Appendix G - Deploying and Configuring SMS Sites

You can install SMS 2003 in different configurations, depending on your business and technical needs. Your satisfaction with this product depends on your understanding of basic concepts. The concept and planning processes described in this book focus on gathering information and making choices. You use the results of your documentation and decision-making efforts (clearly defined high-level goals, hardware and software requirements, site hierarchy structure, site system roles, and security measures) to answer questions that arise during installation.

SMS 2003 installation is directed by programs called wizards, which guide you through extended processes and help you accomplish common tasks. You complete preliminary system preparations and choose a setup option. Then, either the Express Setup Wizard or the Custom Setup Wizard guides you through one of three installation processes: primary site server, secondary site server, or SMS Administrator console. You complete the installation process by manually configuring the site boundaries and other site and component settings in the SMS Administrator console.

In This Appendix

  • Preparing for Installation

  • Starting the Installation Process

  • Installing a Primary Site

  • Installing a Secondary Site

  • Installing the SMS Administrator Console and Related Tools

  • Configuring Your SMS Sites and Hierarchy

  • Extending the Active Directory Schema

  • Creating SMS Containers in Active Directory

Preparing for Installation

Before you begin installing SMS 2003, be sure that you meet the requirements outlined in the “Getting Started” chapter in the Microsoft Systems Management Server 2003 Concepts, Planning, and Deployment Guide. It is recommended that you complete the Preplanning and Deployment Planning worksheets included in this book so that you are fully prepared to complete the configuration steps during the setup process.

SMS Site Server File Installation Location

The SMS 2003 site server is installed, by default, in the SMS folder on the NTFS drive with the most free disk space. You can configure this location during SMS setup. However, there are some SMS files that are installed in folders outside the SMS folder. For example, files are installed in the following folders:

  • The CAP_sitecode folder (if the client access point (CAP) site system role is enabled on the computer)

  • The SMS_CCM folder (if the management point site system role is enabled on the computer)

  • The Inetpub\wwwroot\SMSComponent and Inetpub\wwwroot\SMSReporting_sitecode folders (if the SMS reporting point role is enabled on the computer)

  • The %Windir%\System32 folder

The files mentioned above must be installed in the default location. However, you might be able to modify the installation drive for some of the optional components (such as a CAP). Regardless of the installation drive that you specify, any binary files, which are required for the site system (such as SMS Executive), are always installed in the SMS share that the SMS site server selects.

To specify the drive on which SMS installs optional site systems
  1. Create a share on the NTFS drive that you want to install the optional site system on.

  2. Create the site system in the SMS Administrator console as a server share site system instead of a server site system. When you create the server share site system in the SMS Administrator console, specify the server and share path for SMS to use.

  3. Assign the SMS site system roles to that site system as required.

To prevent SMS from installing files on a specific drive
  1. Create an empty file named No_SMS_on_drive.sms.

  2. Place No_SMS_on_drive.sms at the root folder of any drive that you want to prevent SMS from installing files on. You can create No_SMS_on_drive.sms in the root folder of all drives except the one drive that you specified as the server share site system.

SMS does not install files on a drive that contains No_SMS_on_drive.sms, and it selects a different NTFS drive on which to install components.

Setup Options

There are two options for installing a primary site: Express Setup and Custom Setup. Regardless of the installation option you choose, you can review all of the information that you enter at the end of the setup process before you make any changes to your system. Until you click Finish on the final Setup page, you can go to previous pages and change the information you have entered, including the choice between Express Setup and Custom Setup.

For more information about Setup option planning considerations, see Appendix E: "Appendix E - Designing Your SMS Sites and Hierarchy."

Table G.1 describes which SMS software components are available with each setup option. This information can help you plan which type of setup to use for a specific location.

Table G. SEQ Table \* ARABIC 1   Component Data by Setup Option

Option

Custom primary site installation

Express primary site installation

Secondary site installation

SMS Administrator console installation

Site server

Installed

Installed

Installed

Not available

SMS Administrator console

Installed

Installed

Available

Installed

Remote Tools

Optional

Installed

Optional

Not available

By default, the Express Setup option:

  • Installs all core SMS components and client agents.

  • Enables Legacy Client Push Installation.

  • Enables all discovery methods, except Network Discovery.

  • Creates all necessary service accounts.

  • Enables the client access point (CAP), management point, and distribution point roles on the site server.

Table G.2 lists default settings that result from the Express Setup option. Use this table as a configuration guide during a Custom Setup installation to help avoid settings that cause excessive network bandwidth.

Table G. SEQ Table \* ARABIC 2   Express Setup Default Settings

Feature

Enabled or disabled

Interval

Network Discovery

Disabled

Not applicable

Windows User Group Discovery

Enabled

One day

Windows Networking User Account Discovery

Enabled

One day

Heartbeat Discovery

Enabled

One day for Express Setup

Legacy Client Push Installation

Enabled

Not applicable

Advertised Programs Client Agent

Enabled

One hour

Remote Tools Client Agent

Enabled

Not applicable

Hardware Inventory Client Agent

Enabled

One day

Summarizers (summarize and replicate)

Enabled

12 hours

Collection update

Enabled

One hour

Package distribution point update

Disabled

Not applicable

Software Metering Client Agent

Disabled

Not applicable

Software Inventory Client Agent

Disabled

Not applicable

SQL Server Preparation

An SMS 2003 primary site must have access to SQL Server. You can install SQL Server on the computer that is used as the primary site server. Or, to separate the data input and output (I/O) load and SMS server resource demands, you can install SQL Server on a different computer in the SMS site. For more information about planning where to install the SQL Server database, see Appendix E: "Appendix E - Designing Your SMS Sites and Hierarchy."

Note

After SMS 2003 site installation is complete, you cannot move the SMS Provider without reinstalling the site.

Configuring SQL Server for SMS

To configure SQL Server for SMS, you must complete the following tasks. You can perform these tasks after you install SQL Server, but you must complete them before you install SMS 2003.

Note

SMS 2003 supports only the SQL Server default instance. SQL Server named instances are not supported in SMS 2003. This applies only to SQL Server 2000 or later. For more information, see the SQL Server Help.

This section does not cover:

  • Creating an account to access SQL Server.

  • Creating a SQL Server account.

  • Creating a SQL Server Login ID.

For more information about creating and configuring these accounts, see Scenarios and Procedures for Microsoft Systems Management Server 2003: Security.

Tuning SQL Server

Consider performing the following tasks to improve performance:

Ensure that SQL Server has enough user connections

You can specify this number during SMS Setup. It is recommended that you configure SQL Server for an unlimited number of user connections. This is the default value for SQL Server.

Set the SQL Server Memory option

The default SQL Server Memory option is set to dynamically configure SQL Server memory. This setting dynamically adjusts the amount of memory that is used based on demand. The maximum database size is determined by the amount of disk space that is available and the licensing limits determined by the version of SQL Server you are using.

If the SQL Server Memory option is set to dynamically configure SQL Server memory, SQL Server can consume too much memory and slow down performance.

Table G.3 lists the recommendations for tuning the Memory option. These recommendations are based on the assumption that the computer running SQL Server is a member server that is dedicated to SMS.

Table G. SEQ Table \* ARABIC 3   Recommendations for SQL Server Memory

Server memory

Operating system and SMS services

SQL Server

128 MB

80 MB

48 MB

256 MB

160 MB

96 MB

384 MB

224 MB

160 MB

512 MB and greater

256 MB

256 MB and greater

For more information about performance and tuning, see the SQL Server product documentation.

Ensure that the computer running SQL Server is accessible from the site server

SQL Server might not be on the same computer as the primary site server. If this is the case, ensure that the SMS Service account and either the SMS SQL Server Login ID or the Windows Group account that is used by SMS to access the SQL Server database has network access to the computer running SQL Server. To check whether this network access is available, make a network connection to the computer running the SQL Server account from the SMS SQL Server Login ID or the Windows Group account.

Ensure that SQL Server starts automatically at system startup

To ensure automatic SQL Server startup at system startup, run SQL Server Setup, select Set server options, and then click Auto-start server at boot time.

SQL Server Database Replication

This section describes the manual setup of transactional SQL Server database replication by using a remote distributor that is running on the subscriber. In addition, the distributor has to be configured first, and it has to be specified on the publisher computer. You can run MpPublish (MpPublish.vbs) from the following folder on the SMS 2003 product CD to publish the table and store procedures: SMSSETUP\BIN\I386\.

To set up SQL Server database replication for a remote management point
  1. At the command prompt, type the appropriate command, as in the following example:

    MpPublish.vbs SiteDatebaseName [PublisherMachineName] [SQLUserName] [SQLPassword]
    • The local computer name is used if PublisherMachineName is not specified.

    • Windows authentication is used if SQLUserName is not specified.

  2. Press ENTER.

  3. If successful, a status message appears: MpPublish completed successfully.

Note

If this procedure is performed on a computer running Windows Server 2003, the MpPublish completed successfully message appears on the command prompt, instead of in a status message.

  1. Configure the subscriber.

  2. Start the snapshot agent on the distributor.

For more information, see the SQL Server Help.

*SPWhen you upgrade from SMS 2003 to SMS 2003 SP1, you need to reconfigure SQL Server database replication because 15 new tables and stored procedures have been added to the replication database. *SP

Starting the Installation Process

When you insert the SMS 2003 product CD in your drive, the first page that appears gives you several options. The instructions in this appendix assume that you are installing SMS 2003 directly from the product CD. However, you can also copy the directories and files from the product CD to a network drive and install them from there. In this case, you run Setup.exe in the root of the copied folder tree to install SMS 2003.

Note

Close any open dialog boxes, other than the Setup dialog box, before continuing with setup. This includes Terminal Services windows.

Caution

Do not install non-SMS files and folders within the SMS folder. Any attempt to uninstall SMS deletes all files, folders, and applications within the SMS folder, including all non-SMS files.

Determining that SMS Setup Has Completed

After you install SMS, apply a service pack (or upgrade a site), wait at least 30 minutes before opening the SMS Administrator console, running a site reset or performing any other site configuration change or operation. This waiting period allows the initial SMS configuration processes carried out by the SMS Executive and SMS Site Component Manager services to complete. You can verify whether these processes are completed by checking the level of CPU activity on your computer. When the activity level returns to normal, you can open the SMS Administrator console.

You can check the C:\SMSSetup log for the SMS Setup completed successfully entry. This entry indicates that SMS Setup.exe has completed its tasks. However, this does not necessarily mean that other SMS processes have completed their own tasks associated with setup or site reset. In addition, you can also check the following logs in SMS/logs for specific activity:

SMS Site Component Manager log (SMSSitecomp.log)

This log verifies that SMS components have been installed (or in the case of a site reset, reinstalled) successfully.

  • Search for Processing site shutdown transaction.

In the case of a site reset, this entry represents the first occurrence of the site being shut down. Subsequent lines in the log indicate that other individual services were stopped and status messages were generated to indicate that the service stopped.

  • Search for Site shutdown complete

In the case of a site reset, this entry represents the first occurrence of the site shut down having completed. This occurred when the update installation signaled SMS to perform the site reset. Subsequent lines in the log indicate that other individual services were being reinstalled. This might take several minutes to complete.

  • Search for Waiting for changes to the “C:\SMS\Inboxes\Sitectrl.box” or “C:\SMS\Inboxes\Sitecomp.box” directories.

This entry indicates that Site Component Manager has completed its work for the site installation or reset.

Hierarchy Manager log (Hman.log)

This log verifies that SMS site information is published in Active Directory (in an extended Active Directory schema environment).

  • Search for Wait for site control changes for maximum 3600 seconds.

This entry indicates that Hierarchy Manager has completed its work for the site installation or reset. In the lines previous to this entry, you will see entries related to publishing SMS site data to Active Directory.

SMS Inbox Manager log (Inboxmgr.log)

This log verifies that inboxes have been successfully created on the SMS site server and the SMS CAP.

  • Search for Waiting for changes inbox definition, inbox rules and inbox replication files, max wait = 3600 seconds.

This entry indicates that SMS Inbox Manager has completed its work for the site installation or reset. In the lines previous to this entry, you will see entries indicating that files were copied to the CAP and that some inboxes were updated. In general, the last inbox to be created on the CAP is CAP_xxx\Clicomp.box.

Upgrading a Site

If you want to upgrade your site from an earlier version of SMS, see Appendix H: "Appendix H - Upgrading to SMS 2003."

Note

If you installed SMS client components on the primary or secondary site server, you should uninstall them before uninstalling the site server. Remove any site systems that you enabled for the site. If you assigned any SMS clients to the site, either reassign them to another SMS site, or uninstall them before you uninstall the site server. Do not uninstall the SMS site server until you have completely removed it from the site hierarchy.

Removing a Primary Site

If you want to remove an SMS 2003 site, use the SMS 2003 Setup.

To remove a primary site
  1. From the SMS 2003 CD, run Setup.exe. Or, from the Systems Management Server program group on the site server, run SMS Setup.

  2. From the Setup Options page, select Remove SMS.

  3. Click Next to display the SMS Database Deinstallation Options page.

  4. Clear the Delete the SMS Site Database check box if you do not need to remove the SMS site database, for example, if you plan to reinstall the site server and use the existing site database.

  5. Click Next, and then click Finish to complete the removal process.

After you uninstall SMS from a site server, some SMS related items remain, such as files, folders, and registry keys. SMS does not remove those items, primarily in order to allow a subsequent installation of SMS to be associated with the previous installation. In some cases, it can be necessary to completely remove SMS from that computer.

To completely remove SMS from a site server computer
  1. Manually remove the following items:

Note

When you uninstall SMS 2003, all installed feature packs are also uninstalled.

Removing a Secondary Site

The process for uninstalling a secondary site is similar to that for uninstalling a primary site. You can initiate an uninstall by running setup from the SMS 2003 source CD as described in Removing A Primary Site, or by running the Delete a Secondary Site Wizard from the SMS Administrator console for the parent site of the secondary site that you want to remove.

To remove a secondary site using the Delete a Secondary Site Wizard
  1. In the SMS Administrator console, navigate to the secondary site entry in the Site Hierarchy node of the console tree.

  2. Right-click the secondary site entry and select Delete to run the Delete a Secondary Site Wizard.

  3. Click Next to display the Choose Whether to Delete or Deinstall wizard page.

  4. Select Deinstall to completely remove the secondary site installation. Select Delete to remove all references to the secondary site from its parent, while leaving the secondary site server installation intact. Select the Delete option if, for example, the secondary site server is no longer functioning or no longer exists and cannot respond to commands to uninstall. Selecting Deinstall, in this case, generates error messages and the uninstall process fails. The Delete option bypasses the uninstall portion of the process and simply removes the reference of the secondary site from the parent site. You must then manually remove the secondary site software from the secondary site server.

  5. Click Finish to begin the uninstall process.

Refresh the SMS Administrator console. When the secondary site entry is no longer displayed, the secondary site removal process is complete. Follow the site server clean-up steps outlined in Removing a Primary Site earlier in this section.

Important

When using an Administrator console at a parent site to uninstall a child secondary site, the secondary site’s object might not be removed from Active Directory. If the site’s SMS-Site-<site_code> object remains in Active Directory, than you need to manually remove it.

Running Setup

SMS Setup provides the following options:

Install an SMS primary site

When installing an SMS primary site, choose Express Setup or Custom Setup. For a description of both of these, see the “Setup Options” section earlier in this appendix.

A primary site is the basic management unit in SMS. A primary site includes a SQL Server database and SMS administrative tools, such as the SMS Administrator console. Each SMS hierarchy must have at least one primary site.

Install an SMS secondary site

Before an SMS secondary site can be installed, an SMS primary site must exist. Secondary sites send their data to the primary SMS site database. You do not install SQL Server or SMS administrative tools on a secondary site.

Install the SMS Administrator console and related utilities

The SMS Administrator console is installed automatically on all primary sites. To distribute administrative tasks among various personnel in your organization, you might choose to install the SMS Administrator console on other computers.

Install the Recovery Expert

To successfully recover a site, you can use the SMS recovery tools that guide you through the recovery process and automate some recovery tasks. The Recovery Expert Web site is an essential tool that automates this process. It collects information about your failure scenario and produces a list of tasks that you must perform to recover your site.

For more information about setting up a Recovery Expert Web site, see Scenarios and Procedures for Microsoft Systems Management Server 2003: Maintenance, Backup, and Recovery.

Running an Unattended Setup

You can create an SMS Setup initialization file to run an unattended setup. Specify this file when using the Setup command /script option. This file supplies the same kind of information that the SMS Setup Wizard prompts for, except that there are no default settings; all values must be specified for the setup keys that apply to the type of installation you are using.

Caution

All accounts and passwords are listed in the Setup.ini file. It is important that you restrict unauthorized access by manually setting the permissions on this file after you have created it.

Tables G.4 through G.6 describe each of the setup keys in an SMS Setup initialization file and their corresponding values. Each key description specifies the type of installation that requires that key.

The order of the keys within sections, and the order of sections within the file, is not important. Also, the keys and data are not case-sensitive.

The SMS Setup initialization file contains three sections. Each of the following tables describes the keys in one of the sections:

  • Table G.4: [Identification] section

  • Table G.5: [Options] section

  • Table G.6: [SQLConfigOptions] section

For an example of an SMS initialization file, see the “Example of an SMS Initialization File” section later in this appendix.

Table G. SEQ Table \* ARABIC 4   SMS Setup Initialization File Keys for the [Identification] Section

Key

Description

Used in this type of installation

Action

InstallAdminUI. Installs only the SMS Administrator console.

InstallPrimarySite. Installs a primary site.

InstallSecondarySite. Installs a secondary site.

All

Table G. SEQ Table \* ARABIC 5   SMS Setup Initialization File Keys for the [Options] Section

Key

Description

Used in this type of installation

AddressType

Specifies that one of the following types of addresses is to be used as the default address to the secondary site from its parent site:

MS_ASYNC_RAS. For RAS communication over an asynchronous line.

MS_ISDN_RAS. For RAS communication over an ISDN line.

MS_LAN. For communication over a LAN, and over a WAN when routers connect multiple LANs.

MS_SNA_RAS. For RAS communication over an SNA link.

MS_X25_RAS. For RAS communication over an X.25 line.

Secondary

AllClientOptionsOn

Enables all client agents and options.

Primary

FullName

The name of a person under whom this product will be registered. (This is the same as the Name field on the Product Registration page of the SMS Setup Wizard.)

All

LanUser

The account name for the Standard Sender account to be used at this site.

Secondary

LanUserPassword

The password for the account specified for LanUser.

Secondary

NumberOfAdminUI

Specifies the maximum number of SMS Administrator consoles that the site can have running simultaneously. A good number is 5.

Primary

NumOfClients

Specifies the number of clients for setting an initial database size.

Primary

OptionalUnits

Specifies one or more of the following SMS components, in a comma-separated list (no spaces):

Remote Control (called Remote Tools in the SMS Setup Wizard): Allows the administrator to control remote computers over the network. The remote computer’s desktop is displayed on your screen, allowing you to run its programs, examine its logs, and restart.

Primary and secondary

OrgName

The organization name under which this product will be registered. (This is the same as the Organization field on the Product Registration page of the SMS Setup Wizard.)

All

ParentSiteCode

Specifies the site code of the site that will be the new secondary site’s parent site.

Secondary

ParentSiteServer

Specifies the network name of the site server of the new secondary site’s parent site.

Secondary

ProductID

The 25-character key from the yellow sticker on the SMS CD case.

All

RasUser

The account name for the RAS Sender account to be used at this site.

Secondary

RasUserDomain

The domain in which the RasUser account was created.

Secondary, if installing a RAS Sender

RasUserPassword

The password for the account specified for RasUser.

Secondary, if installing a RAS Sender

RasPhoneBook

A RAS phone book name for the RAS Sender to use.

Secondary, if installing a RAS Sender

SDKServer

Specifies a server where the SMS Provider will be installed.

Primary

SecurityMode

Specifies the security mode:

Advanced: This mode relies on using the local system context to run services and the computer accounts to communicate between servers. With advanced security, the user accounts are not applicable.

Standard: On the site server, SMS services run under a user-specified service account.

Primary and secondary

ServiceAccount

Specifies a user account to be used as the SMS Service account at this site.

Primary and secondary

ServiceAccountDomain

The domain in which the SMS Service account was created.

Primary and secondary

ServiceAccountPassword

The password for the SMS Service account.

Primary and secondary

SiteCode

Three characters that will be the new site’s site code.

Primary and secondary

SiteDomain

The domain containing the site server.

Primary and secondary

SiteName

The new site’s name (with a 50 character limit).

Primary and secondary

SMSInstallDIr

The installation directory for SMS, for example, C:\SMS

Primary and secondary

Table G. SEQ Table \* ARABIC 6   SMS Setup initialization file keys for the [SQLConfigOptions] section

Key

Description

Used in this type of installation

AutoConfigSqlConnections

1 to automatically configure SQL Server connections.

0 to not automatically configure.

Primary

CreateSQLDevice

1 to create the SQL database to use with SMS site.

0 to not create the SQL database.

Primary

DatabaseDevice

A name for the SMS site database device file, required if you set CreateSQLDevise=0.

 

LogDevice

A name for the SMS site database log file, required if you set CreateSQLDevise=0.

 

DatabaseName

A name for the SMS site database, such as SMS_ABC. (SMS_<site code> is a good choice if you have more than one site.)

Primary

NumberOfSqlConnections

The number of simultaneous connections that your SMS site database can have. A recommended number is 75.

Primary

SQLDevicePath

The location where the SQL database data and log files are created, for example, C:\MSSQL\Data.

Primary

SQLLoginID

A SQL Server account for accessing the SMS site database. This account must already exist (SMS Setup does not create it) and have SQL Server system administrator (sa) permissions.

Primary

SQLLoginPassword

The password for the account specified for SQLLoginID.

Primary

SQLServerName

The name of the computer running the instance of SQL Server that contains the SMS site database for this site.

Primary

SQLServerVersion

The version of SQL Server that will contain the SMS site database.

Primary

UseSQLIntegratedSecurity

1 to have SMS use Windows Authentication mode when accessing the SMS site database, 0 to not use it.

Primary

Example of an SMS Initialization File

The following is an example of an SMS initialization file.

[Identification]
Action=InstallPrimarySite

[Options]
FullName=Sam Woodman
OrgName=Microsoft
ProductID=G4VJX-8DB8K-P3BDT-XR8CH-3YCJQ
SiteCode=FIN
SiteName=Finance
SiteDomain=Seattle
SecurityMode=Standard
ServiceAccount=smsadmin
ServiceAccountDomain=Seattle
ServiceAccountPassword=Animal$Cracker27
NumOfClients=100
OptionalUnits=Remote Control
SMSInstallDir=D:\SMS
NumberOfAdminUI=5
SDKServer=Rainy

[SQLConfigOptions]
SQLServerName=Rainy
SQLServerVersion=2000
UseSQLIntegratedSecurity=0
SQLLoginID=sa
SQLLoginPassword=Harpo&Chico
CreateSQLDevice=1
DatabaseName=SMS_FIN
SQLDevicePath=F:\MSSQL\SMSDATA
NumberOfSqlConnections=75
AutoConfigSqlConnections=1

Installing a Primary Site

If you chose to install a primary site on the Setup Options page, you have the choice of Express Setup or Custom Setup. You must have the SQL Server configuration and supporting accounts in place as described in Scenarios and Procedures for Microsoft Systems Management Server 2003: Security.

Express Setup

When you want to install a small SMS site hierarchy for evaluation purposes, choose Express Setup. Many SMS 2003 features are enabled by default if you use Express Setup, but they are disabled by default if you use Custom Setup. For more information about the differences between Express Setup and Custom Setup, see the “Setup Options” section earlier in this appendix.

To install an SMS primary site with Express Setup
  1. Ensure that the computer you want to use as the site server meets all the hardware and software requirements listed in the “Getting Started” chapter in the Microsoft Systems Management Server 2003 Concepts, Planning, and Deployment Guide. Log on to that server with an account that has local Administrative credentials.

  2. Insert the SMS 2003 product CD into the server’s drive, and then click SMS 2003.

  3. On the Welcome page, click Next.

  4. On the System Configuration page, click Next.

  5. On the Setup Options page, select Install an SMS Primary Site, and then click Next.

  6. On the Installation Options page, select Express Setup, and then click Next. The SMS Licensing Agreement page appears.

  7. Read the licensing agreement. If you approve, click I agree, and then click Next.

  8. On the Product Registration page, fill in the fields, and then click Next. You must enter the Product Key value, which is located on the SMS 2003 product CD case.

  9. On the SMS Site Information page, enter the unique three-digit site code, the site name, and the domain in which the site server resides, and then click Next.

Caution

To change the domain name and the computer name after SMS is installed, you must remove your installation of SMS, change the names, and then reinstall SMS. To avoid this time-consuming task, consider this information carefully before you enter it.

  1. On the SMS Active Directory Schema page, you have the option to extend the Active Directory schema. This only applies to sites in domains that are using Active Directory. Make your selection, and then click Next.

Note

The Active Directory schema needs to be extended for SMS if you plan to implement global roaming for Advanced Clients. You must have schema administrative rights to extend the Active Directory schema. For more information, see the “Extending the Active Directory Schema” section later in this appendix.

  1. On the SMS Security Information page, choose your security mode:

    • If you choose standard security mode, go to step 12.

    • If you choose advanced security mode, go to step 13.

  2. On the SMS Security Information page, if you have not already created a service account, use the default (SMSService) or enter an account name and password, and then click Next.

    You can specify a local domain account by typing only the account name. Specify a trusted domain account by typing the domain and account name separated by a backslash (\). A trusted domain must be trusted by all domains within the site.

    If you have already created an account, enter the name and password. If you have not created an account, SMS Setup creates the account for you.

  3. On the SMS Primary Site Client Load page, enter the number of clients to be managed from this SMS primary site, and then click Next.

    Estimate the number of clients as accurately as possible because the number you enter is used to size the database and log file. The minimum value is 1. You might want to add 20 percent to the number of clients that you plan for this site to give the database some room to grow. If necessary, you can enlarge the database later as described in the SQL Server product documentation.

  4. On the Concurrent SMS Administrator Consoles page, enter the number of SMS Administrator consoles you expect to install on your site, and then click Next.

  5. On the Completing the Systems Management Server Setup Wizard page, review the choices you have made throughout the setup process. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f06_eps \!

    To change any selection or specification, double-click the item you want to change. Make the change, and then click Next until you come back to the Completing the Systems Management Server Setup Wizard page. When you are satisfied with your choices, click Finish.

    After SMS Setup installs the primary site, a message appears indicating that the setup was successful.

Custom Setup

Use Custom Setup when you want to control what features SMS Setup installs, when you want to use an existing installation of SQL Server, and for installing an SMS primary site in a production environment. Also, choose Custom Setup when you want to use advanced security. You can select which SMS components to install. If you choose to use an existing SQL Server installation, you can use a local or remote database for SMS operations.

To set up an SMS primary site with Custom Setup
  1. Ensure that the computer you want to use as the site server meets all the hardware and software requirements listed in the “Getting Started” chapter in Microsoft Systems Management Server 2003 Concepts, Planning, and Deployment Guide. Log on to that server with an account that has local Administrative credentials.

  2. Insert the SMS 2003 product CD into the server’s drive, and then click SMS 2003.

  3. On the Welcome page, click Next.

  4. On the System Configuration page, click Next.

  5. On the Setup Options page, select Install a Primary Site, and then click Next.

  6. On the Installation Options page, select Custom Setup, and then click Next. The SMS Licensing Agreement page appears.

  7. Read the licensing agreement. If you approve, click I agree, and then click Next.

  8. On the Product Registration page, fill in the fields, and then click Next. You must enter the Product Key value, which is located on the SMS 2003 product CD case.

  9. On the SMS Site Information page, enter the unique three-digit site code, the site name, and the domain in which the site server resides, and then click Next.

Caution

To change the domain name and the computer name after SMS is installed, you must remove your installation of SMS, change the names, and then reinstall SMS. To avoid this time-consuming task, consider this information carefully before you enter it.

  1. On the SMS Active Directory Schema page, you have the option to extend the Active Directory schema. This only applies to sites in domains that are using Active Directory. Make your selection and then click Next.

Note

The Active Directory schema needs to be extended for SMS if you plan to implement global roaming for Advanced Clients. You must have schema administrative rights to extend the Active Directory schema. For more information, see the “Extending the Active Directory Schema” section later in this appendix.

  1. On the SMS Security Information page, choose your security mode:

    • If you choose standard security mode, proceed to step 12.

    • If you choose advanced security mode, proceed to step 13.

  2. On the SMS Security Information page, if you have not already created a service account, use the default (SMSService) or enter an account name and password, and then click Next.

    You can specify a local domain account by typing only the account name. Specify a trusted domain account by typing the domain and account name separated by a backslash (\). A trusted domain must be trusted by all domains within the site.

    If you have already created an account, enter the name and password. If you have not created an account, SMS Setup creates the account for you.

  3. On the SMS Primary Site Client Load page, enter the number of clients to be managed from the SMS primary site, and then click Next.

    Estimate the number of clients as accurately as possible because the number you enter is used to size the database and log file. The minimum value is 1. You might want to add 20 percent to the number of clients that you plan for this site to give the database some room to grow. If necessary, you can enlarge the database later as described in the SQL Server product documentation.

  4. On the Setup Installation Options page, select the SMS components that you want to install. SMS and the SMS Administrator console are selected by default; select each additional component you want to install from this page. You can also specify a different folder in which to install SMS by clicking Browse. When you finish making the changes, click Next. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f07_eps \!

  5. On the SQL Server Information for SMS Site Database page, specify the name of the server that hosts the SQL Server database that you want to use, the version number, and whether to use Windows Authentication mode when accessing SQL Server. The alternative is SQL Server Authentication security.

    With Windows Authentication Mode, you specify a Windows Group account for SMS to use when it logs on to SQL Server.

    • If you select Yes for Windows Authentication mode, SQL Server verifies logons based on a Windows account’s user name and password. When you log on to SQL Server, SMS bypasses the SQL Server logon process.

    • If you select No for Windows Authentication mode, when SMS logs on, it must supply a SQL Server login ID. The SQL Server Account for SMS Site Database page appears. Enter the SQL Server login ID for the database that you want to use or accept the default (sa). Enter the password for your SQL Server Login ID account in the appropriate boxes, and then click Next.

  6. If you chose to create the SMS site database, the SMS Site Database page appears. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f10_eps \!

    Enter the name of your database or accept the defaults.

    SMS Setup automatically detects the version of SQL Server and displays the proper page. The SMS Site Database Name page appears. Enter the SMS site database name of the SQL Server database that you want SMS to use, and then click Next.

  7. On the SQL Server Directory Path for SMS site database page, enter the folder name for the SMS site database. The SMS site database and the transaction log are created in the same directory by SMS setup. If you want to store the transaction log in a different directory, you must create the SMS site database before running SMS setup, and then specify the file locations during SMS setup.

  8. On the Concurrent SMS Administrator Consoles page, enter the number of SMS Administrator consoles that you expect to install on this site. Enter the minimum number of SQL Server connections that the database will support. If other applications also use the SQL Server database, increase this number by the expected additional connections that are required. Click Next. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f13_eps \!

  9. If you specified a computer other than the site server in the Computer running SQL Server text box on the SQL Server Information for SMS Site Database page, the SMS Provider Information page appears.

    The SMS Administrator console communicates with the SMS site database through the SMS Provider. If your SMS site database is on a different computer from the site server, you can install the SMS Provider on either computer.

    For best performance, place the SMS Provider on the computer running SQL Server unless either of the following conditions is true. If either of the listed conditions is true, place SMS Provider on the site server:

    • The security setting on the computer running SQL Server prevents direct administrator access to the computer.

    • The additional workload erodes SQL Server performance. This might be the case if the SMS site databases of several sites reside on the computer running SQL Server or if the computer is already performing poorly.

    After SMS 2003 site installation is complete, you cannot move the SMS Provider. Select the location where you want the SMS Provider to be installed, and then click Next. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f21_eps \!

  10. On the Completing the Systems Management Server Setup Wizard page, review the choices you have made throughout the setup process. To change any selection or specification, double-click the item that you want to change. Make the change, and then click Next until you return to the Completing the Systems Management Server Setup Wizard page. When you are satisfied with your choices, click Finish.

After SMS Setup installs the primary site, a message appears indicating that the setup was successful.

Installing a Secondary Site

Before you install a secondary site, you must first install a parent primary site. You can install a secondary site from the SMS 2003 product CD, or you can connect to an image of the SMS 2003 product CD on a mapped network drive, hard disk drive, or removable drive of the secondary site. You can also install a secondary site from the primary site by using the SMS Administrator console.

Note

You must have Create permission for the site security object class to perform the following procedures. Also, the SMS Service account on the primary site server must have administrative rights on the new secondary site server.

Installing a Secondary Site Using SMS Setup

You can install a secondary site from the SMS 2003 product CD, or you can connect to an image of the SMS 2003 product CD on a mapped network drive, hard disk drive, or removable drive of the secondary site.

To install a secondary site from the SMS Setup product CD

  1. Ensure that the computer you want to use as the secondary site meets all the hardware and software requirements listed in the “Getting Started” chapter in the Microsoft Systems Management Server 2003 Concepts, Planning, and Deployment Guide. Log on to that server with an account that has local Administrative credentials.

  2. Insert the SMS 2003 product CD into the server’s drive. Click Set up SMS 2003.

  3. On the Welcome page, click Next.

  4. On the System Configuration page, click Next.

  5. On the Setup Options page, select Install an SMS secondary site, and then click Next.

  6. On the SMS Site Information page, enter the unique three-digit site code, the site name, and the site domain of this site, and then click Next.

Caution

To change the domain name and the computer name after SMS is installed, you must remove your installation of SMS, change the names, and then reinstall SMS. To avoid this time-consuming task, consider this information carefully before you enter it.

  1. On the SMS Security Information page, select a security mode:

    • If you select Standard Security mode, proceed to step 9.

    • If you select Advanced Security mode, proceed to step 10.

Note

You cannot install a secondary site in Advanced security mode if the parent site is in Standard security mode.

  1. On the SMS Service Account Information page, if you have not already created a service account, use the default account (SMSService), or enter an account name and password. SMS Setup creates the account. If you have already created an account, enter the account name and password. You can specify a local domain account by entering only the account name. You specify a trusted domain account by entering the domain and account name separated by a backslash (\). The trusted domain must be trusted by all domains within the site.

  2. On the Setup Installation Options page, select the SMS components that you want to install, and then click Next. You can also change the folders that the components are installed into on your server.

  3. On the Parent Site Information/Identification page, enter the site code of the parent site and the name of the primary site server to which the secondary site will connect. Enter the type of network connection that this site will use to communicate with the parent site, and then click Next. This option is not available when installing in the advanced security mode. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f14_eps \!

  4. On the Connection Account Information page, specify the account information that the secondary site will use to connect to the parent site, and then click Next.

  5. On the Completing the Systems Management Server Setup Wizard page, review the choices you have made throughout the setup process. To change any selection or specification, double-click the item that you want to change. Make the change, and then click Next until you return to the Completing the Systems Management Server Setup Wizard page. When you are satisfied with your choices, click Finish. The SMS 2003 secondary site installation on your computer is complete.

Installing a Secondary Site Using the SMS Administrator Console

To install a secondary site from the primary site by using the SMS Administrator console, complete the following procedure.

Note

If you are using advanced security, you must add the computer account of the primary site server to the Administrator’s group on the proposed secondary site server.

To install a secondary site from the SMS Administrator console
  1. From the SMS Administrator console, navigate to your primary site:

    Systems Management Server
    

    Site Database (site code - site name)         Site Hierarchy             site code - site name

  1. Right-click the <site code - site name> of your primary site, select New, and then click Secondary Site Creation Wizard.

  2. On the Welcome page, click Next. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f22_eps \!

  3. On the Site Identity page, enter the site code and site name that you chose for the secondary site server, add any optional comments, and then click Next.

  4. On the Site Server page, specify the domain and the name of the secondary site server. If necessary, change the installation folder and processor platform. The installation folder name must not include any spaces. Click Next.

Caution

Ensure that you type the server name correctly. The Create Secondary Site Wizard does not verify that the server exists.

  1. On the Installation Source Files page, choose whether to send all the files that are required to set up a secondary site over your network from the primary site server to the secondary site server.

    • If you have sufficient network bandwidth during the installation, sending the files over the network is the easiest approach.

    • You can place the SMS 2003 product CD in the secondary site server computer and have the Secondary Site Creation Wizard load the necessary files from the product CD. This is the preferred method when you install SMS in low-bandwidth situations and when it is inconvenient to access the secondary site server remotely (installing a secondary site over RAS, for example).

    • Alternatively, you can use an SMS 2003 product CD image on the local disk or removable media or a mapped network connection at the secondary site server.

      Select the method you want to use, and then click Next.

  2. On the SMS Security Information page, choose your security mode:

    • If you choose standard security mode, proceed to step 8.

    • If you choose advanced security mode, proceed to step 9.

  3. On the SMS Service Account page, enter the user name and password of the account to be used as the SMS Service account for the secondary site. Ensure that this account already exists in the secondary site domain. If it does not exist, create it before continuing the installation. When you are finished, click Next.

  4. The Addresses to Secondary Site page appears. If you already have addresses configured for this site, select one. Alternatively, create one or more addresses to the new secondary site by clicking Yes, Create a new address, and then click Next. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f17_eps \!

  5. On the New Address to Parent Site page, select the sender address type that the secondary site will use when it contacts the parent site. Specify the destination site name, and then click Set to specify the account that you want the secondary site to use when it connects to the primary site. Click Next. INCLUDE c:\\smsopalus\\us\\print\\getstart\\art\\artmanuscript\\SMS_art06.doc art_sms_f18_eps \!

  6. On the Completing the Create Secondary Site Wizard page, review your choices. To change any selection or specification, double-click the item you want to change. Make the corrections, and then click Next until you return to the Completing the Create Secondary Site Wizard page. When you are ready to continue, click Finish.

After the secondary site has been installed and the site control file has been passed to the parent site, you can see the new secondary site displayed in the SMS Administrator console tree.

To install the SMS Administrator console and related tools, complete the following procedure.

  1. Ensure that the computer you want to use meets all the hardware and software requirements listed in the “Getting Started” chapter in the Microsoft Systems Management Server 2003 Concepts, Planning, and Deployment Guide. Log on to that server with an account that has local Administrative credentials.

  2. Insert the SMS 2003 product CD into the server’s drive, and then click Set up SMS 2003.

  3. On the Welcome page, click Next.

  4. On the System Configuration page, click Next.

  5. On the Setup Options page, select Install the SMS Administrator console and related tools, and then click Next.

  6. On the site server Information page, enter the name of the primary site server that the SMS Administrator console will initially connect to, and then click Next.

  7. Select any additional tools to install from SMS Administrator Console Installation Options, and then click Next.

  8. On the Completing the Systems Management Server Setup Wizard page, review the choices you have made throughout the setup process. To change any selection or specification, double-click the item you want to change. Make the change, and then click Next until you return to the Completing the Systems Management Server Setup Wizard page. When you are satisfied with your choices, click Finish. The SMS 2003 Administrator console installation on your computer is complete.

Configuring Your SMS Sites and Hierarchy

After you install SMS 2003, you must configure the new site. You begin the site configuration process by defining site characteristics and configuring site systems at a single site. After you configure individual sites, you can build an SMS site hierarchy by establishing intersite communications and attaching primary sites to form the site-reporting structure that you designed in the planning phase.

This section has step-by-step instructions for configuring your SMS site servers and site systems. It helps you configure your site up to the point of installing clients. For information about client installation, see Appendix I: “Discovering Resources and Deploying Clients.” For information about planning considerations, see “Planning to Deploy SMS 2003” earlier in this book. For configuration information about each SMS feature, see the Microsoft Systems Management Server 2003 Operations Guide.

After you install a primary or secondary site, you must configure the site boundaries and other site settings using the SMS Administrator console. In general, perform post-installation tasks in the following order:

  • Configure site security.

  • Specify all site configuration settings except for enabling client installation methods. In particular, assign site system roles, specify the IP subnets or Active Directory sites that define your site boundaries, enable and configure client agents, and enable resource discovery methods.

  • Configure addresses and senders and ensure that they are working properly.

  • Enable client installation methods.

  • Enable the Backup SMS Site Server task, and ensure that all other site monitoring and maintenance tasks are scheduled to run according to your plan.

Note

After installing SMS 2003 on Windows 2000 Server family operating systems, it is recommended that you update the computer’s emergency repair disk. This step backs up your registry and preserves the SMS registry keys created during installation. If you are using Windows Server 2003, you can create an Automated System Recovery Set using Backup following SMS setup.

After you install SMS, wait 30 minutes before opening the SMS Administrator console to configure your site. This waiting period allows the initial SMS configuration process to complete.

Configuring a Single Site

Configuring a single SMS site involves configuring security rights, site assignment, and site systems within the site.

After you install SMS 2003, you should first configure security for the new site. This approach prevents users from making unauthorized changes to the SMS system. After you configure security, you can then configure the boundaries of the site and the site systems that help run SMS on the site.

Configuring Site Security

To configure site security, implement the security plan you developed after reading Scenarios and Procedures for Microsoft Systems Management Server 2003: Security.

Configuring Site Assignment

To set the boundaries of a site, you must have Modify permissions to the Site object class or instance. Navigate to the site in the SMS Administrator console.

Systems Management Server
    Site Database (site code-site name)
        Site Hierarchy
            site code - site name

Right-click the site, and then click Properties. In the Properties dialog box, click the Site Boundaries tab, click the New icon, and then specify the type and ID of the IP subnet or Active Directory sites that you want to include in the site. Repeat this procedure for each subnet you want to include. By default, the subnet for the site server is listed on the Site Boundaries tab.

To set the roaming boundaries of a site, click the Roaming Boundaries tab, click the New icon, and then specify the IP subnets, IP address ranges, and Active Directory sites that you want to include in the roaming boundaries of the site. Repeat this procedure for each subnet, IP address range, or Active Directory site name you want to include. The boundaries that you specify are used by roaming clients to access distribution points that belong to the site.

For more information about configuring site boundaries, see SMS Help.

Configuring Site Systems

Configuring your site systems consists of the following tasks:

  • Preparing the site system computers

  • Creating the site systems in the SMS Administrator console and assigning the site system roles

Preparing Site System Computers

Before you create a site system, ensure that the computer you will use as a site system has the required disk space and other resources. For a list of the requirements for a site system, see the “Getting Started” chapter in the Microsoft Systems Management Server 2003 Concepts, Planning, and Deployment Guide. Ensure that users, services, and SMS client accounts have the permissions they need on the server or shared folder. For example, clients must be able to access CAPs and distribution points.

Note

If you prepare a Windows 2000 Server, Windows 2000 Advanced Server, Windows Server 2003, Standard Edition, or Windows Server 2003, Enterprise Edition, computer to be a CAP, ensure that at least one NTFS partition is available. SMS does not support CAPs on non-NTFS partitions.

Creating Site Systems

You create a site system by specifying the computer or shared folder to be used as the site system and assigning the site system roles to it. If you create a site system as a server share, you can assign the CAP or distribution point role to the server share. Create server shares when you want to control which NTFS partition SMS uses to store files. Management points, reporting points, and server locator points store their files in the IIS file structure and cannot be configured as server shares. When you create the site system, SMS installs the appropriate components on the computer, and the new site system begins performing its role in the SMS site. For a list of prerequisites for site systems, see Appendix E: "Appendix E - Designing Your SMS Sites and Hierarchy."

To create a site system, you must have Modify permissions for the SMS site. Navigate to Site Systems in the SMS Administrator console. Right-click Site Systems, click New, and then click either Server or Server Share. In the Properties dialog box, click Set, and then specify the identity of the site system. You can then assign the appropriate site system roles.

Assigning site system roles

After you prepare your site system computers, you can assign site system roles. By default, SMS assigns CAP and distribution point roles to the site server, but you can also assign these roles to other site systems.

Note

The process of assigning a site system role to a server is usually referred to as creating the <site system role>. For example, assigning the CAP role to a server is creating the CAP.

Creating CAPs, distribution points, management points, server locator points, and reporting points

To create a CAP, distribution point, management point, server locator point, or reporting point, you must have Modify permissions for the SMS site. To assign a site system role, navigate to Site Systems in the SMS Administrator console.

Systems Management Server
    Site Database (site code - site name)
        Site Hierarchy
            site code - site name
                Site Settings 
                    Site Systems 

Right-click the site system to which you want to assign a role, and then click Properties.

To assign the CAP point role, click the Client Access Point tab, and then select the Use this site system as a client access point check box. To remove the role from the site system, clear the check box.

Note

Every SMS site must have at least one CAP. When you install SMS, the site server is automatically configured as a CAP. However, the SMS administrator can move the CAP to another server if necessary.

To assign the distribution point role, click the Distribution Point tab, and select the Use this site system as a distribution point check box. To remove the role from the site system, clear the check box. You can also enable Background Intelligent Transfer Service (BITS) and manage the site system’s membership in distribution point groups. For more information about BITS and distribution point groups, see Chapter 5: “Distributing Software,” in the Microsoft Systems Management Server 2003 Operations Guide.

Note

To use BITS, the site system must have IIS installed and enabled. If you use the Microsoft IIS Lockdown Tool (Lislockd.exe) to increase security protection on a computer running IIS, be sure to apply it to the computer (using the SMS 2003-specific template) before enabling the computer as an SMS site system. This only applies to SMS site systems that require IIS components.

To assign the management point role, click the Management Point tab, and then select the Use this site system as a management point check box. In the Database box, select which SMS site database that you want to use. Typically, a site containing Advanced Clients will use only its default management point. To assign a default management point, navigate to Component Configuration in the SMS Administrator console.

If you are setting up a management point on a Network Load Balancing cluster, see your Windows Network Load Balancing documentation.

Note

During the operation of creating a management point, WMI is shut down, which might cause the SMS Administrator console to stop responding. If it does, close it, and open a new session.

Systems Management Server
    Site Database (site code - site name)
        Site Hierarchy
            site code - site name
                Site Settings
                    Component Configuration

Note

If your computer is running Windows Server 2003, Standard Edition, or Windows Server 2003, Enterprise Edition, you must verify that Bitssvr.dll, Getauth.dll, and Getpolicy.dll are enabled on the IIS security page. You must also enable Active Server Pages as a Windows component. For more information about enabling and installing IIS, see IIS Help.

To assign the server locator point role, click the Server Locator Point tab, and then select the Use this site system as a server locator point check box. In the Database box, select which SMS site database that you want to use.

To enable a reporting point, click the Reporting Point tab in the Site System Properties dialog box, and then select the Use this site system as a reporting point check box. In the Report folder box, type the name of the folder under the root folder for SMS 2003 to use for reporting. The default folder name is SMSReporting_site code. In the URL box, the URL that users can use to access reports appears as a read-only field. The URL is determined based on the site server name and the report folder name. For more information about creating reports, see Chapter 11, “Creating Reports,” in the Microsoft Systems Management Server 2003 Operations Guide .

Removing or reassigning roles and deleting site systems

You can remove the CAP, distribution point, management point, server locator point, and reporting point role from a site system by clearing the check box on the appropriate tab of the site system Properties dialog box. To reassign one of these roles to a different site system, remove it from the first site system and assign it to the next. You can reassign the SMS site database server roles to different servers by running SMS Setup to modify the site. For more information, see Appendix H: "Appendix H - Upgrading to SMS 2003." You cannot reassign the SMS Provider role.

Important

SMS does not support moving a remote database server to a local database server. When planning to move a local database server to a remote database server, it is important to remember that this operation is irreversible. For more information, see Scenarios and Procedures for Microsoft Systems Management Server 2003: Maintenance, Backup, and Recovery.

Even if you remove all the roles from a site system, it remains listed under Site Systems in the SMS Administrator console. The listing indicates that the site system is still available and can have roles assigned to it. To remove the site system from the Site Systems item of the console tree, you must delete it. All roles except CAP and distribution point must be removed before the site system can be deleted. To delete a site system, navigate to Site Systems in the SMS Administrator console. Right-click the site system you want to delete, click Delete, and then confirm that you want to delete the site system.

Caution

Before you delete a site system, ensure that deleting it will not remove any needed functionality from your site. You cannot delete the site server.

Manually Add SMS Site System Roles in Windows Internet Name Service

If you do not extend the Active Directory schema for SMS, your server locator point and management points are not published to Active Directory and you must manually register the server locator point (and any management points operating in a Network Load Balancing cluster) in Windows Internet Name Service (WINS).

Note

To have administrative rights to manage a WINS server, you must be logged on with a user account that has membership in the local WINS Users group. For Windows NT 4.0 Server, you must belong to the local Administrator group on that server.

For management points and server locator points requiring manual WINS registration, you should decide which method you will use to add the entries to your WINS database. For example, one method is running Netsh.exe from the command prompt on a computer running the Windows 2000 Server family. The following procedures use the Netsh.exe tool. For more information about how to manually add a dynamic WINS entry to a Windows 2000 WINS server using Netsh.exe, see article 233375 in the Microsoft Knowledge Base at http://support.microsoft.com. For information about using Winscl.exe for computers running Windows NT 4.0 Server, SP6a or later, see article 137582 in the Microsoft Knowledge Base at http://support.microsoft.com.

To manually add the server locator point entry to WINS
  1. At the command prompt, type netsh, and then press ENTER.

  2. Type wins, and then press ENTER.

  3. Type server, and then press ENTER. To manage a remote WINS server, type server [\\servername or XXX.XXX.XXX.XXX].

  4. Type the appropriate command, as in the following example:

    add name Name=SMS_SLP endchar=1A rectype=0 ip={static IP of your SLP}
To verify that the server locator point WINS entry was added correctly
  1. At the command prompt, type netsh, and then press ENTER.

  2. Type wins, and then press ENTER.

  3. Type server, and then press ENTER. To manage a remote WINS server, type server [\\servername or XXX.XXX.XXX.XXX].

  4. Type the appropriate command, as in the following example:

    show Name name=SMS_SLP endchar=1A
To manually add the Network Load Balancing cluster entry to WINS
  1. At the command prompt, type netsh, and then press ENTER.

  2. Type wins, and then press ENTER.

  3. Type server, and then press ENTER. To manage a remote WINS server, type server [\\servername or XXX.XXX.XXX.XXX].

  4. Type the appropriate command, as in the following example:

    add name name=NLB_<site code> endchar=1A rectype=0 ip={NLB Virtual IP Address}
To verify that the Network Load Balancing cluster WINS entry was added correctly
  1. At the command prompt, type netsh, and then press ENTER.

  2. Type wins, and then press ENTER.

  3. Type server, and then press ENTER. To manage a remote WINS server, type server [\\servername or XXX.XXX.XXX.XXX].

  4. Type the appropriate command, as in the following example:

    show Name name=NLB_<site code> endchar=1A

    The output is as follows:

    Name                  : NLB_<site code>       [1Ah]
    

NodeType : 1 State : ACTIVE Expiration Date : Infinite Type of Rec : UNIQUE Version No : 0 29c RecordType : STATIC IP Address : NLB Virtual IP Address Command completed successfully.

Note

Management points are automatically registered in the WINS record. However, if you are using a Network Load Balancing cluster, you must add the WINS entry. The WINS entry is MP_<site code>.

Configuring a Site Hierarchy

Configuring a site hierarchy consists of the following tasks:

  • Configuring site communications

  • Attaching primary sites

If your SMS site will not be part of a site hierarchy, you do not need to perform these tasks.

Configuring Site Communications

The first step in building an SMS site hierarchy is to ensure that the sites in the hierarchy can communicate.

For sites to communicate, the following criteria must be met:

  • Connectivity system software (such as LAN protocols or the Microsoft RAS Service) must already be installed and configured according to the connectivity system product documentation.

  • Each site must have the appropriate senders required by the connectivity system. For more information, see the “Installing and configuring senders” section later in this appendix.

  • Each site must have an address for every site it communicates with. For more information, see the “Configuring Addresses” section later in this appendix.

Installing and configuring senders

When you set up a primary site, Standard Sender is installed on the SMS site server and configured by default. If your site-to-site communications occur over a LAN that uses a supported protocol, you do not need to install another sender. You can edit Standard Sender settings if you want to change the maximum number of concurrent sends or the retry settings for the sender. Increasing the maximum number of concurrent sends can increase the throughput of data between sites, but it can also result in higher demand on network bandwidth. Edit the retry settings to specify the number of times that the sender retries a sending if the first attempt fails and how long it waits between retries.

To change the Standard Sender settings, navigate to Senders in the SMS Administrator console.

Systems Management Server
    Site Database (site code - site name)
        Site Hierarchy
            site code - site name
                Site Settings
                    Senders

In the details pane, right-click Standard Sender, click Properties, click the Advanced tab, and then change the settings.

If you need to use senders other than the Standard Sender, or if you want to move the Standard Sender off the site server, you must install and configure the senders. To move a sender from one server to another, you must delete the sender from the first server and install it on the second server. You can install multiple instances of a single sender type in an SMS site (two instances of Standard Sender, for example), but you can have only one sender of each type installed on a single site system (two instances of Standard Sender would have to run on different servers).

The process of installing and configuring senders consists of the following tasks:

  • Preparing servers for senders

  • Installing senders

  • Configuring senders

Preparing servers for sender installation

You can install senders on the site server or on other computers. Before you install a sender, the connectivity system between the sites must already be installed and configured on the server on which you install the sender. For more information about installing and configuring connectivity systems, see the applicable connectivity system product documentation, such as the Windows 2000 Server Help.

Preparing servers for Standard Sender

Ensure that the server on which you install the sender uses the same LAN protocols as the site servers for the destination sites. On the server where the sender will be installed, run the command prompt. Type net view \\servername (where servername is the name of a destination site server). If both servers use the same LAN protocols, the net view command produces either a list of shared folders, or, if you do not have permissions on the destination site server that you have Read permissions for, an “Access Denied” error message.

Preparing servers for RAS senders

Install Microsoft RAS on the source and destination sites. Create RAS phone book entries for the RAS servers on each destination site. On each destination site, create a user account that the RAS Sender on the site server can use and then grant the account Dial in and Dial out permissions in the RAS Administrator.

To prepare a server for SNA RAS Sender

  1. Check that Microsoft SNA Server is installed on computers in both the sending and destination sites. Make logical unit pair connections between these installations of SNA Server.

  2. On the server running SNA Server that you will install SNA Sender on, create an advanced program-to-program communications (APPC) local logical unit that the SNA sender and SNA receiver will use.

  3. On the destination sites, create an APPC local logical unit.

  4. The logical units on these sites are used by the current site’s SNA sender.

  5. Create a connection between the current site server SNA Sender logical unit (the local logical unit) and all destination site SNA Sender logical units (remote logical units). Create the connection on both sites.

The logical unit pair for both connections can use either #BATCH (batch) or #INTER (interactive) modes. For more information about local logical units, remote logical units, modes, and connections, see the SNA Server product documentation.

Installing senders

After you prepare the servers, you can install the senders. When you install a sender on a server, the server becomes a site system for the SMS site, if it is not already a site system. When the server becomes a site system, it is given the component server role and is listed under Site Systems in the SMS Administrator console. Before you install a sender, ensure that you know the name of the computer on which you want to install the sender.

To install a sender, you must have Modify permissions for the Site object type or for the individual site where you want to install the sender. To install the sender, navigate to Senders in the SMS Administrator console.

Systems Management Server
    Site Database (site code - site name)
        Site Hierarchy
           site code - site name
                Site Settings
                    Senders

Right-click Senders, select New, and then select the type of sender that you want to install. To finish installing the sender, complete the Properties dialog box.

To Install Courier Sender

  1. On the Start menu, click Programs.

  2. Click Systems Management Server, and then click SMS Courier Sender.

For more information about Courier Sender, see Courier Sender Help.

Configuring senders

To configure a sender, you must have Modify permissions for the Site object type or for the individual site in which you want to configure the sender. To configure the sender, navigate to Senders in the SMS Administrator console. Open the Properties dialog box for the sender that you want to configure. Click the Advanced tab, and then edit the settings that you want to configure.

Deleting senders

To delete a sender, you must have Modify permissions for the Site object type or for the individual site from which you want to remove the sender. To delete the sender, navigate to Senders in the SMS Administrator console. Right-click the sender that you want to remove, and then click Delete. The sender component is removed from the computer. If the sender was the only SMS component on the computer, the component server role disappears from the server’s entry under Site Systems. However, SMS will continue to list the computer as a site system, so that you can assign other roles to it.

Configuring Addresses

Each site must have an address for every site it communicates with.

Creating an address

To create an address, you must have Modify permissions for the Site object type or for the individual site where you want to create the address. Navigate to Addresses in the SMS Administrator console.

Systems Management Server
    Site Database (site code - site name)
        Site Hierarchy
            site code - site name
                Site Settings
                    Addresses

Right-click Addresses, click New, and then select the type of address that you want to create. In the Address Properties dialog box, type or enter the destination SMS site, the name of the site server for that site, and (for Standard Sender and RAS Sender addresses) the account to use for connecting to the destination site server.

Note

In advanced security, you cannot specify the destination site server account. Advanced security uses the computer account for this purpose.

To limit the number of times the address is operative or the amount of network bandwidth SMS can use, change the settings on the Schedule and Rate Limits tabs of the Address Properties dialog box.

*SPIn SMS 2003 SP1, you can limit the amount of data sent between sites to a fine level of granularity. This allows you to specify the size of the data blocks that are sent, and also to specify a time delay between each data block sent. This is called pulse mode.

Pulse mode is useful when you have a very low network bandwidth available between sites. For example, you might have constraints to send 1 KB every five seconds, but not 1 KB every three seconds, regardless of the speed of the link or its usage at a given time.

Configure settings for pulse mode in the properties of an address on the Rate Limits tab. This directly affects the amount and frequency of data transmission by each sender. *SP

Configuring an address

To configure an address, you must have Modify permissions for the Site object type or for the individual site where you want to configure the address. Navigate to Addresses in the SMS Administrator console. Open the Properties dialog box for the address that you want to modify, and then edit the settings.

To change the priority of an address, right-click the address whose priority you want to modify, and then click Increment Priority or Decrement Priority. Unless the address already has the highest or lowest priority of the addresses to the destination site, this increases or decreases the priority by one unit. When you modify the priority of an address, the position of the address is updated in the details pane of the SMS Administrator console.

Deleting an address

When you delete a sender from your site, the addresses that are related to the sender type are no longer operative. You can then delete the addresses for that sender type. In this way, you can delete addresses to sites that you do not want your site to communicate with. If you have multiple addresses to a destination site, you can delete redundant addresses when they become unnecessary.

Caution

Before you delete an address, ensure that deleting it will not break your site hierarchy.

To delete an address, you must have Modify permissions for the Site object type or for the individual site that you want to remove the address from. Navigate to Addresses in the SMS Administrator console. Right-click the address that you want to remove, and then click Delete.

Using multiple addresses to destination sites

To create multiple addresses to a single destination site, navigate to Addresses in the SMS Administrator console. Right-click Addresses, select New, and then select the type of address that you want to create.

To enable SMS to use more than one address to a site simultaneously, you can specify the number of concurrent sends for the sender that uses the address. The maximum number of concurrent sends is the maximum number of addresses for that sender type that SMS can use simultaneously. To specify the maximum concurrent sends, navigate to Senders in the SMS Administrator console.

Systems Management Server
    Site Database (site code - site name)
        Site Hierarchy
            site code - site name
                Site Settings
                    Senders

Open the Properties dialog box of the sender that you want to configure, and then click the Advanced tab. To specify the maximum number of addresses for sender types that SMS can use simultaneously, click Maximum concurrent sends per site. To specify the maximum number of addresses for sender types that SMS can use simultaneously to send data to any number of sites, click Maximum concurrent sends for all sites.

Attaching Primary Sites

To specify a parent site for a site, you must have Modify permissions for the child site. If you want to specify a parent for the site, ensure that you know the parent’s site code. To set the parent site or change the site to a central site, navigate to the site in the SMS Administrator console.

Systems Management Server
    Site Database (site code-site name)
        Site Hierarchy
            site code - site name

Right-click the site, and then click Properties. On the General tab, click Set Parent Site. In the Set Parent Site dialog box, select whether you want the site to be a central site or report to a parent site. To specify a parent site, select or type the site code of the parent to which you want the site to report.

Note

If you change the position of a site in the hierarchy, the new position of the site appears in the SMS Administrator console after SMS Hierarchy Manager processes the change. Until the change is complete, SMS marks the site Pending.

Extending the Active Directory Schema

To extend the Active Directory schema for SMS 2003, you must be a member of the Schema Administrator group. You also need to enable the extension of the Active Directory schema on domain controllers running Windows 2000. Enabling the extension of the Active Directory schema for SMS is not required for Windows Server 2003 domain controllers.

Caution

Modifying the Active Directory schema is an advanced operation that is best performed programmatically by experienced programmers and system administrators. For more information about modifying the Active Directory schema, see The Active Directory Programmer’s Guide.

You can extend the Active Directory schema during SMS setup or by using the command-line tool ExtADSch.exe. You can find ExtADSch.exe in the \SMSSETUP\BIN\I386 folder on the SMS 2003 product CD. Running the tool creates four classes and ten attributes in Active Directory. For more information about Active Directory planning issues, see Active Directory Planning earlier in this book.

Before SMS 2003 can integrate with Active Directory, appropriate security privileges must be set.

Note

You must register Schmmgmt.dll before you access the Active Directory Schema snap-in. At the command prompt, type Regsvr32 schmmgmt.dll. You can find Schmmgmt.dll on the Windows 2000 Server and Windows Server 2003 CD. You can also obtain this .dll by running Adminpak.msi to install the Windows Admin Pack.

To set appropriate security permissions

  1. On the taskbar, click the Start button, and then click Run.

  2. Type mmc, and then click OK.

    The MMC Console1 window appears displaying a blank snap-in.

  3. On the Console menu, click Add/Remove Snap-in.

    The Add/Remove Snap-in dialog box appears.

  4. Click Add.

    The Add Standalone Snap-in dialog box appears displaying all available snap-ins. Under Snap-in, select Active Directory Schema, and then click Add.

  5. Click Close.

    The Add/Remove Snap-in dialog box appears displaying the Active Directory Schema snap-in that was added.

  6. Click OK.

    The MMC Console1 window appears displaying the Active Directory Schema snap-in.

  7. In the console tree, right-click Active Directory Schema, and then select Operations Master.

    The Change Schema Master dialog box appears.

  8. Click The Schema may be modified on this Domain Controller, and then click OK.

    The MMC Console1 window appears displaying the Active Directory Schema snap-in.

  9. On the Console menu, click Exit.

    A Microsoft Management Console message box appears prompting you to save the changes to Console1.

  10. Click No, opting not to save the console settings.

You have now configured the computer so that the Active Directory schema can be extended.

To extend the Active Directory schema using ExtADSch.exe

  1. At the command prompt, type ExtADSch.

  2. Press ENTER.

The ExtADSch.exe tool does not display output at the command prompt. However, it generates a log file, named ExtADSch.log, which you can find at the root of the system drive.

Note

After you extend the Active Directory schema, it is important that you allow enough time for the Active Directory replication to discover all Active Directory containers throughout the enterprise. For more information, see Windows 2000 Server Help.

Class common names that can be implemented and used by SMS 2003 sites include the following:

  • MS-SMS-Management-Point

  • MS-SMS-Server_Locator-Point

  • MS-SMS-Site

  • MS-SMS-Roaming-Boundary-Range

Attribute common names that can be implemented and used by SMS 2003 sites include the following:

  • MS-SMS-Site-Code

  • MS-SMS-Assignment-Site-Code

  • MS-SMS-Site-Boundaries

  • MS-SMS-Roaming-Boundaries

  • MS-SMS-Default-MP

  • MS-SMS-Device-Management-Point

  • MS-SM-MP-Name

  • MS-SMS-MP-Address

  • MS-SMS-Ranged-IP-Low

  • MS-SMS-Ranged-IP-High

You can verify the extension of the Active Directory schema by using the Active Directory Schema snap-in for the MMC or using the ADSIEdit.msc tool. For more information about extending the Active Directory schema for SMS 2003, see the white paper “Active Directory Schema Modification and Publishing” available from the SMS webpage.

Creating SMS Containers in Active Directory

To create containers in Active Directory, after extending the schema, the SMS Service Account must be a member of the Administrator group to be able to create the System Management container and its child objects. Another option is to manually create the System Management container in Active Directory by using the ADSIEdit.msc tool.

Note

To access the ADSIEdit.msc tool, you must install the Windows 2000 Support Tools. To install these tools, run 2000RKST.msi in the \Support\tools folder on the Windows 2000 Server installation CD. For more information, see the Windows 2000 Help.

If you are using advanced security mode, grant the SMS Service Account or the computer account rights to the System Management container. It is required that full rights are granted to this object and child objects.

For more information about SMS 2003 security accounts, see Scenarios and Procedures for Microsoft Systems Management Server 2003: Security. For more information about Active Directory, see the Active Directory Help.

To set security on the System Management container

  1. Start the Active Directory Users and Computers administrative tool.

  2. On the View menu, click Advanced Features.

  3. In the tree view, select the System container for the domain.

  4. Expand the System container, right-click the System Management container, and then select Properties.

  5. On the Security tab, click Add.

  6. If the site is using advanced security, click Object Types in the Select Users, Computers, or Groups dialog box.

  7. Select the Computers check box, and then click OK.

  8. Enter the SMS Service account for standard security or the computer name for the site server for advanced security, and then click OK.

  9. In the System Management Properties dialog box, select the Full Control check box.

  10. Click Advanced, select the SMS Service account or computer account, and then click Edit.

  11. In the Apply onto list, select This object and all child objects and select Allow for the Modify Permissions permission.

  12. Click OK to close the dialog boxes.