Everyone's endpoint management journey is unique. Start yours here.
All Blogs
ConfigMgr Console

Building a CM Lab – ConfigMgr Settings Setup [9]

Author Photo Gary Blok
Published on: May 12, 2020

Receive notification right in your inbox whenever new content like this is released & sign up for our email list!

We’ll send you the latest updates, how-to’s, and solutions to empower you at every endpoint.

By signing up you agree to our Privacy Policy.

Trending Topics

Compliance Tracking with Trend Dashboards

Recast’s Endpoint Management Recap – March 2023

Q & A with SysAdmin Superstars – Jörgen Nilsson

5 Ways Right Click Tools Enterprise Saves Organizational Resources

Post 9, we have CM installed, now we need to get some basic settings configured to make it work

Things we need to do now that we have a server

Hierarchy Settings

Hierarchy Settings Properties
I didn’t change much, but I did check to Use a fallback site, Consent to pre-release features, and Enable admin service. Probably won’t need the fallback set in this small lab, but doesn’t hurt. The other two are for future testing/dev in the lab
Hierarchy Settings Properties
On the Client Upgrade tab, I’ve checked the box to upgrade all clients automatically (ACU)

In the Site Settings:

Recast Software Dev Site Properties
I’ve checked the box for using CM-generated certs. (Enhanced HTTP)

Discovery Settings

Discovery Method Administration
I’m picking these 4 methods and pointing them to my “DEV” OU
Add Active Directory Location
For Groups, this will pull in any custom groups I’ve created in the DEV OU
Active Directory Container
Systems in the DEV OU (Servers & Workstations)
Active Directory Container
Users in the DEV OU

Distribution Point Settings (And DP Groups)

In Administration, Site Configuration, Servers, and Site System Roles, get the properties of the DP Role

Distribution Point Properties
I’ve enabled BranchCache LEDBAT because they are great. 🙂 I’ve also enabled Connected Cache (Previously DOINC)
Distribution Point Properties
I’ve enabled “Allow clients to connect anonymously”. If you don’t have a Network Access account you’ll need this.  I personally also don’t have any private/sensitive business data that ever goes to a DP, so I’m not worried about it.

With a DP, you’ll want to add it to a DP Group. Makes life easier in the future if you add DPs, Replace DPs, or just generally during deployments.

Create New Distribution Point Group
I’ve created a DP Group called “Lab DPs”
add Distribution Points
Added my DP Server (currently my only CM Server) to the DP Group

Boundaries and Boundary Groups

By default, you’ll have the Default Site Boundary Group.  Machines in this Group will be assigned your Site Code (DEV).  By default, there are also no servers servicing this group, so I’ve added our server. At this point for OSD, I did not need to make any additional boundaries or groups, however, when I went to install apps, I had trouble until I created a boundary and group.

Default Site Boundary Group
Default Site Boundary Group Properties
I’ve left this default blank
Default Site Boundary Group Properties
I’ve added the CM Server
Default Site Boundary Group Properties
I left these the default. For now, this is fine, and rarely in a lab would you need to change this.
OSD Bondaries
By default there are no Boundaries, which worked fine for OSD for me, but not so well on my Apps.

Create Boundary Groups
Created a Subnet Boundary Group based on my lab’s IP Subnet
Create Boundary Groups
I then created a Boundary Group and selected my new Boundary. On the next screen, I add our CM Server
create Boundary Groups
As you can see the Group I’ve created has 1 Member & 1 Site System.
Administration Boundary groups
I check the box for “Use this boundary group for site assignment” and also confirm my CM Server is there

Client Settings

This is very basic and just enough to get you going and add a little pretty to the experience.

Client Cache Settings
I’m having CM Configure BC & Enabling it. However, for more control and tuning I’d recommend using the 2Pint Software FREE downloads which will do this for you.
Computer Agent Default Settings
I’ve set up a few of these things including the “Branding” of our Company, and also set PowerShell to Bypass
Software Center Default settings
In Software Center, I’ve continued to add additional branding

That’s actually it, for now, I’ll come back later and set up Remote Control among other things.  But just to get this lab going, I don’t care as much about those for now.

Accounts

Software distribution Component Properties
I’ve set up a Network Account.  This account only has rights to the Source Share. It is also blocked from interactive logon on any machines (set in ADUC) Personally, I’d NOT create this account until you run into a situation where you need it.
I was trying to apply a WIM Directly from the DP (Without downloading during OSD), and that seemed to not work until I did this. However, since that isn’t the normal way for OSD, I’d suggest you see how far you can go without adding this.

Blog Post List

Series Introduction – Building a CM Lab from Scratch

  1. Domain Controller – Setting up your Domain Controller
  2. Gateway Virtual Machine – Creating a Router for your Lab using Windows Server
  3. Certificate Authority – On Domain Controller [Optional]
  4. ConfigMgr Server Pre-Reqs (Windows Features)
  5. Configuration Settings (AD & GPOs)
  6. Source Server (File Share)
  7. ConfigMgr SQL Install
  8. ConfigMgr Install
  9. ConfigMgr Basic Settings
  10. ConfigMgr Collections & App Deployment
  11. ConfigMgr OSD
  12. ConfigMgr Reporting Services

Related Resources

Featured Image
Building a CM Lab

Building a ConfigMgr Lab- Series Intro

Author Photo
Gary Blok
May 21, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Domain Controller VM [1]

Author Photo
Gary Blok
May 20, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Gateway VM [2]

Author Photo
Gary Blok
May 19, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Certificate Authority [3]

Author Photo
Gary Blok
May 18, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr [MEMCM] Server Pre-Reqs [4]

Author Photo
Gary Blok
May 17, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Configuration Settings (AD / GPO) [5]

Author Photo
Gary Blok
May 16, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr Source Share [6]

Author Photo
Gary Blok
May 15, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr [MEMCM] Installing SQL [7]

Author Photo
Gary Blok
May 14, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr Install [8]

Author Photo
Gary Blok
May 13, 2020
Featured Image
Building a CM Lab

Building a CM Lab – ConfigMgr Collections/App Deployments [10]

Author Photo
Gary Blok
May 11, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Operating System Deployment [11]

Author Photo
Gary Blok
May 10, 2020
Featured Image
Building a CM Lab

Building a CM Lab – SQL Reporting Services (SSRS) [12]

Author Photo
Gary Blok
May 9, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Cloud Management Gateway (CMG) – Certs PreReq [13]

Author Photo
Gary Blok
May 8, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Cloud Management Gateway (CMG) – Azure Subscription [14]

Author Photo
Gary Blok
May 7, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Azure Services Connection[15]

Author Photo
Gary Blok
May 6, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Setting up CMG in the Console [16]

Author Photo
Gary Blok
May 5, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Cloud Management Gateway (CMG) – Post CMG Config [17]

Author Photo
Gary Blok
May 4, 2020
Featured Image
Building a CM Lab

Building a CM Lab – Cloud Management Gateway – Client CMG Endpoints [18]

Author Photo
Gary Blok
May 3, 2020

Support

  • This field is for validation purposes and should be left unchanged.

Contact

  • This field is for validation purposes and should be left unchanged.

By submitting this form, you understand that Recast Software may process your data as described in the Recast Software Privacy Policy.