PRC04: Microsoft Configuration Manager 2012 Part 3

This is the third and final article covering the content presented in the TechEd 2012 Configuration Manager 2012 pre-conference session, PRC04. Check out part one here and part two here.

  • Software Updates
    • Do not use WSUS for software updates. Poor reporting and you don’t know the real status of the machines. In short WSUS sucks and if you want real patching, don’t use it.
    • You cannot setup a software update point in an untrusted forest.
    • Max two software update servers: Internal, internet
    • Create a new update group for each month to avoid maintenance window problems
    • All expired updates are automatically housecleaned on all DPs
    • Define update processes¬†
      • Pilot environments
      • Servers with automatic restart
      • Servers with manual restart requirements
      • Logically group servers with dependencies
      • Workstations in production – automatic restart?
      • Define your SLAs
      • Collection Design

      • WSUS GPO
    • Update group naming standard: YYYY MM mmmm (.e.g. 2012 02 February)
    • Software Deployment name example: SRV 2012 05 May Automatic
    • Fixed limit of 1,000 updates per deployment group. Should never reach this limit as smaller groups, like month, should be used.
    • Deleteexpired.vbs to remove expired updates from CM12
    • Look at Secunia and Solarwinds for good patch mgt integration with CM 2012
    • Set WSUS GPO option “configure automatic updates” to disabled, or you may get conflicts with WSUS policy.

  • End Point Protection
    • Deployment workflow
      • Install endpoint protection point site system role

      • Configure alerts for EP
      • Configure software updates
      • Configure client settings

      • Monitor end point activity

    • Pre-made EP templates for roles such as SharePoint, OCS, SQL, AD, etc.
    • Can create your own deployment type. Citrix is making a XenApp deployment type.
  • General CM 2012 Tips
    • A four server server deployment (single primary site, SQL/EndPoint/Sit server; 2 DPs; reporting services) can support 6.5K to 25K seats
    • Set minimum SQL memory to 8GB in SQL manager studio
    • In SQL, create a new database file for each server core.
    • Set SQL DB autogrowth to 1GB, not 2 percent
    • Use SQL standard edition if less than 50,000 clients
    • Update reference OS image at least 4x a year to minimize update download time
    • Make sure pilot users for OS images give you feedback
Buy me a coffee

Related Posts

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments