Hello All,
I am an SCCM engineer. My organization has one Config Mgr 2012 Central Administration Site and three primary sites.
I am assigned for this project and I have to build a new Primary Site.
Introduction : They are looking to extend the existing configuration management environment to provide the same functionality as in the Corporate environment.
Business Requirements:
- To manage SCCM clients (desktops and laptops) that are part of the SDE Dev, Build and Test Extension networks.
- To provide same SCCM functionality in SDE environment (specific location yet to be confirmed) as is available today in Corporate environment.
- To utilize the existing SCCM infrastructure and processes wherever possible in order to simply management.
- The solution should be scalable to cater for any future growth (other locations to be part of the SDE environment) either naturally or via acquisitions without the need to re-architect the environment.
- The solution needs to provide a secure management, patching and machine build/rebuild environment.
- To provide access to SDE SCCM administrator(s) only to SDE specific objects in the SCCM console. No other SCCM console users/administrators should have access to the SDE objects.
Technical Requirements:
- The Configuration Manager Site systems should only be deployed on a virtual platform.
- To utilize an existing PKI setup to create certificates to be used for the SDE environment.
- To configure site system roles to utilize certificates for communication with the endpoints.
- The capability to simplify and enhance administrative tasks, processes and procedures related to the management of SDE endpoints without the need to introduce over-engineered and complex workflows.
- The capability to manage and enforce role-based access policies and user-based delegation to the administrative tools.
- The capability to install and build a bare-metal endpoint with a Windows based operating system over the SDE network via a PXE boot mechanism.
- Discovery and capture of hardware information related to the endpoints that exist in SDE.
- Discovery and capture of software information related to installed application packages and their version and type.
- The capability to remotely control managed endpoints from a central administration point (subject to end-user authorisation) and without need to install any additional software packages.
- The capability to deploy updates and hotfixes to managed workstations and endpoints through an automated and policy-based workflow using SCCM and WSUS.
This is the overview. I do no have any idea where to start.
May I know the process of accomplishing this task and any additional information that can be found on the internet?
Thanks In advance.