Endpoint Configuration Manager (Current Branch), supports high availability configurations through various options, which include but are not limited to the following:
*NOTE: Feature is only available in 1806 and newer releases.
The content library is a single-instance store of content in Configuration Manager, which is used by the site to reduce the overall size of the combined body of content that is distributed distribute.
The library stores all content files for deployments (software updates, applications, and OS deployments), and copies of the library are automatically created and maintained on each site server and each distribution point.
Use the Content Library Explorer tool from the Configuration Manager tools to browse the contents of the library.
Starting in version 1806, the content library on the site server can be moved to one of the following locations:
NOTE: This action only moves the content library on the site server. Distribution points are not impacted.
IMPORTANT: A shared location, between multiple sites, should not be used because it has the potential to corrupt the content library, and require a rebuild.
The site actually copies the content library files to the remote location, and does not delete the content library files at the original location on the site server. To free up space, an administrator must manually delete these original files.
Step |
Description |
1. |
Create a folder in a network share as the target for the content library (\\server\share\folder). WARNING: Do NOT reuse an existing folder with content. For example, don't use the same folder as your package sources because Configuration Manager removes any existing content from the location prior to copying the library. |
2. |
In the Configuration Manager console” · Switch to the Administration workspace. · Expand Site Configuration, select the Sites node, and select the site. On the Summary tab at the bottom of the details pane, notice a new column for the Content Library. |
3. |
Click Manage Content Library on the ribbon |
4. |
The Current Location field should show the local drive and path. Enter the UNC path to the network location created in Step 1 and click OK. |
5. |
Note the Status value in the Content Library column on the Summary tab of the details pane, which updates to show the site's progress in moving the content library. · The Move Progress (%) value displays the percentage complete. · If there's an error state, the status displays the error. · Common errors include access denied or disk full. · When complete it displays Complete. See the distmgr.log for details. |
Table 1 – Managing the Content Library
If the content library needs to be moved back to the site server, repeat this process, but enter a local drive and path for the New Location (Example - D:\SCCMContentLib), and it must be a folder name that already exists on the drive. When the original content still exists, the process quickly moves the configuration to the location local to the site server.
The following items may help troubleshoot content library issues:
Introduced in the 1806 release of Configuration Manager, high availability for the site server role is achievable by installing a second passive mode site server. This passive site server is in addition to the existing (active mode) site server, and it remains available for immediate use, when needed.
While in passive mode, a site server:
Manually promoting the passive server will make it the active server; thereby, switching the active server to passive mode. Since the site server role is the only role that is switched, the other site system roles on the original active mode server remain available so long as that computer is accessible.
NOTE: This feature is not enabled by default.
Step |
Description |
1. |
In the Configuration Manager console: · Click the Administration workspace · Expand Site Configuration · Select the Sites node · Click Create Site System Server in the ribbon. |
2. |
On the General page of the Create Site System Server Wizard: · Specify the server to host the site server in passive mode. NOTE: The server you specify can't host any site system roles before installing a site server in passive mode. |
3. |
On the System Role Selection page, select only Site server in passive mode. The following prerequisite checks are performed at this stage: · Selected server isn't a secondary site server · Selected server isn't already a site server in passive mode · Content library is in a remote location If these initial prerequisite checks fails, you can't continue past this page of the wizard. |
4. |
On the Site Server In Passive Mode page, provide the following information: · Choose one of the following options: · Copy installation source files over the network from the site server in active mode: · This option creates a compressed package and sends it to the new site server. · Use the source files at the following location on the site server in passive mode: · This is a local path that already contains a copy of the source files. Make sure this content is the same version as the site server in active mode. · (Recommended) Use the source files at the following network location: · Specify the path directly to the contents of the CD.Latest folder from the site server in active mode. (Example: \\Server\SMS_ABC\CD.Latest) · Specify the local path to install Configuration Manager on the new site server.(C:\Program Files\Configuration Manager) |
5. |
Complete the wizard. Navigate to the Monitoring workspace, and select the Site Server Status node in the ConfigMgr console for detailed installation status. The state for the passive site server should display as Installing. · For more detail, select the server and click Show Status. This action opens the Site Server Installation Status window, and the state will OK for both servers when the process completes. For more information on the setup process, see the flowchart in the appendix
NOTE: All Configuration Manager site server components are in standby on the site server in passive mode.
|
Table 2 – Adding a Passive Mode Server
As with any backup/recovery plan, practice the process to change site servers, and consider the following:
NOTE: If file replication between sites is in progress during failover, the new site server may not receive the replicated file. If this happens, redistribute the software content after the new site server is active.
In order to access the site and promote a server from passive to active mode, access to an instance of the SMS Provider is absolutely necessary.
IMPORTANT: By default, only the original site server has the SMS Provider role. If this server is offline, no provider is available, and access to the site is not possible. When a passive site server is added, the SMS Provider is NOT automatically installed, so ensure that at least one additional SMS Provider role is added to the site for a highly available service.
If the console is unable to connect to the site because the current site server (SMS Provider) is offline, specify the other site server (additional SMS Provider) in the Site Connection window.
Step |
Description |
1. |
In the Configuration Manager console: · Navigate to the Administration workspace · Expand Site Configuration · Select the Sites node · Select the site, and then switch to the Nodes tab. · Select the site server in passive mode, and then click Promote to active in the ribbon. · Click Yes to confirm and continue. |
2. |
Refresh the console node, and the Status column for the server being promoted should display in the Nodes tab as Promoting. |
3. |
After the promotion is complete, the Status column should show OK for both the new (active) site server, and the new passive site server. · The Server Name column for the site should now display the name of the new site server in active mode. For detailed status, navigate to the Monitoring workspace, and select the Site Server Status node. The Mode column will identify which server is active/passive. When promoting a server from passive to active mode, select the site server to be promoted, and then choose Show Status from the ribbon, which opens the Site Server Promotion Status window for additional detail.
|
Table 3 – Promoting a Passive Mode Site Server
If the active site server goes offline, the following process begins:
NOTE: During this 30 minute waiting period, there is no active site server. However, clients will still communicate with client-facing roles such as management points, software update points, and distribution points.
Users can also continue to install software that's already deployed, but site administration is NOT possible in this time period.
If the offline server is damaged such that it can't return, delete this site server from the console. Then create a new site server in passive mode to restore a highly available service.
Passive site servers should be monitored daily to ensure its Status remains OK and ready for use. This is done in the Monitoring workspace of the ConfigMgr console by selecting the Site Server Status node.
SQL Server Always On provides a high availability and disaster recovery solution for the site database.
An Always On availability group supports a replicated environment for a discrete set of user databases, known as availability databases. When created for high availability the availability group’s of databases fail over together.
Each set of availability databases is hosted by an availability replica. Two types of availability replicas exist:
The primary replica makes the primary databases available for read-write connections from clients, and sends transaction log records of each primary database to every secondary database.
The following situations are supported when using SQL Server Always On availability groups in Configuration Manager.
NOTE: The step-by-step details for performing each of these scenarios are described in the following documentation:
Configure SQL Server Always On availability groups for Configuration Manager
The site server’s computer account must be a member of the Local Administrators group on each member of the availability group.
Each replica in the availability group must run a version of SQL Server that's supported by the environment’s version of Configuration Manager.
NOTE: SQL Server Enteprise Edition must be used
A domain user (service) account a non-domain account can be used and each replica in a group can have a different configuration.
WARNING: Configuration Manager doesn't support failover to use the asynchronous commit replica as the site database because Configuration Manager doesn't validate the state of the asynchronous commit replica to confirm it's current. This can put the integrity of the site and data at risk because (by design) such a replica can be out of sync.
Each replica member must have the following configuration:
NOTE: Configuration Manager supports using the availability group synchronous replicas when set to Automatic Failover. Set Manual Failover when:
All replicas in an availability group must be either on-premises, or all hosted on Microsoft Azure.
Configuration Manager Setup must be able to connect to each replica, so ensure the following ports are open:
NOTE: Custom ports for these configurations are supported so long as they are the same custom ports on the endpoint and on all replicas in the availability group.
The must be at least one listener in an availability group.
Each secondary replica in the availability group must have a SQL Server file path that’s identical to the file path for the site database files on the current primary replica. Otherwise, setup will fail to add the instance for the group as the new location of the site DB.
NOTE: The local SQL Server service account must have Full Control permission to this folder.
This path is only required when ConfigMgr setup is used to specify the database instance in the availability group. Upon completion, the path can be deleted from the secondary replica servers.
Example scenario:
The database of each replica should be configured with the following settings:
NOTE: Only make these configurations on a primary replica. The primary must be failed-over to a secondary replica in order to configure that secondary, which also makes the secondary the new primary replica.
Run the following SQL script to verify database configurations for both primary and secondary replicas. Before you can fix an issue on a secondary replica, change that secondary replica to be the primary replica.
SET NOCOUNT ON
DECLARE @dbname NVARCHAR(128)
SELECT @dbname = sd.name FROM sys.sysdatabases sd WHERE sd.dbid = DB_ID()
IF (@dbname = N'master' OR @dbname = N'model' OR @dbname = N'msdb' OR @dbname = N'tempdb' OR @dbname = N'distribution' ) BEGIN
RAISERROR(N'ERROR: Script is targetting a system database. It should be targeting the DB you created instead.', 0, 1)
GOTO Branch_Exit;
END ELSE
PRINT N'INFO: Targetted database is ' + @dbname + N'.'
PRINT N'INFO: Running verifications....'
IF NOT EXISTS (SELECT * FROM sys.configurations c WHERE c.name = 'clr enabled' AND c.value_in_use = 1)
PRINT N'ERROR: CLR is not enabled!'
ELSE
PRINT N'PASS: CLR is enabled.'
DECLARE @repltable TABLE (
name nvarchar(max),
minimum int,
maximum int,
config_value int,
run_value int )
INSERT INTO @repltable
EXEC sp_configure 'max text repl size (B)'
IF NOT EXISTS(SELECT * from @repltable where config_value = 2147483647 and run_value = 2147483647 )
PRINT N'ERROR: Max text repl size is not correct!'
ELSE
PRINT N'PASS: Max text repl size is correct.'
IF NOT EXISTS (SELECT db.owner_sid FROM sys.databases db WHERE db.database_id = DB_ID() AND db.owner_sid = 0x01)
PRINT N'ERROR: Database owner is not sa account!'
ELSE
PRINT N'PASS: Database owner is sa account.'
IF NOT EXISTS( SELECT * FROM sys.databases db WHERE db.database_id = DB_ID() AND db.is_trustworthy_on = 1 )
PRINT N'ERROR: Trustworthy bit is not on!'
ELSE
PRINT N'PASS: Trustworthy bit is on.'
IF NOT EXISTS( SELECT * FROM sys.databases db WHERE db.database_id = DB_ID() AND db.is_broker_enabled = 1 )
PRINT N'ERROR: Service broker is not enabled!'
ELSE
PRINT N'PASS: Service broker is enabled.'
IF NOT EXISTS( SELECT * FROM sys.databases db WHERE db.database_id = DB_ID() AND db.is_honor_broker_priority_on = 1 )
PRINT N'ERROR: Service broker priority is not set!'
ELSE
PRINT N'PASS: Service broker priority is set.'
PRINT N'Done!'
Branch_Exit:
SQL Servers hosting more than one availability group require specific settings at the time of Configuration Manager Setup and when installing updates for Configuration Manager. Each replica in each availability group must have the following configurations:
When moving a site database to an availability group, Setup tries to process database roles on the secondary replicas, and the ConfigMgrSetup.log file shows the following error, which is safe to ignore:
ERROR: SQL Server error: [25000][3906][Microsoft][SQL Server Native Client 11.0][SQL Server]Failed to update database "CM_AAA" because the database is read-only. Configuration Manager Setup 1/21/2016 4:54:59 PM 7344 (0x1CB0)
To expand a standalone primary site to include a CAS, the primary site’s database must first be temporarily removed from the availability group.
Run the built-in Backup Site server maintenance task to back up common Configuration Manager settings and files.
If at least one node of the availability group is still functional, use the site recovery option to Skip database recovery (Use this option if the site database was unaffected).
If all nodes of an availability group are lost, the group must be recreated before site recover is attempted.
The RSP doesn't support using the listener virtual name of the availability group, or hosting its database in a SQL Server Always On availability group.
Content Library Explorer be used for the following:
When you start the tool (ContentLibraryExplorer.exe),
The tool also connects to the Configuration Manager provider to determine which packages are distributed to the distribution point, and whether they're actually in the distribution point’s content library or in a “pending” status. Pending packages will not have any available actions.
Some packages are present on the distribution point, but not visible in the Configuration Manager console, and are marked with an asterisk (*). Most (if not all) actions will not be available for these packages.
There are three primary reasons for disabled packages:
Validate packages by using Package > Validate on the toolbar.
Redistribute packages using Package > Redistribute on the toolbar.
Use Edit > Copy to copy packages, contents, folders, and files out of the content library to a specified folder.
Search for packages using Edit > Find Package.
Disclaimer
The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.