SCCM Lab | Notion

test.local

Hostname	Address	CPUs	Memory (GB)	Disk (GB)
AD-Router	192.168.1.1	1	1	12
DC01	192.168.1.5	2	8	60
SCCM	192.168.1.10	2	8	60
SQL-1	192.168.1.15	4	16	60
SCCM-DST	192.168.1.20	2	8	50
WRK-1	192.168.1.101	2	4	48

Domain Creds

Administrator	CyberPatriot1!
SCCM-SQL-svc	sqlsvc
SCCM-NAA	sccmnaa
SCCM-ClientPush	sccmclientpush
SCCM-SQLReporting	sccmsqlreporting
SCCM-DomainJoin	sccmdomainjoin

https://www.systemcenterdudes.com/complete-sccm-installation-guide-and-configuration/

Do parts 1-3,

Things to note

Can't use sql express, using azure education from portal.azure.com → sql server 2019 and configuration endpoint manager license key

Turn SQL firewall off to avoid any annoying shit during installation and rerunning 10000 times

or maybe i should have followed this

@echo ========= SQL Server Ports ===================
@echo Enabling SQLServer default instance port 1433
netsh advfirewall firewall add rule name=”SQL Server” dir=in action=allow protocol=TCP localport=1433
@echo Enabling Dedicated Admin Connection port 1434
netsh advfirewall firewall add rule name=”SQL Admin Connection” dir=in action=allow protocol=TCP localport=1434
@echo Enabling conventional SQL Server Service Broker port 4022
netsh advfirewall firewall add rule name=”SQL Service Broker” dir=in action=allow protocol=TCP localport=4022
@echo Enabling Transact-SQL Debugger/RPC port 135
netsh advfirewall firewall add rule name=”SQL Debugger/RPC” dir=in action=allow protocol=TCP localport=135
@echo ========= Analysis Services Ports ==============
@echo Enabling SSAS Default Instance port 2383
netsh advfirewall firewall add rule name=”Analysis Services” dir=in action=allow protocol=TCP localport=2383
@echo Enabling SQL Server Browser Service port 2382
netsh advfirewall firewall add rule name=”SQL Browser” dir=in action=allow protocol=TCP localport=2382
@echo ========= Misc Applications ==============
@echo Enabling HTTP port 80
netsh advfirewall firewall add rule name=”HTTP” dir=in action=allow protocol=TCP localport=80
@echo Enabling SSL port 443
netsh advfirewall firewall add rule name=”SSL” dir=in action=allow protocol=TCP localport=443
@echo Enabling port for SQL Server Browser Service’s ‘Browse’ Button
netsh advfirewall firewall add rule name=”SQL Browser” dir=in action=allow protocol=TCP localport=1434
@echo Allowing Ping command
netsh advfirewall firewall add rule name=”ICMP Allow incoming V4 echo request” protocol=icmpv4:8,any dir=in action=allow

Turn off defender on site server (SCCM) so disk reads dont clog the installation speed

Getting Client push to work

Administration → Hierarchy Configuration

Add an AD boundary, and then a boundary group with all our sites as references
- set boundary group fallback to the default site boundary, and add our sites as references there again
Then add that boundary gorup to the boundary we created

Administration → Site configuration → Sites

Click client installation settings at the top
enable automatic side-wide push installation, and then add our push account to the accounts tab
- This account has to be local admin everywhere

This should hopefully work. for some reason, without the fallback (to the same hosts??) the client push doesn’t work.