Building an SCCM Technical Preview lab

In this modern age of desktop management the rate of change in the management tools is more frequent than ever before.

In order to stay ahead of the curve with SCCM I find it essential to always have an SCCM site stood up using the Technical Preview release I order to test the new features that Microsoft release on a regular basis.

In this post I am going to walk you through the process I follow whenever I need to standup a new SCCM Technical Preview site.

Install SQL

Firstly I need to install SQL on the allocated server. The highest version currently supported by SCCM is SQL 2017, so this is what I will be installing following the process below:

Mount the SQL ISO file and execute setup.exe

Select to install a new stand-alone installation

Choose to install SQL in Evaluation, or enter a product key if you wish to use this environment for more than 180 days

Review and accept the license terms if agreeable

Because I want to ensure we have the latest hotfixes and security updates, select to use Microsoft Update

I can see a warning telling me that the Windows firewall does not have the SQL ports enabled for remote access. In this scenario this is acceptable as all SQL traffic will be hosted on this single server

The only feature is required for SCCM is the ‘Database Engine Services’ so I select this

Leave the instance configuration as the default configuration

In the Server Configuration section I need to change the SQL Server Database Engine to run using the local SYSTEM account, all other options can left as per the default configuration (be aware that the SQL Collation is a critical dependency for SCCM. In SQL 2017 the default collation is the required value of SQL_Latin1_General_CP1_CI_AS but previous versions of SQL had a different default collation so double check this and modify if appropriate)

Add any SQL Server Administrators that are required. I also like to change the default Data Directories to a drive other than C as this is SQL best practise, although probably in a small test environment this is probably not as important

I can now review the options I have chosen through the wizard and click Install

And eventually the installation will complete

Preparing the Server

I can now start to install and configure the various components that SCCM features rely upon for functionality. My preferred method for performing these tasks is the awesome ConfigMgr Prerequisites Tool written by Nickolaj Andersen and available for download at the Microsoft TechNet gallery

Firstly launch the tool select to install the prerequisites for a Primary site

Now because I am going to be installing the Management Point and Distribution Points on the same server we need to navigate to Roles and select Management Point then Install

Then the same for the Distribution Point role

Now I need to install the Windows ADK. To do this navigate to ADK and click on load. This will query the Microsoft download servers and determine what the latest version of ADK is available for download

As you can see Windows 10 1903 is the latest available at the time of writing. Select this and click Install

Then because Microsoft have now split the main ADK and the WinPE components into two seperate downloads I will also need to select the option with ‘WinPE add-on’ and click Install

Now I need to install WSUS on the server so I can performing testing of the Software Updates component of SCCM so I navigate to WSUS, leave the option as SQL Server and click

Now that the WSUS installation is complete I need to complete the post-installation options of WSUS. To do this navigate to Post-Install and click configure. I will need to manually create the folder for WSUS content outside of the tool and input ‘localhost’ for the server name

Now I need to change the SQL memory configuration, in order to do this I need to provide the tool with the location of the SQL instance where we will be installing SCCM. To do this I need to navigate to Settings enter ‘localhost’ for the server name and click connect

I can now navigate to SQL Server, leave the default database memory configuration of 8GB and click configure

I have now completed all of the pre-requisites for SCCM so I can now proceed to installing SCCM

Installing SCCM

Firstly it is necessary to download the latest Technical Preview build from the Evaluation Center and extract the contents. At this time the latest build available for download is 1907 which we will later upgrade to 1909 through the In-Console upgrade process

After having extracted the files for the latest Technical Preview it is necessary to navigate to the following location C:\SC_Configmgr_SCEP_TechPreview1907\SMSSETUP\BIN\X64 and then run setup.exe

Leave the default to install a Configuration Manager primary site

Accept the three EULAs

Select a location to download the SCCM pre-requisite files

Select any additional languages for the server

And then select any additional languages for the client

Enter a three character site code, a site name and a location to install SCCM

Then modify any SQL settings as necessary. (For the options we have chosen so far in this tutorial this is not necessary)

Modify the SQL file locations if necessary

And select the SMS provider server name

Select to only use HTTP for client-server communications

Leave the selection to install the Management Point and Distribution Point on this server

Accept to send usage data to Microsoft (this is non-optional in Technical Preview)

Install the Service Connection Point on the local server

Review and confirm the options we have selected

The setup wizard now performs a pre-requisite check and I can see the following screen indicating that I am ready to click Begin Install

The installation will then commence and eventually will complete

This completes the initial installation of SCCM

Updating SCCM

Now I have our SCCM Technical Preview site up and running I want to upgrade it to the latest version so I can see all of the cool new features that Microsoft are working on.

To do this I first need to launch the SCCM console and navigate to Administration > Upgrades and Servicing and I should see the latest technical preview version listed as ready to install. CLick on the Install Upgrade Pack in the ribbon bar

Note – It may take a while for the latest update to show in the console and the status to be Ready to Install. This is because the Service Connector Point may take some time to communicate with Microsoft and download the update. Clicking on the ‘Check for Updates‘ button will force to process to initiate immediately

I can then see the types of updates that are included in the Upgrade Pack, click

Select any features I want to enable and click Next. I can always enable these features later if not selected now

I can then select if I want to upgrade my clients with or without validating on a test collection

Connecting SCCM to Upgrade Analytics

In my last post I detailed the process for deploying Upgrade Analytics and how to use SCCM to configure workstations to upload their telemetry data for processing in Upgrade Analytics.

Now we have this data available to us in Upgrade Analytics I am going to walk through the process of connecting SCCM to import the available Upgrade Analytics data back into the SCCM console. Doing so enables administrators to create SCCM collections based on the Upgrade Analytics data, and then in turn create deployments to remediate issues that have been identified with apps/drivers etc. that are currently blocking in-place upgrades of Windows 10 to the desired build.

Obviously a pre-requisite to following this guide is to have fully deployed Upgrade Analytics according to my previous blog post.

Create Azure AD Web Application

The first stage of connecting SCCM to our existing Upgrade Analytics instance is to create an Azure AD Web Application which will then, in turn, be used to grant SCCM read permissions to the instance.

Firstly, navigate to and logon with your Azure AD credentials. Then navigate to the exiting Azure Active Directory instance and select ‘App registrations’.

Now click ‘New Application Registration’ and complete the details as below:

  • Name – Free text but call this something easily identifiable
  • Application Type – Select Web app / API
  • Sign-on URL – Does not need to be a valid URL (as we won’t be redirecting users to this address), but must be in a valid URL format with http:// or https:// as a prefix

And click ‘Create’

The Application will then be created and the details presented in the console

Now click ‘Settings’ then ‘Keys’ to be prompted to create a new Key. Complete the name of a new key (maximum 16 characters) and select the length of duration for the key.

Click ‘Save’

Important – At this stage you will now be presented with the key in the form of a 43 character text string. I have deliberately not screenshotted my key, but this is the only time you will be able to read the key so ensure you copy this key now and store in a secure manner. Also, note the Expiry date (although this can be retrieved later).

Also collect the Application ID and App ID URL from the key properties screen.

Grant the New Application permissions to Upgrade Analytics

Now we have successfully created our Azure AD application we need to grant to the required permissions so it can access the data stored in Upgrade Analytics.

To perform this, within the Azure Portal browse to Resource Groups and select the Resource Group that contains the Upgrade Analytics solution

Under ‘Add a role assignment’ select ‘Add’ and complete the presented screen as below, then click ‘Save’.

Note: It is required to assign the permissions at the Resource Group level as later in the process SCCM will need to create a

Configuring SCCM to connect to Upgrade Analytics

Now we have created our new Azure AD app and granted it the correct permissions we are ready to connect SCCM to Upgrade Analytics.

In the SCCM Console browse to Administration-Cloud Services-Azure Services.

Then right-click on ‘Azure Services’ and select ‘Configure Azure Services’. Complete the presented wizard as shown below.

Then ensure ‘AzurePublicCloud’ is selected and click ‘Import’

You will then need to complete the presented screen with all of the details listed below and click ‘Verify’

  • Azure AD Tenant Name – Free text field but name it something easily identifiable
  • Azure AD Tennant ID – This is the directory ID of your Azure AD instance. This can be found by browsing the properties screen of Azure AD
  • Application Name – Free text field but name it something easily identifiable
  • Client ID – This is the App ID previously obtained
  • Secret Key – This is the Key previously obtained
  • Secret Key Expiry – Ensure the same date is selected as the key expires
  • APP ID URL – This is the previously collected value

Provided everything verifies successfully click ‘OK’ and then ‘Next’ in the wizard

Ensure that the correct Subscription, Resource Group and Windows Analytics workspace are selected and click ‘Next’

Review the settings and click ‘Next’

Once the wizard completes click ‘Close’. We can now see that the Upgrade Analytics Connecter is listed in Azure Services

Now if we switch to the Monitoring – Upgrade Readiness node in the SCCM console we can see the data is displayed

This completes the configuration of connecting SCCM to Upgrade Analytics