Skip to main content

Software Update Management- SCCM 2012

The below post explains the end to end process of software updates management in SCCM 2012 Pre-requisites: 1.  WSUS Server (WSUS 3.0 SP2 ) should be installed on the SCCM site server or if you want to install WSUS on another server, it is important that you install WSUS administration console as the SCCM Server uses API. This  link explains the step by step procedure to install WSUS 3.0 SP2 2. Install SUP-Software Update Point on the SCCM Server . 3. Reporting Services Point: Install reporting services point role as described in this link . 4. Client agent: The software update client agent should be enabled(will be enabled by default) and the settings have to specified as per the requirement. On SCCM console, go to Administration>Site Configuration>Client settings>Right click on Default client settings> Click on Properties. If required, we can create custom client settings and then enable client settings for that settings. ...
4 comments

Building Customized SCCM 2007 Console

Most of the times, we have scenarios where helpdesk or package admins or security team need access to SCCM Admin Console to do some tasks related specific to their jobs. We can provided minimal access using Security Rights node but using the below steps we can provide user-friendly console to them and at the same time maintain the security permissions. 

This article addresses the step by step by procedure on how to build the customized configuration manager 2007 console:
The system where the SCCM Console is going to be installed should meet the supported configurations for the SCCM 2007.
http://technet.microsoft.com/en-us/library/dd547071.aspx

* MMC 3.0
   Download link: http://go.microsoft.com/fwlink/?LinkID=55423
* NET Framework 2.0
   Download link: http://go.microsoft.com/fwlink/?LinkID=56407 

Follow the below steps on the Site Server with an administrator account:

1. Click Start; click Run, type MMC, and then click OK.
2. On the Console menu, click Add/Remove Snap-in.
3. In the Add/Remove Snap-in dialog box, click Add.
4. In the Add Standalone Snap-in dialog box, select System Center Configuration Manager 2007, and then click Add.



5. When you click add, Database Connection Wizard will start, click next.


6. Select the database that you want to connect to, and then select custom console tree items to be loaded as shown.

Here I have connected to the primary server in my lab i.e. SCCM1



7. On the next screen, you can select the object for which access that has to be given.

Here, I have selected only “collections”.



Click next and click Finish.

8. When you have finished the Database Connection Wizard, click Close. The snap-in appears in the Add/Remove Snap-in dialog box. When you see the snap-in, click OK.


9. Select "System Centre Configuration manager" in the tree pane, right-click it and select "New Window from here"



10. In the File menu select options
  • Name the console here; I have named it as "SCCM Collection Console"
  • Change the Console Mode to "User mode - Limited access, single window"
  • Clear the checkbox for "Allow the user to customize view"
  • Tick the checkbox for "Do not save changes to this console" 
  • Save your snap-in from File menu and in the prompt about multiple windows being open click "Yes"

The customized mmc console for SCCM is built now; we can provide permissions on the SCCM server under Security rights node to classes or instances for the required users or user groups.

Here, I have created a user with the user name “User1” and provided access only to one collection under the collections node as shown.
  • Go to Security rights
  • Click on Rights
  • Click on New Instance right
  • Select the user name ( here it is contoso\user1 in the lab)
  • Select “Class” (here it is “collection”)
  • Select “Instance”(here it is WinXPmachines collection)
  • Select Rights( Here I have given just “read” access)


Click Next and Finish.
Share the mmc file with the helpdesk, package admins or the intended team and provide the necessary permissions on the console as shown above.

Labels:

Comments

Post a Comment

Popular posts from this blog

Software Update Management- SCCM 2012

The below post explains the end to end process of software updates management in SCCM 2012 Pre-requisites: 1.  WSUS Server (WSUS 3.0 SP2 ) should be installed on the SCCM site server or if you want to install WSUS on another server, it is important that you install WSUS administration console as the SCCM Server uses API. This  link explains the step by step procedure to install WSUS 3.0 SP2 2. Install SUP-Software Update Point on the SCCM Server . 3. Reporting Services Point: Install reporting services point role as described in this link . 4. Client agent: The software update client agent should be enabled(will be enabled by default) and the settings have to specified as per the requirement. On SCCM console, go to Administration>Site Configuration>Client settings>Right click on Default client settings> Click on Properties. If required, we can create custom client settings and then enable client settings for that settings. ...
4 comments
Read more

Operating System Deployment-SCCM 2007 Step By Step Procedure

This post explains the step by step by procedure (flow) to build, capture and deploy Operating System to a bare metal machine. It covers: A] Preparing SCCM Server for OSD B] Building and capturing OS image C] Deploying Operating Systems. There are two methods to capture OS image. a] Using Task sequence to capture  the OS from a reference machine.(Automating BUILD as well) b] Using Manual method.( build an operating system and then capture using SCCM) Here, I am building and capturing the image through Task Sequence. And also not using any USMT to migrate data since it is a plain bare metal deployment, not an upgrade. A]. Preparing SCCM Server for OSD: 1. Install WDS server role WDS 2. Install and configure PXE service point. PXE Service Point 3. General Supported Configurations. 4. Create and set Network access account.  5. Create and distribute the Configuration Manager 2007 package, all the relevant KB updates as packages. This post helps to create...
5 comments
Read more

Consistency validation for SQL Server registry keys failed error -SQL for SCCM

During installation of SQL server, "Consistency validation for SQL Server registry keys failed” error pops up in the below scenarios. 1.   Previous installation of SQL exists. 2.   Inappropriate permissions on the registry keys of Microsoft SQL server. Solution that worked me is explained below. A. Identify the issue: 1. Go to %Program Files%\Microsoft SQL Server\100\SetupBootstrap\Log\”date  and time of installation” 2. Search (in Detail_GlobalRules.txt) for lines containing the following string "Could not fix registry key" 3. Run “regedit”, s et full control permissions for the appropriate registry keys mentioned in "Detail_GlobalRules.txt" file. Re-run the installation. B. Modifying the registry: 1. Locate HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server in registry. (To open registry, run “regedit”) 2. Right click and go to Permission 3. Click on Advance tab and c heck the below options.     i. Include i...
6 comments
Read more