Planning for High Availability with Configuration Manager
Updated: May 14, 2015
Applies To: System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 Configuration Manager SP2, System Center 2012 R2 Configuration Manager, System Center 2012 R2 Configuration Manager SP1
System Center 2012 Configuration Manager sites, hierarchy of sites, and Configuration Manager clients can each take advantage of options that maintain a high level of available service. These include the following:
Sites support multiple instances of site system servers that provide important services to clients.
Central administration sites and primary sites support the backup of the site database. The site database contains all the configurations for sites and clients, and it is shared between sites in a hierarchy that contain a central administration site.
Built-in site recovery options can reduce server downtime and include advanced options that simplify recovery when you have a hierarchy with a central administration site.
Clients can automatically remediate typical issues without administrative intervention.
Sites generate alerts about clients that fail to submit recent data, which alerts administrators to potential problems.
Configuration Manager provides several built-in reports that enable administrators to identify problems and trends before they become problems for server or client operations.
Configuration Manager does not provide a real-time service and you must expect it to operate with some data latency. Therefore, it is unusual for most scenarios that involve a temporary interruption of service to become a critical problem. When you have configured your sites and hierarchies with high availability in mind, downtime can be minimized, autonomy of operations maintained, and a high level of service provided.
For example, Configuration Manager clients typically operate autonomously by using known schedules and configurations for operations, and schedules to submit data to the site for processing. When clients cannot contact the site, they cache data to be submitted until they can contact the site. Additionally, clients that cannot contact the site continue to operate by using the last known schedules and cached information, such as a previously downloaded application that they must run or install, until they can contact the site and receive new policies. The site monitors its site systems and clients for periodic status updates, and can generate alerts when these fail to register. Built-in reports provide insight to ongoing operations as well as historical operations and trends. Finally, Configuration Manager supports state-based messages that provide near real-time information for ongoing operations.
Use the information in the following sections to help you understand the options to deploy Configuration Manager in a highly available configuration.
High Availability for Configuration Manager Clients
High Availability for Configuration Manager Sites
Details for Sites and Site System Roles that are Highly Available
Details for Sites and Site System Roles that are not Highly Available
High Availability for Configuration Manager Clients
The following table provides information about the operations of Configuration Manager clients that promote high availability.
Feature |
More information |
---|---|
Client operations are autonomous |
Configuration Manager client autonomy includes the following:
|
Clients can repair themselves |
Clients automatically remediate most typical issues without direct administrative intervention:
|
Clients cache information to use in the future |
When a client communicates with a management point, the client can obtain and cache the following information:
When a client cannot contact a management point the following actions are taken:
|
Client can submit status to a fallback status point |
When you configure a client to use a fallback status point, you provide an additional point of contact for the client to submit important details about its operation:
|
Central management of client data and client identity |
The site database rather than the individual client retains important information about each client’s identity, and associates that data to a specific computer, or user. This has the following results:
|
High Availability for Configuration Manager Sites
At each site, you deploy site system roles to provide the services that you want clients to use at that site. The site database contains the configuration information for the site and for all clients. Use one or more of the available options to provide for high availability of the site database, and the recovery of the site and site database if needed.
The following table provides information about the available options for Configuration Manager sites that support high availability.
Option |
More information |
---|---|
Use a SQL Server cluster to host the site database |
When you use a SQL Server cluster for the database at a central administration site or primary site, you use the fail-over support built into SQL Server. Secondary sites cannot use a SQL Server cluster, and do not support backup or restoration of their site database. You recover a secondary site by reinstalling the secondary site from its parent primary site. |
Deploy a hierarchy of sites with a central administration site, and one or more child primary sites |
This configuration can provide fault tolerance when your sites manage overlapping segments of your network. In addition, this configuration offers an additional recovery option to use the information in the shared database available at another site, to rebuild the site database at the recovered site. You can use this option to replace a failed or unavailable backup of the failed sites database. |
Create regular backups at central administration sites and primary sites |
When you create and test a regular site backup, you can ensure that you have the data necessary to recover a site, and the experience to recover a site in the minimal amount of time. |
Install multiple instances of site system roles |
When you install multiple instances of critical site system roles such as the management point and distribution point, you provide redundant points of contact for clients in the event that a specific site system server is off-line. |
Install multiple instances of the SMS Provider at a site |
The SMS Provider provides the point of administrative contact for one or more Configuration Manager consoles. When you install multiple SMS Providers, you can provide redundancy for contact points to administer your site and hierarchy. |
Details for Sites and Site System Roles that are Highly Available
The following table provides information about features available at sites, and the site system roles that are part of a high availability configuration.
Feature |
More information |
---|---|
Redundancy for important site system roles |
You can install multiple instances of the following site system roles to provide important services to clients:
You can install multiple instance of the following site system role to provide redundancy for reporting on sites and clients:
You can install the following site system role on a Windows Network Load Balancing (NLB) cluster to provide failover support:
|
Built-in site backup |
Configuration Manager includes a built-in backup task to help you back up your site and critical information on a regular schedule. Additionally, the Configuration Manager Setup wizard supports site restoration actions to help you restore a site to operations. |
Publishing to Active Directory Domain Services and DNS |
You can configure each site to publish data about site system servers and services to Active Directory Domain Services and to DNS. This enables clients to identify the most accessible server on the network, and to identify when new site system servers that can provide important services, such as management points, are available. |
SMS Providers and Configuration Manager consoles |
Configuration Manager supports installing multiple SMS Providers, each on a separate computer, to ensure multiple access points for Configuration Manager consoles. This ensures that if one SMS Provider computer is offline, you maintain the ability to view and reconfigure Configuration Manager sites and clients. When a Configuration Manager console connects to a site, it connects to an instance of the SMS Provider at that site. The instance of the SMS Provider is selected nondeterministically. If the selected SMS Provider is not available, you have the following options:
You can install the Configuration Manager console on multiple computers for use by administrative users. Each SMS Provider supports connections from multiple Configuration Manager consoles. |
Management point |
Install multiple management points at each primary site, and enable the sites to publish site data to your Active Directory infrastructure, and to DNS. Multiple management points help to load-balance the use of any single management point by multiple clients. In addition, you can install one or more database replicas for management points to decrease the CPU-intensive operations of the management point, and to increase the availability of this critical site system role. Because you can install only one management point in a secondary site, which must be located on the secondary site server, management points at secondary sites are not considered to have a highly available configuration. Note Mobile devices that are enrolled by Configuration Manager can connect to only one management point in a primary site. The management point is assigned by Configuration Manager to the mobile device during enrollment and then does not change. When you install multiple management points and enable more than one for mobile devices, the management point that is assigned to a mobile device client is non-deterministic. If the management point that a mobile device client uses becomes unavailable, you must resolve the problem with this management point or wipe the mobile device and re-enroll the mobile device so that it can assign to an operational management point that is enabled for mobile devices. |
Distribution point |
Install multiple distribution points, and deploy content to multiple distribution points. You can configure overlapping boundary groups for content location to ensure that clients on each subnet can access a deployment from two or more distribution points. Finally, consider configuring one or more distribution points as fallback locations for content. For more information about fallback locations for content, see the Planning for Preferred Distribution Points and Fallback section in the Planning for Content Management in Configuration Manager topic. |
Application Catalog web service point and Application Catalog website point |
You can install multiple instances of each site system role, and for best performance, deploy one of each on the same site system computer. Each Application Catalog site system role provides the same information as other instances of that site system role regardless of the location of this site server role in the hierarchy. Therefore, when a client makes a request for the Application Catalog and you have configured the Default Application Catalog website point device client setting for Automatically detect, the client can be directed to an available instance, with preference given to local Application Catalog site system servers, based on the current network location of the client. For more information about this client setting and how automatic detection works, see the Computer Agent client setting section in the About Client Settings in Configuration Manager topic. |
Details for Sites and Site System Roles that are not Highly Available
Several site systems do not support multiple instances at a site or in the hierarchy.
Use the information in the following table to help you plan if these site systems go off-line.
Site system server |
More information |
---|---|
Site server (site) |
Configuration Manager does not support the installation of the site server for each site on a Windows Server cluster or NLB cluster. The following information can help you prepare for when a site server fails or is not operational:
|
Asset Intelligence synchronization point (hierarchy) |
This site system role is not considered mission critical and provides optional functionality in Configuration Manager. If this site system goes offline, use one of the following options:
|
Endpoint Protection point (hierarchy) |
This site system role is not considered mission critical and provides optional functionality in Configuration Manager. If this site system goes offline, use one of the following options:
|
Enrollment point (site) |
This site system role is not considered mission critical and provides optional functionality in Configuration Manager. If this site system goes offline, use one of the following options:
|
Enrollment proxy point (site) |
This site system role is not considered mission critical and provides optional functionality in Configuration Manager. However, you can install multiple instances of this site system role at a site, and at multiple sites in the hierarchy. If this site system goes offline, use one of the following options:
When you have more than one enrollment proxy server in a site, use a DNS alias for the server name. When you use this configuration, DNS round robin provides some fault tolerance and load balancing for when users enroll their mobile devices. For more information, see How to Install Clients on Windows Mobile and Nokia Symbian Devices Using Configuration Manager. |
Fallback status point (site or hierarchy) |
This site system role is not considered mission critical and provides optional functionality in Configuration Manager. If this site system goes offline, use one of the following options:
|
Out of band service point (site) |
This site system role is not considered mission critical and provides optional functionality in Configuration Manager. If this site system goes offline, use one of the following options:
|