SCCM Clean Install Guide - Server 2022, ConfigMgr 2103, SQL 2019 Replacing Existing ConfigMgr - Cory Fiala
SCCM Clean Install Guide - Server 2022, ConfigMgr 2103, SQL 2019 Replacing Existing ConfigMgr - Cory Fiala
ConfigMgr
Todays the day, I’ve deiced to rebuild our 5yr+ old sysctr server that’s built on 2012R2. Here I wanted to document the process on bring up a new
instance side by side with the existing server.
The only thing missing from this which I already have configured from our previous SCCM setup is AD Schema. Great guide here.
Server Setup
My specs are overkill but I have a lot of headspace in my vSphere setup.
Server 2022
32 CPU’s
48GB Ram
C: 150GB (OS)
D: 1TB (DATA)
E: 150GB (SQL)
10GB NIC
Software Downloads
Download SQL Server 2019 – I got it from VLSC but you can download it from the evaluation center.
Windows ADK
Download Microsoft Endpoint Configuration Manager – Current Branch – 2103 (Use VLSC if you have it)
It’s OK to have more then 1 server in System Management with Full Access
Expand the structure tree Domain > CN=System Management. You should see your existing server.
Right Click > Select Properties then select the Security tab.
We need to Add our new server and Grant Full Control permissions. You need to change the object types to include computers. Hold off on clicking
apply and and OK.
Click Advanced, double click the new server (SCCM$ for me) and change Applies to: This object and all descendant objects.
Done!
Note: Great time to take a snapshot before we start installing incase you need to role back.
Open up the ISO we downloaded (SW_DVD9_NTRL_SQL_Svr_Standard_Edtn_2019Dec2019_64Bit_English_OEM_VL_X22-22109) and run the setup.exe file.
Select Installation then New SQL Server stand-alone installation or add features to an existing installation.
Next page is the Product Key page. Put in your license key in if you have one otherwise select evaluation. Next.
Go ahead and Agree to the license, and Use Microsoft Update to check for updates (recommended). Keep going until you get to the Install Rules page.
On the Install Rules page you’ll receive a warning about the Windows Firewall. You can see a list of the ports here. We’ll configure these in the next step.
The necessary TCP / UDP ports required to pen are ports 1433,1434,4022,135. Lets configure these via PowerShell. Open Powershell (don’t forget to run as
admin) and paste the following:
EDIT: Open up PowerShell ISE and paste the rules there. For some reason pasting them into PowerShell removes the quotes breaking the
command.
New-NetFirewallRule -DisplayName “SQL Server” -Direction Inbound –Protocol TCP –LocalPort 1433 -Action allow
New-NetFirewallRule -DisplayName “SQL Admin Connection” -Direction Inbound –Protocol TCP –LocalPort 1434 -Action allow
New-NetFirewallRule -DisplayName “SQL Database Management” -Direction Inbound –Protocol UDP –LocalPort 1434 -Action allow
New-NetFirewallRule -DisplayName “SQL Service Broker” -Direction Inbound –Protocol TCP –LocalPort 4022 -Action allow
New-NetFirewallRule -DisplayName “SQL Debugger/RPC” -Direction Inbound –Protocol TCP –LocalPort 135 -Action allow
Next tab, Feature Selection, select Database Engine Services and Full-Text and Semantic Extractions
Now click next to Instance Configuration. You can leave this default but I’ll be changing it to to a more unique identifier. Named Instance will be set as
MYSQLSCCM.
Server Configuration tab I’ll use a sccm service account. If you haven’t done so create one. This will be for the SQL server agent and SQL server database
engine.
Be sure to add the service account to the Domain Admins and Administrators group.
TIP: It’s Friday (I know shouldn’t be doing any changes on Fridays) but don’t forget when you create the service account to uncheck “User must change
password on next login” Took me a bit to figure out why the account wouldn’t connect.
Error with invalid credentials. Oops forgot to uncheck user must change password on next login.
Next, for Authentication Mode, keep Windows authentication mode selected, and at the bottom click Add Current User. I’m also adding Domain
Admins group.
Data Directories tab we’ll change the Data root directory to the E Drive I created for SQL.
Data Directory
TempDB tab, double check to make sure it’s also pointing to E. It should of changed automatically.
Looks like we’re ready to install! Go ahead and click install. It will take a few minutes to complete.
Ready to Install
Install successful
Run the file (SSMS-Setup-ENU) we downloaded earlier. Should only take a few minutes.
Install
Specify Location
Click Next until you get to the Select the features you want to install screen.
Deployment Tools
Configuration Designer
Specify Location
Click Next until you get to the Select the features you want to install section. Make sure Windows Reinstallation Environment (Windows PE) is checked.
On your SCCM server, open up Server Manager and click Add roles and features.
Install Features
Select Next twice until you get to Role Services under Web Server Role (IIS). Make sure the following are checked.
Performance
Security
Windows Authentication
Application Development
ASP.NET 3.5
ASP.NET 4.8
ISAPI Filters
Management Tools
Open up Notepad (run as admin) and click Save As. Leave the file black. Save the file name as NO_SMS_ON_DRIVE.SMS. To achieve this don’t forget to
change the Save as type: to All types.
Tip: It’s been awhile since we did a snapshot right? Why not do another one? It’s free!
Run splash
The Microsoft Endpoint Configuration Manger wizard will start. Click Install.
Let’s begin
For my setup since I’m just replacing my existing server and starting over I’ll be selecting the first option, Install a Configuration Manger Primary Site.
Setup Options
Now the Product Key page, I’m going to install my key. You can select the evaluation edition if you don’t have one.
License Key
Accept all those lovely license terms. Don’t forgot to read them all
Prerequisite Downloads, I’ll just set this to my D: DATA drive. Make a new folder D:\prerequisite_downloads.
Prerequisite Downloads
Server Language Selection, choose which ever you require. Do the same for the Client Language Selection.
Language Selection
Site and Installation Settings we need to specify the following: Site Code, Site Name, and Installation folder. The site code can only be 3
characters/numbers. Since I have an existing system, it must be different then my previous site. This will avoid a lot of headaches.
Database Information, set the Instance Name to the one we created earlier. (MYSQLSCCM)
Database Information
Database Information, looks like it automatically remembered we’re using our E:.
Database Information
SMS Provider Settings is the FQDN of the server we’ll be using. Should of auto populated for you.
Client Computer Communication Settings – We will select Configure the communication method on each site system role, then Next.
Service Connection Point Setup, by default Yes, Let’s get connected (recommended). Next.
Settings Summary, take a look and make sure everything looks correct. Then click Next.
Prerequisite Check, this will take a little bit to run. Once it’s complete make sure nothing has Failed. If anything has you need to correct it.
I’ve corrected everything except for WSUS. I’m going to ignore this as I won’t be using SCCM to manage windows updates.
Install progress
Install Complete!
Done!
Remember as your setting up the new instance, don’t have overlapping boundaries!
Enjoy!
Update your PXE Boot Options in DHCP (Option 066 Boot Server Host Name) to the new IP.
#ADK #ADK11 #ADSI #ConfigMgr #SCCM #Server 2022 #SQL #SQL 2019
Facebook Twitter
Cory Fiala
Technology and outdoor enthusiast. Currently the sole systems administrator for a local K-12 school district with 800+ staff and 5,500+ students. I support
windows servers (2012R2-2022), Linux systems (FreeBSD and Ubuntu), along with vSphere (4 node cluster). Total is almost 60 virtual machines and 8
physical servers. This doesn't include my personal homelab.
Related Articles
VSSAdmin Unable to create shadow How to Install Xymon | Ubuntu 20.04 GAM | How to Update to the latest Graylog | Finding failed login
copy x (7001) July 7, 2022 version attempts that lock out AD Users
1 week ago June 2, 2022 March 28, 2022
Leave a Reply
Your email address will not be published. Required fields are marked *
Name *
Email * Website
Post Comment
Newsletter
Subscribe