and SQL)?
    6. Should I instead worry about just the immediate issue consider doing migrations a migration in the future? 

    I would really appreciate your thoughts on all or any of the above questions. Also sorry to write such a long post but I felt I needed to paint the whole picture of the environment.

    Cheers all!

    Monday, February 11, 2019 2:30 AM

Answers

  • I would go with the latest version of SCCM Current Branch (not 2012)

    You can do a backup and restore of a primary site to another server if you keep the same server name (if you need to physically move it)

    If you only have 500 devices then you don't need a CAS (unless you have over 150,000 devices. You would also be better off on co-locating the SQL server on the Primary Site server. You can have just one Primary Site and depending on link speeds of the other sites, look at deploying distribution points.

    Microsoft have a whitepaper on scaling for the primary site and sql server https://gallery.technet.microsoft.com/Configuration-Manager-ba55428e


    Monday, February 11, 2019 3:00 AM
  • I would go with Standalone primary and if required Secondary servers to the downstream locations.
    500 devices - 1 Sup in CAS.
    DP          - 1 in Primary and 1 in each secondary
    Since you have 365 subscription, hope you have azure AD and Intune subscription part of it, where in Intune would help you to manage the Mobile devices efficiently with Co-Management.

    Kamala kannan.c| Please remember to click “Mark as Answer” or Vote as Helpful if its helpful for you. |Disclaimer: This posting is provided with no warranties and confers no rights

    Monday, February 11, 2019 3:48 AM
  • Hello,
     
    1> Start from a standalone PS instead of CAS. As mentioned above, CAS must be used only when the number of clients exceeds 150,000. If CAS is needed in the future, you could expand the standalone CAS into a hierarchy with a central administration site.
     
    2> SQL on the site server or remote? Both could work, if you use a remote SQL, ensure that the intervening network connection is a high-availability, high-bandwidth network connection. The site server and some site system roles must constantly communicate with the remote server that is hosting the site database.
     
    3> 
     
    Refer to the whitepaper mentioned above to get detailed information about the Sizing guidance.
     
    Hope my answer could help you and look forward to your feedback.
     
    Best Regards,
    Ray

    Please remembers to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, February 11, 2019 7:46 AM

All replies

  • I would go with the latest version of SCCM Current Branch (not 2012)

    You can do a backup and restore of a primary site to another server if you keep the same server name (if you need to physically move it)

    If you only have 500 devices then you don't need a CAS (unless you have over 150,000 devices. You would also be better off on co-locating the SQL server on the Primary Site server. You can have just one Primary Site and depending on link speeds of the other sites, look at deploying distribution points.

    Microsoft have a whitepaper on scaling for the primary site and sql server https://gallery.technet.microsoft.com/Configuration-Manager-ba55428e


    Monday, February 11, 2019 3:00 AM
  • I would go with Standalone primary and if required Secondary servers to the downstream locations.
    500 devices - 1 Sup in CAS.
    DP          - 1 in Primary and 1 in each secondary
    Since you have 365 subscription, hope you have azure AD and Intune subscription part of it, where in Intune would help you to manage the Mobile devices efficiently with Co-Management.

    Kamala kannan.c| Please remember to click “Mark as Answer” or Vote as Helpful if its helpful for you. |Disclaimer: This posting is provided with no warranties and confers no rights

    Monday, February 11, 2019 3:48 AM
  • Hello,
     
    1> Start from a standalone PS instead of CAS. As mentioned above, CAS must be used only when the number of clients exceeds 150,000. If CAS is needed in the future, you could expand the standalone CAS into a hierarchy with a central administration site.
     
    2> SQL on the site server or remote? Both could work, if you use a remote SQL, ensure that the intervening network connection is a high-availability, high-bandwidth network connection. The site server and some site system roles must constantly communicate with the remote server that is hosting the site database.
     
    3> 
     
    Refer to the whitepaper mentioned above to get detailed information about the Sizing guidance.
     
    Hope my answer could help you and look forward to your feedback.
     
    Best Regards,
    Ray

    Please remembers to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, February 11, 2019 7:46 AM
  • Thank you for clarifying the backup and restore process as well as the that I could have distribution points to a Primary Site (I was not aware of this and under the assumption that it required a CAS).

    Wednesday, February 13, 2019 1:47 AM
  • Yes, We do have Azure AD and an Intune subscription (which was never set up). We will definitely look into this and ensure that we can build an environment which we can add this on at a later date.

    Wednesday, February 13, 2019 1:51 AM
  • Thanks, Ray!

    At this stage, I plan on running the SQL on a separate VM. 

    So about 3 servers to start off with and expand as required:

    1. Primary Server located at HQ
    2. SQL server located at HQ
    3. Distribution Point at HQ

    Once the initial setup is done and we obtain suitable hardware at the other sites we can then add distribution points there.

    What do you guys think of the above plan, hope to hear your feedback?

    Cheers,

    Wednesday, February 13, 2019 1:59 AM
  • Hello,
     
    Your plan sounds no problem.
     
    Best Regards,
    Ray

    Please remembers to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, February 13, 2019 2:26 AM