SCCM – Part 2: Site Installation
In this blog, I’m sharing my personal experience with installing the SCCM primary site using the SCCM installation media. I’ll cover the step-by-step process I followed and also go into some troubleshooting tips for the issues I faced along the way. This is more of a personal reference guide that I hope can help others who are going through the same process.
Get your SCCM Installation Media
The document below outlines the licensing requirements for Configuration Manager:
Get installation media – Configuration Manager | Microsoft Learn
For testing purposes this time, I referred to the subsequent document and downloaded the Technical Preview branch:
Product and licensing FAQ – Configuration Manager | Microsoft Learn
Here is the download link for the Technical Preview:
Configuration Manager Technical Preview | Microsoft Evaluation Center
Additionally, I found the following blog extremely helpful in resolving the issue I encountered:
Extract the Package
It will start download the installation media after we click the download link. When it finished the download, we can run the .exe file and futher do the extraction.
Associated Items Installation
https://go.microsoft.com/fwlink/?linkid=2220989
https://aka.ms/vs/15/release/vc_redist.x64.exe
🔗Prerequsite Check
The prerequisite check actually occurs quite late in the process. At this point, it is assumed that we already have the corresponding SQL server database instance, along with some relevant component installations. However, as I am a beginner with SCCM, I still encountered many check failures and warning. Therefore, I moved this section to the beginning and listed my solutions for these issues accordingly.
Mandatory components (Status showed as Failed):
https://learn.microsoft.com/en-us/mem/configmgr/core/plan-design/network/prepare-windows-servers
Microsoft Remote Differential Compression (RDC)
Microsoft Remote Differential Compression (RDC) library must be registered for Configuration Manager site server installation. Details at https://go.microsoft.com/fwlink/?linkid=2186120.
If you haven’t already installed the RDC feature, you can do so through the Server Manager:
SQL Server service running account
The logon account for the SQL Server service cannot be a local user account, NT SERVICE\ or LOCAL SERVICE. You must configure the SQL Server service to use a valid domain account, NETWORK SERVICE, or LOCAL SYSTEM.
The error message indicated that my current SQL service account is a NT SERVICE account, which is not
permitted.
Consequently, I executed the following steps to transition the SQL Server service account to a domain account.
- SQL Server Configuration Manager:
- Open SQL Server Configuration Manager on the server where your SQL instance is running.
- Navigate to ‘SQL Server Services’.
- Change Service Account:
- Right-click on the SQL Server service you wish to change (e.g., SQL Server (MSSQLSERVER)) and select ‘Properties’.
- In the ‘Log On’ tab, select ‘This account’.
- Enter the domain account name and password. The format for the account name should be DOMAIN\Username.
You can do the same thing for the SQL Server Agent Service. And now it’s running under the domian account:
Site server computer account administrative rights
Configuration Manager Setup requires that the site server computer has administrative rights on the SQL Server and management point computers.
At first, I thought the solution would be to give the computer account permission for the SQL database instances by assigning it the ‘dbcreator’ server role. However, that didn’t solve the issue. It turns out the real fix was much simpler – just add the computer account to the SQL server’s local administrators group.
SQL Server Tcp Port
Configuration Manager primary site and central administration site require SQL Server Tcp is enabled and set to Static port.
Make sure the TCP Dynamic Ports was set as blank to fullfill the static port requirement
Once the modification has been made, restart the SQL Server Service.
Windows Assessment and Deployment Kit (ADK)
The Windows Deployment Tools component of Windows Assessment and Deployment Kit (ADK) for Windows 10 is required and must be installed before Setup can continue. It is required on primary sites and SMS Provider. It is needed by operating system deployment features of Configuration Manager. See https://go.microsoft.com/fwlink/?LinkId=529534
The User State Migration Tool (USMT) component of Windows Assessment and Deployment Kit (ADK) for Windows 10 is required and must be installed before Setup can continue. It is required on central administration sites and stand-alone primary sites. It is needed by operating system deployment features of Configuration Manager. See https://go.microsoft.com/fwlink/?LinkId=529534
The failure of those two components will be automatically resolved upon the installation of the ADK.
https://learn.microsoft.com/en-us/windows-hardware/get-started/adk-install
Windows Preinstallation Environment
The Windows Preinstallation Environment component of Windows Assessment and Deployment Kit (ADK) for Windows 10 is required. It must be installed before Setup can continue. It is required on SMS Provider. It is needed by operating system deployment features of Configuration Manager. See https://go.microsoft.com/fwlink/?LinkId=529534
I’m still running into the abve error, even after I installed the ADK. Then I found out that I also need the Windows PE add-on, which isn’t included in the ADK and has to be downloaded separately.
Download the Windows PE add-on for the Windows ADK (September 2023)
Recommended components (Status showed as Warning):
Schema extensions
Configuration Manager Active Directory schema extensions are not required for site server installation, but are recommended to fully support the use of all Configuration Manager features. For more information about the advantages of extending the schema extensions, see the Configuration Manager product documentation.
You only need to extend the Active Directory Schema if you haven’t previously installed SCCM in your domain. If you’re already using SCCM 2007 and are planning to migrate, you can skip this step.
First, make sure you’re logged into a server with an account that belongs to the ‘Schema Admins‘ security group. Then, from the SCCM ISO package, execute the following file: .\SMSSETUP\BIN\X64\extadsch.exe
.
After running the schema extension, check the results by opening the Extadsch.log file, which you’ll find at the root of the system drive.
Verify site server permissions to publish the Active Directory
The site server might be unable to publish to Active Directory. The computer account for the site server must have Full Control permissions to the System Management container in its Active Directory domain. You can ignore this warning if you have manually verified these permissions. For more information about your options to configure required permissions, see https://go.microsoft.com/fwlink/p/?LinkId=233190.
I used the instructions from the following blog to set up the System Management container and gave our main SCCM computer the necessary permissions.
https://www.prajwaldesai.com/installing-prerequisites-for-configuration-manager/
The System Management container was created under the default naming context:
Give it Full Control permissions, and in the advanced settings, make sure to select “This object and all descendant objects“.
SQL Server process memory allocation
Configuration Manager requires SQL Server to reserve a minimum of 8 gigabytes (GB) of memory for the central administration site and primary site and a minimum of 4 gigabytes (GB) for the secondary site. This memory is reserved by using the Minimum server memory setting under Server Memory Options and is configured by using SQL Server Management Studio. For more information about how to set a fixed amount of memory, see https://go.microsoft.com/fwlink/p/?LinkId=233759.
IIS service running
Internet Information Services (IIS) is required for some site system roles. You have selected to install a site system role that requires IIS. Install IIS on the site system to continue setup.
BITS Installed / Enabled
Background Intelligent Transfer Service (BITS) is required for the management point and distribution point site system roles. BITS is not installed, IIS 6 WMI compatibility component for IIS7 is not installed on this computer or the remote IIS host, or Setup was unable to verify remote IIS settings because IIS common components were not installed on the site server computer. Also, check if IIS/BITS services are running properly. Setup cannot continue until BITS is installed and enabled in the IIS settings.
Start the Installation
Choose ‘Install a Configuration Manager primary site’ but do not select the checkbox, as we already have a Microsoft SQL Server set up.
After completing this step, we’ll encounter the prerequisite check again. This time, having resolved all the failures and warnings, we’ll notice that the ‘Begin Install‘ button is now clickable.
Let’s wait patiently for the configuration to complete. In the next blog post, I will share some insights on post-configuration and the installation of the SCCM console.