System Center Configuration Manager 2012 is another of the big releases in the System Center suite this year, and promises to deliver a lot of exciting new functionality.
I’m already running SCCM 2007 SP2 R3 in my home lab environment, so I’m keen to find out how SCCM 2012 performs. Here’s my step-by-step installation experience…with screenshots! Oooo….
UPDATE 08/03/2012 (that’s March 8th for my US readers!) – I’ve recently written about installing SCCM 2012 on Windows 8 Server. The process I used there to install the server prerequisites using PowerShell is a better system than the one I originally described here. So read that first 
Information about SCCM 2012 system prerequisites are still being released, and the in-built prerequisite checker doesn’t ship with the Beta 2 installation media. However, from what I’ve been able to ascertain, the following is required on the system designed to be the Primary Site server:
- .NET Framework 3.5 (Feature)
- .NET Framework 4.0 (Windows Update)
- WSUS SDK (Role – either the full WSUS installation or just the administration console – you can install this later, it’s not an installation showstopper)
- Microsoft Remote Differential Compression (Feature)
- IIS (Role – see below)
- BITS (Feature)
Important Note #1 – An SCCM 2012 infrastructure has similar PKI certificate requirements for HTTPS communications. Read my blog post here on how to set this up.
Important Note #2 - The site SQL server needs to be running SQL Server 2008 SP1 with CU10 or higher (SQL Server 2008 SP2 and SQL Server 2008 R2 are not supported, bizarrely) and firewall exceptions are needed either for the SQL application or for TCP ports 1433 and 4200. Additionally, the AD computer account of the site server needs to be added to the local Administrators group on the SQL server.
Important Note #3 – The required IIS Role Services are:
- Common HTTP Features – Static Content, Default Document, Directory Browsing, HTTP Errors, HTTP Redirection (note, no WebDAV! Woohoo!)
- Application Development – .NET Extensibility, ISAPI Extensions
- Health and Diagnostics – HTTP Logging, Logging Tools, Request Monitor, Tracing
- Security – Windows Authentication, Request Filtering
- Performance – Static Content Compression
- Management Tools – IIS Management Console, IIS Management Scripts and Tools
- IIS 6 Management Compatibility – IIS 6 Metabase Compatibility, IIS 6 WMI Compatibility
Important Note #4 – The Active Directory schema has to be extended as per SCCM 2007 (read this TechNet article on how to do this). If the schema has already been extended, you will just have to give the AD computer account for the primary site server (the SCCM 2012 site server, that is) Full Control rights to the System Management container using ADUC:
SCCM 2012 Beta 2 - Site Server Rights
Now…on with the installation…
I’m going with the default installation options selected. I’m not doing a typical installation because I want to nominate a different SQL server:
SCCM 2012 Beta 2 - Installation Type
Enter the license key (automatically entered, in the case of beta media) and accept the EULA. Then, download the latest product updates for use during installation:
SCCM 2012 Beta 2 - Download Updates
Enter the details for the new Primary Site:
SCCM 2012 Beta 2 - Site Details
I don’t have a central administration site server (no existing SCCM 2012 hierarchy), so this will be installed as a standalone site:
SCCM 2012 Beta 2 - Standalone Site
Enter the SQL server details:
SCCM 2012 Beta 2 - SQL Server
Choose the SMS provider:
SCCM 2012 Beta 2 - SMS Provider
Accept the client/server communications default, which is that all communications have to happen over HTTPS (there’s a PKI in the lab environment, so this is all fine – see the important note above):
SCCM 2012 Beta 2 - Communications
Select the Management Point and Distribution Point:
SCCM 2012 Beta 2 - Site Roles
The next screen (which I unaccountably forgot to capture) summarises what you’ve selected so far, and then you’re prompted to commence installation. At this point it launches the system readiness checker – the same feature which was disabled in the autorun splash screen (go figure). This is really, REALLY useful for making sure that you’ve got everything installed, although some checks are less than thorough (it didn’t pick up the fact that the SQL server wasn’t listening for incoming connections, for example).
Installation takes a while to complete (around 30 minutes) but you can keep launching the logfile throughout the process to see where it’s up to.
Once done, the Console launches and we are done!
SCCM 2012 Beta 2 - Tada!
That’s it for installation – now there’s lots of work to do with configuring and getting clients chatting, but that’s for another series of posts
great post. keep ‘em coming!
Handy write up
Just a couple of notes:
Named Pipes must be enabled on the SQL (error message on screen will indicate incorrect SQL version, so not immediately helpful)
If SCCM 2012 is running on a DC (not recommended of course) domain admin membership is sufficient if AD extensions are set properly. After installation, this may be adjusted to the SCCM server’s computer account only.
Have lots of coffee available. SCCM installations seems to be the equivalent of digging trenches in the old days
Have fun.
Interesting – I didn’t reply to this originally because my experience had been that Named Pipes wasn’t needed (it wasn’t enabled in my original SCCM 2012 environment, and still isn’t). However, I’ve set up another, completely new SCCM 2012 site and I got the same SQL error during installation. Enabling Named Pipes didn’t resolve this, but then again, I hadn’t done the SQL server certificate
I ran into this also and found that updating to CU14 resolved the issue.
J
Any thoughts about doing this while not connected to the internet? My lab setup is either internal or external at a time. If I run external (internet) then I get SQL install fail errors due to no auth. If i run internal, then it fails the pre check routine. This is totally stupid BTW as it did a pre check earlier in the sequence. Thoughts?
I wonder why it doesn’t work with SQL 2008 R2? After having problem with the requirements for SQL 2008 SP1 I cam searching and landed on your blog. I figured “Oh, 2008 R2 is newer, it should include everything 2008 SP1 does!”.
I agree! I wonder whether it’s something to do with the beta – a hard restriction on the data backend for ease of testing, perhaps?
Actually I’ve found out that this is just a limitation hard-coded into the beta. The RTM version will support SQL Server 2008 R2.
Hmm im onto installing SCCM 2012… i wonder if dns and dhcp roles should be enabled on the server? i had som dificulties with 2007 on this point
You can have DNS/DHCP roles on the server if you don’t have any choice – it won’t cause SCCM 2012 to fail – but it’s certainly not recommended. Better to break out those roles onto a seperate server.
do you guys know when Release date is for RTM
The date has not been announced yet, but we expect RTM to happen later this year. There’s still an RC release to come.
Hi James,
do you know the RC release date?
Hi Michael – unfortunately I don’t. My gut feeling is that RC is “imminent” but that’s not something you can put in the calendar
James, what Windows server version are you using? I’ve tried several times on Windows Server 2008 R2 w/ SQL Server 2008 and I keep getting the unsupported SQL Server error. Indeed, if I install SQL Server 2008, run SP1, and then try to run the CU 10, there’s nothing to update.
Hi Shawn – I’m using Windows Server 2008 R2 and SQL Server 2008 SP1 CU15. I have seen the error you’re experiencing in my own lab, and it turned out to be a SQL communication error. Make sure that all SQL services are running properly without error and make sure they’re accessible remotely (ie: your firewall ports are open).
James,
2 things – 1 Thanks for the presentations at Tech Ed – muchly appreciated!
2 – I can’t get this damn thing to install in my lab.
I’ve downloaded all the individual patches and the manifest,
SQL 2008 SP1 CU15 on Server 2008 R2 Standard.
SQL running under local system
and I consistently get the following errors:
snip
INFO: Name for SQL Param string value is SQLArg3.
ERROR: Failed to write string -T8295 to registry on SQL Server [SCCM].
INFO: Name for SQL Param string value is SQLArg3.
ERROR: Failed to write string “-T4199″ to registry on SQL Server [SCCM].
Creating SQL Server machine certificate for Server [SCCM]…
snip
Configuring replication…
Importing Asset Intelligence data.
Start of importing data from CSV files
Successfully created the dir C:\Program Files\Microsoft Configuration Manager\AI
ERROR(-2146893819): Failed to retrieve data.
ERROR(-2146893819):Failed to retrieve data file
ERROR(-2146893819): Failed to expand the look up table files to the folder: C:\Program Files\Microsoft Configuration Manager\AI.
Could not import asset intelligence data.
Any thoughts?
Steve
Hi Steve – is the SQL server also the SCCM primary site server, or is the SQL server remote to the SCCM server?
Steve,
I had very simular errors, and when i looked the SQL services were stopped, and I could not restart them. I found a blog post that seems to fix it as it is based on the Certificate being used to secure SSL connections to the SQL server have a look at http://nickstips.wordpress.com/2010/09/08/sql-ssl-and-sql-server-2008-service-doesnt-start-error-code-2146885628/
Hi James
I’ve just ordered a new server to setup as a lab. Is it OK to create one VM for AD, DNS, DHCP etc and install WDS, SQL 2008 R2 Standard, SCVMM 2012 and SCCM 2012 all on a second server then add the host into SCVMM? Can I just setup a single domain account ‘System Manager’ or will this be against best practice?
Martyn
Hi Martyn – are you limited to just creating two VMs? If it were me, and especially as we’re dealing with beta software here, I would break the lab up into 4 VMs: VM1 – AD/DNS/DHCP, VM2 – SQL, VM3 – SCCM, VM4 – SCVMM. By doing this, you can isolate the main lab components, which makes troubleshooting much easier. Also, what will the proposed “System Manager” account be used for? I wouldn’t worry too much about best practise in a lab environment – sometimes keeping things simple can be a better idea early on.
Sorry ignore the SQL 2008 R2 comment (force of habit) I realize I need to use the older 2008 SP1 for now and upgrade later, or more likely create a new VM post RTM
Hi James
Thanks for the advice, I should have no problem with 4 VMs while testing as the server has 16Gb of memory to work with along with an i7 CPU and 8 2.5″ drives (2 system RAID 1 and 6 VM RAID 5). The other thing about this server is it’s portable…
The idea long term will be to use this server for onsite deployment of pretested images as well as being able to run a second internal network for testing and demonstrations. This will quite possibly be 5 VMs on its own so I could be running as many as 9 servers if I stick to 4 for the primary network. Not to mention a couple of Windows 7 client VMs
James,
I got snowed in today(New Jersey area) so I decided to test out SCCM 2012 Beta2 (new to SC. I spent all most all day. Seem simple however I could get pass the prerequisite check for (1)Firewall exception for SQL Server (2)Site Server has permission to publish to Active Directory. I did the required steps, add allow ports 1433, 4022 in both SCCM server/SQL 2008 w/sp1 +Cup10(server 2008r2) and Domain C server (sbs 2011), plus extend the Domain C schema.
Can you get any hints how to continue! Thanks!
for some inane reason, you have to place the server system accounts directly in any local admin group and/or the System Management OU – having the server accounts as part of a global security group, then granting that group the appropriate access, doesnt work !!
You should be able to use a Security Group without any drama, but make sure that the security permissions are set to flow down to all child objects – it doesn’t set this by default.
in addition to the above posts – Im having a load of failures with installing a CAS and a stand alone Primary…………….
OS = 2008 R2, remote SQL 2008 SP3 (sp1 with CU10 and above) kept throwing version failures
CAS fails on ‘cannot run SQL query’
Primary Site fails on a number of things :-
“check server service is running” – which of course it is
“no access to publish to AD! – which of course it has
“no admin rights to SQL server” – which it has
“SQL server memory is limited” – cant see this being a show stopper ??
“Validate FQDN of SQL server” – nslookup proves all is OK
“SMS site to SQL connection fail” – says SPN failure – but all is OK,
The SQL server SPN needs to be added as the domain account used to start the SQL services, and not against the SQL server computer account (eg: DOMAIN\SQLServerAgentAccount and not DOMAIN\SQLServer$). Can you confirm that this is the case?
Hi,
I am curious if your problems are already solved? I have exactly the same problems as you have…
The collation of the Instance is the right one
The user which I am installing SCCM is a sysadmin in the SQL server
How did you solved this problems?
Ciao!
If you’re running the SQL instance under a domain user account, go into ADSI Edit, find the sql service account you used and go into the advanced security page. Add an entry for SELF and give SELF rights to write the serviceprincipalname attribute. You can also register spn’s with setspn, but it is easier to let SQL do it, especially if you’re using dynamic ports.
Folks, SC 2012 RC is released and with it the RC2 of SCCM. I have collated all the download paths at one location. You can use it off this link:
http://schadda.blogspot.com/2012/02/system-center-2012-download-paths-for.html
Hi James,
I have one question about the site in the SCCM configuration.
in my enterprise we have two sites
1. is UK 3-4 offices
2. is Europe 11 offices
shall I need to create several sites for the SCCM configuration.
for the lab test configuration you advise us to use 4 VM as
VM1 – AD/DNS/DHCP
VM2 – SQL Server 2008 R2 Standard or Enterprise Version
VM3 – SCCM 2012
VM4 – SCVMM is this necessary for windows 7 deployment
Many thanks for your support.
Hi – without knowing many of the details, my guess is that you’d need one CAS and two primary site servers: one for the UK and one for Europe. Then, secondary sites below them. Not necessarily one for each office, as it really depends on the quality of your intra-office WAN links and how many seats you need to support at each site. Check out this page for some sizing guidelines: Supported Configurations for Configuration Manager. Also, SCVMM was just part of my lab environment – OS deployment with SCCM has no direct reliance on SCVMM.
Hi,
Thanks for you quick answer i will create my lab this week and let you know.
for the Wan link in my European site we have a fiber link with 30 MBPS and we all are linked by MPLS fucntionality.
it should be ok for my test i will use only one site and see how the SCCM work in the first time.
Many thanks for your support.
if i have sql server 2012 i cant work on sql server 2008 any more?
Hi everyone I’m instaling SCCM2012 RTM with sql 2008 r2 enterprise and give me the Sjef and I Ran the CU14 an nothing; I tried to install with sql 2008 standard with hotfix to and nothing I’m getting crazy can you help me please thank you.
I just finished installing and the version I installed was released on Apr. 2, 2012 (System Center 2012 Configuration Manager and Endpoint Protection). The SQL requirements now support: http://technet.microsoft.com/library/gg682077.aspx#BKMK_SupConfigSQLDBconfig
1. SQL Server 2008 SP2 with Cumulative Update 9
2. SQL Server 2008 SP3 with Cumulative Update 4
3. SQL Server 2008 R2 with SP1 and Cumulative Update 4
4. SQL Server Express 2008 R2 with SP1 and Cumulative Update 4 (on secondary Site only)
BTW, thanks for the great notes, even though these were written a year ago, they are still accurate except the SQL requirements.
Im trying to set up a secondary site installation on sccm 2012 and it keeps failing on the following
Setup is unable to verify that the server service is started (which it is)
Its the only failure ive got, also the final message says this
[Failed]:Unable to complete secondary site server installation – check ConfigMgrSetup.log in the root of the secondary site server system drive
but i cant find this log anywhere on the root drive
Can anyone suggest anything to resolve this
Thanks
The logfile should always be in the root of C:\ on any CM server – that’s just the way it’s configured to be, regardless of where you try and install it to.
Re-run the setup, and run the server readiness check (prereq check) – that will also generate the logfile.
still no look with this, i shall try and figure this out, later.
Having better look with another secondary site, this one passes all its prereqs but is now failing on this particular error
Cannot add local user group SMS_SiteSystemToSiteServerConnection_SMSProv_SHB to our ad server. I know i have to add it the System \ system management container on ad users and pc’s, which option to i choose to add it as, which is the bit im stuck on.
Managed to find this and where and what to add it as.
Hi, does anyone know a guide for SQL Server installation for SCCM 2012 RTM? I have downloaded SQL Server 2008 Standard R2 (SW_DVD9_SQL_Svr_Standard_Edtn_2008_R2_English_MLF_X16-29588) and am unsure exactly what the SQL requirements are for SCCM 2012 RTM.
Hi Mark – check out Michael Niehaus’ latest blog post: http://blogs.technet.com/b/mniehaus/archive/2012/04/27/trying-to-install-configmgr-2012-rtm-make-sure-you-have-the-right-sql.aspx
Can anyone tell me all the installation steps of sql server 2008 for the sccm 2012 RC2?
Is it possible to stand up a primary site with the SQL DB in another domain? We have a trust setup between the domain, the logged in account and computer account have full rights to the database, the trusts seem to be configured properly but the prereq check log cannot connect to the database, and the actual install where I specify directly the name of the server + instance, it fails. I’ve ran some powershell scripts to make sure the server can actually see the SQL box, and I was able to configure wsus to use this sql instance as its db location. Any ideas?
I have an urgent query that is this necessary to first install WSUS then update AD schema and after that install SCCM 2010 becus if you install and configure WSUS after updating AD schema it will not work. Kindly help me out to uninstall or remove SCCM components from AD to first install WSUS.
Regards,
The AD schema and installing WSUS are two seperate things, and are not connected. What you should do is install, but NOT configure, WSUS. SCCM will do the rest when you install and configure a Software Update Point, which talks to the WSUS binaries.
Great article James. Question: why does the site server have to be in the local admins group on the SQL server? My DBAs are questioning this and aren’t likely to grant me these permissions as this server runs other SQL instances for other applications across my institution. Any insight you have that I can share with them?
Eventually Tom’s 2nd option works.
2. SQL Server 2008 SP3 with Cumulative Update 4
with SCCM 2012 RC
Great initial blog and good follow up comments – I just “Unboxed” my downloaded all in one 2012 vhd from MS and having trouble with DNS lead me here. Didnt answer my question but will tag this for a full read later.
Thanks
Great info, Thanks Jamas
Great blog, keep going!!!