MicrosoftSCCMUncategorizedWindows 10

SCCM Clean Install Guide | Server 2022, ConfigMgr 2103, SQL 2019 Replacing Existing ConfigMgr

Todays the day, I’ve deiced to rebuild our 5yr+ old sysctr server that’s built on 2012R2. Here I wanted to document the process on bring up a new instance side by side with the existing server.

The only thing missing from this which I already have configured from our previous SCCM setup is AD Schema. Great guide here.

Server Setup

My specs are overkill but I have a lot of headspace in my vSphere setup.

  • Server 2022
  • 32 CPU’s
  • 48GB Ram
  • C: 150GB (OS)
  • D: 1TB (DATA)
  • E: 150GB (SQL)
  • 10GB NIC

Software Downloads

Active Directory Schema Extension

If your doing a new install you’ll need to complete this step. Since I already have a server, I’ll be skipping it.

ADSI Edit | System Management Container

This should already exist since we have a previous version installed. If not you’ll need to create it. Here I’ll just be adding the new server along side the old. We’ll need to come back here and remove the old server once migration is complete.

It’s OK to have more then 1 server in System Management with Full Access

Open up ADSIEdit, on your domain controller.

Expand the structure tree Domain > CN=System Management. You should see your existing server.

ADSI Edit System Management

Right Click > Select Properties then select the Security tab.

Security Settings for System Management

We need to Add our new server and Grant Full Control permissions. You need to change the object types to include computers. Hold off on clicking apply and and OK.

Added Computer with Full Control

Click Advanced, double click the new server (SCCM$ for me) and change Applies to: This object and all descendant objects.

Advanced Permissions for the new server

Done!

Install SQL Server 2019

I’m installing this on my SCCM server. Perfect world it should live on a separate box. Since our vSphere environment is all flash storage I don’t see a reason to build it elsewhere.

Note: Great time to take a snapshot before we start installing incase you need to role back.

Open up the ISO we downloaded (SW_DVD9_NTRL_SQL_Svr_Standard_Edtn_2019Dec2019_64Bit_English_OEM_VL_X22-22109) and run the setup.exe file.

Inside the SQL ISO

Select Installation then New SQL Server stand-alone installation or add features to an existing installation.

SQL Server Installation Center

Next page is the Product Key page. Put in your license key in if you have one otherwise select evaluation. Next.

Product Key Tab

Go ahead and Agree to the license, and Use Microsoft Update to check for updates (recommended). Keep going until you get to the Install Rules page.

On the Install Rules page you’ll receive a warning about the Windows Firewall. You can see a list of the ports here. We’ll configure these in the next step.

Warning on Install Rules – Windows Firewall

The necessary TCP / UDP ports required to pen are ports 1433,1434,4022,135. Lets configure these via PowerShell. Open Powershell (don’t forget to run as admin) and paste the following:

EDIT: Open up PowerShell ISE and paste the rules there. For some reason pasting them into PowerShell removes the quotes breaking the command.

New-NetFirewallRule -DisplayName “SQL Server” -Direction Inbound –Protocol TCP –LocalPort 1433 -Action allow
New-NetFirewallRule -DisplayName “SQL Admin Connection” -Direction Inbound –Protocol TCP –LocalPort 1434 -Action allow
New-NetFirewallRule -DisplayName “SQL Database Management” -Direction Inbound –Protocol UDP –LocalPort 1434 -Action allow
New-NetFirewallRule -DisplayName “SQL Service Broker” -Direction Inbound –Protocol TCP –LocalPort 4022 -Action allow
New-NetFirewallRule -DisplayName “SQL Debugger/RPC” -Direction Inbound –Protocol TCP –LocalPort 135 -Action allow
Adding Firewall Rule

Next tab, Feature Selection, select Database Engine Services and Full-Text and Semantic Extractions

SQL Feature Selection

Now click next to Instance Configuration. You can leave this default but I’ll be changing it to to a more unique identifier. Named Instance will be set as MYSQLSCCM.

Naming MYSQL Instance

Server Configuration tab I’ll use a sccm service account. If you haven’t done so create one. This will be for the SQL server agent and SQL server database engine.

Be sure to add the service account to the Domain Admins and Administrators group.

Service Account Groups
Server Configuration with SCCM service account

TIP: It’s Friday (I know shouldn’t be doing any changes on Fridays) but don’t forget when you create the service account to uncheck “User must change password on next login” Took me a bit to figure out why the account wouldn’t connect.

Error with invalid credentials. Oops forgot to uncheck user must change password on next login.

Next, for Authentication Mode, keep Windows authentication mode selected, and at the bottom click Add Current User. I’m also adding Domain Admins group.

Database Engine Configuration – Windows Authentication

Data Directories tab we’ll change the Data root directory to the E Drive I created for SQL.

Data Directory

TempDB tab, double check to make sure it’s also pointing to E. It should of changed automatically.

Data Directory and Log Directory

Looks like we’re ready to install! Go ahead and click install. It will take a few minutes to complete.

Ready to Install
Install successful

Looks like everything install correctly!

Tip: Taking another snapshot.

Taking vSphere snapshot

Install SQL Server Management Studio (SSMS)

Now we have SQL installed we need a way to view our databases. This is what SSMS does.

Run the file (SSMS-Setup-ENU) we downloaded earlier. Should only take a few minutes.

Install

Once complete, reboot.

Restart after install

Install Windows ADK 11

Windows Assessment and Deployment Kit (aka ADK) consists of the tools designed to help deploy operating systems to the target.

Lets run adksetup.exe

Specify Location

Click Next until you get to the Select the features you want to install screen.

Now make sure the following are selected.

  • Deployment Tools
  • Imaging And Configuration Designer (ICD)
  • Configuration Designer
  • User State Migration Tool (USMT)
  • Windows Performance Toolkit
  • Microsoft User Experience Virtualization (UE-V) Template
  • Microsoft Application Virtualization (App-V) Sequencer
  • Microsoft Application Virtualization (App-V) Auto Sequencer
Select the necessary features to install

Let the install finish then move onto WinPE.

Install Windows Assessment and Deployment Kit Windows Preinstallation Environment Add-ons

Here is another critical piece to SCCM. ADKWinPE consists of the boot images required for operating system deployment (OSD). Let’s run adkwinpesetup.exe we downloaded earlier.

Specify Location

Click Next until you get to the Select the features you want to install section. Make sure Windows Reinstallation Environment (Windows PE) is checked.

Selecting install features

That’s it for WinPE.

Install SCCM Prerequisites

Now lets install the server roles necessary to install Configuration Manager Server.

On your SCCM server, open up Server Manager and click Add roles and features.

Select Features from the side bar. Enable the following:

  • .NET Framework 3.5 Features
  • Background Intelligent Transfer Service (BITS)
  • Remote Differential Compression
Install Features

Select Next twice until you get to Role Services under Web Server Role (IIS). Make sure the following are checked.

  • Performance
    • Dynamic Content Compression
  • Security
    • Windows Authentication
  • Application Development
    • .NET Extensibility 3.5
    • .NET Extensibility 4.8
    • ASP.NET 3.5
    • ASP.NET 4.8
    • ISAPI Filters
  • Management Tools
    • IIS 6 Management Compatibility
      • IIS 6 Management Console
      • IIS 6 Metabase Compatibility
    • IIS Management Scripts and Tools
Install the following services

Once complete we’ll move onto SCCM.

Block SCCM Access to C:\

ConfigMgr you can create a file called NO_SMS_ON_DRIVE.SMS. This prevents site system role component installation on the drive you place it in. You can find more great info on this here.

Open up Notepad (run as admin) and click Save As. Leave the file black. Save the file name as NO_SMS_ON_DRIVE.SMS. To achieve this don’t forget to change the Save as type: to All types.

Repeat this for the SQL drive we created also.

Tip: It’s been awhile since we did a snapshot right? Why not do another one? It’s free!

Install Configuration Manager

Now to really get our hands dirty! Lets install Microsoft Endpoint Configuration manger! I downloaded this earlier via VLSC (Volume Licensing Service Center) but you can use the link near the top to download an evaluation copy, good for 180 days.

Double click to open and mount SW_DVD5_MEM_ConfigMgrClt_ML_2103_MultiLang_ConfMgr_MLF_X22-62366.iso.

Run splash

The Microsoft Endpoint Configuration Manger wizard will start. Click Install.

Starting the install running splash.hta

Let’s begin

Before you Begin

For my setup since I’m just replacing my existing server and starting over I’ll be selecting the first option, Install a Configuration Manger Primary Site.

Setup Options

Now the Product Key page, I’m going to install my key. You can select the evaluation edition if you don’t have one.

License Key

Accept all those lovely license terms. Don’t forgot to read them all 😉

Product License Terms

Prerequisite Downloads, I’ll just set this to my D: DATA drive. Make a new folder D:\prerequisite_downloads.

Prerequisite Downloads

Wait for the downloads to finish.

Downloading prerequisite downloads

Server Language Selection, choose which ever you require. Do the same for the Client Language Selection.

Language Selection

Site and Installation Settings we need to specify the following: Site Code, Site Name, and Installation folder. The site code can only be 3 characters/numbers. Since I have an existing system, it must be different then my previous site. This will avoid a lot of headaches.

Change the default Installation folder to the D: drive.

Site and Installation Settings

Primary Site Installation, I’m treating this a primary stand alone.

Primary Site Installation

Database Information, set the Instance Name to the one we created earlier. (MYSQLSCCM)

Database Information

Database Information, looks like it automatically remembered we’re using our E:.

Database Information

SMS Provider Settings is the FQDN of the server we’ll be using. Should of auto populated for you.

SMS Provider Settings

Client Computer Communication Settings – We will select Configure the communication method on each site system role, then Next.

Client Computer Communication Settings

Site System Roles, make sure both boxes are checked.

Site System Roles

Read the Diagnostic and Usage Data page. 😉

Diagnostic and Usage Data

Service Connection Point Setup, by default Yes, Let’s get connected (recommended). Next.

Service Connection Point Setup

Settings Summary, take a look and make sure everything looks correct. Then click Next.

Prerequisite Check, this will take a little bit to run. Once it’s complete make sure nothing has Failed. If anything has you need to correct it.

I’ve corrected everything except for WSUS. I’m going to ignore this as I won’t be using SCCM to manage windows updates.

Prerequisite Check warnings

Let’s click Begin Install.

Install progress
Install Complete!

Done!

Remember as your setting up the new instance, don’t have overlapping boundaries!

Enjoy!

Tip: Don’t forget to remove all the snapshots we took.

  • After you’re done building out your server:
  • Remove previous server from ADSI System Management
  • Update your PXE Boot Options in DHCP (Option 066 Boot Server Host Name) to the new IP.

Show More

Cory Fiala

Technology and outdoor enthusiast. Currently the sole systems administrator for a local K-12 school district with 800+ staff and 5,500+ students. I support windows servers (2012R2-2022), Linux systems (FreeBSD and Ubuntu), along with vSphere (4 node cluster). Total is almost 60 virtual machines and 8 physical servers. This doesn't include my personal homelab.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button