Here are the basic software prerequisites for upgrading from SMS 2003 to ConfigMgr:
Other considerations prior to upgrading:
You must have your SMS 2003 site in Advanced Security mode. This is the only mode in ConfigMgr.
No support for legacy clients. All clients must be advanced clients prior to the upgrade or they will no longer be clients.
Remove any 2003 Feature packs such as, OSD, Mobile Device Management, DCM, etc.
The 2003 version of ITMU is not supported in ConfigMgr so you must upgrade it right after completing the upgrade.
BUT – When I did my upgrade I left ITMU installed and it upgraded my server during the install.
Disable SQL replication prior to upgrading.
If you have modified the criterion of any of the default collections (maybe reports too), create new collections with different names (make use of linking) prior to the upgrade as these will be replaced with the defaults during the upgrade.
Prerequisites for different site roles:
Management Point - IIS 6.0, with BITS 2.0 and WebDAV extensions
Distribution Point if BITS enabled - IIS 6.0, BITS and WebDAV
Distribution Point if not BITS enabled - none
Reporting Point - IIS 6.0 and ASP
Server Locator Point - IIS 6.0
Software Update Point - IIS 6.0, WSUS 3.0 and BITS 2.5
Remote SUP - WSUS Admin console must be installed if a site is using WSUS server on another site.
Each SUP only supports 25,000 clients, if you have more than 25,000 clients assigned to a single site NLB clustering must be used (more info here).
Clients - WUA 3.0 and Windows Installer 3.1 (for updates)
Backing up your SQL (2000) db's
Before we begin to upgrade to ConfigMgr we have to first upgrade to SQL 2005, if you are already at SQL 2005 then you can obviously skip this step but you will need to make sure you backup your db's in SQL 2005 before you upgrade to ConfigMgr and that is covered later.
Since I am running several of the 1E tools in my lab I have the Agility Framework db to also backup, you may only need to follow these steps for your SMS db but the steps are exactly the same.
Backup Agility Framework db
Note: Before you start the backup if you are going to backup to disk like I am through Explorer create a folder to store your backups in as the wizard does not have a New Folder button to create a folder on the fly
In SQL Ent. Mgr. expand the databases, right click on the db you wish to backup, from the context menu choose All Tasks and then backup db.
This starts the Backup wizard, you can modify the name if you choose but by default it will append the db name with "backup." Also when you enter the name in the next couple of steps it will override this so don't waste your time unless there is some company procedure you have to follow here.
Under Destination click the Add button and browse to the folder you want to store your backups in.
The name that you enter here will be the file name for you backup and will override the text you entered in the first window.
After you choose the destination and file name click OK and you will return to the SQL Server Backup window. You can leave all other choice at their defaults and start the backup by clicking the OK button. Depending on the size of your db this could take just a few seconds or a couple of minutes, when it finishes the backup you will be greeted with a popup window telling you it complete successfully like below. You can exit SQL Ent. Mgr. at this point.
Upgrade SQL 2000 to 2005 with SP2
Stop SQL server
SQL 2005 preqs: Install SQL Native Client and Setup Support Files
Complete configuration check
Select the components to install
SQL Server Database Services and Workstation components
You are likely using a default instance so no need to choose a named instance unless you have your SQL db configured as such.
Specify the account you use to start your SQL instance, this should match what you are currently using for SQL 2000.
The setup process should not take too long but don't forget to install SP2 for SQL. (download it here).
Prior to the upgrade it will check to see if all the SQL services are stopped and will not let you proceed until they are, fortunately it will check and let you know what needs to be stopped, including the PID if you need to go that deep.
After all services are stopped the install will proceed.
At this point I think the server had earned a reboot, even though it has not been requested.
After the reboot if you so choose, now is the time to remove the installed feature packs.
Extend AD Schema
Extending the schema is not something you should take likely but since you are doing all this in your lab it is not such a big deal. But you should be following your upgrade plan that you formed prior to testing it. Schema extensions cannot be reversed and are domain wide, you need to understand what impact they will have on your domain so plan carefully for these before you decide to implement them.
Some drawbacks to not extending the schema are:
Roaming is limited, clients will not request data from a local MP and will revert to their assigned MP instead.
NAP will not work or Native mode
Clients will not be able to auto assign themselves unless the SLP has been published to WINS and the MP has been added to DNS manually, alternately if the SLP from 2003 has been added to AD domain services then clients can auto assign. So in the upgrade scenario this is very likely to be true.
If you use secure key exchange between sites and are upgrading then you should not have any problems - I think. But you cannot use secure key exchange if you want to implement this after the upgrade without the schema extensions.
Dynamic updates to ports for client server communication will not occur.
Most of these have workarounds like passing cmd line parameters during client install to assign the clients manually, but a couple of them do not. You can get more details on workarounds and potential impact on the ConfigMgr TechNet site here.
If you are going to implement the extensions this is done the same way as previous schema extensions. The logged on account must have schema extension rights, this is not part of the typical domain admin rights, it is a separate group. Once you are logged in with the appropriate rights you can just open up a command prompt window, and from the ConfigMgr CD in the SMSSETUP\BIN\I386 directory locate the file extadsch.exe. Drag it to the command prompt window and make sure it has focus and then hit the Enter key. Once your blinking cursor returns, in the root of the boot drive you should find a log file named ExtADSch.log, open that up and look for "Successfully extended the Active Directory schema." down towards the end of the file, if you see this line all went well, if not, scroll up…
According to my log there are four new attributes that are added:
- Cn=mS-SMS-Health-State
- Cn=mS-SMS-Source-Forest
- Cn=mS-SMS-Version
- Cn=mS-SMS-Capabilities
And four classes are updated:
- LDAP://cn=MS-SMS-Management-Point,CN=Schema,CN=Configuration,DC=arz,DC=local
- CN=Schema,CN=Configuration,DC=arz,DC=local.
- LDAP://cn=MS-SMS-Site,CN=Schema,CN=Configuration,DC=arz,DC=local.
- LDAP://cn=MS-SMS-Roaming-Boundary-Range,CN=Schema,CN=Configuration,DC=arz,DC=local.
For clarities sake my lab my domain is ARZ.local
Test db upgrade on backup created earlier
Remember the db backups we made, we don't need those anymore we are at SQL 2005 now, but keep them just in case. Just like all the SMS 2003 service pack upgrades we need to test our SMS db prior to installing. Considering the time it takes to do this it is well worth testing the db, assuming you have the SMS 2003 Recovery Expert installed and you have tested it, how long has it been since you tested it? You do have it installed right? Microsoft has a couple of variations on this process that you may like better, they can be found here, my methods are the same as I have used in the past with customers, in my previous articles and when I was an SMS engineer so I prefer them not that any are really and better or worse.
If you are new to SQL 2005 what you used to do in Enterprise Manager you now do in SQL Server Management Studio. Find this shortcut on your Start menu and then connect to the local SQL instance (assuming you are running your db locally). We are going to create a new test db and restore it from our backup to test against it.
Expand the databases folder, right click it and select New Database.
You should see the New Database window like the image above, in the name field type in SMS_test and then click the OK button.
Now you should be back in the SQL Studio window and select your test db, right click on it, then select Tasks, Restore, Database like so.
You should see the Restore Database wizard now, select your test db in the Destination to restore - To database drop down menu, and from the Source for restore select From database and make sure you SMS db is the source.
On the left hand side you will see General and Options, select Options.
Check the top box Overwrite the existing database, and now we need to tell it where to store our LDF and MDF files, by default it should have the source files, which we do not want to overwrite, actually you can't do this without getting an error.
Just click the ellipse buttons to specify new destination paths and names for the MDF and LDF files.
Before
After
Check your paths one more time like a good admin and then click OK to start the restore.
Just as with most SMS tasks, this will take a few minutes. And when you are finished you should see this.
Now we can do a test upgrade of our SMS db without risking any real damage. Click OK and close SQL Studio.
I found that I had to remove SQL 2000 completely before the following test would run, even though I specified the new SQL 2005 test db name the check would return and tell me I needed to install SQL 2005 SP2 in order to run setup. This also required a reboot, I guess I should have saved mine from earlier.
This all led to a very interesting development, it seems that during my uninstall of SQL 2000, it removed both 2000 and 2005.
As you can see I no longer have SQL 2000 in Add or Remove Programs, SQL 2005 is still listed but
See what happens when I click on Change.
The only options are to modify SQL Reporting Services or Workstation components…
I installed SQL 2005 again, installing just the database portion, it installed to a sub directory.
I will save you all the gory details but I was able to just attach the db from the SMSDATA folder. If this is intended during the uninstall this needs to be documented better, if it is not intentional then I would say this might be a BUG in the uninstaller, but maybe it was just me…
On the ConfigMgr CD in the folder SMSSETUP\BIN\I386 drag setup.exe to an open command prompt window and add the /testdbupgrade switch and then type the name of the backup db so it looks like this.
When it’s done you should see this.
Run ConfigMgr prerequisite check
Upgrade
You can begin the upgrade to ConfigMgr by double clicking the setup.exe in the I386 directory on the CD. After the initial welcome screen telling you what you need to complete prior to running setup you should see the setup options page where you will have the choice to upgrade or uninstall ConfigMgr, we obviously want to upgrade and that should be selected so click Next.
On the license agreement page review the license agreement and then check the box accepting it and then click Next again.
You can decide to participate in the customer feedback program or not on the next screen and after you have made your choice click Next again.
On the next screen the product key is entered, this will likely be filled in for you already, click Next.
The next screen gives you the option to allow setup check for any missing updates and download them for you, or you can bypass this and point it at a path where you have already stored the updates. After your choice click Next to proceed.
The next screen will ask you where you want to store the files if you chose to let setup download the files automatically, I would image this screen is the same for either method based on the wording.
Don't forget to set your proxy settings in IE to auto detect if you are not using the latest fixed version of eval. I am using a different version supplied to 1E so it still has the bug in it but after making the change in IE it happily started downloading 88 files...
After the downloads have finished you should be presented with a summary page, check to make sure you have the selections you desire and then click Next.
This is where the database upgrade will take place and a final prerequisite check happens. Any errors or warnings listed may prevent the install or just provide information and allow the install to proceed. When you feel that you are ready and the prerequisite checks have passed, click the Begin Install button to launch the install!
And now the fun begins - this is what you should be seeing…
During this process you should see the ITMU upgrade wizard appear, this is new for the RTM version as I don't recall it in the betas I used.
Click Next and the next screen will ask you if you want to download the cab file for the updates or use a locally stored version. Make your appropriate selection and click Next. I will allow it to download, you should only be using the local version if you are running your site server without a connection to the Internet.
Just a short time later you should see the finish dialog.
Click finish to allow the setup of ConfigMgr to proceed.
And we have lift off…
One final screen remains, you can view the install log, launch ConfigMgr, or just end the install.
To verify that the site has completed the install successfully at a minimum you should review the ComponentSetup.log in the root of C, the configMgrSetup.log, also located in the root.
If you want to patch using ConfigMgr you will need to download and install WSUS. After you kick off the install do not waste any time trying to sync or configuring WSUS we do this all through the ConfigMgr console.
Select the custom site install to get the alternate ports if you are installing the WSUS server on your ConfigMgr server, as port 80 is already in use.
You should install the full version on the site server or server that you plan to use as your Software Update Point, the admin console only needs to be installed on site servers that will deploy patches but not download the patches directly.
I will tell it store updates locally on my server, make sure you choose a drive with adequate space as you can download more than your average monthly patch Tuesday patches with this, it is a WSUS server.
Skip this…
Now let’s start using ConfigMgr…launch it from your Start ==> All Programs --> Microsoft System Center -> Configuration Manager 2007
First view of the console….
Expand Site Settings and go to Site Systems and either right click your server name and choose
New Roles or highlight it and use the menu on the right panel to choose the same. Fill in the FQDN.
So let’s start by configuring the boundaries. This is under Site Settings, it has its own folder now instead of going to the site properties.
It should have carried over your settings from the previous install so just verify that these settings are here and correct.
Select the roles you want to add, at minimum choose Software Update Point and then click Next.
Let’s move on to configuring the WSUS/SUP and finish this article up.
Move down to Component Configuration still below Site Settings and in display window in the middle of the console select Software Update Point Component, right click on it and select Properties.
Welcome to task sequences...
If you have a proxy between your server and MU then you should enter those settings here. Keep in mind that the settings you enter here will override any settings you have entered into WSUS but if you followed my install you should have cancelled the settings wizard after the WSUS setup.
Make sure you check this box, you can guess what will happen if you don't… :)
These ports should be the same that you configured during the WSUS setup, by default it will use http and SSL ports, you can modify these if you need to but they must match the settings in IIS.
Click Next to continue.
On the next screen you will have to tell your SUP to either sync with a local WSUS server or MU directly, you can also choose to not sync if you are using a manual sync method. You can also decide if you want clients to report on WSUS events, this has nothing to do with ConfigMgr reports it is only used for WSUS and will not feed any info into ConfigMgr.
Click Next to continue to the sync schedule screen, you can set the SUP/WSUS server to sync on a custom schedule or simple, just like you would schedule the ITMU sync ad in 2003. I would have mine run every Saturday and the evening of Patch Tuesday. Define your schedule and lets move on to Classifications, click Next when you are done.
Remember my warning about lots of disk space, well here is the list of different types of updates, choose what class of updates you want to pull down and then click Next to decide what products you want to pull down those types of updates for and then click Next again and decide what languages you want to download them in.
After that you should see the Summary screen, review the settings you have made and if you need to go back and make any changes, once you click Next it is going to make the changes you have specified.
And after a short period you should see this…or something similar
And now if you go up to Site Settings, Component Configuration and double click the Software Update Point Component your screen should look like this.
You now have a working site with the ability to deploy patches, once you upgrade your clients that is, but that will have to be another article.
No comments:
Post a Comment