System Center Configuration Manager Hierarchy & Infrastructure basics

There are two types of Hierarchies are available in SCCM.

  1. Stand-Alone Primary Site.
  2. Central Administration Site(CAS)

Standalone primary site:-

The standalone primary site is ideal and recommended the setup for an organization less than 1 lakh users.

  • Stand-Alone Hierarchy can support max one primary site and 250 secondary sites.
  • Each primary site can support up 1,7500 clients and devices.
  • Each primary and secondary site supports up to 250 distribution points.
  • Each primary and secondary site supports up to 2000 additional distribution points configured as pull-distribution points.

For example- A single primary site supports 2250 distribution points when 2000 of those distribution points are configured as pull-distribution points.

  • Each distribution point supports connections from up to 4,000 clients.
  • Each primary site supports up to 15 Management points.

SCCM-2012-Architecture

Central Administration Site(CAS)

Central Administration Site is used for only Managing and Reporting.

  • A central administration site supports up to 25 child primary sites

Child Primary Site:- 

  • Each Primary site can support max one primary site and 250 secondary sites
  • Each primary site can support up 1,7500 clients and devices.
  • Each primary and secondary site supports up to 250 distribution points.
  • Each distribution point supports connections from up to 4,000 clients.
  • Each primary site supports up to 15 management points.

Secondary site:-

A secondary site can only be installed as a child site below a primary site. This site type extends the reach of a primary site to manage devices in locations that have a slow network connection to the primary site. Even though a secondary site extends the primary site, the primary site manages all of the clients.

The secondary site provides support for devices in the remote location. It provides support by compressing and then managing the transfer of information across your network that you send (deploy) to clients, and that clients send back to the site.

  • Each Secondary site support up to 15,000 desktops (computers that run Windows, Linux, and UNIX).
  • Each secondary site supports a single management point that must be installed on the secondary site server.

Note: – For more information please follow the bellow link.

https://technet.microsoft.com/en-us/library/gg682077.aspx

https://blogs.msdn.microsoft.com/scstr/2012/05/31/configuration-manager-2012-sizing-considerations/

https://docs.microsoft.com/en-us/sccm/core/plan-design/configs/size-and-scale-numbers

Site System:-

Each site can perform a wide variety of roles based on the site type. Any computer, either server or workstation, hosting a site system role is referred to as a  site system server. Some site system roles are required for operation of the site. Although roles can be transferred to other site servers in some cases, here is a list of site system roles that must exist in each site:

Component Server:   This is any server running the ConfigMgr Executive service.

Site database server:   This is a server with Microsoft SQL Server installed, hosting the ConfigMgr site database.

Site server:  This main role contains components and services required to run a central administration, primary, or secondary site.

Site system:  This role supports both required and optional site system roles. Any server (or share) with an assigned role automatically receives this role.

SMS Provider:  This is a WMI provider operating as an interface between the ConfigMgr console and the site database.

In addition to default roles, System Center 2012 Configuration Manager includes optional roles to support other capabilities:

Application Catalog web service point:  This role relays software information from the Software Library to the Application Catalog website.

Application Catalog website point:  This is an optional role required for presenting available software to users.

Asset Intelligence synchronization point:  This role synchronizes Asset Intelligence data from System Center Online by downloading Asset Intelligence catalog data and uploading custom catalog data.

Distribution point:   The DP holds application source files for clients to access.

Fallback status point (FSP):   The FSP provides an alternative location for clients to send up status messages during installation when they cannot communicate with their management point.

Management point:   The MP facilitates communication between a client and site server by storing and providing policy and content location information to the client and receiving data from the client such as status messages and inventory.

Mobile device and AMT enrollment point:   This optional role facilitates enrollment of Intel’s Active Management Technology (AMT)-based computers and mobile devices.

Mobile device enrollment proxy point:   This role allows the management of mobile device enrollment through ConfigMgr.

Out of band service point:    Use this role to allow out of band management of AMT-based computers.

Reporting services point:    This role is used to integrate reporting through SQL Server Reporting Services and is required if using reports.

Software update point (SUP):    The SUP provides software update management for ConfigMgr clients by integrating with Windows Server Update Services (WSUS).

State migration point:    When using OSD, the state migration point holds the user state data for migration to the new operating system.

System health validator point:    This role runs only on a Network Access Protection (NAP) health policy server. It validates NAP policies from the ConfigMgr client.

Site System Roles

ConfigMgr Roles CAS Primary Secondary Standalone primary Site Hierarchy
Application catalog web service X X H
Asset Intelligence synchronization point X X X H
Distribution point X X X X S
Endpoint protection point X X H
Enrollment point X X S
Enrollment proxy point X X S
Fallback status point X X H
Management point X X X S
Out of band service point X X S
Reporting services point X X X H
Software update point X X X X S
State migration point X X X S
System health validator point X X X X H

Feature Dependencies of System Center 2012 Configuration Manager 

ConfigMgr includes 13 optional roles that can be installed to provide a variety of additional functionality such as distribution points, management points, reporting services points, and so on. Each of these roles may have dependent technologies.  For example, BITS is required for distribution points. For more details, refer to the below link:-

https://technet.microsoft.com/en-us/library/gg682077.aspx 

Configuration Manager Discovery Types:-

In System Center 2012 Configuration Manager Discovery method plays a very important role for collecting the users and computers information. Configuration Manager uses a variety of discovery methods to gather resource information.

Here are the seven types of discovery methods:

  • Active Directory Forest
  • Active Directory Security Group
  • Active Directory System
  • Active Directory System Group
  • Active Directory User
  • Heartbeat
  • Network

Note:-

  • The Active Directory Forest Discovery method is new with this release and discovers trusted forests, AD sites, and Internet Protocol (IP) sub nets. In addition, this discovery method can automatically create AD site boundaries as well as IP sub net boundaries as they are discovered.
  • AD discovery methods can target specific LDAP paths. The discovery can search for resources recursively down that path if specified to do so. Optionally, ConfigMgr can expand groups and discover members of groups. In certain AD discovery types, you can specify attributes of the discovered resources as part of the information to retrieve.
  • Polling schedules are defined to run at set intervals. By default, most discovery methods run once a week. AD discovery methods also support delta discovery to help get newly discovered resources into the ConfigMgr database quickly.
  • HEARTBEAT DISCOVERY IS THE ONLY REQUIRED DISCOVERY  When a device installs the ConfigMgr client, it sends a heartbeat discovery record bringing the new resource into the database. Other discovery methods are not required and should be enabled with caution. For example, if computer records are not well maintained in AD, enabling any of the AD discoveries will fill the database with records of computers that may not exist.

Configuration Manager Agent (Client):-

The   System Center 2012 Configuration Manager agent, known as the client, resides on managed systems, servers, and workstations. The client checks in on a defined interval with the ConfigMgr MP to determine if new policies are available. This interval is by default 60 minutes, although you may expand it to 1,440 minutes (24 hours).

You can deploy the client in a number of ways. A common method of deployment is to pre-stage the client into an operating system image although many other methods also exist such as Manually installing, Automatically pushing installs with the ConfigMgr server, using software update, using group policy, and script (login or machine).

The ConfigMgr client performs a wide range of actions. It is responsible for collecting computer inventory, checking for security update compliance, facilitating remote control, managing the computer’s power state, managing application state (installing or uninstalling software), reimaging the computer, and managing computer settings. The client also downloads and applies policies received from the ConfigMgr server and sends up status messages. In addition, the client is intelligent enough to stay bandwidth-sensitive. By utilizing BITS, the ConfigMgr client can examine the available network bandwidth and throttle transfers to minimize any performance impact to the user.

Advertisements
Categories:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s