Deploying Configuration Manager Current Branch with PKI - Step by Step
Deploying Configuration Manager Current Branch with PKI - Step by Step
About the Book
This book covers the entire end-to-end planning, installing, updating, configuring and deploying a complete system with a full PKI infrastructure to boot! That element alone, documented in Chapter 2, cannot be overemphasized and is worth the cost of the book all by itself! When I was looking into the implementation of the then-new and shiny Internet Based Client Management (IBCM) feature many years ago, all I knew of PKI was how to spell it. I would have given anything for this information back then. For you, it’s all crystal clear, and found right here in chapter 2.
Beyond that element, you will first see listed out all the prerequisites necessary, the various roles and features to be implemented, the black magic that is SQL Server, your domain configurations clearly explained and necessary (which will keep your Domain Admins away from your desk!), and then walk you through how to install it all. You’ll then end up with SSL security, the MDT Toolkit fully integrated, updated to Current Branch 1710, initial configuration settings applied, and clients deployed. In other words, you’ll create a completely functional system with all of the latest-and-greatest. If you’re naturally lazy like me, and you don’t particularly want to go through all of this yourself but just want it DONE so you can get on with it, guess what? There’s a SCRIPT to do it all FOR you!!!
Lastly, the authors’ then go on to also manage all of that hocus-pocus called networking! I never pretended to be a network engineer. As far as I’m concerned, they all live in a foreign land complete with its own language. NAT? Wasn’t that a famous singer back in the day??? What’s that got to do with anything? Well, in a simple-to-follow procedure in the prerequisites section, they make it all clear, and why.
Table of Contents
Foreword by: Ed Aldrich iii
Acknowledgements iv
From Dave iv
About the Authors v
Dave Kawula - MVP v
Allan Rafuse – MVP vi
Cristal Kawula – MVP vii
Emile Cabot - MVP viii
Technical Editors ix
Cary Sun – CCIE #4531 (Future Microsoft MVP) ix
Contents xi
Introduction 16
North American MVPDays Community Roadshow 16
Sample Files 17
Additional Resources 17
Chapter 1 19
Pre-Requisites 19
Lab Server Names 19
Building the Lab with BigDemo_CM.PS1 21
Enable Routing in the Lab 25
Software Requirements 39
Configure Certificate Authority to Support SHA256 certificates 40
Create Configuration Manager Groups and Users 41
Configuration Manager Service Accounts Required for Build 43
Chapter 2 45
Configuring PKI for Configuration Manager Current Branch 45
Create and Issue Web Certificates 45
Enroll Web Certificate on the site server 52
Create and Issue Windows Client Certificate 58
Create and issue the Workstation Authentication certificate template on the certification authority 60
Configure Autoenrollment of the Workstation Authentication Template by using Group Policy 66
Automatically enroll the Workstation Authentication certificate and verity its installation on computers 69
Deploy the Client Certificate to Distribution Points 71
Create and issue a custom Workstation Authentication certificate on the Certificate Authority 71
Request the custom Workstation Authentication Certificate on the Distribution Points 78
Export the Client Certificate for the rest of the Distribution Points 82
Chapter 3 86
Install required Roles and Features 86
Using the ConfigMgr Prerequisites Tool 3.01 86
Download and Install the ConfigMgr Prerequisite Tool 87
Install the core Features / Roles for a Single Primary Site Server 89
Install the core Features / Roles for a Management Point 90
Install the core Features / Roles for a Distribution Point 91
Download and Install Windows ADK for Windows 10, version 1709 92
Install WSUS Role 93
Add a 2 VHDx drives to the Config MGR Server for the Site Server and SQL Install 95
Chapter 3 104
Install SQL Server 2016 SP1 104
SQL Server Service Accounts 104
Configure SQL Firewall Port Exceptions 105
Install Default Instance of SQL 2016 SP1 109
Download and Install SQL Server Managemetn Studio (SSMS) 118
Configure SQL Server Memory Limits 120
Chapter 5 124
Configure Domain Settings 124
Configure Firewall Group Policy for Configuration Manager Client Communication 124
Mount Configuration Media on Site Server 130
Extend AD Schema 132
Create System Management Container 134
Chapter 4 140
Install Configuration Manager Current Branch 1702 140
Configure SSL Bindings 140
Install MDT 2013 Update 2 build 8443 145
Configure No_SMS_on_Drive.sms 149
Install Site Server Role 150
Register CMTrace as the Default Log Viewer 162
Perform MDT Integration with CM 163
Verify Console Status and System Health 166
Chapter 5 168
Update to Configuration Manager Current Branch 1710 168
Upgrade to Current Branch 1710 using In-Console Upgrade 168
Chapter 6 178
Configuring Initial Site Settings 178
Enable Discovery Methods 178
Configure the Subnets in AD Sites and Services 183
Configure Boundaries 185
Configure Boundary Groups 187
Configure Client Push Installation Settings 190
Chapter 7 192
Deploy Clients 192
Configure Client Push Installation Settings 192
Deploy Clients to the Lab 194
Appendix 199
BigDemo_CM.PS1 199
Contact Info 215
Join us at MVPDays and meet great MVP’s like this in person 215
Live Presentations 215
Video Training 215
Live Instructor-led Classes 216
Consulting Services 216
Twitter 217
Other books by these authors
Authors have earned$10,098,681writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.
Learn more about writing on Leanpub
The Leanpub 45-day 100% Happiness Guarantee
Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
See full terms
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers), EPUB (for phones and tablets) and MOBI (for Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
Top Books
C++20
Rainer GrimmC++20 is the next big C++ standard after C++11. As C++11 did it, C++20 changes the way we program modern C++. This change is, in particular, due to the big four of C++20: ranges, coroutines, concepts, and modules.
The book is almost daily updated. These incremental updates ease my interaction with the proofreaders.
A Guide to Artificial Intelligence in Healthcare
Dr. Bertalan MeskoCan we stay human in the age of A.I.? To go even further, can we grow in humanity, can we shape a more humane, more equitable and sustainable healthcare? This e-book aims to prepare healthcare and medical professionals for the era of human-machine collaboration. Read our guide to understanding, anticipating and controlling artificial intelligence.
Atomic Kotlin
Bruce Eckel and Svetlana IsakovaFor both beginning and experienced programmers! From the author of the multi-award-winning Thinking in C++ and Thinking in Java together with a member of the Kotlin language team comes a book that breaks the concepts into small, easy-to-digest "atoms," along with exercises supported by hints and solutions directly inside IntelliJ IDEA!
Introducing EventStorming
Alberto BrandoliniThe deepest tutorial and explanation about EventStorming, straight from the inventor.
C++ Best Practices
Jason TurnerLevel up your C++, get the tools working for you, eliminate common problems, and move on to more exciting things!
Ansible for DevOps
Jeff GeerlingAnsible is a simple, but powerful, server and configuration management tool. Learn to use Ansible effectively, whether you manage one server—or thousands.
Everyday Rails - RSpecによるRailsテスト入門
Junichi Ito (伊藤淳一), AKIMOTO Toshiharu, 魚振江, and Aaron SumnerRSpecを使ってRailsアプリケーションに信頼性の高いテストを書く実践的なアドバイスを提供します。詳細で丁寧な説明は本書のオリジナルコンテンツです。また、説明には実際に動かせるサンプルアプリケーションも使用します。本書は2017年版にアップデートされ、RSpec 3.6やRails 5.1といった新しい環境に対応しています!さあ、自信をもってテストできるようになりましょう!
The Hundred-Page Machine Learning Book
Andriy BurkovEverything you really need to know in Machine Learning in a hundred pages.
Composing Software
Eric ElliottAll software design is composition: the act of breaking complex problems down into smaller problems and composing those solutions. Most developers have a limited understanding of compositional techniques. It's time for that to change.
R Programming for Data Science
Roger D. PengThis book brings the fundamentals of R programming to you, using the same material developed as part of the industry-leading Johns Hopkins Data Science Specialization. The skills taught in this book will lay the foundation for you to begin your journey learning data science. Printed copies of this book are available through Lulu.
Top Bundles
- #1
Software Architecture for Developers: Volumes 1 & 2 - Technical leadership and communication
2 Books
"Software Architecture for Developers" is a practical and pragmatic guide to modern, lightweight software architecture, specifically aimed at developers. You'll learn:The essence of software architecture.Why the software architecture role should include coding, coaching and collaboration.The things that you really need to think about before... - #2
All the Books of The Medical Futurist
6 Books
We put together the most popular books from The Medical Futurist to provide a clear picture about the major trends shaping the future of medicine and healthcare. Digital health technologies, artificial intelligence, the future of 20 medical specialties, big pharma, data privacy, digital health investments and how technology giants such as Amazon... - #3
Cisco CCNA 200-301 Complet
4 Books
Ce lot comprend les quatre volumes du guide préparation à l'examen de certification Cisco CCNA 200-301. - #4
Linux Administration Complet
4 Books
Ce lot comprend les quatre volumes du Guide Linux Administration :Linux Administration, Volume 1, Administration fondamentale : Guide pratique de préparation aux examens de certification LPIC 1, Linux Essentials, RHCSA et LFCS. Administration fondamentale. Introduction à Linux. Le Shell. Traitement du texte. Arborescence de fichiers. Sécurité... - #5
Learn Git, Bash, and Terraform the Hard Way
3 Books
Learn Git, Bash and Terraform using the Hard Way method.These technologies are essential tools in the DevOps armoury. These books walk you through their features and subtleties in a simple, gradual way that reinforces learning rather than baffling you with theory. - #6
PowerShell
3 Books
Buy every PowerShell book from Adam Bertram at a 20% discount! - #7
Software Architecture and Beautiful APIs
2 Books
There is no better way to learn how to design good APIs than to look at many existing examples, complementing the Software Architecture theory on API design. - #8
9 Books-Bundle: Shut Up and Code!
9 Books
"Shut up and code." Laughter in the audience. The hacker had just plugged in his notebook and started sharing his screen to present his super-smart Python script. "Shut up and code" The letters written in a white literal coding font on black background was the hackers' home screen background mantra. At the time, I was a first-year computer... - #9
CCDE Practical Studies (All labs)
3 Books
CCDE lab - #10
Modern C++ by Nicolai Josuttis
2 Books