Example Assignment Scenarios for Configuration Manager: Primary Sites
The scenarios in this topic will help you understand how site assignment works in Configuration Manager 2007 using some scenarios that assign clients to sites in a fictitious company multi-site deployment of Configuration Manager.
Before reading these scenarios, see About Client Site Assignment in Configuration Manager.
The scenarios covered are the following:
Auto-Site Assignment Succeeds with Manual Installation
Auto-Site Assignment Fails with Manual Installation
Auto-Site Assignment Assigns Client to Wrong Site
Successful Client Push Installation Using the Client Push Installation Wizard from the Central Site
Site Assignment for Internet-Based Clients
Site Assignment When a Configuration Manager Client is Assigned to an SMS 2003 Site
Site Assignment When the Client's Communication Mode Doesn't Match its Assigned Site's Mode
These scenarios cover site assignment when a client's network location during the assignment process falls within the defined boundaries of a primary site. For example, the client's Active Directory site is defined as a boundary, or the client's IP address or subnet falls within an IP address range or subnet that is defined as a boundary.
For example scenarios of assignment when a client's network location falls within the boundaries of a secondary site, see Example Assignment Scenarios for Configuration Manager: Secondary Sites.
For an example scenario for when a client's network location doesn't fall within any of the defined boundaries for the hierarchy, see Example Roaming Scenarios for Configuration Manager: Complex.
Each assignment scenario is explained in terms of whether clients have global roaming capability, or only regional roaming capability:
Global roaming capability refers to the ability of clients to access site information from Active Directory Domain Services. This requires that the Active Directory schema is extended for Configuration Manager 2007, that all sites are publishing to Active Directory Domain Services, and the client belongs to the same forest. For more information, see How to Extend the Active Directory Schema for Configuration Manager.
Regional roaming capability refers to the roaming behavior of clients when global roaming is not possible because the Active Directory schema has not been extended for Configuration Manager 2007, or it has been extended but not all sites are publishing to Active Directory Domain Services, or the client doesn't belong to the same forest (for example, is a workgroup client).
Hierarchy Used in All Roaming Scenario Examples
The hierarchy has three tiers of primary sites:
At the top of the hierarchy is the central site, a primary site in Toronto named TOR.
At the second level of primary sites, there are three primary child sites in Houston, London, and Shanghai, named HOU, LON, and SHA respectively.
The Houston child primary site has two secondary sites in Seattle and Boston: SEA, BOS.
The LON child primary site has one secondary site in Manchester: MAN.
The SHA child primary site has no secondary sites.
At the third level of primary sites, there are two primary grandchild sites in Sydney and Helsinki, named SYD and HEL respectively.
The SYN grandchild primary site has two secondary sites in Melbourne and Brisbane: MEL, BRI.
The HEL grandchild primary site has no secondary sites.
This hierarchy is shown in the following illustration.
Auto-Site Assignment Succeeds with Manual Installation
An administrator in Houston (HOU) manually installs a Configuration Manager 2007 client using auto-site assignment, and wants the client to assign to the Sydney site. The network location of the computer falls within the configured boundaries of the Sydney site (SYD).
This scenario is depicted in the following illustration.
Global Roaming Capability
When site assignment is triggered, the Configuration Manager client compares its current IP address, IP subnet, and Active Directory site with the list of boundaries defined for each site in Active Directory Domain Services. It finds a match for the Sydney site (SYD) and then looks for the site compatibility information for the Sydney site. The site compatibility succeeds (the site is running Configuration Manager 2007, and the client is not running Windows 2000 and assigned to a native mode site), and the client assigns to the site and configures it default management point for the Sydney site.
Regional Roaming Capability
When site assignment is triggered, the Configuration Manager client sends its network location (IP address, IP subnet, and Active Directory site if it has one) to a server locator point. The server locator point looks for a match with the list of boundaries defined for each site. It finds a match for the Sydney site (SYD) and sends site information for SYD to the client. The client checks the site compatibility information for the Sydney site. The site compatibility succeeds (the site is running Configuration Manager 2007, and the client is not running Windows 2000 and assigned to a native mode site), and the client assigns to the site and configures its default management point for the Sydney site.
Critical Configuration Steps
The following configuration steps are required for this scenario to succeed.
Requirement | More Information |
---|---|
The Sydney site must be configured with boundaries that include the client's network location - such as Active Directory site, or IP subnets. |
|
If you are installing clients with regionally roaming capability, they must be able to find a server locator point using one of these mechanisms:
|
About Configuration Manager Client Installation Properties How to Manually Add Configuration Manager Site Information to WINS |
Auto-Site Assignment Fails with Manual Installation
An administrator in Houston wants to assign a new computer to the Houston site (HOU) and manually installs the Configuration Manager 2007 client using auto-site assignment. The network location of the computer falls outside all the configured boundaries of the Configuration Manager 2007 hierarchy. This might happen in the following scenarios:
The DHCP Administrator added new scopes and did not inform the Configuration Manager.
The Active Directory Domain Services administrator added new Active Directory sites who did not inform the Configuration Manager administrator, who is using Active Directory sites to configure boundaries.
The Configuration Manager administrator did not realize the importance of making sure all possible network locations are represented as boundary information in the Configuration Manager hierarchy.
Global Roaming Capability
When site assignment is triggered, the Configuration Manager client compares its current IP address, IP subnet, and Active Directory site with the list of boundaries defined for each site in Active Directory Domain Services. It cannot find a match, site assignment fails and the client is unmanaged.
Regional Roaming Capability
When site assignment is triggered, the Configuration Manager client sends its network location (IP address, IP subnet, and Active Directory site if it has one) to a server locator point. The server locator point looks for a match with the list of boundaries defined for each site. It cannot find a match, site assignment fails and the client is unmanaged.
Assignment Solutions
Resolve this situation by fulfilling one of the following configuration steps.
Requirement | More Information |
---|---|
The Houston site must be configured with boundaries that include the client's network location, such as its Active Directory site or its IP subnet. |
|
Directly assign the client to the Houston site, rather than using auto-site assignment. |
Auto-Site Assignment Assigns Client to Wrong Site
The administrator in London wants to install and assign 5 new laptops to the London site (LON). She adds logon script installation instructions for the Configuration Manager 2007 client using auto-site assignment. Although the network location of these laptops normally fall within the configured boundaries of the London site, one user travels to Sydney and the client installs when the computer is connected to the network in Sydney (SYD).
This scenario is depicted in the following illustration.
Global Roaming Capability
When site assignment is triggered for the laptop installing the client in Sydney, the Configuration Manager client compares its current IP address, IP subnet, and Active Directory site with the list of boundaries defined for each site in Active Directory Domain Services. It finds a match for the Sydney site (SYD) and then looks for the site compatibility information for the Sydney site. The site compatibility succeeds (the site is running Configuration Manager 2007, and the client is not running Windows 2000 and assigned to a native mode site), and the client assigns to the site and configures it default management point for the Sydney site.
The laptop user returns to London (LON). Although London is supposed to be the laptop's assigned site, it is actually assigned to Sydney (SYD) and remains assigned despite its change in network location. When the laptop reconnects to the London site (LON) it continues to contact its default management point in Sydney for policy, and for sending it inventory and status information. However, it will ask the resident management point in London for software packages and software updates.
Regional Roaming Capability
When site assignment is triggered for the laptop installing the client in Sydney, the Configuration Manager client sends its network location (IP address, IP subnet, and Active Directory site if it has one) to a server locator point. The server locator point looks for a match with the list of boundaries defined for each site. It finds a match for the Sydney site (SYD) and sends site information for SYD to the client. The client checks the site compatibility information for the Sydney site. The site compatibility succeeds (the site is running Configuration Manager 2007, and the client is not running Windows 2000 and assigned to a native mode site), and the client assigns to the site and configures it default management point for the Sydney site.
The laptop user returns to London (LON). Although London is supposed to be the client's assigned site, it is actually assigned to Sydney (SYD) and remains assigned despite its change in network location. When the laptop reconnects to the London site (LON) it continues to contact its default management point in Sydney for policy, and for sending it inventory and status information. The management point in Sydney has no knowledge of software packages and software updates in London, so when the client requests content, it returns a list of distribution points from the site in Sydney.
Similar Behavior
The same behavior would be seen if the laptop didn't roam but the following scenarios occurred:
Auto-site assignment was not used but the client was incorrectly assigned to a site other than London.
Another site was configured with a boundary that matched the client's network location. This can happen in an upgrade scenario when the boundary information has changed after the client was first installed.
The hierarchy is incorrectly configured with overlapping boundaries.
Assignment Solutions
To resolve this situation, reassign the client to the London site (LON). For more information, see How to Assign Configuration Manager Clients to a Site.
To prevent this situation, do not use auto-site assignment for laptops that roam outside their normal primary sites, unless it is to secondary sites that are attached to their normal primary site.
Successful Client Push Installation Using the Client Push Installation Wizard from the Central Site
New computers are added to the network at the Helsinki site without the Configuration Manager 2007 client installed, and are discovered as a resource by Configuration Manager using one of the discovery methods configured at the Helsinki site. These discovered computers replicate up the hierarchy so that they appear in the All Systems collection at the Toronto site.
These clients have IP network addresses that fall within the configured IP subnet boundaries in the Helsinki (HEL) site. The Helsinki site does not have the option Enable Client Push Installation to assigned resources enabled on the Client Push Installation Properties: General Tab.
The administrator at the central site in Toronto initiates installation for these clients by right-clicking on them, and running the Client Push Installation Wizard. She makes sure that the following option on the Installation Options Page in the wizard is not set: Include only clients in this site's boundaries.
This scenario is depicted in the following illustration.
Global Roaming Capability
The client is successfully installed and site assignment is triggered. The Configuration Manager client compares its current network location (IP address, IP subnet, and Active Directory site) with the list of boundaries defined for each site in Active Directory Domain Services. It finds a match for the Helsinki site (HEL) and then looks for the site compatibility information for the Helsinki site. The site compatibility succeeds (the site is running Configuration Manager 2007, and the client is not running Windows 2000 and assigned to a native mode site), and the client assigns to the site and configures it default management point for the Helsinki site (HEL).
Regional Roaming Capability
The client is successfully installed and site assignment is triggered. The Configuration Manager client sends its network location (IP address, IP subnet, and Active Directory site if it has one) to a server locator point. The server locator point finds a match for the Helsinki site (HEL) and sends site information for HEL to the client. The client checks the site compatibility information for the Helsinki site. The site compatibility succeeds (the site is running Configuration Manager 2007, and the client is not running Windows 2000 and assigned to a native mode site), and the client assigns to the site and configures it default management point for the Helsinki site (HEL).
Critical Configuration Steps
The following configuration steps are required for this scenario to succeed.
Requirement | More Information |
---|---|
The Helsinki site must be configured with boundaries that include the clients' network location - such as Active Directory site, or IP subnets. |
|
A discovery method must be configured at the Helsinki site (or another site in the hierarchy) that finds the computer resources. |
|
A client push installation account must be configured at the Toronto site. |
How to Configure the Configuration Manager Client Push Installation Account |
Firewall settings must not block client installation traffic. |
|
If you are installing clients with regionally roaming capability, they must be able to find a server locator point using one of these mechanisms:
|
Client Push Installation Properties: Client Tab How to Manually Add Configuration Manager Site Information to WINS |
Do not select the following option on the Installation Options Page in the wizard: Include only clients in this site's boundaries. |
Site Assignment for Internet-Based Clients
New laptops for traveling sales staff are added to the network at the Toronto site (TOR), which is in native mode and configured to support Internet-based client management. When these laptops return to the corporate network, they will be managed on the intranet. However, they spend most of their time connected to the Internet and traveling across the country.
The administrator at Toronto prepares an installation CD for the owners of these laptops, which is mailed to them with instructions. Some users install the client when they are on the intranet, and some when they are on the Internet.
This scenario is depicted in the following illustration.
Global Roaming Capability and Regional Roaming Capability
When a laptop is connected to the intranet, the client is successfully installed and site assignment is triggered. The Configuration Manager client is configured for Internet-based client management, and so does not perform a site compatibility check. The client assigns to the Toronto site and identifies that it is currently on the intranet. It locates its default management point for the Toronto site. When it moves to the Internet, it will contact its assigned Internet-based management point in Toronto (TOR).
When a laptop is connected to the Internet, the client is successfully installed and site assignment is triggered. The Configuration Manager client is configured for Internet-based client management, and so does not perform a site compatibility check. The client assigns to the Toronto site and identifies that it is currently on the Internet and so does not locate its default management point. It assigns directly to the Toronto site without checking site compatibility, and it assigns directly to the specified Internet-based management point.
注意
When a client is configured for Internet-based client management, it does not check site compatibility but assigns directly to the specified site.
Critical Configuration Steps
The following configuration steps are required for this scenario to succeed.
Requirement | More Information |
---|---|
The Toronto site must be in native mode, and configured for Internet-based client management. |
Administrator Checklist: Deploying the PKI Requirements for Native Mode Administrator Checklist: Configuring a Site for Internet-Based Client Management |
Clients must already have their native mode client certificate. |
Deploying the Client Computer Certificates to Clients and the Management Point |
An installation CD or similar must be prepared with all the required CCMSetup installation properties. |
Decide How to Install Configuration Manager Clients for Internet-Based Client Management |
Site Assignment When a Configuration Manager Client is Assigned to an SMS 2003 Site
New computers are added to the network at the Shanghai site (SHA), which is still running SMS 2003. The administrator in London has been asked to install these clients for the Shanghai site, but doesn't realize that the Shanghai site hasn't yet been upgraded to Configuration Manager 2007.
This scenario is depicted in the following illustration.
Global Roaming Capability
The client is successfully installed and site assignment is triggered. The Configuration Manager client compares its current IP address, IP subnet, and Active Directory site with the list of boundaries defined for each site in Active Directory Domain Services. It finds a match for the Shanghai site (SHA) and then looks for the site compatibility information for the Shanghai site. The site compatibility fails because the client is running Configuration Manager 2007 and the site is running SMS 2003. The client fails to assign and is unmanaged, sending this site assignment failure information to its assigned fallback status point in Toronto (TOR).
Regional Roaming Capability
The client is successfully installed and site assignment is triggered. The Configuration Manager client sends its network location (IP address, IP subnet, and Active Directory site if it has one) to a server locator point. The server locator point looks for a match with the list of boundaries defined for each site. The server locator finds a match for the Shanghai site (SHA) and sends site information for SHA to the client. The client checks the site compatibility information for the Shanghai site. The site compatibility fails because the client is running Configuration Manager 2007 and the site is running SMS 2003. The client fails to assign and is unmanaged, sending this site assignment failure information to its assigned fallback status point in Toronto.
Assignment Solutions
Resolve this situation by fulfilling one of the following configuration steps.
Requirement | More Information |
---|---|
Uninstall the Configuration Manager 2007 client, and reinstall the SMS 2003 client. |
|
Reassign this client to another site running Configuration Manager 2007. This will result in the client permanently roaming to the Shanghai site, with some additional WAN traffic to its assigned site. |
|
Upgrade the Shanghai site, and then reinstall the Configuration Manager 2007 client. |
Configuration Manager Upgrade and Interoperability Planning and Deployment |
Site Assignment When the Client's Communication Mode Doesn't Match its Assigned Site's Mode
New computers are added to the network at the Toronto site (TOR), which is configured for native mode. These computers already have their client computer certificates required for native mode. The administrator manually installs the clients without the CCMSetup installation property for native mode.
This scenario is depicted in the following illustration.
Global Roaming Capability
The client is successfully installed and site assignment is triggered. The Configuration Manager client compares its current IP address, IP subnet, and Active Directory site with the list of boundaries defined for each site in Active Directory Domain Services. It finds a match for the Toronto site (TOR) and then looks for the site compatibility information for the Toronto site. The site checks pass (the site is running Configuration Manager 2007, and the client is not running Windows 2000).
The client successfully assigns, finds its default management point in Toronto (TOR), and then reads site settings from Active Directory Domain Services. The site settings include the site mode configuration for native mode, so the client automatically changes its client communication mode to match the native site mode configuration.
This client can now successfully communicate with its native mode site in Toronto (TOR).
Regional Roaming Capability
The client is successfully installed and site assignment is triggered. The Configuration Manager client sends its network location (IP address, IP subnet, and Active Directory site if it has one) to a server locator point. The server locator point looks for a match with the list of boundaries defined for each site. The server locator finds a match for the Toronto site (TOR) and sends site information for TOR to the client. The client checks the site compatibility information for the Toronto site. The site checks pass (the site is running Configuration Manager 2007, and the client is not running Windows 2000).
The client successfully assigns, finds its default management point in Toronto (TOR), but cannot communicate with it because the client communication mode does not match the native site mode configuration. Without the ability to locate the site mode setting from Active Directory Domain Services, a client with regional roaming capability cannot automatically reconfigure its client communication mode.
The client successfully assigns, but is unmanaged. It sends this failure information to its assigned fallback status point in Toronto (TOR).
Assignment Solutions
Resolve the unmanaged client that doesn't have global roaming capability with one of the following configuration steps.
Requirement | More Information |
---|---|
Reinstall the client using the CCMSetup command line property /native: [<native mode option>]. |
|
Reinstall the client using the Client Push Wizard from the Toronto site. |
How to Install Configuration Manager Clients Using Client Push |
See Also
Tasks
How to Assign the Fallback Status Point to Configuration Manager Client Computers
Concepts
About Client Site Assignment in Configuration Manager
Determine If You Need a Server Locator Point for Configuration Manager Clients
Example Assignment Scenarios for Configuration Manager: Secondary Sites
Example Roaming Scenarios for Configuration Manager: Simple
Configuration Manager Site Assignment Data Flow
Understanding Configuration Manager Sites
Other Resources
Technical Reference for Configuration Manager Client Deployment