نمایش نتایج: از شماره 1 تا 8 از مجموع 8

موضوع: Microsoft Systems Management Server2003

  
  1. #1
    نام حقيقي: as

    عضو غیر فعال شناسه تصویری absp
    تاریخ عضویت
    Feb 2010
    محل سکونت
    تهران
    نوشته
    10
    سپاسگزاری شده
    1
    سپاسگزاری کرده
    1

    Microsoft Systems Management Server2003

    با تشکر از دوستان عزیز
    اگر اطلاعاتی در رابطه با نحوه استفاده از Microsoft Systems Management Server 2003 دارید در اختیار اینجانب
    نیز قرار دهید. لطفا توضیحاتی برای نحوه راه اندازی این سیستم ارائه نمایید.
    با تشکر فراوان



    موضوعات مشابه:

  2. #2
    ARM
    ARM آنلاین نیست.
    نام حقيقي: علیرضا مشعلی

    مدیر بازنشسته شناسه تصویری ARM
    تاریخ عضویت
    May 2005
    محل سکونت
    اهواز
    نوشته
    1,898
    سپاسگزاری شده
    2497
    سپاسگزاری کرده
    1832
    پیشنهاد میکنم از System Center Configuration Manager 2007 استفاده نمایید.و در مورد آن مطالعه فرمایید.



  3. #3
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    اول کمی در اینترنت جستجو کنید، سپس پست جدید بزنید
    با تشکر
    کد:
    http://articles.techrepublic.com.com/5100-22_11-6025419.html
    SolutionBase: Deploying SMS 2003


    Takeaway: Systems Management Server 2003 gives you a lot of control over your network, but you must properly install it. In this article, Scott Lowe walks you through the process of setting up the primary site for SMS 2003.
    SMS 2003 gives you the ability to exercise complete control over the workstation on your network. You can do things with it to control workstations above and beyond that possible with simple group policies and Windows Server 2003. However, SMS 2003 isn't one of those programs you can install and forget. You must properly deploy it first. Here's how.
    Author's Note

    I have made a few decisions regarding my SMS installation:

    • I'm installing SMS 2003 with Service Pack 1.
    • I will extend the Active Directory schema to support the extended attributes provided for SMS to work better. I will do this manually before I deploy SMS itself, though. That way, for those of you that might have already deployed SMS 2003, you can see exactly how to extend your schema after the fact.
    • I will install SQL Server right on to the same server that runs SMS. In this case, I'm using the Enterprise Edition of SQL Server 2005, which works fine with SMS. For this article, I'm not going to go over a SQL Server 2005 deployment, though. SQL Server is already up and running and using Windows Authentication.
    • I will use the Custom installation type so you can see all of the potential decision points that need to be made.
    • I will use the Advanced security option.
    • Finally, I'll be installing an SMS primary site and, in my next article, a child site.
    • I'm planning on supporting ten SMS clients. Why only 10? I'm installing SMS into my lab, and not into a production environment. You don't need to be exact, but you should try to determine approximately how many SMS clients you will support as well. The SMS installer uses this number to calculate the size of the database and space needed by the log files.

    Let's get started.
    Active Directory schema extension

    While you can extend the Active Directory schema during the SMS installation, in many very companies, the Active Directory schema is closely guarded and can only be extended by certain individuals. Or, maybe you've already started to use SMS 2003, and you did not extend the schema during your initial deployment. Whatever the case, you can do this very easily now.
    Insert the SMS 2003 CD into one of your servers. It really doesn't matter which server, as long as you pick one that's a part of your domain. Make sure you log in to the server with a domain account that has the right to extend the schema.
    From the \SMSSETUP\BIN\I386 directory on the CD, execute the program extadsch.exe. You don't get any feedback from the program on the screen, but a command window will open up for a second or two. That's it.
    How do you know if it worked?
    The program writes a log file to C:\ExtADSch.log with all of the details. The file should end with the message "Successfully extended the Active Directory schema."
    Now you can proceed with the SMS installation.
    SMS installation

    When you insert the SMS CD, you get a launch window from which you can launch the SMS 2003 installation, read documentation, or install the Recovery Expert. For this article, click the SMS 2003 option.
    Figure A
    Choose the SMS 2003 option. The first part of the SMS setup wizard is the System Configuration screen. Since I'm installing SMS for the first time into my example domain (in this article, named example2.com), SMS hasn't detected any other installations. Click Next to move to the next step in the installation.
    Figure B
    No existing SMS installations were found. Based on what SMS finds already running on your network, it provides you with the options that are pertinent for your environment, as shown in Figure C. In this case, I can install a primary site, a secondary site, or the administrative tools. Since this is my first SMS server, I'm installing an SMS primary site.
    Figure C
    I'll go over a secondary site installation later. As I mentioned earlier, I'm going to perform a custom installation rather than an express installation. The next screen of the installation wizard asks you to make the same decision with the caveat that an express installation is really only adequate for lab testing.
    Figure D
    Choose the Custom option if you're installing to a production network. I'm not showing the next screen of the installation wizard, which asks you to read and agree with the product's license agreement.
    The next screen is pretty basic as well, and just asks you for your name, company name and product key.
    Figure E
    Provide registration details for SMS 2003. If you read my earlier articles on SMS, you know that each SMS site needs a unique site code. For this example, I'm using a site code of "LAB". Would I use this in a product setup? Nope. But, for a large installation, I would carefully plan my site codes in some way that made sense.
    I've also provided SMS with a site description as well as identified the domain that houses this site server.
    Figure F
    Provide a site code for this site server. The next screen of the installation provides you with the option to extend the Active Directory schema. You'll get this screen even if you've already extended the schema, and it doesn't hurt anything if you accidentally do it again.
    Figure G
    You can choose to extend the Active Directory schema anytime. If you don't do it here, you can run the extadsch.exe utility after SMS is installed. In my previous article, Get a handle on network clients using SMS, I also talked about the two different security modes available for SMS 2003--Advanced and Standard. On the next step, you need to choose which mode you want to support. Remember, you can move from standard to advanced security later on, but the reverse is not true. I'm using Advanced security for this installation.
    Figure H
    Choose your security mode, but do so carefully! The last decision at the top of the article indicated that I was planning an SMS installation for about ten devices. The SMS installer uses this approximate figure to calculate the size of the SMS database and transaction log device. As such, if you're not positive about how many devices you'll eventually be supporting, figure a little high.
    Figure I
    How many devices in both the current site and all child sites will ultimately be supported by this server? By default, SMS is installed into the \SMS directory on your system drive, but can be installed elsewhere if you like. On the next screen of the wizard, click the Browse button to change the installation directory. Further, if you want the ability to remotely control users' desktop computers using SMS, make sure to select the Remote Tools installation option. The SMS product itself and the administrative console are always installed.
    Figure J
    Choose your installation options and location. SMS requires the use of a SQL 7.0SP3 or higher database server in order to run. Now, if you were reading carefully early on in this article and you look at the first database selection screen shown in Figure K, you'll notice a discrepancy. I indicated that I am running SQL Server 2005 on my SMS server, but there are only options for SQL 7 and SQL 2000. Never fear. You can use the SQL Server 2000 option with the new version of SQL Server and it works just fine. If you opt to use a remote server as the database server, there are other steps you may need to take:

    • You must manually create the SMS database on the database server.
    • For standard security (SMS), make sure the SMS service account (not described in this article) is a member of the database server's local Administrators group.
    • For advanced security (SMS), make sure the computer account for the SMS site server is in the database server's local Administrators group.

    For my sample installation, I've provided the name of the server running SQL and indicated that I plan to use Windows Authentication with this server.
    Figure K
    Provide your database server options. For local SQL Server installations, the SMS installer can create the database for you.
    Figure L
    Do you want the installer to create the database for you? On the next screen, you need to name your SMS database. The default name is SMS_{site code}, but you can change this to anything you like. I highly recommend keeping the default so you can easily match things up later on.
    Figure M
    Provide a name for the database to be created by the installer. The next-to-final database option asks you to decide in what directory you want to create the SMS site database and transaction log. I've accepted the default here, which is C:\SMSDATA.
    Figure N
    Provide the name of the folder in which you would like to write the SMS site database and transaction log files. On the next screen are the final database parameters that you need to define. In this case, the SMS installer needs to make sure that SQL Server has enough connections to support its needs. If you use the database for other things, use a larger number in the "Minimum number of SQL Server connections" field. I've accepted the defaults here.
    Figure O
    Decide how many connections are needed by your SQL server. Next: the summary! The SMS installer is ready to install the product. On this screen, click the Finish button to complete the task. After you do so, the installer first creates the SMS database, and then installs the product using the parameters you specified during the wizard.
    Figure P
    The SMS installation summary And, just to make sure that SMS was really able to work with SQL Server 2005, I fired up the new SQL Server Management Studio. Figure Q shows you the successful result.
    Figure Q
    The database was, indeed, created. That's it!

    That's it for the primary parent site! In my next article, I will go over the process of installing a secondary site and performing some basic SMS administrative tasks




  4. #4
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://articles.techrepublic.com.com/5100-22_11-5885169.html?tag=rbxccnbtr1
    SolutionBase: Get a handle on network clients using SMS


    Takeaway: The more workstations you have on your network, the harder it is to manage them. That's where Systems Management Server comes in. With it, you can manage hundreds or thousands of workstations. Scott Lowe shows you how it works.
    Show of hands: How many of you have implemented a comprehensive Windows patching system based on SUS or WSUS? Ok. Now, how many of you are handling asset management either manually or with a third party tool? Ok. Now, how many of you are relying on your Active Directory expert in the office to manually create software distribution packages--and hoping that he never finds a job somewhere else? Almost done: How many of you are starting to support more and more mobile clients and constantly hoping like the dickens that you can keep these traveling tools safe and updated?
    Last question: How many of you would like to be able to handle all of these supporting roles (plus more) from a single package?
    Enter Microsoft Systems Management Server 2003, SMS 2003 for short. I'll just call it SMS in this article, but know that I am referring to the 2003 version of SMS.
    The mile-high overview

    SMS 2003's feature sets includes functionality that helps you keep track of your inventory, maintain patches across all enterprise systems, monitor software usage, remotely manage workstations, distribute software, maintain product licensing compliance and more. In this section, I'll briefly discuss each of SMS's major areas of functionality.
    Patch management

    If all you need to do is keep your systems current with the latest patches from Microsoft, SMS is probably overkill. You'd be better off with the Windows Server Update Services (WSUS), which accomplishes this goal very well. If you're looking for more than just patch management, you're reading the right article.
    You already know how critical it is to get patches applied as soon as possible after their release. Exploit code for publicly-announced flaws now shows up within hours of the flaw being announced, meaning that your window of opportunity to get your machines protected continues to shrink with each passing month.
    SMS 2003 can manage patches for the following products:

    • Windows
    • Office
    • Exchange
    • SQL Server
    • Internet Information Services (IIS)

    For these products, SMS 2003 can schedule update installations during any time period you specify, and can force a silent, uninterruptible installation to end user workstations, and a whole lot more. Moreover, the SMS Software Update feature gathers and provides all pertinent information related to updating systems. For example, you are provided with a list of currently installed service packs and updates and, based on this information, as well as on the configuration of the target system, are also provided with a list of pertinent updates. During the process, SMS links to the Microsoft knowledge base for each update so that you can learn about your level of need for application of a particular update.
    Patch management will be covered in more detail in a later article in this series.
    Inventory and compliance features

    How many computers running Windows XP Service Pack 2 do you have on your network? How many still have Office 2000 installed and need to be upgraded to Office 2003? How many systems have 256MB or less of RAM? With SMS managing your desktop computing environment, you can answer all of these questions, and a whole lot more, using its comprehensive hardware and software inventory features. SMS also includes reporting functionality allowing you to gain information about your infrastructure before you make important decisions.
    On the hardware side of things, SMS uses WMI--Windows Management Instrumentation--to gain detailed knowledge about the hardware associated with a particular system, such as the amount of system RAM, disk space in use, services and system processes. Further, SMS can use data from other sources, including SNMP, and DMI--Desktop Management Interface--to compile a more accurate, complete hardware inventory. The hardware inventory feature also maintains a history of hardware scans for each client.
    While the hardware inventory feature does gather some basic software stats (by using the contents of Add Or Remove Programs, for example), the complete software inventory feature set is much greater in scope.
    For software, SMS also uses multiple methods to determine what is installed on this machine. In addition to looking at the files located on a system, SMS searches Add Or Remove Programs to build a complete list of software installed on a computer. Like the hardware side, all of this is reportable, so you can more granularly target groups of machines for new software rollouts. SMS gathers significant information, and makes that information reasonably available, to help you in your desktop management efforts.
    Working in conjunction with this feature is SMS's Product Compliance mechanism. The Product Compliance feature allows a company to make sure that PCs are within corporate standards as far as software is concerned.
    Software distribution

    Even for smaller IT shops, software installation can be a major burden. In the worst case, IT staff has to physically visit each and every computer to perform an update. This is inconvenient and could be expensive if locations are geographically separated.
    SMS 2003's software distribution capabilities are both powerful and flexible. Consider this: Using SMS, you can choose to deploy the latest version of a software package across your organization only to those machines that meet the physical requirements for that new software. SMS accomplishes this goal by allowing you to consult the hardware inventory when you push out new software. As a result, you won't run into a situation in which you push software out to a machine that is physically incapable of handling the load. This also results in one less call to the IT Help Desk by the upset user of this machine.
    The SMS Software Distribution feature can even deploy software that requires administrative rights for installation. SMS accomplishes this by pushing the software with an "elevated rights" flag, and can fall back to running inside the user context at the appropriate point.
    Software usage metering

    With SMS's software metering and reporting features, you can take greater steps to stay within licensing compliance, and make more effective use of the licenses you have on hand. Even mobile systems not constantly connected to your network can be brought under the metering umbrella thanks to the SMS client's ability to maintain usage reports that are then uploaded to the SMS server once the system is connected to the corporate network. SMS 2003 can also monitor software usage in Terminal Server sessions, providing you with a more complete usage picture.
    Software metering captures a plethora of information about who is using your software, including the programs in use, who is using them, how long the software is in use and more. Simply put, this feature can help you stay in compliance with software contracts and can help you save a whole lot of money by making sure you're using your licenses.
    Remote tools

    SMS includes a complete suite of tools that help you to manage an end-user system:

    • Remote control: From the SMS server, take control of a remote computer. Similar to Remote Desktop.
    • Remote chat: Chat with the user sitting at the remote system.
    • Remote execute: Run any program on the remote client system.
    • Remote reboot: Reboot the remote client.
    • Remote file transfer: Transfer files between the SMS server and the client system.
    • Client diagnostics: Runs SMS diagnostic utilities on the remote client.
    • Network connectivity test: Uses the ping utility to determine the quality of the network connection between the client and the SMS server.

    The main benefit of these tools is probably pretty clear: They're all remote. Now, techs don't have to waste time visiting sites to handle problems for users that aren't able to clearly describe a problem. In today's environment of sprawling corporations and sky-high travel costs, this can be a huge time saver.
    Reports

    SMS includes a number of built-in reports, including computer configuration reports, inventory reports and many more. Further, you can create your own custom reports and build "dashboards", which provide at-a-glance information about various aspects of your computing environment.
    With the sheer amount of information collected by SMS, you definitely need powerful reporting functionality.
    System requirements

    Like any other software, systems running SMS, and those managed by the product, must meet certain requirements.
    Server side

    Microsoft recommends that your SMS server have a 550MHz or faster processor with at least 256MB of RAM and 2GB of free disk space. These are definitely extremely minimum, and almost ridiculous, requirements. In reality, you should size your server with a 1 or 2 GHz or faster processor with 1GB of RAM and a whole lot of disk space for updates, deployment packages, and so forth.
    SMS 2003 requires a SQL 7 SP3+ or SQL Server 2000 SP3a+ database in order to function. This database does not need to run locally on the SMS server, although SMS runs perfectly fine in this configuration. If you do run SMS and SQL on the same hardware, size your hardware accordingly. I'm providing SMS-only requirements in this article.
    In addition to SQL Server, some SMS functions also require IIS in order to operate. I'll go over this specific requirement in future articles in this series.
    Client side

    While the server is the main consideration in an SMS rollout, be aware that your clients also need to meet minimum requirements in order to be manageable under SMS.
    Microsoft recommends a 300MHz processor, 128MB RAM and 80MB minimum for systems managed under SMS.
    The client you use--Legacy or Advanced--drives some of these requirements. For installation, the legacy client requires 40MB of disk space with 40MB available afterwards for typical usage. The Advanced Client requires 25MB of space for installation, and Microsoft recommends that you keep 275MB available for general usage.
    New in SMS 2003, the Advanced Client is only available on Windows 2000 and above and also supports virtual machines running under Microsoft's Virtual Server 2005 and Virtual PC 2004 products. For versions of Windows prior to Windows 2000, including Windows 98 Second Edition and Windows NT SP6a, you need to use the Legacy Client. Neither client will work on other operating systems, including Windows 95 or NT SP5 or below. Note also that Windows XP Home is not supported under SMS and that the Legacy Client will no longer run on Windows 2000 or above.
    I should also note that you can also manage Windows XP Embedded systems with SMS using an Advanced Client.
    The advanced client uses the same technology as WSUS to handle background file transfers. This technology, called BITS (Background Intelligent Transfer Service), uses "spare" bandwidth to handle file transfers, meaning that it has less of an impact on system performance than other file transfer methods.
    The old SMS 2.0 client is now known as the "Legacy Client" and is less secure than the Advanced Client due to its reliance on domain accounts. In contrast, the Advanced Client uses local system and computer accounts and is the client of choice whenever possible. For mobile users, Microsoft heavily recommends use of the Advanced Client because of new features introduced to each the headaches of supporting roaming users. In fact, with the release of SMS 2003 SP1, Microsoft dropped support for the Legacy Client on machines running Windows 2000 or above.
    Feature packs

    Made available to extend the capabilities of SMS in various ways, Feature Packs all require SMS 2003 SP1 in order to function. As of this writing, these are three feature packs to tell you about.
    Operating System Deployment Feature Pack

    The Operating System Deployment Feature Pack provides a means for administrators to quickly and easily deploy Windows systems using images. Included in this feature pack are the following capabilities:

    • Image capture: Provides a way for you to capture a system image in Microsoft's imaging format.
    • Image deployment: Deploys previously captured images to target systems using SMS's Software Distribution.
    • Operating system package management: Allows you to customize settings for individual deployments, including network settings, notifications, and more.
    • User state migration: Makes it possible to preserve user profiles when installing new operating systems. This provides you users with a more seamless experience and fewer frustrations.
    • Reporting: Like everything else in SMS, this feature pack includes a number of reports to help you ascertain the success or failure of a particular task.

    Administration Feature Pack

    This feature pack includes tools that enhance SMS administrative tasks:

    • Elevated Rights Deployment Tool: Probably the most useful tool in this pack, the Elevated Rights Deployment Tool assists with the deployment of packages that require local administrator rights to the client system.
    • Managed Site Accounts Tool: Manage accounts and passwords.
    • Transfer Site Settings Wizard: Copy certain SMS settings (site configuration, package, and collection) between sites.

    Device Management Feature Pack

    This feature pack extends SMS's capabilities to mobile devices running Windows CE 3.0 or greater or Windows Mobile Pocket PC software. As for larger clients managed under SMS, the Device Management Feature Pack provides you with the ability to include mobile devices in your hardware and software inventories, to distribute software to mobile devices, to manage files, and more.
    More to come

    By now, you probably have a good idea about the basic functionality offered by SMS. In the next part of this series, I'll provide some deployment planning tips and go through a sample SMS 2003 installation




  5. #5
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://articles.techrepublic.com.com/5100-22_11-6028901.html?tag=rbxccnbtr1
    SolutionBase: Adding a secondary site in SMS 2003


    Takeaway: If you're using SMS 2003 to administer hardware over a large area, a single site won't be able to do the job. In that case, you'll need to add a secondary site. In this article, Scott Lowe shows you how to set up and configure a secondary SMS 2003 site.
    In previous articles in this series, I've talked about SMS primary and secondary sites, and, in the most recent article, went over, in detail, the installation of an SMS primary server. In this article, I will go over the addition of a secondary server, which can be used to expand your SMS system because of load, geographical, or bandwidth issues, or for whatever reason you might have.
    You can add secondary sites to your SMS environment in one of two ways. First, you can handle this task from the central SMS administrative console, or you can re-run the installer from the SMS installation CD on the new server, and choose the secondary site option. I'll go over both methods here.
    Prerequisites

    In order for the addition of the secondary site to work, you need to add the computer account for your primary SMS server to the Administrators account on your intended secondary server. The easiest way to do this is:

    1. From the intended secondary server, right-click My Computer and choose the Manage option.
    2. Under System Tools, expand the Local Users and Groups option and select Groups.
    3. In the right-hand pane, right-click the Administrators group and, from the shortcut menu, choose Add to Group. .
    4. On the resulting page, click the Add button. .
    5. Click the Object Types button and select the box next to the Computer option. This will allow you to add computer objects to the local Administrators group.
    6. Click OK.
    7. Back in the Select Users, Computers, or Groups window, type the name of your primary SMS server.
    8. Click OK.

    Install from the new server's console

    You can install SMS from the new server's console either locally, or through a remote desktop connection.
    For this installation, I'm installing onto a server named SMS3. It's also running Windows Server 2003 R2, but does not have its own database server. The secondary site doesn't need a database server since it will rely on the parent's database server.
    For this installation, I will describe all of the screens, but will only provide screenshots where the screen is significantly different than what you saw during the SMS installation in the previous article in this series.
    To get started, begin the SMS setup the same way, but on the Setup Option screen (Figure A), choose the Install an SMS secondary site option.
    Figure A
    Choose the secondary site option this time around. As before, you will get a license agreement screen. Again, I'm not showing this screen.
    This time, on the SMS Site Information screen, shown in Figure B, provide a different site code and site name.
    Figure B
    Make sure to keep your site codes unique. For my secondary site, I will also use the Advanced Security option rather than standard security.
    Figure C
    Choose your security type. Bear in mind that Advanced security is much preferred. As I did for the primary site, I will install SMS into C:\SMS for my secondary site and will enable the installation of Remote Tools. This time, however, there is no option for the administrative console to be installed since that tool just runs on the parent server.
    Figure D
    Note that the option to install the administrative console is not available here. When you install a secondary site, you get a new screen that you did not see at all before. This screen is a place for you to provide information regarding this server's parent site, including the parent site code and parent site server name. Further, you need to tell the SMS installer what kind of network is between the primary site server and this new secondary site server. Your options here are Local Area Network, Asynchronous RAS link, ISDN RAS link, X.25 RAS link and SNA over RAS link.
    In Figure E below, I've provided the information required and also indicated that these servers are in the same Active Directory forest. Take note of the warning that indicates that this site will not function until you take action from the parent site server.
    Figure E
    Provide the necessary information regarding the parent site. That's it. Now you get a similar summary screen after which SMS is installed into this secondary site server.
    Once SMS is completely installed on your new server and it's had time to communicate with the parent server, you can see the new site show up in the parent server admin console as seen in Figure F.
    Figure F
    Note the site "ST2" now shows up in the console. Install a secondary site from the SMS admin console

    If you'd rather keep things centralized, you can also install a secondary site right from the primary site's admin console. When you add a site in this way, SMS provides you with a wizard that guides you through the process.
    To get started, from the SMS primary server, open the SMS console. Expand the Site Hierarchy option and right-click the parent server in the site in which you want to add the new secondary server. From the resulting shortcut menu, select New | Secondary Site. The Create Secondary Site Wizard starts.
    On the first page of the wizard, specify the new site code and description for the secondary site as seen in Figure G. If you like, you can also provide a comment about the new site.
    Figure G
    Keep in mind that all sites in your SMS system must be unique. Screen two, Figure H, of the wizard asks you to provide the domain and server name for the new secondary server, as well as for the directory into which you want to install SMS on the secondary server.
    Figure H
    Specify the domain name and server name for your new secondary site server. Since, somehow, you need to install SMS on the new server, the wizard provides you with an option of using a local CD or copying the files over the network from the parent server. You can see this in Figure I. For this example, I'm going to let the wizard copy the files.
    Figure I
    Choose the method by which you want to install SMS on the secondary server. As you do with a local installation, you need to choose a security mode for your secondary site server. You'll do this on the screen shown in Figure J. I've explained the differences in security mode in previous articles in this series. I'm using the Advanced option for this server.
    Figure J
    Choose a security mode for your new secondary server. To create the new secondary site, SMS needs to communicate with the server. On the next step of the wizard, Figure K, you have the option of selecting an existing address to the new server, or of creating a new one. Since my lab server does not yet have any addresses defined, I will choose the Yes Create A New Address option.
    Figure K
    Create a new address to connect to the new server. The next screen asks you to define the new address to connect to the secondary server. Since I'm going over a direct network connection, I'll use the Standard Sender Address option and indicate that my server name is "SMS3", as you can see in Figure L below. If you want to specify a user account to connect to the new server, you can. However, since I already configured the primary server computer account to be a member of the local administrators group on the new server, I will leave this field blank.
    Figure L
    Provide the address type and destination server name. Likewise, the new SMS secondary server needs to be able to communicate with the parent. Provide the parent details here, on the screen shown in Figure M.
    Figure M
    Provide details for the connection back to the parent site. The last screen of the wizard provides you with a summary of your selections. Click Finish to begin the installation.
    To tell if the installation was successful, open the file C:\SMSSETUP.LOG (on the new secondary server) and look at the bottom of the file. You should see lines similar to:
    <01-08-2006 17:58:11> Started Site Component Manager
    <01-08-2006 17:58:11> Done with service installation
    <01-08-2006 17:58:13> SMS Setup completed successfully!
    You can also look back at the SMS console, and you will see the new secondary site sitting just below the primary site in the hierarchy. It should look similar to Figure N.
    Figure N
    The new site is ready and waiting for work. Troubleshooting tips

    If you run into a situation in which the secondary site either never shows up in the SMS manager, or just stays in a Pending state, and you have enabled secure key exchange between sites (on the Advanced tab in the site properties for your parent server), you may need to manually transfer encryption keys between your sites using these instructions.
    Manually transfer encryption keys from parent to child

    Now, you have to manually transfer encryption keys on the parent site server to the child. To do this, from the command line on the parent servers, do the following:

    1. C: (or whatever drive you installed SMS to)
    2. cd \SMS\bin\i386\0000040. (409 is the language code for English)
    3. Type "preinst /KEYFORCHILD", which generates the following output:

    C:\SMS\bin\i386\00000409>preinst /KEYFORCHILD
    Successfully created the CT5 file C:\LAB.CT5.
    Now, copy this file to the SMS\Inboxes\Hman.box folder on the child site server.
    Manually transfer encryption keys from child to parent

    At this point, you now have to manually transfer the installer-generated encryption keys from the secondary site server to the parent. To do this, from the command line on the second, do the following:

    1. C: (or whatever drive you installed SMS to)
    2. cd \SMS\bin\i386\0000040. (00000409 is the language code for English)
    3. Type "preinst /KEYFORPARENT", which generates the following output:

    C:\SMS\bin\i386\00000409>preinst /KEYFORPARENT
    Successfully created the CT4 file C:\ST2.CT4.
    Be careful of reserved names for site codes

    Suppose you've created a new site named 'CON' and are having trouble with it. The reason for this is that you've used a Windows reserved name for your SMS site code. The list of reserved name is fairly short and includes:

    • CON
    • PRN
    • AUX
    • NUL

    The reason that these site codes are reserved is pretty simple. In some places, SMS creates folders using the site code. Since these names are reserved names in Windows and are used for other specific tasks, SMS can't create the site folder.
    Two down!

    Hopefully, this and the previous article have helped you figure out your SMS installation and get your system up and running. In the next, and final, article in this series, I will detail some of the common administrative tasks that you can accomplish with SMS 2003




  6. #6
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://articles.techrepublic.com.com/5100-22_11-6033536.html?tag=rbxccnbtr1
    SolutionBase: Performing common administrative tasks with SMS 2003


    Takeaway: Now that you've got SMS 2003 set up and ready to go, you probably are trying to figure out what to do with it and how to make it work. In this article, Scott Lowe shows you to perform some of the most common chores you need to do with SMS 2003.
    SMS 2003 is Microsoft's latest foray into the system management space. In my previous three articles, I have provided you with an overview of SMS, and gone over a couple of different installation scenarios with the product. In this, the last article in this series, I will exhibit some of SMS's common administrative tasks that you need to undertake to get SMS up and running and really useful.
    Author's Note

    All of the items I show you here are performed from the SMS Administrator console, available at Start | All Programs | Systems Management Server | SMS Administrator Console.
    Make sure the BITS Server Extensions are loaded on your SMS server

    You learned in a previous article that SMS relies heavily on BITS--Background Intelligent Transfer Service--to efficiently transfer files around your network. This is different from the BITS service that Windows uses to download updates. It's an additional Windows component that you need to install.
    For Windows Server 2003 family, use Add/Remove Windows Components to install the BITS server extension. From the Control Panel, select Add or Remove Programs. Next, select Add/Remove Windows Components to display the Windows Components Wizard. Browse to and select Application Server | Internet Information Services (IIS) | Background Intelligent Transfer Service (BITS) Server Extensions. Make sure to have your Windows CD handy.
    Managing collections

    One of the first options under the Site Database selection gives you a way to manage collections in SMS. A collection is pretty much what it sounds like; through the use of collections, you can manage resources that have things in common. SMS comes with a number of predefined collections, all shown below in Figure A. In Figure A, I've selected the 'All Windows Server 2003 Systems' collection. In this collection, you see both of my lab servers, both running Windows Server 2003 R2.
    Figure A
    Create your own collections to be able to more easily manage groups of clients. Create a new collection

    At some point, you'll probably want to create your own collection of resources so that you can more easily manage specific groups of clients. To create a new collection, right-click the Collections option and, from the resulting shortcut menu, select New | Collection. The Collections Properties window opens.
    The Collections Properties window has four tabs: General, Membership Rules, Advertisements, and Security. For the creation of a new collection, just the first two tabs are important. On the first tab, the General tab, you're required to name your new collection and, optionally, provide a comment about the new collection. When you're done providing a name and description for your collection, choose the Membership Rules tab.
    Figure B
    On the general tab, give your new collection a name and description. If you don't provide any membership rules, your collection will remain empty until you do so. This screen has two primary sections: the membership rules section and the scheduling section. The scheduling part is pretty self-explanatory. It creates a schedule. "A schedule for what", you may ask? The schedule you create dictates how often the collection will be updated.
    The whole purpose of a collection is to make administration easier and, by providing the ability to schedule automatic updates of collection membership based on specific criteria (the membership rules), that's one less thing you need to worry about as you add and remove systems to and from the network. To set up your own schedule, click the Schedule button, which gives you the screen shown in Figure C. I'm not going to go into more detail about the schedule since the process is pretty self-explanatory.
    Figure C
    Create a schedule to automatically update the contents of this collection. Now, for the membership rules. In Figure D below, notice the four buttons to the right of the "Membership rules" heading. For a new collection, two of the buttons are grayed out. They two grayed out buttons, the third and fourth from the left, are used to make changes to and delete existing collections, respectively.
    The first two buttons provide you with different ways to create a new collection. The first button starts the Create Direct Membership Rule Wizard, enabling you to select specific SMS-managed resourced to include in the new collection. The second button opens the Query Rule Properties dialog box, which gives you the capability to add resources that match the query parameters you specify.
    I'll start with the direct membership method. Click the first button to start this process. The wizard gives you a screen on which you can choose a resource class--system, user group, or user resource--and an associated resource class (Figure D). Now, specify the value that will limit what gets included in the group. In Figure E, I've directly type the beginning of the NetBIOS name for the machines I want to include in this collection. Click the Next button once you've made your selections.
    Figure D
    Choose the resource class and attribute that you want to use to define membership to the group. Figure E
    You can use wildcards to define collection membership. The next screen, Collection Limiting, is useful if you've got a widely-distributed SMS infrastructure and have limited the access of certain administrators to specific resource groups, or if you want to limit the resource selection to a subgroup of an existing collection. If you want to limit the collections that are searched to create the new collection, click the Browse button and choose the collection that you want to start with. For this example, I'm leaving this field blank so I can search against the whole SMS database.
    Figure F
    Use this screen to limit the search to an existing collection. At this point, SMS has enough information to give you a list of resources that match the criteria you specified. On this screen, choose the resources you want to include in the new group, using the Select All and Clear All buttons as needed. In Figure G below, my sample search found a single system--SMS3 (remember, I have only two servers in my lab right now). Click the Next button to continue.
    Figure G
    Choose the resources to add to the new group. The final screen provides you with a summary of your selections. Click Finish to complete the wizard. After the wizard finishes, you're returned to the Collection Properties screen and the new membership rule shows up on the list.
    If you don't want to use the direct method to create a new rule, you can, by, from the Collection Properties window, clicking the second button from the left. This opens the Query Rule Properties dialog box. In this box are three area to which you need to pay attention. The first one is a name. The last option is the same collection limiting option you saw with the direct method.
    The middle section has the meat with three options for your collection needs. By way of example, I'm going show you a typical query. This query will choose all systems from your SMS database that start with the NetBIOS name "SMS". The best way to create a new query is to first import a query statement that defines another collection and then make adjustments as necessary. Use the "Import Query Statement" button to import a query from an existing collection (queries exist for most of your default collections) and the "Edit Query Statement" button to make adjustments.
    This query is used for my sample collection to find machines with a NetBIOS name that starts with SMS and that have at least 128MB of RAM.
    Select the "Edit Query Statement" window's Show Query Language button and type the query directly into the query statement window (Figure H).
    Figure H
    This probably isn't the most convenient way to accomplish your goal. Ok. The query language window probably isn't your first choice for a way to build your query. It's not all that user-friendly. Fortunately, SMS provides you with a much easier method. On the main query statement properties window, click the Criteria tab. In Figure I, you can see that I have selected two criteria for my collection. Click the '*' button to add more criteria.
    Figure I
    Click the '*' button to add more criteria to the list. When you click the '*' button, you're presented with windows similar to the ones shown in Figure J. Using the fields provided in these windows to choose any system attribute you want to use to narrow the scope of your new collection.
    Figure J
    Use these windows to create a narrowly focused collection. Regardless of how you go about it, creating a new collection will help you perform other common administrative tasks using SMS.
    Designate a site Management Point

    In order for many administrative tasks to function, you need to designate at least one SMS server to act as a management point (see previous articles in this series for more information about management points).
    I'm going to designate my primary SMS server to act in this role. Open the Site Database and choose Site Hierarchy | Your site here | Site Settings. Under Site Settings | Site Systems. This opens up, in the right-hand pane, a list of SMS systems. Right-click the primary systems (or whichever should get this role) and choose Properties. On the Properties page, choose the Management Point tab. Enable the checkbox next to "use this site system as a management point." Click either OK or Apply. If you get a message asking if you want to make this system the site's default management point, choose Yes.
    Figure K
    This will allow you to perform tasks such as installing the Advanced Client. Installing the SMS client

    One of your first SMS administrative tasks will probably be installing the SMS client on the servers and workstations you want to place under SMS' administrative control. You can do this on a system-by-system basis, or you can install the client to all systems in a collection.
    Enable client push and provide client accounts

    In order to be able to push the client out to resources, you need to enable client push installation. From the SMS management console, choose Site Database | Site Hierarchy | Your site | Site Settings | Client Installation Methods. In the right-hand pane, choose Client Push Installation. This opens a properties page with three tab for this service. On the first tab marked General, enable the checkbox next to "Enable Client Push Installation to assigned resources". Further, select the types of systems to which you want to be able to push an SMS client.
    Figure L
    Select the checkbox and move to the Accounts tab. On the accounts tab, click the '*' button and provide an account that has administrative access to the machines in the domain. The SMS client will be installed using this account's credentials. This way, you don't need to provide users with elevated rights to perform the installation.
    Figure M
    Provide an account that has administrative access to the machines in the domain. Likewise, you should also provide the software distribution portion of SMS with credentials. Choose Site Database | Site Hierarchy | Your Site | Site Settings | Component Configuration, and right-click Software Distribution in the right pane, and then click Properties. Under the Advanced Client Network Access Account option, click the Set button and provide a domain account that can be used to install software.
    Figure N
    Provide Software Distribution credentials. Client Push Wizard

    To start the wizard, select the appropriate resource, either an individual system from within one of your collections, or a collection itself, right-click the resource and choose All Tasks | Install Client - This starts the Client Push Installation Wizard.
    The first screen of the Client Push Installation Wizard asks you how (and whether) you want to handle the SMS client installation. First, you can choose install the SMS client, or to just gather system information without using the client. If you choose to install the client, you can choose the install the old legacy client, the new advanced client, or a combination of the two depending on the client OS. Or, you can opt to install your site's default client. Click Next to continue.
    Figure O
    Choose your installation options. Screen two of the wizard asks you to specify some client installation options, which are pertinent generally if you have selected to install the client to a collection of computers rather than a single system. For example, do you wish to install the client to domain controllers. Should the installation always proceed? This will allow you to repair or upgrade an existing client. Should clients from other SMS sites be included?
    Figure P
    Choose your client installation options. After this screen, you're provided with a summary window on which you should click the Finish button. If everything is working and the planets are aligned, the SMS client should be pushed out to your selected systems. If you're using collections to push out the client, make sure to update your collection membership (right-click collection, choose All Tasks | Update collection membership), or you will not see the updated status of your clients' client status (and, you'll spend three hours troubleshooting why the client isn't installing, which is what I did the first time I used SMS). Now, when you view the status of a collection, the clients inside that collection to which you pushed the SMS client now reflect their new status.
    Figure Q
    The SMS Advanced client is installed on these machines. Managing patches

    SMS is nothing if not extremely flexible. To that end, in order to use SMS to reliably scan client workstations for missing patches, you need to install a scanner provided by Microsoft that shares similar traits to WSUS. Named the SMS 2003 Inventory Tool for Microsoft Updates, in order to install this scanner into your SMS 2003 system, you need to be running SMS 2003 SP1 and have installed a number of hotfixes and updates.
    The SMS 2003 Inventory Tool for Microsoft Updates uses version 5.8 of the Windows Update Agent, which provides update support for the following Microsoft products:

    • Microsoft Windows XP Embedded
    • Microsoft Windows 64-bit edition
    • Microsoft Office XP and Office 2003
    • Microsoft Exchange 2000 and Exchange 2003
    • Microsoft Windows 2000 Service Pack 4 and later
    • All Windows components (such as MSXML, MDAC, and Microsoft Virtual Machine)
    • Microsoft SQL Server 2000 SP4 and SQL Server 2005
    • Additional products as published to the Windows Updates catalog

    To get started using the scanner, download and install the SMS 2003 Inventory Tool for Microsoft Updates. After downloading completes, extract the contents of the file to a folder. Before you actually install the scanner, you need to address some hotfix prerequisites. All of the hotfixes are available in the SMS2003ITMU_ENU\HOTFIXES folder of the download.
    Specifically, make sure you have address the following four points before you continue.

    • Onto machines that are site servers or clients onto which you have deployed the SMS administration console, install the hotfix outlined in Microsoft knowledgebase article 900257. This hotfix is available in the SMS2003ITMU_ENU\HOTFIXES\KB900257\ENU folder of the downloaded file. From that location, run SMS2003-SP1-KB900257-X86-ENU.exe.
    • Install an update for the SMS Administrator that corrects a display problem with SMS reports. Note that, in order to install this update, you must exit the SMS Administrator and stop the SMS_SITE_COMPONENT_MANAGER and SMS_EXECUTIVE services. Next, from SQL Server Enterprise Manager (SQL Server 7, 2000) or the SQL Server Management Studio (SQL Server 2005), run the update.sql script located in the download. Find this file at SMS2003ITMU_ENU\HOTFIXES\KB900401\update.sql.
    • Install a more recent version of the Advanced Client that supports the SMS 2003 Inventory Tool for Microsoft Updates. Note that this installation will stop and restart all SMS services. After installation of this update completed, you will need to push the client back out to workstations to enable this update. This can be accomplished by pushing the client out to an appropriate collection, making sure that the checkbox next to "Always install (repair of upgrade existing client)" is selected. In my lab, my systems were originally running version 2.50.3174.1018 of the client. This update upgraded my clients to 2.50.3174.1152. Locate the client version on your managed systems by, from a collection, right-clicking a system and choosing Properties.

    Figure R
    Make sure that, when using a collection to update the client, you select this option.
    • Install the latest Microsoft Windows Installer and install it on all of your managed clients. As of this writing, the latest version for currently supported operating systems is Windows Installer 3.1 (v2). This version of the installer supports Windows 2000 SP3+, Windows XP, and Windows Server 2003. Windows Server 2003 SP1 and Windows Server R2 include this version of the installer, so you don't need t update it. Windows Vista and Longhorn Server will use version 4.0 of the Windows Installer. You can see which version of the Windows Installer you're running by executing 'msiexec' from the command line.

    Now, with the prerequisites out of the way, from the download location, execute the SMSITMU.msi file to begin installation of the scanner itself. The first screen in the installer is a license screen while the second asks you for a destination folder. I accepted the default location of C:\Program Files\Microsoft Updates Inventory Tool.
    Next, you have to define a synchronization host computer, which will be responsible for keeping the Windows Update catalog current. I've opted to use my other lab server for this purpose. Further, since my lab systems have access to the Internet, they will automatically download the catalog as needed.
    Figure S
    Which system will act as the synchronization host The next screen of the installer asks you to define some distribution settings for the scanner. Specifically, do you want to copy the inventory tools package to your distribution points and, second, do you want to advertise the tool to your default collection. Finally, what computer will be used for testing of the tool.
    Figure T
    Inventory tool distribution settings. SMS clients managed by this tool use the Windows Update Agent. Do you want to create an SMS distribution object to automatically distribute the Windows Update Agent to your managed clients? If so, how should the distribution be handled? See Figure U.
    Figure U
    Windows Update Agent distribution settings. That's it. After making these selections, the update scanner installs and creates the SMS objects you defined during the installation. The installation takes quite some time since the initial load of the update catalog takes place.
    The actual patching process could be a whole article in itself. In a nutshell, right-click a collection or system and choose All Tasks | Distribute Software Updates. This starts the Distribute Software Updates Wizard.
    The first screen of the wizard asks you to choose an update type. You just went through the process of installing a scanner to support this process. If everything went well, you will see an update type of "Microsoft Update" available. Click Next to continue.
    Figure V
    Choose an update type. Next, choose a "New" package type since you want to create a new update package (no screenshot since there is only a single selection).
    Provide a name for your package. I've used the ever-original "Sample update package" here. The program name field is automatically updated to reflect this name.
    Figure W
    Provide a name for your package. I'm almost out of letters for figures, so I'm going to skip the next screen shot. The step in the wizard asks you to provide a name for the organization responsible for software update policies. I entered "Information Technology".
    On the next screen, you need to tell SMS how to scan client machines to determine which updates are required. The Windows Update Agent is good for this purpose.
    Figure X
    Tell SMS which inventory scan tool package you want to use. Windows Update Agent is good for system updates. The next screen of the wizard is, by far, among the worst interfaces I've ever seen. On this screen, choose the updates that should be available for deployment to your managed systems. This interface is really, really bad.
    Figure Y
    Choose the updates you want to install. On this last screen before updates are downloaded (only the catalog was downloaded earlier), you can usually just take the defaults. The information on this screen defines a directory to which updates will be stored and sent to distribution points.
    Each shot in Figure Z below corresponds to the bullet points below.

    • After the updates are downloaded, you're provided with a summary window indicating whether updates are ready for use.
    • After viewing the update summary, choose which distribution points should receive the updated package files. If you want to limit bandwidth, or update certain sites separately, this is a good way to accomplish these goals.
    • Installation agent settings allow you to decide if you want to collect the client inventory immediately or create templates regarding system state. Further, you can opt to postpone system restarts so users are not adversely affected by updates.
    • Also regarding the installation agent, you can tell SMS to perform an unattended installation of the updates and decide whether or not you want to notify users that an update is about to take place. In some situations, you can also allow the user to postpone the installation for a period of time.
    • Finally, should this set of updates be advertised to a collection. This way, if you missed a client, you might be able to catch it during the next window. A patch won't be installed if a system doesn't need it.

    Figure Z
    That was the fast and furious patch update explanation! Unfortunately, patching is a fairly complex process and I really wanted to introduce you to it in this article.
    That's it

    With SMS installed and running, some steps still need to be taken to make it a truly useful product. Creating collections, making sure the BITS server service is running, installing the advanced client, and getting a client scanner up and running are critical tasks to make SMS do its job. One thing to keep in mind is that, while SMS is touted as a complete management tool, it's very much a framework that you can extend to meet your needs. Microsoft does make other scanner available for SMS, however, and third party companies make their own SMS clients available for purchase that may have additional capability




  7. #7
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://articles.techrepublic.com.com/5100-22_11-5164895.html?tag=rbxccnbtr1
    SolutionBase: Get the most out of Systems Management Server 2003 Toolkit 1


    Takeaway: Take a look at each of the tools included in SMS 2003 Toolkit 1 and see what these tools can do.

    Microsoft’s Systems Management Server (SMS) has been around for years, but you don't typically see a lot written about it. Perhaps the reason is that SMS has long had a reputation for being difficult to configure and work with. Whether or not this reputation is justified is, of course, debatable. Whatever the case may be, Microsoft has seen fit to create a toolkit designed to make SMS 2003 easier to use.

    SMS 2003 Toolkit 1 contains tools designed to assist you with client deployment, software distribution management, health reporting, site maintenance, and general troubleshooting. I'll introduce you to the 13 tools that come in this free download.

    IIS Lockdown 2.1 and URLScan 2.5 templates
    If you're running an IIS in your organization, you're probably already familiar with the IIS Lockdown tool and URLScan. The IIS Lockdown tool is designed to make IIS more secure by disabling unused services and by locking down various IIS features. URLScan, on the other hand, is designed to filter HTTP requests coming into an IIS. The idea is that a hacker could potentially crash an IIS by entering malicious HTTP requests. URLScan gets rid of such requests before they can do any damage.

    SMS 2003 Toolkit 1 contains .ini files (template files) for both URLScan and IIS Lockdown. These files are designed to replace the .ini files that ship with the IIS Lockdown tool and URLScan. You can put the altered version of these tools in a shared location and then run them from anywhere on the network.

    Policy Spy
    Policy Spy is a utility designed to help you troubleshoot problems with SMS policies. Policy Spy is a GUI-based tool that can also be operated in limited capacity from the command prompt. Additionally, this tool can be run against the local server and against remote SMSs (although a few features do not work when used with a remote system).

    The basic premise of this tool is that you can evaluate both the user and the computer SMS security policy. If a problem is found, you can correct it or reset the machine or user to a state that uses the default policy. Policy Spy also gives you the option of exporting policy files to an .xml file. You can then import these policies into another SMS.

    SMS Trace
    SMS Trace, a log file viewer, can display log files that are in SMS or CCM format, and can display text-based log files in ASCII or Unicode format. Although there’s usually nothing too exciting about a log file viewer, SMS Trace has two features that are definitely worth mentioning.

    The Merge feature allows you to select multiple log files and then view them as though they were a single log file. This helps you get a comprehensive picture of what was going on with your server at a given time.

    The Ignore Existing Lines feature lets you display a list of events. When you enable this feature and open a log file, the log file will appear to be empty. If any new events occur, those events will be displayed, but events occurring prior to opening the log file are not displayed (the hidden events are simply filtered—not erased from the log).

    Advanced Client and Management Point Cleaner
    As I said earlier, SMS has a reputation for being difficult to use, and this especially comes to light when you're trying to uninstall an SMS advanced client or management point. The reason for the difficulty is because of the way these two features are integrated into the system. Manually removing an advanced client or a management point involves tinkering with the Windows installer, the registry, the file system, some services, and even WMI. Even if you know what you're doing, it can sometimes be virtually impossible to cleanly uninstall these features.

    This is where the Advanced Client and Management Point Cleaner comes in. This tool greatly simplifies these otherwise complex uninstallations. One of the nice things about this tool is that it can be run behind the scenes without the client’s knowledge. If you don’t mind the end user knowing what’s going on, you can display the uninstallation status on the user’s screen.

    Advanced Client Spy
    Advanced Client Spy is basically a tool for monitoring software license compliance, although it can also be used as a troubleshooting tool. It allows you to compile a software inventory of advanced clients. Other features include software distribution histories and software metering.

    The inventory feature includes such things as the data compilation date, the date of the previous report, major and minor revisions to the software inventory, and even the IDMIF and data discovery records. This tool is so handy that I think it should have been included with the standard release of SMS 2003.

    Policy Verifier
    The Policy Verifier is a command-line tool used to troubleshoot advertisement targeting problems. This tool can also troubleshoot connectivity issues between the SQL Server hosting the SMS databases and the various SMS management points. The Policy Verifier is particularly useful when troubleshooting policy generation problems, multiple SMS GUIDs for a single client listed in the SMS database, advertisement targeting for computers, security groups, and users, management point connectivity issues, and SQL Server replication issues.

    Send Schedule
    The Send Schedule tool is actually nothing more than a VBS scheduler. Because the tool is VBS-based, you'll need a command-line scripting host such as CSCRIPT.EXE in order to run it.

    This tool’s purpose is to create a schedule on an advanced client. For example, suppose you notice that several advanced clients haven’t reported an inventory lately. You could create a schedule that forces the clients to report their inventory at a predetermined time. The script can run either locally or remotely.

    Management Point Spy
    As you probably know, SMS allows you to create various management points that store policies within a management point database on a SQL Server. The problem is that because of the complexity of management points, it can sometimes be difficult to determine whether a management point is working correctly. That’s when you need Management Point Spy.

    Management Point Spy is a GUI tool whose sole purpose is to help you determine whether a management point is functional. The tool accomplishes this by sending HTTP requests to the management point and displaying the results for you.

    Set Preferred Distribution Point and CAP
    One of the challenges of using SMS 2003 is dealing with legacy clients. The Set Preferred Distribution Point and CAP utility allows legacy clients to interface with SMS 2003 more easily. If you have a legacy client that has trouble accessing distribution points, you can use this tool to add an SMS network abstraction layer to the registry. This registry entry points the legacy client in the right direction when it needs to access a distribution point or CAP.

    Delete Certificate
    In large organizations, it's common to create an image of an entire system and use the image to rapidly set up new computers. However, if the computer that the image file is going to be made from contains an SMS client, it can cause problems. The problem is that SMS creates a local computer account certificate for each machine and then stores that certificate in the SMS logical store. If you mirror a fully configured system, you're copying a system for which a certificate already exists, which can lead to trouble when a duplicate machine goes online. As the name implies, though, the Delete Certificate tool gets rid of a machine’s SMS 2003 Advanced Client certificate so that the machine can be imaged.

    Patch Management Evaluation
    One of the tasks associated with using SMS for patch management is testing the server and client’s configurations. Patches come in different sizes and perform a variety of actions against the client machines. Although one patch might work, another might fail because of a permissions problem, for example.

    The Patch Management Evaluation tool is a simple testing utility that performs just about every conceivable action against a client. This allows you to determine if there’s a chance that the client machine could have problems receiving patches in the future. The utility also allows you to benchmark the patch deployment mechanism’s progress.

    Delete Group Class
    When you create an inventory group in SMS, the SQL database’s schema is permanently altered. If it later becomes necessary to delete a group that you created, the schema modifications are left within the database. You can now use the Delete Group Class utility to delete inventory groups. This tool performs a much better database cleanup than removing inventory groups the old-fashioned way. Furthermore, it prevents you from accidentally deleting a default inventory group that’s needed by SMS.

    Transfer SMS ID
    When you use SMS for asset management, it assumes that a computer’s identity will never change. If a computer’s identity does change, the computer will become unlinked from its corresponding database records. The records in the database still appear to SMS as a legitimate client (although the records will no longer be updated). This can lead to very inaccurate software metering results. The Transfer SMS ID utility lets you change a computer’s ID without separating the machine from its database records.

    End sum
    SMS 2003 Toolkit 1 contains a variety of tools that you can use to perform several tasks. Although you may not use these tools on a daily basis, they can be very handy for troubleshooting or preventing various SMS and SMS client-related problems




  8. #8
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://articles.techrepublic.com.com/5100-22_11-5885169.html?tag=rbxccnbtr1
    SolutionBase: Get a handle on network clients using SMS


    Takeaway: The more workstations you have on your network, the harder it is to manage them. That's where Systems Management Server comes in. With it, you can manage hundreds or thousands of workstations. Scott Lowe shows you how it works.
    Show of hands: How many of you have implemented a comprehensive Windows patching system based on SUS or WSUS? Ok. Now, how many of you are handling asset management either manually or with a third party tool? Ok. Now, how many of you are relying on your Active Directory expert in the office to manually create software distribution packages--and hoping that he never finds a job somewhere else? Almost done: How many of you are starting to support more and more mobile clients and constantly hoping like the dickens that you can keep these traveling tools safe and updated?
    Last question: How many of you would like to be able to handle all of these supporting roles (plus more) from a single package?
    Enter Microsoft Systems Management Server 2003, SMS 2003 for short. I'll just call it SMS in this article, but know that I am referring to the 2003 version of SMS.
    The mile-high overview

    SMS 2003's feature sets includes functionality that helps you keep track of your inventory, maintain patches across all enterprise systems, monitor software usage, remotely manage workstations, distribute software, maintain product licensing compliance and more. In this section, I'll briefly discuss each of SMS's major areas of functionality.
    Patch management

    If all you need to do is keep your systems current with the latest patches from Microsoft, SMS is probably overkill. You'd be better off with the Windows Server Update Services (WSUS), which accomplishes this goal very well. If you're looking for more than just patch management, you're reading the right article.
    You already know how critical it is to get patches applied as soon as possible after their release. Exploit code for publicly-announced flaws now shows up within hours of the flaw being announced, meaning that your window of opportunity to get your machines protected continues to shrink with each passing month.
    SMS 2003 can manage patches for the following products:

    • Windows
    • Office
    • Exchange
    • SQL Server
    • Internet Information Services (IIS)

    For these products, SMS 2003 can schedule update installations during any time period you specify, and can force a silent, uninterruptible installation to end user workstations, and a whole lot more. Moreover, the SMS Software Update feature gathers and provides all pertinent information related to updating systems. For example, you are provided with a list of currently installed service packs and updates and, based on this information, as well as on the configuration of the target system, are also provided with a list of pertinent updates. During the process, SMS links to the Microsoft knowledge base for each update so that you can learn about your level of need for application of a particular update.
    Patch management will be covered in more detail in a later article in this series.
    Inventory and compliance features

    How many computers running Windows XP Service Pack 2 do you have on your network? How many still have Office 2000 installed and need to be upgraded to Office 2003? How many systems have 256MB or less of RAM? With SMS managing your desktop computing environment, you can answer all of these questions, and a whole lot more, using its comprehensive hardware and software inventory features. SMS also includes reporting functionality allowing you to gain information about your infrastructure before you make important decisions.
    On the hardware side of things, SMS uses WMI--Windows Management Instrumentation--to gain detailed knowledge about the hardware associated with a particular system, such as the amount of system RAM, disk space in use, services and system processes. Further, SMS can use data from other sources, including SNMP, and DMI--Desktop Management Interface--to compile a more accurate, complete hardware inventory. The hardware inventory feature also maintains a history of hardware scans for each client.
    While the hardware inventory feature does gather some basic software stats (by using the contents of Add Or Remove Programs, for example), the complete software inventory feature set is much greater in scope.
    For software, SMS also uses multiple methods to determine what is installed on this machine. In addition to looking at the files located on a system, SMS searches Add Or Remove Programs to build a complete list of software installed on a computer. Like the hardware side, all of this is reportable, so you can more granularly target groups of machines for new software rollouts. SMS gathers significant information, and makes that information reasonably available, to help you in your desktop management efforts.
    Working in conjunction with this feature is SMS's Product Compliance mechanism. The Product Compliance feature allows a company to make sure that PCs are within corporate standards as far as software is concerned.
    Software distribution

    Even for smaller IT shops, software installation can be a major burden. In the worst case, IT staff has to physically visit each and every computer to perform an update. This is inconvenient and could be expensive if locations are geographically separated.
    SMS 2003's software distribution capabilities are both powerful and flexible. Consider this: Using SMS, you can choose to deploy the latest version of a software package across your organization only to those machines that meet the physical requirements for that new software. SMS accomplishes this goal by allowing you to consult the hardware inventory when you push out new software. As a result, you won't run into a situation in which you push software out to a machine that is physically incapable of handling the load. This also results in one less call to the IT Help Desk by the upset user of this machine.
    The SMS Software Distribution feature can even deploy software that requires administrative rights for installation. SMS accomplishes this by pushing the software with an "elevated rights" flag, and can fall back to running inside the user context at the appropriate point.
    Software usage metering

    With SMS's software metering and reporting features, you can take greater steps to stay within licensing compliance, and make more effective use of the licenses you have on hand. Even mobile systems not constantly connected to your network can be brought under the metering umbrella thanks to the SMS client's ability to maintain usage reports that are then uploaded to the SMS server once the system is connected to the corporate network. SMS 2003 can also monitor software usage in Terminal Server sessions, providing you with a more complete usage picture.
    Software metering captures a plethora of information about who is using your software, including the programs in use, who is using them, how long the software is in use and more. Simply put, this feature can help you stay in compliance with software contracts and can help you save a whole lot of money by making sure you're using your licenses.
    Remote tools

    SMS includes a complete suite of tools that help you to manage an end-user system:

    • Remote control: From the SMS server, take control of a remote computer. Similar to Remote Desktop.
    • Remote chat: Chat with the user sitting at the remote system.
    • Remote execute: Run any program on the remote client system.
    • Remote reboot: Reboot the remote client.
    • Remote file transfer: Transfer files between the SMS server and the client system.
    • Client diagnostics: Runs SMS diagnostic utilities on the remote client.
    • Network connectivity test: Uses the ping utility to determine the quality of the network connection between the client and the SMS server.

    The main benefit of these tools is probably pretty clear: They're all remote. Now, techs don't have to waste time visiting sites to handle problems for users that aren't able to clearly describe a problem. In today's environment of sprawling corporations and sky-high travel costs, this can be a huge time saver.
    Reports

    SMS includes a number of built-in reports, including computer configuration reports, inventory reports and many more. Further, you can create your own custom reports and build "dashboards", which provide at-a-glance information about various aspects of your computing environment.
    With the sheer amount of information collected by SMS, you definitely need powerful reporting functionality.
    System requirements

    Like any other software, systems running SMS, and those managed by the product, must meet certain requirements.
    Server side

    Microsoft recommends that your SMS server have a 550MHz or faster processor with at least 256MB of RAM and 2GB of free disk space. These are definitely extremely minimum, and almost ridiculous, requirements. In reality, you should size your server with a 1 or 2 GHz or faster processor with 1GB of RAM and a whole lot of disk space for updates, deployment packages, and so forth.
    SMS 2003 requires a SQL 7 SP3+ or SQL Server 2000 SP3a+ database in order to function. This database does not need to run locally on the SMS server, although SMS runs perfectly fine in this configuration. If you do run SMS and SQL on the same hardware, size your hardware accordingly. I'm providing SMS-only requirements in this article.
    In addition to SQL Server, some SMS functions also require IIS in order to operate. I'll go over this specific requirement in future articles in this series.
    Client side

    While the server is the main consideration in an SMS rollout, be aware that your clients also need to meet minimum requirements in order to be manageable under SMS.
    Microsoft recommends a 300MHz processor, 128MB RAM and 80MB minimum for systems managed under SMS.
    The client you use--Legacy or Advanced--drives some of these requirements. For installation, the legacy client requires 40MB of disk space with 40MB available afterwards for typical usage. The Advanced Client requires 25MB of space for installation, and Microsoft recommends that you keep 275MB available for general usage.
    New in SMS 2003, the Advanced Client is only available on Windows 2000 and above and also supports virtual machines running under Microsoft's Virtual Server 2005 and Virtual PC 2004 products. For versions of Windows prior to Windows 2000, including Windows 98 Second Edition and Windows NT SP6a, you need to use the Legacy Client. Neither client will work on other operating systems, including Windows 95 or NT SP5 or below. Note also that Windows XP Home is not supported under SMS and that the Legacy Client will no longer run on Windows 2000 or above.
    I should also note that you can also manage Windows XP Embedded systems with SMS using an Advanced Client.
    The advanced client uses the same technology as WSUS to handle background file transfers. This technology, called BITS (Background Intelligent Transfer Service), uses "spare" bandwidth to handle file transfers, meaning that it has less of an impact on system performance than other file transfer methods.
    The old SMS 2.0 client is now known as the "Legacy Client" and is less secure than the Advanced Client due to its reliance on domain accounts. In contrast, the Advanced Client uses local system and computer accounts and is the client of choice whenever possible. For mobile users, Microsoft heavily recommends use of the Advanced Client because of new features introduced to each the headaches of supporting roaming users. In fact, with the release of SMS 2003 SP1, Microsoft dropped support for the Legacy Client on machines running Windows 2000 or above.
    Feature packs

    Made available to extend the capabilities of SMS in various ways, Feature Packs all require SMS 2003 SP1 in order to function. As of this writing, these are three feature packs to tell you about.
    Operating System Deployment Feature Pack

    The Operating System Deployment Feature Pack provides a means for administrators to quickly and easily deploy Windows systems using images. Included in this feature pack are the following capabilities:

    • Image capture: Provides a way for you to capture a system image in Microsoft's imaging format.
    • Image deployment: Deploys previously captured images to target systems using SMS's Software Distribution.
    • Operating system package management: Allows you to customize settings for individual deployments, including network settings, notifications, and more.
    • User state migration: Makes it possible to preserve user profiles when installing new operating systems. This provides you users with a more seamless experience and fewer frustrations.
    • Reporting: Like everything else in SMS, this feature pack includes a number of reports to help you ascertain the success or failure of a particular task.

    Administration Feature Pack

    This feature pack includes tools that enhance SMS administrative tasks:

    • Elevated Rights Deployment Tool: Probably the most useful tool in this pack, the Elevated Rights Deployment Tool assists with the deployment of packages that require local administrator rights to the client system.
    • Managed Site Accounts Tool: Manage accounts and passwords.
    • Transfer Site Settings Wizard: Copy certain SMS settings (site configuration, package, and collection) between sites.

    Device Management Feature Pack

    This feature pack extends SMS's capabilities to mobile devices running Windows CE 3.0 or greater or Windows Mobile Pocket PC software. As for larger clients managed under SMS, the Device Management Feature Pack provides you with the ability to include mobile devices in your hardware and software inventories, to distribute software to mobile devices, to manage files, and more.
    More to come

    By now, you probably have a good idea about the basic functionality offered by SMS. In the next part of this series, I'll provide some deployment planning tips and go through a sample SMS 2003 installation




کلمات کلیدی در جستجوها:

1

SMS 2003 SP2 EVAL_ENU.exe

setup groups and members in windowsserver2003system management server 2003Now SMSsccm transfer site settings client push installation skipping the setting because it is uniqueskipping the setting because it is uniquesms 2003 r2 default collectionsping smsمبینتSMS 2003دانلود proxyfiresms 2003 sp1 eval_enusms 2003 sp1 eval_enu downloadاطلاعات در رابطه با wsustech republic manually transfer encryption keys from parent to childwhat is Systems Management Server 2003 Toolkitmicrosoft update inventory toolچیست sccmSMS Installer4Systems Management Server 2003 Toolkitebook wsussmswsus PackageType

برچسب برای این موضوع

مجوز های ارسال و ویرایش

  • شما نمی توانید موضوع جدید ارسال کنید
  • شما نمی توانید به پست ها پاسخ دهید
  • شما نمی توانید فایل پیوست ضمیمه کنید
  • شما نمی توانید پست های خود را ویرایش کنید
  •