locked
SCCM 2012 Design (Planning Roles) Best Practices? RRS feed

  • Question

  • Hello,

    I'm currently in planning phase on deploying SCCM 2012 with SP1. I did some research (evaluating betas, practicing in virtual labs) on this, but I'm still a little bit uncertain on choosing the right design. I know there is no definitive single answer regarding this since it depends on several factors.

    Infrastructure:

    • 4 sites
    • 60 locations connected via VPN (each location contain around 50 devices - average distance between each location is less than 10ml)
    • Total of 3000 devices (workstations,servers etc.)
    • EndPoint Protection

    I'm planning the below structure:

    • 1 Primary Site (Single Processor / 8 cores with 16GB of RAM - virtual machine)
    • 1 SQL Server (Single Processor / 8 cores with 32GB of RAM - virtual machine)
    • 1 Server (Single Processor / 4 cores with 32GB of RAM - dedicated server) left alone!

    I'm uncertain on particularly deploying MP,DPs into multiple individual servers. Can anyone let me know the best way to put another server to host these roles or deploy another site? Any further help/suggestions would be greatly appreciated. Thank you!

    Wednesday, December 26, 2012 5:42 PM

Answers

  • For 3000 devices, you should only need the 1 MP on your primary site server.

     

    For your VPN  connected locations, you should evaluate whether or not you need a DP to make it so packages only go over the WAN once.  If you are doing OSD locally at those sites, you may want to put a DP at each since it can a pretty intense on a WAN connection.  If OSD is done only at the central site, it may not be absolutely necessary to deploy DP's

     

    For a 3000 device site, I don't see any technical reason to separate your primary site server and your SQL server.  It adds complexity and a second OS's overhead that really isn't justified.  I think you'll find that dedicating 8-12 GB of RAM to SQL, and having 12 available to SCCM and the OS should be adequate.  I would say start with 8 cores and only add additional if necessary.

     

    Just my two bits.  I hope that helps!

     

    Nash


    Nash Pherson, Senior Systems Consultant
    Now Micro - My Blog Posts
    <-- If this post was helpful, please click "Vote as Helpful".

    Wednesday, December 26, 2012 6:08 PM
  • Combine SQL and the primary site, install the user facing site system roles on the other server (MP, DP, SUP).

    Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund | Mastering ConfigMgr 2012 The Fundamentals

    Wednesday, December 26, 2012 7:32 PM
  • I wouldn't reduce the RAM if that amount has been approved. :-)

    No CAS is correct.

    I have 9000 computers and only 1 MP at the primary site and 125 DP's around the country. That works well and I am deploying OS's from CM.

    For 3000 computers I'd run everything on a single server at the primary and use DP's or secondary sites as needed. Personally I still prefer secondary sites but that suggestion will be highly debated by others I am sure. The only reason I have DP's rather than secondary sites is because I could not install secondary sites on my hardware.


    John Marcum http://myitforum.com/myitforumwp/author/johnmarcum

    Wednesday, December 26, 2012 9:47 PM
  • Correct, you have no need for a CAS. Nash

    Nash Pherson, Senior Systems Consultant
    Now Micro - My Blog Posts
    <-- If this post was helpful, please click "Vote as Helpful".

    Thursday, December 27, 2012 1:16 PM

All replies

  • For 3000 devices, you should only need the 1 MP on your primary site server.

     

    For your VPN  connected locations, you should evaluate whether or not you need a DP to make it so packages only go over the WAN once.  If you are doing OSD locally at those sites, you may want to put a DP at each since it can a pretty intense on a WAN connection.  If OSD is done only at the central site, it may not be absolutely necessary to deploy DP's

     

    For a 3000 device site, I don't see any technical reason to separate your primary site server and your SQL server.  It adds complexity and a second OS's overhead that really isn't justified.  I think you'll find that dedicating 8-12 GB of RAM to SQL, and having 12 available to SCCM and the OS should be adequate.  I would say start with 8 cores and only add additional if necessary.

     

    Just my two bits.  I hope that helps!

     

    Nash


    Nash Pherson, Senior Systems Consultant
    Now Micro - My Blog Posts
    <-- If this post was helpful, please click "Vote as Helpful".

    Wednesday, December 26, 2012 6:08 PM
  • Careful using VM's, if the host or disks are over committed you are asking for trouble. I never move SQL off the primary site server, it just causes headaches if you do. I think you are doing well on the amount of RAM you are allocatting, most people tend to not give CM and SQL enough. For 3000 machines you have more than enough here.


    John Marcum http://myitforum.com/myitforumwp/author/johnmarcum

    Wednesday, December 26, 2012 6:23 PM
  • Thanks for your prompt response. So the hardware is sufficient to manage 3000 devices - will consider on reducing RAM on SQL and add more to Primary Site server.

    We're not going to deploy OS via SCCM at this time. With less than 100 devices and without OSD at remote locations, I'm assuming that I don't need MPs at remote locations. Then I need to look into network bandwidth and latency to determine DP deployment, right?

    Obviously, CAS is also not needed, right?

    @John,

    I'm planning to consider RAID 10; With or without RAID 10, I will separate OS, Program Files, Paging file to individual disks on Primary Site server followed by placing SQL Database and Temp file.

    ----------------------------------------------

    When I deployed SCOM, I deployed multiple Management Servers to handle, but not sure in Configuration Manager! Any thoughts?

    Thanks again!

    Wednesday, December 26, 2012 6:30 PM
  • Combine SQL and the primary site, install the user facing site system roles on the other server (MP, DP, SUP).

    Kent Agerlund | My blogs: blog.coretech.dk/kea and SCUG.dk/ | Twitter: @Agerlund | Linkedin: Kent Agerlund | Mastering ConfigMgr 2012 The Fundamentals

    Wednesday, December 26, 2012 7:32 PM
  • I wouldn't reduce the RAM if that amount has been approved. :-)

    No CAS is correct.

    I have 9000 computers and only 1 MP at the primary site and 125 DP's around the country. That works well and I am deploying OS's from CM.

    For 3000 computers I'd run everything on a single server at the primary and use DP's or secondary sites as needed. Personally I still prefer secondary sites but that suggestion will be highly debated by others I am sure. The only reason I have DP's rather than secondary sites is because I could not install secondary sites on my hardware.


    John Marcum http://myitforum.com/myitforumwp/author/johnmarcum

    Wednesday, December 26, 2012 9:47 PM
  • John,

    By placing CAS, I'm going to deploy another server with SQL and also it requires further replication. I'm expecting that CAS is not required in my current scenario, right?

    I'm planning to deploy Primary Site with all roles on it along with SQL. In future, I can simply install DP,SUP on different servers followed by uninstallation of these roles from Primary Site server, right?

    Thanks a lot for your suggestions.

    Thursday, December 27, 2012 1:01 PM
  • Correct, you have no need for a CAS. Nash

    Nash Pherson, Senior Systems Consultant
    Now Micro - My Blog Posts
    <-- If this post was helpful, please click "Vote as Helpful".

    Thursday, December 27, 2012 1:16 PM