Skip to main content

Posts

Showing posts from February, 2016

SCCM with WSUS in DMZ serving Internet Facing clients

SCCM with WSUS in DMZ serving Internet Facing clients Overview: This Blog will document at a high level my experience of implementing a 'Software Update Point' on a site server in our DMZ to serve SCCM clients (including Workgroup servers) on the Internet. It will explain the implementation process as well as expected behaviour by diving into the log files on both the site server and client. Please ask questions in the comments field; and I will update the main narrative in response. Architectural design overview One Primary site server on Internal network One Site system Server within DMZ Ports opened on firewall to allow servers to communicate. Configured with the following System roles: Management point Distribution point Software update point Work group servers within the DMZ/Internet facing clients only The Site system Server within DMZ had the WSUS role installed through 'Server Manager' console. Within IIS a webserver certificate was

SCCM with WSUS in DMZ serving Internet Facing clients

SCCM with WSUS in DMZ serving Internet Facing clients Overview: This Blog will document at a high level my experience of implementing a 'Software Update Point' on a site server in our DMZ to serve SCCM clients (including Workgroup servers) on the Internet. It will explain the implementation process as well as expected behaviour by diving into the log files on both the site server and client. Please ask questions in the comments field; and I will update the main narrative in response. Architectural design overview One Primary site server on Internal network One Site system Server within DMZ Ports opened on firewall to allow servers to communicate. Configured with the following System roles: Management point Distribution point Software update point Work group servers within the DMZ/Internet facing clients only The Site system Server within DMZ had the WSUS role installed through 'Server Manager' console. Within IIS a webserver certificate was added to the binding port 853

SCCM Microsoft DHCP Policy items

Microsoft DHCP Policy items Within Policy right click: Define New vendor classes Add PXEClient (EUFI x64) Sends out out in dhcp request the type of hardware it is PXEClient (EUFI x64) Description: PXEClient:Arch:00007 ASCI PXEClient:Arch:00007 ########################### PXEClient (EUFI x86) Description: PXEClient:Arch:00006 ASCI PXEClient:Arch:00006 ########################## PXEClient (BIOS x86 & x64) Description: PXEClient:Arch:00000 ASCI PXEClient:Arch:00000 ########################### Create new Policy

SCCM Microsoft DHCP Policy items

Microsoft DHCP Policy items Within Policy right click: Define New vendor classes Add PXEClient (EUFI x64) Sends out out in dhcp request the type of hardware it is PXEClient (EUFI x64) Description: PXEClient:Arch:00007 ASCI PXEClient:Arch:00007 ########################### PXEClient (EUFI x86) Description: PXEClient:Arch:00006 ASCI PXEClient:Arch:00006 ########################## PXEClient (BIOS x86 & x64) Description: PXEClient:Arch:00000 ASCI PXEClient:Arch:00000 ########################### Create new Policy

Enterprise deployment of Windows 10 Deployment via System Center configuration Manager and Office 365

Enterprise deployment of Windows 10 Deployment via System Center configuration Manager and Office 365 In this blog I will discuss Windows 10 deployment as well as what has changed in System Center Configuration Manager. In addition servicing models for Windows 10, SCCM, and Office 365. The latest version of SCCM has re-branded itself without a year designation i.e. SCCM 2012 R2.  It has rather adopted the SaaS model of Windows 10 and updates will flow down more frequently rendering the year in the title obselete. The new name is System Center Configuration Manager 1511 (current branch).  The 1511 designation implies that the the current branch is 2015 November. Within the Configuration Manager console updates synchronise when the 'Service Connection Point' role is configured.  This role supports In-console updates for Configuration Manager infrastructure and clients, and replaces the following separate update methods previously understood within SCCM: Service packs Cumu

Enterprise deployment of Windows 10 Deployment via System Center configuration Manager and Office 365

Enterprise deployment of Windows 10 Deployment via System Center configuration Manager and Office 365 In this blog I will discuss Windows 10 deployment as well as what has changed in System Center Configuration Manager. In addition servicing models for Windows 10, SCCM, and Office 365. The latest version of SCCM has re-branded itself without a year designation i.e. SCCM 2012 R2.  It has rather adopted the SaaS model of Windows 10 and updates will flow down more frequently rendering the year in the title obselete. The new name is System Center Configuration Manager 1511 (current branch).  The 1511 designation implies that the the current branch is 2015 November. Within the Configuration Manager console updates synchronise when the 'Service Connection Point' role is configured.  This role supports In-console updates for Configuration Manager infrastructure and clients, and replaces the following separate update methods previously understood within SCCM: Service packs Cumulative u