locked
SCCM 2012 (R2) Hierarchy - Multiple Sites (overseas) RRS feed

  • Question

  • First of all, I know there are already many question about SCCM design, but each company is unique and after the actual implementation you can't quickly change a SCCM organization.

    So it has to be right from scratch, so my appologies for yet another hierachy question.

    Situation:

    • Currently 3 Datacenters
      • 2 x Europe (600 clients)
      • 1 x Cloud (600 clients)
    • Planned for extra Datacenter in USA (300 clients)
    • Maybe Datacenter in Asian-Pacific

    • One ActiveDirectory

    • Each datacenter has several
           subsites accross it's continent
      • Line speed varies from 1Mbps to 20+ Mbps
      • Clients at subsites varies from 10 to 100
    • Oversees links: High latency

    • The Datacenter in the US (and some others as well) needs to be able to manage and create it's own deployment images, preferrable at the local site so we don't have to send big images over intercontinental lines.

    • All datacenters and larger subsites must be able to OSD, SUP, MP, PXE, DP, ..
    • No Need for HA

    Questions:

    • To CAS or not to CAS?

    CAS: One CAS in the primary Datacenter

    • Other Datacenters: Primary Sites
    • Larger Subsites of Datacenters: Secondary Site
    • Small subsites: PXE enabled DP's.

    No CAS: Primary Site on primary datacenter

    • Other Datacenters: Secondary sites
    • Larger subsites: Secondary sites (to control upward traffic)
    • Small subsites: PXE enabled DP's


    • SQL separate machine or collocated ? (the latter one being best practice according to MS)

    At first it looked pretty clear to me to go for the CAS scenario, however after hours of reading and looking for more information on the Internet, it isn't so obvious anymore.

    It seems like there are not many situations to use a CAS hierarchy except if you have more dan 100K clients.

    Would be very grateful with your input.

    Tuesday, September 24, 2013 10:26 AM

Answers


    • Oversees links: High latency

    • The Datacenter in the US (and some others as well) needs to be able to manage and create it's own deployment images, preferrable at the local site so we don't have to send big images over intercontinental lines.


    The first one would be an argument for not using a CAS. CAS and primaries should be "well connected".
    The second one would require local primaries.
    Why do they need to create custom images? Try to find something that let's you use a single image only (modification to it can be done during OSD using MDT etc) and you might be able to use a standalone primary site and secondaries at the remote location.

    Torsten Meringer | http://www.mssccmfaq.de

    • Marked as answer by stevendes Tuesday, September 24, 2013 2:43 PM
    Tuesday, September 24, 2013 10:32 AM
  • I concur with Torsten. If folks need to create custom images, have them do it using a virtual system co-located with the primary. That doesn't solve the issue completely, but it does mitigate most of the issue They should be using virtual systems anyway so it shouldn't matter that it's across the pond).

    Staying away from the complexities of CAS replication and the latency, overhead, and additional administrative burden it brings is a *very* good thing.

    As for using a separate SQL Server, no way, not for 2,500 clients (heck not even for 25,000 clients).

    Yes to the DP Groups also.


    Jason | http://blog.configmgrftw.com

    • Marked as answer by stevendes Tuesday, September 24, 2013 2:43 PM
    Tuesday, September 24, 2013 2:36 PM

All replies


    • Oversees links: High latency

    • The Datacenter in the US (and some others as well) needs to be able to manage and create it's own deployment images, preferrable at the local site so we don't have to send big images over intercontinental lines.


    The first one would be an argument for not using a CAS. CAS and primaries should be "well connected".
    The second one would require local primaries.
    Why do they need to create custom images? Try to find something that let's you use a single image only (modification to it can be done during OSD using MDT etc) and you might be able to use a standalone primary site and secondaries at the remote location.

    Torsten Meringer | http://www.mssccmfaq.de

    • Marked as answer by stevendes Tuesday, September 24, 2013 2:43 PM
    Tuesday, September 24, 2013 10:32 AM

    • Oversees links: High latency

    • The Datacenter in the US (and some others as well) needs to be able to manage and create it's own deployment images, preferrable at the local site so we don't have to send big images over intercontinental lines.


    The first one would be an argument for not using a CAS. CAS and primaries should be "well connected".
    The second one would require local primaries.
    Why do they need to create custom images? Try to find something that let's you use a single image only (modification to it can be done during OSD using MDT etc) and you might be able to use a standalone primary site and secondaries at the remote location.

    Torsten Meringer | http://www.mssccmfaq.de

    I think the first is definitely taking precedence over the ability to make custom images.

    I guess I could indeed create one golden base image and copy it over once and let them do their customization through TS, etc.

    So I currently have this setup in mind.


    • Datacenter 1: P01
      • Datacenter 2: S01
        • Subsite 1: DP01
        • Subsite 2: DP02 
      • Datacenter 3: S02
        • Subsite 3: DP03
        • Subsite 4: DP04 
      • Datacenter 4: S03

    With all distribution points connected to the same Datacenter grouped in a Distribution Group.

    This would allow me to simply add new subsites in a distribution group and receiving the same config and content as the existing ones, right?

    Is there any reason why I should run the SCCM DB on a different SQL server?


    Tuesday, September 24, 2013 11:31 AM
  • Just keep it on the site server; it's much easier and there will be only ~2.5k clients.

    Torsten Meringer | http://www.mssccmfaq.de

    Tuesday, September 24, 2013 1:15 PM
  • I concur with Torsten. If folks need to create custom images, have them do it using a virtual system co-located with the primary. That doesn't solve the issue completely, but it does mitigate most of the issue They should be using virtual systems anyway so it shouldn't matter that it's across the pond).

    Staying away from the complexities of CAS replication and the latency, overhead, and additional administrative burden it brings is a *very* good thing.

    As for using a separate SQL Server, no way, not for 2,500 clients (heck not even for 25,000 clients).

    Yes to the DP Groups also.


    Jason | http://blog.configmgrftw.com

    • Marked as answer by stevendes Tuesday, September 24, 2013 2:43 PM
    Tuesday, September 24, 2013 2:36 PM