Setup Options
To run SMS Setup, you must have administrative credentials on the computer. Before you run Setup, plan for making the following choices during setup:
Express vs. Custom setup
Advanced vs. Standard security mode
Extending the Active Directory schema for SMS
Important:
- Before you install SMS, ensure that the time settings on computers in your organization are synchronized, and then perform network time synchronization routinely. A number of problems can arise in your SMS hierarchy if time is not synchronized, such as a backlog of status messages and software metering summarizations that are not valid, to name just two issues.
Express vs. Custom Setup
Carefully choose one of the two options for installing a primary site: Express Setup or Custom Setup. Many SMS 2003 features are enabled by default if you use Express Setup, but they are disabled by default if you use Custom Setup.
Always use Custom Setup to deploy SMS in your production environment. Express Setup is only appropriate for setting up evaluation sites on an isolated network. Custom Setup allows you to control which features Setup installs, and it is required for Advanced Security.
Table 10.2 describes which SMS components are available with each setup option.
Table 10.2 Component Data by Setup Option
Option |
Custom primary site installation |
Express primary site installation |
Secondary site installation |
SMS Administrator console installation |
|---|---|---|---|---|
Site server |
Installed |
Installed |
Installed |
Not available |
SMS Administrator console |
Installed |
Installed |
Available |
Installed |
Remote Tools |
Optional |
Installed |
Optional |
Not available |
Package automation scripts |
Optional |
Installed |
Not available |
Not available |
By default, the Express Setup option:
Installs all core SMS components and client agents.
Enables Legacy Client Push Installation.
Enables all discovery methods.
Creates all necessary service accounts.
Enables the client access point (CAP), management point, and distribution point roles on the site server.
Table 10.3 lists default settings that result from the Express Setup option.
Table 10.3 Express Setup Default Settings
Feature |
Enabled or disabled |
Interval |
|---|---|---|
Network Discovery |
Disabled |
Not applicable |
Windows User Group Discovery |
Enabled |
One day |
Windows Networking User Account Discovery |
Enabled |
One day |
Heartbeat Discovery |
Enabled |
One week |
Active Directory System Discovery |
Enabled |
One day |
Active Directory User Discovery |
Enabled |
One day |
Active Directory System Group Discovery |
Enabled |
One day |
Legacy Client Push Installation |
Enabled |
Not applicable |
Advertised Programs Client Agent |
Enabled |
One hour |
Remote Tools Client Agent |
Enabled |
Not applicable |
Hardware Inventory Client Agent |
Enabled |
One week |
Status summarizers (summarize and replicate) |
Enabled |
One hour |
Collection update |
Enabled |
One day |
Software Metering Client Agent |
Disabled |
Not applicable |
Software Inventory Client Agent |
Disabled |
Not applicable |
Advanced vs. Standard Security Mode
It is important that you plan to choose which security mode, standard or advanced, to implement when you install SMS. The security mode you choose has an effect on the kind and number of accounts that are created and used for SMS security.
Important
- If you choose advanced security mode, then you can never change the mode to standard security.
Advanced security mode has some prerequisites that you should plan for. For example, advanced security mode requires that Active Directory be enabled. These prerequisites are described in Chapter 12, "Planning Your SMS Security Strategy."
The supported parent-child configurations for advanced security mode are:
SMS 2003 advanced security site reporting to SMS 2003 advanced security site.
SMS 2003 standard security site reporting to SMS 2003 advanced security site.
SMS 2.0 site reporting to SMS 2003 advanced security site.
If you choose the standard security mode during setup, you can switch to advanced security mode after installation.
Extending the Active Directory Schema for SMS
You extend the Active Directory schema to publish SMS objects in Active Directory. If you do not extend the schema, SMS cannot publish objects, and the following features are not available for Advanced Clients in SMS:
Global roaming
Automatic site assignment where the server locator point is not specified
Although SMS 2003 Setup prompts you to extend the schema, you can extend schema before, during, or after you run Setup.
Note
- If you do not extend the Active Directory schema for SMS, your server locator point and management points are not published to Active Directory, and you must manually register the server locator point (and any management points that are operating in a Network Load Balancing cluster) in WINS.
If you choose to extend the Active Directory schema during setup, be aware that you perform this task only once per Active Directory forest, and the logged-on user who is running SMS Setup must have administrative credentials. For information about using ExtADSch.exe to extend the SMS schema before or after running SMS Setup, see Chapter 15, "Deploying and Configuring SMS Sites."
Important
- Before enabling any Active Directory Schema changes in a Windows 2000 domain, the option to allow the schema to be extended has to be enabled. This does not apply to the Windows Server 2003 domains. For more information about the Active Directory schema, see the Microsoft Windows 2000 Distributed Systems Guide in the Microsoft Windows 2000 Server Resource Kit. Also see Microsoft Knowledge Base article 216060, "Registry Modification Required to Allow Write Operations to Schema," at https://support.microsoft.com/?kbid=216060.
For More Information
Did you find this information useful? Please send your suggestions and comments about the documentation to smsdocs@microsoft.com.