none
Configuration Manager 2016 - System Container

    General discussion

  • Hi

    I'm ready to install Configuration Manager 2016 on a big company, all servers are 2012 R2

    The environment are root domain and three child domain

    I'm preparing all prerequisites before to install the installation on a child domain. One prerquisites is to create a System Management Containter into System container on the domain where sccm will be installed. However, the company do not have access to all child domain, only on specific organizational unit where they work and have the servers, users, etc..

    The CN=System container is visible on child domain and I could create System Container into it, but the company created a custom container in another path, for example: OU=System Management,OU=WorkStations,DC=child,DC=domain=com and the IT administrators said I have to use the custom path to install SCCM, but according to Microsoft and the best practice is the best way to create containter into the CN=System container, right? 

    My question is, When I run the wizard to install SCCM 2016 there is any way to force and save the objects on the custom path?

    I hope someone could help me.

    Best regards from Mexico

    Friday, February 8, 2019 10:21 PM

All replies

  • > "Configuration Manager 2016"

    There's no such product. The current product is simply called Configuration Manager (ConfigMgr or SCCM) and sometimes referred to as Configuration Manager Current Branch (CB). The latest version of ConfigMgr CB is 1810.

    One prerquisites is to create a System Management Containter into System container on the domain where sccm will be installed.

    This is not a prerequisite and is not accurate. It's very helpful and recommended, but not required. Also, if you choose to publish information to AD, it doesn't have to be in the domain where the site server is installed. Ultimately, it just needs to be in any domain within the forest that the managed clients are part of because clients use a global catalog lookup to retrieve the information.

    but according to Microsoft and the best practice is the best way to create containter into the CN=System container, right? 

    This isn't a best practice (best practices are fool's gold btw), this is a hard and fast requirement. There is nowhere else to add this container for ConfigMgr to use it.

    However, the company do not have access to all child domain, only on specific organizational unit where they work and have the servers, users, etc..

    You don't have to have access to all child domains. As noted, it's a global catalog lookup and thus simply needs to be in a single domain in the forest.

    > My question is, When I run the wizard to install SCCM there is any way to force and save the objects on the custom path?

    No, as noted, this is not configurable and thus not part of any wizard or setting anywhere accessible in the product.


    Jason | https://home.configmgrftw.com | @jasonsandys

    Saturday, February 9, 2019 10:33 PM
  • Hi Jason 

    I appreciate your help, but now I´m very confussed I read your answers...

    I agree with you about SCCM 2016 is not a product lol, it is a SCCM Current Branch.

    So you say the System Management Container is not necesary to create it. Then when I run the wizard to install SCCM where save objects because tipically SCCM save all objects on System Container into CN=System.

    However, According to your answers, I could install SCCM without the CN=System Management,CN=System container? I mean, Could I omit and continue to install the product?

    My dude is not clear or maybe I´m not trying to explain me very well...

    I apreciate your answer.

    Best Regards!!

    Luis Reyes Gaspar

    Monday, February 11, 2019 3:30 PM
  • > So you say the System Management Container is not necessary to create it.

    Correct, as I've called.

    Then when I run the wizard to install SCCM where save objects because tipically SCCM save all objects on System Container into CN=System.

    The product install wizard has nothing to do with any of this and there is never a prompt or any configuration possible for any of this as I called out. You either create the "system management" container or you don't. If it's there and you've enabled publishing, ConfigMgr will publish to it. If it's not there or you don't enable publishing, it won't

    Could I omit and continue to install the product?

    Yes, as noted, this is optional. It's highly recommended as it's very helpful, but not required.


    Jason | https://home.configmgrftw.com | @jasonsandys

    Monday, February 11, 2019 4:13 PM
  • Dear Jason

    I apreciate your help again!!!

    I only need to create a test lab and recreate this environment, if you said the container is not necessary, I´ll need to see where the objects are created when I run the wizard to install SCCM and I will see if some task post installation for example (deploy agents, deploy software, deploy OS Systems, etc.) are wrong or some tasks would present issues.

    I would like to mention you my results when I end up my test lab.

    Best regards!!

    Luis Reyes Gaspar

    Monday, February 11, 2019 4:59 PM
  • I´ll need to see where the objects are created when I run the wizard to install SCCM

    As noted, if you don't create the container, they won't be created at all -- how could they be in the container doesn't exist? Also, once again, this has nothing to do with any wizard anywhere.

    or some tasks would present issues

    Issues all depends upon your configuration because once again, publishing info to AD is highly recommended and does make configuration and client operations easier, but that doesn't make it necessary.

    You really should read the official documentation as it spells out all of this very clearly: https://docs.microsoft.com/en-us/sccm/core/servers/deploy/configure/publish-site-data


    Jason | https://home.configmgrftw.com | @jasonsandys


    Monday, February 11, 2019 6:22 PM
  • Hi Jason 

    I would like to share you that my test lab was created, my lab has:

    1 server 2012 R2 as DC

    1 server 2012 R2 as SCCM and SQL

    1 server 2012 R2 as WSUS

    The Configuration Manager and database were installed and the agents were deployed over 2 of them and then I installed WSUS and configure Distribution Point and Software Update Services for deploy updates, updates were for Server 2012 R2 and downloaded, however updates never have deployed.

    According to Microsoft and the link reference that you share me, if the schema is not extended I will need to configure DNS to publish management points and enable the option "Publish selected intranet management point in DNS" this option was enabled but updates are not installing on the servers. Below show the Management Point is configured: 

    

    In fact, in the configuration manager client DNS suffix was configurated as follow the image:

    Could you tell me if something in my environment is lost or it has wrong configuration, please?

    Best Regards from Mexico.

    Luis Reyes.

    Friday, February 15, 2019 5:19 PM
  • According to Microsoft and the link reference that you share me, if the schema is not extended I will need to configure DNS to publish management points and enable the option "Publish selected intranet management point in DNS" this option was enabled but updates are not installing on the servers.

    This is not correct, please read the document again. DNS publishing can be used but also is not required. You do not need to do either.

    > Could you tell me if something in my environment is lost or it has wrong configuration, please?

    I can't tell you that at all because I don't know anything about your configuration or if you are having challenges. What you have above though is perfectly fine based on the little I know about your environment.

    Update deployment has absolutely nothing to do with any of the above though. If the client agent is successfully installed and communicating with the site, then you need to move on to troubleshooting your updates: https://support.microsoft.com/en-us/help/10680/software-update-management-troubleshooting-in-configuration-manager


    Jason | https://home.configmgrftw.com | @jasonsandys

    Friday, February 15, 2019 6:19 PM
  • make sure you have a SUP in your boundary groups. 

    on that note, make sure you have configured them too, boundaries and boundary groups

    https://docs.microsoft.com/en-us/sccm/core/servers/deploy/configure/boundary-groups#software-update-points

    h


    HughMc

    Wednesday, February 20, 2019 2:45 AM
  • make sure you have a SUP in your boundary groups. 

    on that note, make sure you have configured them too, boundaries and boundary groups

    https://docs.microsoft.com/en-us/sccm/core/servers/deploy/configure/boundary-groups#software-update-points

    While this is a good thing to do for sure and essentially required, it has nothing to directly do with this thread.


    Jason | https://home.configmgrftw.com | @jasonsandys

    Wednesday, February 20, 2019 2:57 AM
  • yeah i was responding to his q about updates. kind of sounds like he might have managed to get updates to download but they are not installing on devices? could not have gotten that far either tho.

    "The Configuration Manager and database were installed and the agents were deployed over 2 of them and then I installed WSUS and configure Distribution Point and Software Update Services for deploy updates, updates were for Server 2012 R2 and downloaded, however updates never have deployed."


    HughMc

    Wednesday, February 20, 2019 3:41 AM
  • Hi HughMc

    I was reviewing about why updates were not deployed and you are OK on the boundaries group.

    Thanks alot for your help.

    The updates are currently deploying on servers

    Best Regards

    Luis Reyes

    Wednesday, February 20, 2019 3:20 PM
  • Hi Jason Sandys

    You are a master configuring and using SCCM

    You helped me so much my environment is currently working for deploying updates, deploying OS, reporting services, deploying agents.

    In fact, I would like to ask you that is not clear for me...

    I will try to explain it very clearly...

    SCCM will be installed on child domain that it has organizational units from differents countries, for example UK, Italy, Mexico, etc. However, SCCM only manage a specific Organizational Unit for example Mexico.

    I uderstand when SCCM is deployed I need to create CN=System Management container (This is very clear for me) under CN=System container, my question is: What happen if IT managers from Italy into the same child domain decide to deploy a new primary site for manage only organizational unit for Italy?

    Will both objects configurations be save under CN=System Management,CN=System on child domain?

    I appreciate your support

    Best Regards

    Wednesday, February 20, 2019 3:50 PM
  • What happen if IT managers from Italy into the same child domain decide to deploy a new primary site for manage only organizational unit for Italy?

    As long as they use a different site code and don't create overlapping site assignment boundaries, nothing different happens and everyone is happy.

    Will both objects configurations be save under CN=System Management,CN=System on child domain?

    Yes. The objects will all live there happily along side each other as long as the two conditions I called above are met.

    Once again though, creating this container and publishing to AD are *not* required. Very helpful, beneficial and recommended, but not required.


    Jason | https://home.configmgrftw.com | @jasonsandys

    Wednesday, February 20, 2019 4:55 PM