Steps to perform on primary domain controller (DC)
Extend AD schema
- Log in using a domain admin account
- Insert ConfigMgr 2012 SP1 DVD
- Open a command prompt window
- Type D:\SMSSETUP\BIN\X64\EXTADSCH.EXE and press Enter. Wait for a confirmation message in CMD window and then check for the existence of ExtADSch.log file in the root of C: partition on the DC. Open the file and see if “Successfully extended the Active Directory schema.” message is present.
Assign permission to System OU in AD
- Open Active Directory Users and Computers
- From the View menu select Advanced Features
- Right click on the System container and select Properties
- Go to Security tab and click Advanced
- Click Add in the Permission tab
- Select Object Types and check the box for Computers. Click OK
- In the Enter the object name to select field enter the name of the ConfigMgr server and click Check Names
- After the server name is recognized, click Ok
- In the Permission Entry for System window check the box for Full control and select This object and all descendant objects in the Apply to list box. Click OK three times to close all open windows
Create service accounts
-
Open ADUC and create the following 3 service accounts (select complex password for each account):
- Make cfgmgrclpush account member of Domain Admins group or Workstation Admins group if this exists.
Create GPO to add security groups to local Administrators group on servers and workstations
- Server local admins
- Workstation local admins
Steps to perform on Configuration Manager server
Install Report Viewer 2008 SP1 Redistributable
- Login with a domain admin account, preferably not Administrator.
- Download and install Report Viewer 2008 SP1 Redistributable from http://www.microsoft.com/downloads/en/details.aspx?familyid=BB196D5D-76C2-4A0E-9458-267D22B6AAC6&displaylang=en
Add Server Features
-
Open Server Manager and add the following features:
- NET Framework 3.5.1 Features, BITS, Group Policy Management and Remote Differential Compression
- From Web Server (IIS) select WebDAV Publishing, ASP.NET, ASP, Windows Authentication, Dynamic Content Compression and IIS 6 WMI Compatibility
Configure WebDAV
- Open Internet Information Services (IIS) Manager
- Expand server name and select Default Web Site
- Double click on the WebDAV Authoring Rules and select Enable WebDAV from the right side panel
- From the right side, click Add Authoring Rule
- In the Add Authoring Rule window select the checkboxes for: All Content, All Users, Read and click OK
- From the right side, click WebDAV Settings
-
Modify the following components as follows and click Apply when finished:
- Allow anonymous property queries – True
- Allow custom properties – False
- Allow property queries with infinite depth – True
- Allow hidden files to be listed – True
Add SQL Server ports exceptions
- Open Windows Firewall with Advanced Security
- Right click Inbound Rules and select New rule
-
In the New Inbound Rule Wizard window make the following modifications:
- Rule Type – Port
- Protocol and Ports – TCP, Specific local ports: 1433
- Action – Allow the connection
- Profile – no modification
- Name – SQL TCP 1433
-
Repeat step 3 to add another inbound rule with the following settings:
- Rule Type – Port
- Protocol and Ports – TCP, Specific local ports: 4022
- Action – Allow the connection
- Profile – no modification
- Name – SQL TCP 4022
Install SQL Server 2012 SP1
- Insert SQL Server 2012 SP1 DVD
- Select New SQL Server stand-alone installation
- Select features: Database Engine Services, Reporting Services – Native, Client Tools Connectivity, Management Tools, Integration Services (optional)
- Select default instance
- Add sqlsrvacct domain account to the local Administrators group on the ConfigMgr server
- Use the SQL service account for all SQL Server services
- Set SQL Server Browser to Automatic
- Add current user as the SQL Administrator (preferably not domain Administrator account)
- After installation, open Management Studio and configure maximum memory allocation.
Install Windows Deployment Services
- Open Server Manager and install the Windows Deployment Services role using the default settings
Install Windows Server Update Services
- Open Server Manager and select the Windows Server Update Services role. Click Next twice and then Install
-
Install WSUS using the following settings:
- Select Update Source – select a disk with more disk space
- Database options – Use an existing database server on this computer
- Web Site Selection – Create a Windows Server Update Services 3.0 SP2 Web Site (http://servername:8530)
- When installation is finished, close the wizard by pressing Cancel button
- Create a Group Policy Object for windows update settings.
- If you have Windows Server 2008 R2, install KB2720211
- If you have Windows Server 2008 R2, install KB2734608
Install Windows Assessment and Deployment Kit (ADK) for Windows 8.1
- Download Windows Assessment and Deployment Kit (Windows ADK) for Windows 8.1 from Microsoft website http://www.microsoft.com/en-us/download/details.aspx?id=39982
-
Select to install only the following:
- Deployment Tools
- Windows PE
- USMT
Install Configuration Manager 2012 SP1
- Insert Configuration Manager 2012 SP1 DVD
- Click Install link Configuration Manager 2012 SP1 Setup Wizard window.
-
Install ConfigMgr and make only the following modifications:
- Available Setup Options – Install a Configuration Manager site server
- Updated Prerequisite Components – Check for updates and download…
- Site and Installation Settings – enter a Site code and Site name
Install Configuration Manager 2012 R2
- Insert Configuration Manager 2012 R2 CD
- Click Configuration Manager 2012 R2 link from the Install section
- Install the R2 add-on accepting the default settings in the wizard