Step 1. Enable Discovery Methods
Perform the following on the SCCM server as SMSadmin
Note:- Site Hierarchy and Site Operations have been renamed from Beta 2 to Hierarchy Configuration and Site Configuration.
Click on the Administration workspace, expand Overview, Hierarchy Configuration and select Discovery Methods, you can see that Heartbeat Discovery is the only Method Enabled by Default.
We want our LAB to discovery All Computers and Users so we will enable the following discovery methods
Perform the following on the SCCM server as SMSadmin
Note:- Site Hierarchy and Site Operations have been renamed from Beta 2 to Hierarchy Configuration and Site Configuration.
Click on the Administration workspace, expand Overview, Hierarchy Configuration and select Discovery Methods, you can see that Heartbeat Discovery is the only Method Enabled by Default.
We want our LAB to discovery All Computers and Users so we will enable the following discovery methods
- Active Directory Forest Discovery
- Active Directory Group Discovery
- Active Directory System Discovery
- Active Directory User Discovery
Right click on Active Directory Forest Discovery and choose Properties,
place a checkmark in the three available options
click Apply and answer yes to the Full Discovery question
Now we will Enable Active Directory Group Discovery, so as before, right click on it, choose Properties
when the properties screen appears, place a checkmark to Enable the discovery Method,
Click on Add, select Location
click on Browse
Select your Active Directory Container and click ok
click ok, Give the Name a descriptive name like All My AD Groups
click ok, and it will now appear in the list of Discovery Scopes
Click on the Polling Schedule Tab, note that Delta Discovery is enabled already, now click on the Option tab (this is new since Beta 2)
Note:- There are three new options available in the interestingly named Option tab, select them if you wish, basically they allow us to NOT discovery stale objects in AD (no DDR will be created when they are detected), this is good as not all AD people remove stale accounts and this will help to improve our SLA's with more accurate information about what systems are live or not in our organisation.
Next we will configure Active Directory System Discovery, so right click it and select Properties, the properties page will show, place a checkmark toEnable Active Directory System Discovery
click on the Yellow StarBurst, then click on Browse and select your default Active Directory Container
so it appears like so
you can review the other tabs, including the new Option tab, select the options within there also.
and finally we'll enable Active Directory User Discovery, right click on it, choose Properties, and enable it as below
add the Active directory container discovery by clicking on the yellow starburst and adding the default container
Once done you can click on Assets and Compliance to verify that your Users, Groups and Systems are being Discovered (in the screenshot below I'm showing users and user groups).
Step 2. Configure Boundaries
Perform the following on the SCCM server as SMSadmin
In Configuration Manager 2012, a boundary is a network location that can contain one or more devices that you want to manage. Boundaries can be an IP subnet, Active Directory site name, IPv6 Prefix, or an IP address range, and it can include any combination of these elements. To use a boundary you must add the boundary to one or more boundary groups. Boundary groups are collections of boundaries and they allow clients to find an assigned site and to locate content when they need to install software, such as applications, software updates, and operating system images.
Boundaries are no longer site-specific. Instead, you define them one time only for the hierarchy and they are available for all sites in the hierarchy. Each boundary must be a member of a boundary group before a device on that boundary can identify an assigned site or locate content on a distribution point. Each boundary represents a network location in Configuration Manager 2012 and it is available from every site in your hierarchy. A boundary does not enable you to manage clients at the network location. To manage a client, the boundary must be a member of a boundary group.
Content Location
You can associate one or more distribution points with each boundary group. You can also associate a distribution point with multiple boundary groups. When a client requests content for a deployment, Configuration Manager sends the client a list of distribution points that have the content and that are associated with a boundary group that includes the current network location of the client.
Configuration Manager 2012 supports overlapping boundary configurations for content location. When a client requests content and the client network location belongs to multiple boundary groups, Configuration Manager sends the client a list of all distribution points that have the content. This behavior enables the client to select the nearest server from which to download the content.
You can configure the network connection speed of each distribution point in a boundary group. Clients use this value when they connect to the distribution point. By default, the network connection speed is configured as Fast, but it can also be configured as Slow. The network connection speed and the deployment configuration determine whether a client can download content from a distribution point when the client is on an associated boundary.
In the Administration section, select Boundaries, our previosly discovery Active Directory Site is listed.
right click on Boundary Groups and choose Create Boundary Group
give the Boundary Group a name (and a description if you wish), click on Add
In the Add Boundaries window, place a checkmark in our Default-First-Site-Name Boundary.
click ok, It now appears in our list of Boundaries which are a member of this Boundary Group, click on References
place a checkmark in Use this Boundary Group for site assignment then click on Add
select our site system then click ok
click Apply
Now we have defined which site our clients can get assigned to via the Boundary Group, and we have defined their content location
In the next Part we will configure some more Site roles and configure Client Settings.
place a checkmark in the three available options
click Apply and answer yes to the Full Discovery question
Now we will Enable Active Directory Group Discovery, so as before, right click on it, choose Properties
when the properties screen appears, place a checkmark to Enable the discovery Method,
Click on Add, select Location
click on Browse
Select your Active Directory Container and click ok
click ok, Give the Name a descriptive name like All My AD Groups
click ok, and it will now appear in the list of Discovery Scopes
Click on the Polling Schedule Tab, note that Delta Discovery is enabled already, now click on the Option tab (this is new since Beta 2)
Note:- There are three new options available in the interestingly named Option tab, select them if you wish, basically they allow us to NOT discovery stale objects in AD (no DDR will be created when they are detected), this is good as not all AD people remove stale accounts and this will help to improve our SLA's with more accurate information about what systems are live or not in our organisation.
Next we will configure Active Directory System Discovery, so right click it and select Properties, the properties page will show, place a checkmark toEnable Active Directory System Discovery
click on the Yellow StarBurst, then click on Browse and select your default Active Directory Container
so it appears like so
you can review the other tabs, including the new Option tab, select the options within there also.
and finally we'll enable Active Directory User Discovery, right click on it, choose Properties, and enable it as below
add the Active directory container discovery by clicking on the yellow starburst and adding the default container
Once done you can click on Assets and Compliance to verify that your Users, Groups and Systems are being Discovered (in the screenshot below I'm showing users and user groups).
Step 2. Configure Boundaries
Perform the following on the SCCM server as SMSadmin
In Configuration Manager 2012, a boundary is a network location that can contain one or more devices that you want to manage. Boundaries can be an IP subnet, Active Directory site name, IPv6 Prefix, or an IP address range, and it can include any combination of these elements. To use a boundary you must add the boundary to one or more boundary groups. Boundary groups are collections of boundaries and they allow clients to find an assigned site and to locate content when they need to install software, such as applications, software updates, and operating system images.
Boundaries are no longer site-specific. Instead, you define them one time only for the hierarchy and they are available for all sites in the hierarchy. Each boundary must be a member of a boundary group before a device on that boundary can identify an assigned site or locate content on a distribution point. Each boundary represents a network location in Configuration Manager 2012 and it is available from every site in your hierarchy. A boundary does not enable you to manage clients at the network location. To manage a client, the boundary must be a member of a boundary group.
Content Location
You can associate one or more distribution points with each boundary group. You can also associate a distribution point with multiple boundary groups. When a client requests content for a deployment, Configuration Manager sends the client a list of distribution points that have the content and that are associated with a boundary group that includes the current network location of the client.
Configuration Manager 2012 supports overlapping boundary configurations for content location. When a client requests content and the client network location belongs to multiple boundary groups, Configuration Manager sends the client a list of all distribution points that have the content. This behavior enables the client to select the nearest server from which to download the content.
You can configure the network connection speed of each distribution point in a boundary group. Clients use this value when they connect to the distribution point. By default, the network connection speed is configured as Fast, but it can also be configured as Slow. The network connection speed and the deployment configuration determine whether a client can download content from a distribution point when the client is on an associated boundary.
In the Administration section, select Boundaries, our previosly discovery Active Directory Site is listed.
right click on Boundary Groups and choose Create Boundary Group
give the Boundary Group a name (and a description if you wish), click on Add
In the Add Boundaries window, place a checkmark in our Default-First-Site-Name Boundary.
click ok, It now appears in our list of Boundaries which are a member of this Boundary Group, click on References
place a checkmark in Use this Boundary Group for site assignment then click on Add
select our site system then click ok
click Apply
Now we have defined which site our clients can get assigned to via the Boundary Group, and we have defined their content location
In the next Part we will configure some more Site roles and configure Client Settings.
