MVP Monday: Using PowerShell to automate SCCM 1702 Current Branch

MVP Monday: Using PowerShell to automate SCCM 1702 Current Branch

If you’re reading this, I assume you have already installed two workgroups joined servers running Windows Server 2016 (choose Windows Server 2016 Standard (Desktop Experience)) as listed below, and that you’ve configured the network settings. The network settings I am using for this lab are shown below.

Server name: AD01

Server function: Domain Controller

Server status: Workgroup joined

  • IPv4 Address: 192.168.7.1
  • Subnet Mask: 255.255.255.0
  • Default Gateway: 192.168.7.199
  • DNS: 192.168.7.1

Server name: CM01

Server function: Configuration Manager Primary site

Server status: Workgroup joined

  • IPv4 Address: 192.168.7.2
  • Subnet Mask: 255.255.255.0
  • Default Gateway: 192.168.7.199
  • DNS: 192.168.7.1

Server name: Smoothwall

Server function: Linux firewall

Server status: 2 legacy nics

eth0: 192.168.7.199

eth1: x.x.x.x (internet facing ip)

(The scripts used in this guide are available here.)

  • Step 1. Configure Active Directory Domain Services (ADDS)
    To setup Active Directory Domain Services you could manually click your way through the appropriate wizard in Server Manager or automate it using PowerShell.
  • Step 2. Join CM01 to the domain
    To join the domain manually, bring up the computer system properties. Click on Change settings beside the computer name, click Change and enter the appropriate domain join details, reboot when done.

    To join the domain automatically, use the joindomain.ps1 PowerShell script.
    1. Copy the script to C:\scripts.
    2. Edit the variables as desired before running.
    3. Start Windows PowerShell ISE as Administrator and run the script by clicking on the green triangle.

  • Step 3. Create users
    Perform on the Active Directory Domain Controller server (AD01) as Local Administrator.
    Note: The PowerShell script creates users and makes a user a local admin on the CM01 server. To facilitate the local administrator creation, you’ll need to create a GPO on AD01 called Allow Inbound File and Printer sharing exception which sets Windows Firewall: Allow inbound file and printer sharing exception to Enabled.
  • Step 4. Create the System Management Container
    (For details of why you are doing this, check this out.)
  • Step 5. Delegate Permission
  • Step 6. Install Roles and Features on CM01
    To support various features in System Center Configuration Manager, the setup wizard requires some Server Roles and Features pre-installed. On CM01, log in as the username you added to the Local Administrators group and navigate to C:\Scripts. The XML files within the Scripts Used in This Guide.zip were created using the Export Configuration File option in Server Manager after manually installing roles and features and the accompanying PowerShell script simply installs it. Note: Make sure your Server 2016 media is in the drive specified in the script or edit the script to point to the location of the media.
  • Step 7. Download and install Windows ADK 10 version 1703 and WDS
    The ConfigMgr prerequisite checker will check for various things, including ADK components such as USMT and Windows Preinstallation Environment (amongst others), therefore you need to install Windows ADK on your server. To do so, either download ADKsetup from here and manually install it or run the setup ADK and WDS.ps1 PowerShell script to download and install the correct components for you. This script not only downloads the components needed, it also installs ADK 10 and then installs Windows Deployment Services. The setup ADK and WDS.ps1 PowerShell script is available in the Scripts Used in this Guide zip file. Note: As of 2017/5/4 ADK 1703 has an installation issue that occurs if you have Secure Boot enabled. To workaround this,  disable secure boot prior to installing it, you can re-enable secure boot after the installation.
  • Step 8. Install SQL Server 2016
    The following script will create a ConfigurationFile.ini used to automate the installation of SQL Server 2016, and after it’s installed the script will download the SSMS executable (Management Studio) and install it. SQL Server no longer comes with the Management Studio built-in, and it’s offered as a separate download, don’t worry though, my PowerShell script takes care of that for you. Note: Make sure your SQL Server 2016 media is in the drive specified in the script or edit the script to point to the location of the media.
  • Step 9. SQL Memory Configuration
    Depending on your memory configuration and server setup, you may also want to configure SQL memory limits as per the following guidance prior to installing ConfigMgr otherwise you’ll get warnings in the Prerequisite Checker when it runs the Server Readiness checks.
    Configuration Manager requires SQL Server to reserve a minimum of 8 gigabytes (GB) of memory for the central administration site and primary site and a minimum of 4 gigabytes (GB) for the secondary site. This memory is reserved by using the Minimum server memory setting under Server Memory Options and is configured by using SQL Server Management Studio. For more information about how to set a fixed amount of memory, see here.
    If your SQL Server is configured for unlimited memory usage, you should configure SQL Server memory to have a maximum limit.
  • Step 10. Restart the ConfigMgr Primary Server
    Open an administrative command prompt and issue the following command:

    shutdown /r

  • Step 11. Install the WSUS role
    Now that SQL server is installed, we can utilize SQL Server for the WSUS database.
  • Step 12. Download and extract the ConfigMgr content
    To install System Center Configuration Manager version 1702 you’ll need to download the content. You can download it from Microsoft’s Volume Licensing Service Center site for use in production or from MSDN for use in a lab.
    The VLSC download can be found be searching for Config and then selecting System Center Config Mgr (current branch and LTSB).
  • Step 13. Download the ConfigMgr Prerequisites
  • Step 14. Extend the Schema
    Note: Perform the following on the Domain controller server (AD01) as Administrator. You do not have to extend the Active Directory schema if it was already extended for Configuration Manager previously.
  • Step 15. Install SCCM Current Branch (version 1702)
    Note: Perform the following on the ConfigMgr server (CM01) as Administrator.  If you are NOT using eval (as in my example) then you need to add this section to the configuration.ini file[SABranchOptions]
    SAActive=1
    CurrentBranch=1
  • Success!

In these steps, there’s quite a bit of PowerShell you can use to automate most of Installing System Center Configuration Manager Current Branch (version 1702), including installing and configuring SQL Server 2016 on Windows Server 2016. Doing it this way means you can safely say that you’ve got a handle on Automation using PowerShell.

I hope you learned a lot from doing it this way, and until next time.

Share this post

Share this post on your favourite social media platform.

Find this article useful?

If so please click here