Step by Step: Installing SCCM 2012 SP1 on Windows Server 2012 and SQL 2012 SP1

Well, after some testing with SCCM 2012 SP1 I decided to reinstall everything in my lab to the latest software. So Windows 2012, SQL 2012 RTM and of course System Center Configuration Manager 2012 SP1.

In this blog I used my laptop:
-Intel(R) i5-2410M CPU @ 2.30GHz, 2 Core(s)
-8 Gb of internal memory
-Two SSD disk (C:\ for OS and D:\ for Hyper-V)

Lab setup:
Domain Controller: Windows 2012 Enterprise; DC, DNS and certificate server
SCCM 2012; Windows 2012 Enterprise, SQL 2012 Enterprise, IIS and SCCM components

1. SQL 2012 installation
ConfigMgr 2012 SP1 Beta supports SQL 2012 RTM with a minimum of CU 2. ConfigMgr has very strict SQL collation requirement, pretty much across the entire System Center range, essentially only SQL_Latin1_General_CP1_CI_AS collation is supported.
This has to be selected during installation if you are running a non-USA regional\system OS.

– Login as the SQL admin on the SQL Server
– Launch the SQL 2012 RTM installer
Select Installation on the left navigation pane
Select New SQL Server stand-alone installation or add features to an existing installation
– Ok, Next,
and choose Accept the license terms, Next
We will open the Firewall later, so skip the warning
– Choose Next
– Select SQL Server Feature Installation


Select the following
– Database Engine Services
– Reporting Services – Native
– Management Tools – Basic
– Management Tools – Complete
Because I’m in a test environment I didn’t change the path’s. In production it’s recommended to choose alternative path’s
Next, Next

– Choose the default Default instance, and change the path’s if necessary and choose Next, Next
By default each of the services will be configured using a service-specific user account, we used NT AUTHORITY\SYSTEM

Do this for the SQL Server Agent, the SQL Server Database Engine and the SQL Server Reporting Services services
– Click Account Name, Browse, Browse locally for SYSTEM and accept
– Set the services Start-up Type to automatic
Select the Collation tab
– Double check
If SQL_Latin1_General_CP1_CI_AS is shown, otherwise Customize this, Next
Add the current user and a domain user at this point. I add the SQL admin and the local administrator, Next
– Select Install and configure, Next
Set Send Windows and SQL Server Error Reports to Microsoft, choose Next, Next
Alrighty then SQL is Ready, lets rock.

– Next we will run SQL 2012 SP1 (SCCM 2012 requires minimal CU2 to have an successful install)
Download link SP1 http://www.microsoft.com/en-us/download/details.aspx?id=35575
Download link CU1 http://support.microsoft.com/kb/2765331

Note If you do not install CU2 (or SP1) you’ll receive SQL Server Version Error in the Perquisites.

The Advanced logging says that the SQL server Version is not supported. So patch you’re SQL Server.

Make the nessesary Firewall Exeptions for SCCM;
– Open the settings, Control Panel, System and Security, Windows Firewall
– Choose Advanced Settings, Inbound rules
– Create a new Rule called SQL Ports,
– On Rule Type, Choose Ports, Next
– On theTCP tab 4022, 1433 and click Next
ScreenHunter_191 Jan. 25 10.08
– Choose allow the connection, Next
– On profile choose all, Next
Fill in a name (we used SQL Ports)


2. Installing the SCCM 2012 Perquisites
Open Server Manager
– Select Add Roles and features, click Next
– Choose Role Based or Feature based installation
– Select the local server, Next
Open Web Server (IIS) and ADD select the following features
Common
HTTP Features
Static Content
Default Document
Directory Browsing
HTTP Errors
HTTP Redirection

Application
Development
ASP.NET
.NET Extensibility
ASP
ISAPI Extensions
ISAPI Filters

Health and Diagnostics
HTTP logging
Logging tools
Request Monitor
Tracing

Security
Basic Authentication
Windows Authentication
URL Authorization
Request Filtering
IP and Domain Restrictions

Performance
Static Content
Compression

Management Tools IIS Management Console IIS Management Scripts and Tools Management Service IIS 6 Management Compatibilty IIS 6 Metabase Compatibility IIS 6 WMI Compatibility IIS 6 Scripting Tools IIS 6 Management Console
– Select Windows Server Update Services, Add features
– Select Windows Deployment Services, Add Features

– Choose Background Intelligent Transfer Service (BITS), Add features
– Choose Remote Differential Compression
– Telnet Client (not necessary but it’s useful), Next
– On the WSUS section choose next.
– On the Role Services choose WSUS Services and Database, Next
– Choose Store updates and choose a location (This is a testlab, in production it is not recommended to save these files to the C:\ drive), Next

– Type the SQL Server name and choose Check connection

– Next, Next,
– Choose Deployment Server and Transport Server
– Next, Install

3. Install the WADK (Windows Assessment and Deployment Kit)
In Windows 2012 you no longer use WAIK, we’re now on WADK for Windows 8.
– Go to http://go.microsoft.com/fwlink/?LinkID=252874 and download the ADK Setup.
– Run the ADKSetup.exe as an administrator

– I left the path’s default and choose Next
– Choose if you want to join CEIP and choose Next
Accept the Licence Agreement and choose Accept
– Check Deployment Tools, Windows Preinstallation Environment (Windows PE) and User State Migration Tools (USMT)

– Choose Next and install the Software

3. Next step is to install SCCM 2012 SP1 Beta
Ok, we are now ready to install ConfigMgr 2012 SP 1 Beta
– Launch the spash.HTA from the installation media

– First check the server is ready before we get any further into the installer Select Assess server readiness

Some minor issues but no show stoppers so lets continue
– Go back to the Splash.hta screen and click Install, Choose Next
– Because we are on one demo server we choose Install a Configuration Manager Primary Site and check the Use typical installation… Choose Next.

– Choose yes and I Agree, Next
– Accept all the licence therms and choose next

– Download the files to a folder you choose and click Next

-Choose a site code, Site name and installation folder for SCCM 2012 SP1, Next

– Hit next a couple of times and then choose Begin Install

That’s it, we are now up and running.

SP1 brings a lot of nice new stuff like the cross-platform clients, Azure Cloud DP, mobile device management through Microsoft Exchange ActiveSync amongst others.
Check out what’s new in SP1 here for a list of fun things to play around with and get to know in preparation for the actual SP1 release, as well as the release notes detailing what is knowing to be in a broken state during the Beta. You can also provide feedback to Microsoft for anything quirky that you may find during the evaluation.

Have Fun!

Antivirus exclusions for Operations Manager 2012; Management, Gateway and SQL servers

SCOM 2012 Antivirus exclusions; Management, Gateway and SQL servers

For information on exclusions on the SCOM 2012 and 2007 agents click here.

This question comes up all of the time in new environments; so I decided to make a blog about exclusions to let the SCOM 2012 and the SQL 2008 R2 servers run efficiently.

Note: replace %programfiles% to the fysical location like C:\Program Files\System Center Operations…. do this for all entries below. Make also sure the path you use is correct ! !

Excluded Processes
Forefront – Excluded processes
McAfee – On Access Low risk processes
SCOM 2012
%programfiles%\System Center Operations Manager\Agent\HealthService.exe
%programfiles%\System Center Operations Manager\Agent\MonitoringHost.exe
-%programfiles%\Microsoft\Exchange Server\v14\Bin\Microsoft.Exchange.Monitoring.CorrelationEngine.exe
-%programfiles%\System Center 2012\Operations Manager\Console\Microsoft.EnterpriseManagement.Monitoring.Console.exe

C:\Windows\system32\AdtAgent.exe
%programfiles%\System Center 2012\Operations Manager\Server\Microsoft.Mom.Sdk.ServiceHost.exe
%programfiles%\System Center 2012\Operations Manager\Server\APMDOTNETAgent\InterceptSvc.exe
-%programfiles%\System Center 2012\Operations Manager\Server\cshost.exe

SQL 2008 R2
-%ProgramFiles%\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLServr.exe
-%ProgramFiles%\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\Bin\ReportingServicesService.exe
-%ProgramFiles%\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Bin\MSMDSrv.exe

 

Excluded Directory’s
Forefront – Excluded files and locations
McAfee – Exclusions
SCOM 2012
-%programfiles%\System Center Operations Manager\Agent\Health Service State\*

SQL 2008 R2
-%ProgramFiles%\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\DATA\*
-%ProgramFiles%\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\BACKUP\*
-%ProgramFiles%\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\FTDATA\*

Excluded file types
Forefront – Excluded File Types
McAfee – Exclusions
SCOM 2012
.EDB
.CHK
.LOG

SQL 2008 R2 Server data and backup files
.mdf
.ldf
.ndf
.bak
.trn

Antivirus exclusions for Operations Manager / SCOM 2012 and 2007 Agents

SCOM 2012 and 2007 Antivirus exclusions; Agents

For information on exclusions on the SCOM 2012 management, gateway and SQL servers click here.

This question comes up all of the time in new environments; so I decided to make a blog about exclusions to let the SCOM 2012 agents run efficiently.

Note: replace %programfiles% to the fysical location like C:\Program Files\System Center Operations…. do this for all entries below. Make also sure the path you use is correct ! !

SCOM 2012 Agent Exclusions:

-SCOM 2012 Agent – Excluded Processes
Forefront – Excluded processes
McAfee – On Access Low risk processes
  -%programfiles%\System Center Operations Manager\Agent\HealthService.exe
  -%programfiles%\System Center Operations Manager\Agent\MonitoringHost.exe

-SCOM 2012 Agent – Excluded Directory’s
Forefront – Excluded files and locations
McAfee – Exclusions
  -%programfiles%\System Center Operations Manager\Agent\Health Service State\*

-SCOM 2012 Agent – Excluded file types
Forefront – Excluded File Types
McAfee – Exclusions
  .EDB
  .CHK
  .LOG
____________________________

SCOM 2007 R2 Agent Exclusions:

-SCOM 2007 R2 Agent – Excluded Processes
Forefront – Excluded processes
McAfee – On Access Low risk processes
  -%programfiles%\System Center Operations Manager 2007\HealthService.exe
  -%programfiles%\System Center Operations Manager 2007\MonitoringHost.exe

-SCOM 2007 R2 Agent – Excluded Directory’s
Forefront – Excluded files and locations
McAfee – Exclusions
  -%programfiles%\System Center Operations Manager 2007\Health Service State\*

-SCOM 2007 R2 Agent – Excluded file types
Forefront – Excluded File Types
McAfee – Exclusions
  .EDB
  .CHK
  .LOG

Troubleshooting performance SCOM 2012 and SCOM 2007 agent with McAfee Antivirus

I got quite a number of questions on performance of the SCOM and related processes (Heathservice.exe, monitoringhost.exe and CSCRIPTS). High CPU load on the SCOM process is mostly related to antivirus software.

In most cases the culprit ends up being the incorrect setup of the antivirus software; specially McAfee is very tricky when it’s not configured well and when the exclusions are not in the right place.
See my blogpost on antivirus exclusions for SCOM 2012 management, gateway and SQL servers or SCOM 2012 and 2007 agents

Here is how to troubleshoot antivirus in combination with the SCOM agent. In this case we monitor McAfee in combination with SCOM. To troubleshoot I used Procmon from Sysinternals.
In my later post I will make a list of recommended exclusions.
Lot’s of servers with high CPU load specially on the SCOM process; healthservice.exe, cscripts and more.

Troubleshooting the process with “Sysinternals Process Monitor”
1. Lets start with downloading the Process Monitor on http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
2. Stop the monitoring, go to Filter, Enable Advanced Output

3. Go to Filter, Process name, is, Mcshield.exe and click Add, OK

4. Click on the magnifyingglass to start the capture
Ok, we see that the McShield.exe process is scanning the OpsMgr data. This is not good.
After checking we noticed that the antivirus exclusions aren’t configured properly.

We’ve changed the exclusions to the best practice settings.
See my post for the working best practice for Antivirus Exclusions in combination with SCOM 2012 and 2007.