Microsoft System Center Configuration Manager 2007

I recently had an important client who asked me to install Microsoft System Center Configuration Manager 2007 (SCCM) and configure it to deploy Windows Server 2008 and Windows Server 2003—all within a day. Although I accomplished the task, I hit some bumps along the way. In this article I share the process I followed, the problems I encountered, and the solutions I employed. Because this is a high-level overview of OS deployment through SCCM, I don’t discuss SCCM installation. The article assumes that you already have SCCM 2007 installed, as well as a working knowledge of it. (For information about SCCM, see the Learning Path.)

Getting Started
Before you try to deploy an OS, you need to ensure that your environment is healthy.

• Check for errors in your SCCM site systems. Open SCCM and navigate to Site Database, System Status, Site Status. Under the site's name, view the Component Status and Site System Status areas, as Figure 1 shows. If you encounter any problems, view the error messages, then resolve the errors. You can also check C:\Program Files\Microsoft Configuration Manager\Logs to see detailed messages about many of the components.
• Make sure you have site boundaries defined. Open SCCM and navigate to Site Database, Site Management. Under the site’s name, select Site Settings, Boundaries.
• Make sure you have a distribution point and management point enabled. Open SCCM and navigate to Site Database, Site Management. Under the site’s name, select Site Settings, Site Systems.
• Install Windows Deployment Services (WDS) on the SCCM server that will be the Preboot Execution Environment (PXE) boot point. Don't try to configure WDS directly; SCCM does all the configuration work. Install WDS with zero configuration.
• Use the Microsoft Management Console (MMC) DHCP snap-in to authorize the WDS (SCCM) server in Active Directory (AD) for DHCP. Most likely, the SCCM server isn’t the DHCP server. However, you shouldn’t need to set scope options on the DHCP server to point to SCCM for PXE. If you have multiple networks and your routers are forwarding packets correctly, your clients should be able to receive responses. Alternatively, you can use DHCP option 67 to set your boot image to a value of \SMSBoot\x86\wdsnbp.com and option 66 to your SCCM server’s Fully Qualified Domain Name (FQDN) to force DHCP to tell clients the SCCM server.
• Create a standard AD user account for the network access account. Open SCCM and navigate to Site Database, Site Management. Under the site’s name, select Site Settings, Client Agents, Computer Client Agent. Configure the account in the Computer Client Agent Properties dialog box, as Figure 2 shows. Make sure the account is a local administrator account on the SCCM server, or at least give the account rights to the smspxeimages$ share and make it a member of the SMSAdmins group. Otherwise, when clients boot from PXE they won't have permission to read the Windows Preinstallation Environment (WinPE) files from the share. For more information about best practices for the network access account, see the Microsoft article “About the Network Access Account.”

For more OS deployment tips, see the Microsoft Operating System Deployment Checklists website.

Configuring the SCCM Server for OS Deployment
The first step in OS deployment is to prepare the server for the OS images.

1. Create a folder and share to store the Windows Imaging Format (WIM) files. Copy the files into this folder, giving them useful names (e.g., vistasp1x86.wim rather than install.wim).
2. Import the WIM files from the share into the Operating System Deployment portion of the SCCM management console. Note that by default, if you import a WIM file that has multiple images in it, SCCM uses the name of the first image (e.g., Windows Vista Business) to name the entire group of imported images. A better alternative is to use a more meaningful name, such as Windows Vista SP1 x86.
3. Add a distribution share for the new images.
4. Add a PXE distribution point for each of the boot images. (By default, SCCM already has the boot images for x86 and x64 that contain the WinPE environment; however, no distribution points are assigned to these images.)
5. Enable PXE boot capability on the SCCM server. Open SCCM and navigate to Site Database, Site Management. Under the site’s name, select Site Settings, Site Systems, PXE Service Point. Then, enable the PXE site role to open various ports in your firewall.