Title: Preparing for Systems Management Server Topaz Deployment Wally Mead Program Manager SMS Product Grou
1Preparing for Systems Management Server Topaz
DeploymentWally MeadProgram ManagerSMS
Product GroupMicrosoft Corporation
2Agenda
- Architectural changes in Topaz
- Planning for a new Topaz deployment
- Planning for an upgrade for SMS 2.0 to Topaz
- Interoperability with previous versions of SMS
- Questions and answers
3Site Architectural Changes
- No use of logon points
- New site system roles
- Management point, Server Locator point, Reporting
point, Recovery point - New client platform architectural changes
- Uses new site systems
- Site assignment is different
4Topaz and Domain Controllers
- Topaz does not have a logon point role
- Many IT shops did not like SMS installing code on
their domain controllers - In large domains, multiple sites would share the
domain controllers - Topaz does not affect domain controllers at all
- Unless you install an SMS role on the domain
controller - A few domain accounts and groups are created
- Provides more control over domain controllers
5New Topaz Site System Roles
- New site system roles to improve functionality
with new architecture - Server Locator point used instead of logon points
to start client installation process - Management point is used by mobile clients in a
similar way as SMS 2.0 clients use a CAP - Reporting point used to generate and view SMS
reports - All roles require Internet Information Server
- Management points and Server Locator points
require access to Microsoft SQL Server
6Topaz Site Systems
SMS SiteDatabase
ManagementPoint
Server Locator Point
Site Server
Reporting Point
Distribution Point
Client Access Point
7Server Locator Point Overview
- Server Locater points are used to start the
client installation process - Similar to the logon point role in SMS 2.0
- Maps clients to sites to complete installation
- Clients communicate to SLP using HTTP
- Can control which computers are SLPs
- SLPs can kick off standard or mobile client
installation - Place Capinst.exe, Smsman.exe, Client.msi, and a
logon script in Netlogon share - Can use a script to detect which platform to
install - Requires access to SQL Server
- Site database or replica
8Server Locator Points
3
SMS SiteDatabase
Site Server
Server Locator Point
4
Wheres my CAP?
2
Client
Active Directory
Client Access Point
Wheres the SLP?
1
9Management Point Overview
- Management points are used to interface with
mobile clients - Similar to the client access point role in SMS
2.0 - Clients retrieve policies from MP
- Clients report discovery, inventory, metering,
and status data to MP - Clients communicate to MP using HTTP
- Clients find a local distribution point through
MP - Can control which computers are MPs
- Requires MSMQ and BITS
- Requires access to SQL Server
- Site database or replica
10Management Points
Client policy retrieval Client data reporting
ManagementPoint
Site Server
SMS SiteDatabase
Client
11Reporting Point Overview
- Reporting points are used to create, generate,
and view SMS reports - Over 130 reports are currently built in
- Easy to create new reports and dashboards
- Requires IIS, because reports are viewed in a Web
browser
12Mobile Client Architectural Changes
- The mobile client does not use CAP
- Uses a Management point to download policies and
to find distribution points - Uses a Management point to upload discovery,
inventory, status, and metering data - The mobile client is assigned to a site
differently than the standard client - It is not required to be within the site
boundaries - It can be manually assigned during installation
of the client - It can roam from one site to another
13Preparing for Topaz Deployment
- Verify server software requirements
- Prepare Microsoft Active Directory environment
- Must decide whether to extend the Active
Directory schema - Decide on Topaz security mode
- Determine how to install clients
14Verifying Server Software Requirements
- Topaz only supports Microsoft Windows 2000
Server and later as site systems - No Windows NT 4.0 or Windows 2000 Professional
as site systems - Must be Windows 2000 SP2
- Requires SQL Server 7.0 SP3
- SQL Server 2000 is recommended
- Internet Information Server is required for many
site systems - Management point, Server Locator point, Reporting
point
15Preparing Active Directory
- Topaz can integrate with Active Directory in many
functions - Discovery of user, group, and computer accounts
- Publishing SLP and MP for client lookup
- Publishing of roaming boundaries
- If you are moving to Active Directory, do so
before Topaz deployment - Simplifies administration of Topaz
- Collapse domains if required
- Permit schema extensions?
- Configure Active Directory sites
- SMS can use Active Directory sites for site
boundaries
16Active Directory Schema Extensions
- If using Active Directory, you can optionally
extend the schema for Topaz interoperability - Schema extensions are not required, but helpful
for - Finding Management points for mobile clients
- Finding Server Locator points for standard or
mobile clients - If the schema is not extended, Management points
and Server Locator points can be found through
WINS - Automatic registration of Management points
manual registration of Server Locator points
17Determining Topaz Security Mode
- Decide on Topaz security mode
- Standard security is similar to SMS 2.0
- Limited security
- Many accounts to manage in the domain/Active
Directory - Advanced is secure
- Much more secure than Standard security
- Fewer accounts to manage (only group accounts)
- Requires Active Directory
- Can switch from Standard to Advanced after
installation or upgrade
18Determining Client Installation Methods
- Mobile clients can be installed through numerous
methods - SMS software distribution to upgrade existing SMS
standard (or SMS 2.0) clients - IntelliMirror/GPO deployment
- Manual installation
- Preinstalled image
- Logon script through SLP and Capinst
- Standard clients are installed through SLP
- Can run Capinst for automated assignment
- Can run Smsman pointed to assigned sites CAP
- Automated Push Installation of either client
19Client Installation Tidbits
- Automated Push Installation can be configured for
clients or site systems - Default is not to be enabled for either
- Cannot install standard client on a system
currently installed as a mobile client - Can install mobile client on an existing standard
client - Uninstalls the standard client, then installs the
mobile client - Can prevent mobile client installation with
registry setting - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ccm\SMSClie
ntConfig\PreferredClient Desktop
20Upgrading to SMS Topaz
- No direct upgrade from SMS 1.2
- Only SMS 2.0 SP2 or later can be upgraded
- Upgrade from SMS 2.0 is a simple process, similar
to a service pack - Must be aware of the reduced platform support in
Topaz - SMS site systems must be Windows 2000 or later
- No NetWare support
- No SQL Server 6.5 support
- No Windows 95 or earlier support
- No Windows Me or Windows XP Home
21Upgrading to SMS Topaz (2)
- Upgrade from central site (top-down)
- Similar to what we recommend when applying SMS
service packs - Must manually remove SMS logon points
- Setup will not start if SMS 2.0 logon points are
configured
22Topaz Readiness Analyzer Overview
- To help determine manual preparation steps for
upgrade, use the Topaz Readiness Analyzer - Launched from SMS splash screen
- Can also be run as a command-line program
- Verifies sites readiness to be upgraded to Topaz
- Analyzes data from SMS site database
- Reports results in HTML file
- Must be run within 24 hours of attempted upgrade
- If not run within past 24 hours, upgrade will not
start - Upgrade wont start without the results file
- Also stops if any errors detected (red
conditions) - Upgrade continues with warnings (orange
conditions)
23Topaz Readiness Analyzer Failures
- Site system platforms
- No longer support Windows NT 4.0 or alpha servers
- Client platforms
- No longer supports Windows 95, Windows Me, or
Windows NT 3.5x - Environment
- No longer supports NetWare or IPX
- SMS site version
- Only supports SMS 2.0 SP2
24Topaz Readiness Analyzer Failures (2)
- SMS 2.0 features
- Must be at least Microsoft SQL Server 7.0 SP3
- Windows Networking Logon Client Installation and
Windows Networking Logon Discovery must both be
disabled (no logon points) - Crystal Reports must be deinstalled
- Software Metering must be deinstalled
- SMS 2.0 site health
- Cannot have any SQL Server tables too large to
upgrade
25Topaz Readiness Analyzer Warnings
- Do not prevent upgrade
- Warnings that state something is not configured
properly - Advertisements with Uninstall program when no
longer advertised - SQL backup must have occurred within previous 24
hours - Clients installed to more than one SMS site
- Active Directory schema extensions not permitted
- SMS 1.2 clients or child sites
26Interoperability with Previous Versions of SMS
- Fully supports SMS 2.0 as child site
- SMS 2.0 sites cannot be a parent to Topaz
- No support for SMS 1.2 as a child
- Requires SMS 2.0 site between SMS 1.2 and Topaz
- SMS Administrator console can display SMS 1.2
grandchild site - No SMS 1.2 inventory into Topaz database
- No software distribution to SMS 1.2 sites
- Topaz SMS Administrator console can administer
SMS 2.0 child site - Full functionality except administering SMS 2.0
Software Metering
27Summary
- Topaz has compelling features for existing SMS
customers - Preparing for deployment to a new site
- Understand new site systems and requirements
- Determine Topaz security mode
- Prepare Active Directory
- Determine which client platform to use and how to
install clients - Upgrade from SMS 2.0 SP2
- Must use the Topaz Readiness Analyzer to
determine upgradeability - Easy to upgrade when issues are resolved
- Topaz supports SMS 2.0 child sites in the
hierarchy
28- Thank you for joining us for Todays Microsoft
Support - WebCast.
- For information on all upcoming Support WebCasts
and - access to the archived content (streaming media
files, - PowerPoint slides, and transcripts), please
visit - http//support.microsoft.com/WebCasts
- We sincerely appreciate your feedback. Please
send any - comments or suggestions regarding the Support
- WebCasts to supweb_at_microsoft.com