Building a ConfigMgr Lab from Scratch: Step 9
ConfigMgr Settings Setup
We now have CM installed, and we need to get some basic settings configured to make it work.
Things we need to do now that we have a server
I didn’t change much, but I did check to Use a fallback site, Consent to pre-release features, and Enable admin service. Probably won’t need the fallback set in this small lab, but doesn’t hurt. The other two are for future testing/dev in the lab
On the Client Upgrade tab, I’ve checked the box to upgrade all clients automatically (ACU)
In the Site Settings:
I’ve checked the box for using CM-generated certs. ( Enhanced HTTP) Discovery Settings
I’m picking these 4 methods and pointing them to my “DEV” OU
For Groups, this will pull in any custom groups I’ve created in the DEV OU
Systems in the DEV OU (Servers & Workstations)
Users in the DEV OU Distribution Point Settings (And DP Groups)
In Administration, Site Configuration, Servers, and Site System Roles, get the properties of the DP Role
I’ve enabled BranchCache & LEDBAT because they are great. 🙂 I’ve also enabled Connected Cache (Previously DOINC)
I’ve enabled “Allow clients to connect anonymously”. If you don’t have a Network Access account you’ll need this. I personally also don’t have any private/sensitive business data that ever goes to a DP, so I’m not worried about it.
With a DP, you’ll want to add it to a
DP Group. Makes life easier in the future if you add DPs, Replace DPs, or just generally during deployments.
I’ve created a DP Group called “Lab DPs”
Added my DP Server (currently my only CM Server) to the DP Group Boundaries and Boundary Groups
By default, you’ll have the Default Site Boundary Group. Machines in this Group will be assigned your Site Code (DEV). By default, there are also no servers servicing this group, so I’ve added our server. At this point for OSD, I did not need to make any additional boundaries or groups, however, when I went to install apps, I had trouble until I created a boundary and group.
I’ve left this default blank
I’ve added the CM Server
I left these the default. For now, this is fine, and rarely in a lab would you need to change this.
By default there are no Boundaries, which worked fine for OSD for me, but not so well on my Apps.
Created a Subnet Boundary Group based on my lab’s IP Subnet
I then created a Boundary Group and selected my new Boundary. On the next screen, I add our CM Server
As you can see the Group I’ve created has 1 Member & 1 Site System.
I check the box for “Use this boundary group for site assignment” and also confirm my CM Server is there Client Settings
This is very basic and just enough to get you going and add a little pretty to the experience.
I’m having CM Configure BC & Enabling it. However, for more control and tuning I’d recommend using the 2Pint Software FREE downloads which will do this for you.
I’ve set up a few of these things including the “Branding” of our Company, and also set PowerShell to Bypass
In Software Center, I’ve continued to add additional branding
That’s actually it, for now, I’ll come back later and set up Remote Control among other things. But just to get this lab going, I don’t care as much about those for now.
I’ve set up a Network Account. This account only has rights to the Source Share. It is also blocked from interactive logon on any machines (set in ADUC) Personally, I’d NOT create this account until you run into a situation where you need it. I was trying to apply a WIM Directly from the DP (Without downloading during OSD), and that seemed to not work until I did this. However, since that isn’t the normal way for OSD, I’d suggest you see how far you can go without adding this.
Building a ConfigMgr Lab from Scratch Series
Series Introduction –
Building a CM Lab from Scratch
Setting up your Domain Controller
Creating a Router for your Lab using Windows Server
Certificate Authority – On Domain Controller [Optional]
ConfigMgr Server Pre-Reqs (Windows Features)
Configuration Settings (AD & GPOs)
Source Server (File Share)
ConfigMgr SQL Install
ConfigMgr Basic Settings – You are Here
ConfigMgr Collections & App Deployment
ConfigMgr Reporting Services
Cloud Management Gateway (CMG) – Certs PreReq
Cloud Management Gateway (CMG) – Azure Subscription
Azure Services Connection
Setting up CMG in the Console
Cloud Management Gateway (CMG) – Post CMG Config
Cloud Management Gateway – Client CMG Endpoints