Microsoft Knowledge Base Email Alertz
All KB/RSS Links  |  Hot Kb!  |  New Kb!  |  Scott Cate  |  FAQ / KB  |  Web Hosting  |  Unsubscribe  

Microsoft Advisory Services Engagement Scenario – Configuring Native Mode for Configuration Manager 2007

Search KbAlertz

Advanced Search

Receive Microsoft Knowledge Base articles by E-Mail?

Every night we scan the Microsoft Knowledge Base. If technologies you're interested in are updated, we'll send you an e-mail. You only get one e-mail a day, and only when new articles are added.
Click here to create a
FREE account
Already have an account?
[Click here to Login]











Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks
Article ID: 2252943 - Last Review: February 21, 2011 - Revision: 10.1

Configuring Native Mode for Configuration Manager 2007

View products that this article applies to.
Microsoft Professional Advisory Services is a support option that provides short-term, proactive, consultative support beyond break-fix product maintenance needs. This includes working with the same technician for assistance with issues like product migration, code review, or new program development and is a remote, phone-based support option. This service is typically used for shorter engagements, and is designed for developers and IT professionals who do not require the traditional onsite consulting or sustained account management services that are available from other Microsoft support options.

For additional information on Microsoft Advisory Services, including on how to engage, refer to this Microsoft web page:

http://support.microsoft.com/gp/AdvisoryService (http://support.microsoft.com/gp/AdvisoryService)
Back to the top

Microsoft Advisory Services Engagement Scenario – Configuring Native Mode for Configuration Manager 2007

The goal of this offering is to assist customers with the configuration of Native Mode for Configuration Manager 2007, including prerequisites and dependencies, deploying the certificate and PKI requirements and managing clients.

Native mode was introduced in Configuration Manager 2007 to provide a higher level of security between clients and servers than mixed mode provides. Native mode should be used if you need the highest level of security in Configuration Manager, or must support Internet-based clients.

Included with scope

  • Planning, Installation and deployment of the Certificate Server for Configuration Manager 2007 Native Mode
  • Configuration of the Certificate Templates
  • Configuring the Site Systems to run in native mode

Out Of scope
  • Implementing Internet Clients
  • Installation of the Configuration Manager 2007 Site Server
  • Fixing any existing issue
Assumptions

  • System Center Configuration Manager 2007 is online and configured per the recommendations of Microsoft System Center Configuration 2007 Deployment Guide
  • Any pre-existing configuration or other issues that might prevent a successful System Center Configuration Manager Native mode deployment will be resolved prior to beginning work on the Pro Advisory offering as scoped.
  • Only one of site will need to be migrated to the Native Mode, In case customer has multiple sites they would be charged the equivalent time.
  • Should the customer request assistance with bringing the current environment to a healthy state, separate, break-fix Support Incidents will need to be opened to address each subordinate issue.  Should any issues arise while performing agreed upon scoped tasks during installation scenarios a maximum of thirty (30) minutes will be spent troubleshooting. This troubleshooting will be considered billed within the current advisory case.  If the issue is not resolved in these thirty (30) minutes, a new, break-fix Support Incident will need to be opened at the customer’s cost to address the problem.  The Advisory Support Engineer may work the Support Incident at their discretion.
Back to the top

Microsoft Advisory Services Engagement

Scoping questions

Scoping Questions: Scenario #1 – Single site


  •   What does the customer need help with?

    o    Configuring a Configuration Manager 2007 site in Native Mode.  Proceed within the scope of this offering.
  • Are you looking for the Internet Based Client Management?

    o    This offering is only for setting up Native mode and does not cover internet based clients.
  • Does customer has the Enterprise Edition or the Datacenter Edition of Windows Server 2003 or Windows Server 2008 for the Certificate Server?

    o     If not, check the Prerequisite section for the H/W and the Software
  • Does customer have multiple sites?

    o    Move to Scenario 2
  • Is your PKI deployment going to use a certificate revocation list (CRL)?

    o    If so, ensure that Configuration Manager 2007 clients and native mode site systems can locate it.
  • Are Clients running Systems Management Server (SMS) 2003?

    o    Only Configuration Manager 2007 Clients Supported.
Scoping Questions: Scenario #2 – MULTI SITE hierarchy

  • What does the customer need help with?

    o    Configuring a Configuration Manager 2007 multi-site hierarchy in Native Mode. Proceed within the scope of this offering.
  • Are you looking for the Internet Based Client Management?

    o    This offering is only for setting up Native mode clients and does not cover internet clients.
  • Does customer has Enterprise Edition or on the Datacenter Edition of Windows Server 2003 or Windows Server 2008 for the Certificate Server?

    o     If not, check the Prerequisite section for the H/W and the Software
  • Does customer have single site?

    o    If so use Scenario 1 above.
  • Is this the Child site?

    o    If so then the parent must be in the Native mode.
  • Does this site have child“Secondary”sites?

    o     If so then they will all be setup for the native mode.
  • Do your site system servers have PKI certificates with their fully qualified domain names (FQDNs) in the certificate subject name?

    o     Yes. Make sure the sane FQDN is configured for Site Systems.
    Is your PKI deployment going to use a certificate revocation list (CRL)?

    o    Yes. Ensure that Configuration Manager clients and native mode site systems can locate it.
  • Are Clients running Systems Management Server (SMS) 2003?

    o    Only Configuration Manager 2007 Clients Supported.
Back to the top

Self-Help resources for this scenario

Below is a list of self-help resources or this scenario. These resources may also be used by Microsoft Support Engineers during an Advisory Services engagement.

Prerequisites for Native Mode (http://technet.microsoft.com/en-us/library/bb680464.aspx)

Section 1: Setting up PKI

Administrator Checklist: Deploying the PKI Requirements for Native Mode (http://technet.microsoft.com/en-us/library/bb680844.aspx)

Administrator Workflow: Deploying the PKI Requirements for Native Mode (http://technet.microsoft.com/en-us/library/bb680742.aspx)

Section 2: Configuring

Administrator Checklist: Migrating a Site to Native Mode (http://technet.microsoft.com/en-us/library/bb632727.aspx)

Administrator Workflow: Migrating a Site to Native Mode (http://technet.microsoft.com/en-us/library/bb680838.aspx)

Section 3: Verification

How to Identify the Site Mode of a Site (http://technet.microsoft.com/en-us/library/bb632387.aspx)

How to Verify Native Mode Migration Is Complete (http://techcnet.microsoft.com/en-us/library/bb680986.aspx)

Note that the time estimate below is on a per-site basis.  For example, if the customer falls under Scenario #1 above (Single site) then the time estimate is 6 hours.  If the customer falls under Scenario #2 above (Multi site hierarchy) and has two sites then the time estimate will be 6 hours per site, for a total of 12 hours.  If they have four sites then the time estimate will be 24 hours, etc.
Back to the top
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use (http://go.microsoft.com/fwlink/?LinkId=151500) for other considerations.
Back to the top
APPLIES TO
  • Microsoft System Center Configuration Manager 2007
  • Microsoft System Center Configuration Manager 2007 Service Pack 2
  • Microsoft System Center Configuration Manager 2007 Service Pack 1
  • Microsoft System Center Configuration Manager 2007 R2
Back to the top
Keywords: 
kbsccm kbproadvisory kbinfo kbsurveynew kbtshoot kbnomt kbprosystemcenter KB2252943
Back to the top
        

Community Feedback System

Very often, it takes hours to solve a problem. Very often, you've looked high and low, and have tried a lot of solutions. When you finally found it, chances are, it was because someone else helped you. Here's your chance to give back. Use our community feedback tool to let others know what worked for you and what didn't.

Please also understand that the community feedback system is not warranted to be correct, it's simply a system that we've built to let people try and help each other. If something in a feedback response doesn't make sense to you, or you're not comfortable making changes that the feedback talks about (like registry edits), please consult a professional.

Thank you for using kbAlertz.com Feedback System.

-- Scott Cate

Copyright © 2002-2007 KBALERTZ.COM.  All Rights Reserved. Terms / PrivacyDiscount ASP.NET Hosting