SCCM stands for System Center Configuration Manager. It’s a Microsoft systems management software used by IT administrators to manage large groups of computers running Windows (and to a lesser extent, macOS and Linux). SCCM helps with:

Key Features:

• Software Deployment: Install applications or updates across many computers from a central point.
• Operating System Deployment (OSD): Automate the installation of Windows on machines, useful for imaging new hardware or rebuilding systems.
• Patch Management: Manage and deploy Microsoft and third-party security updates.
• Hardware & Software Inventory: Collect detailed information about devices and installed software.
• Remote Control: Take remote control of managed computers for support or troubleshooting.
• Compliance Settings: Ensure that systems meet specific configuration or security standards.
• Endpoint Protection: Integrates with Microsoft Defender for antivirus and malware protection.

SCCM is now called: Microsoft Endpoint Configuration Manager — it’s part of Microsoft Endpoint Manager, alongside Intune (a cloud-based mobile device management tool).

SCCM vs. Intune: Feature Comparison

When to Use SCCM

• You manage on-premise desktops and servers.
• You need complex OS deployment (imaging, task sequences).
• You require granular control over software and update deployment.

When to Use Intune

• You manage mobile devices and laptops, especially for remote or hybrid workers.
• You want a cloud-native approach with no need for on-prem infrastructure.
• You’re using Azure AD and Microsoft 365.

Best of Both Worlds: Co-Management

• Microsoft supports co-management, where SCCM and Intune work together. For example:
• Use SCCM for patching and OS deployment.
• Use Intune for mobile device management and cloud policies.

Installing SCCM

Installing SCCM (System Center Configuration Manager), now known as Microsoft Endpoint Configuration Manager (MECM), requires several prerequisites, including a well-prepared infrastructure and specific software/hardware requirements. Here’s a step-by-step guide with requirements and installation overview.

1. Hardware Minimum Requirement
   • CPU: Quad-core 2.0 GHz+
   • RAM: 8 GB
   • Disk: 250 GB
   • Network: 1Gbps NIC
2. Software Requirement
   • Windows Server 2019 or later ‘Active Directory, schema must be extended for SCCM’
   • SQL Server 2019 or 2022 ‘Must be install before SCCM on Windows Server machine’
   • Microsoft .Net Framework 4.8+
   • Windows ADK (Assessment and Deployment Kit)
   • Windows PE Add-on
   • WSUS ‘For Software Updates’
   • BITS, IIS, Remote Differential Compression (RDC)

Step-by-Step Installation Overview

1. Extend the Active Directory Schema
   • Download SCCM, https://www.microsoft.com/en-us/evalcenter/evaluate-microsoft-endpoint-configuration-manager
   • Install the SCCM.exe and mount the installation folder
   • Open Command Prompt ad Administrator > Navigate to the folder containing extadsch.exe.

cd <path_to_sccm_setup_files>\SMSSETUP\BIN\X64

extadsch.exe

1. • Check the schema extension result, C:\ExtAdSch
   • Create the System Management Container, ‘This is where SCCM stores information like site configuration, boundaries, etc. It must be created manually’
     • Open Active Directory Users and Computers > Enable Advanced Features ‘Go to the View menu → check Advanced Features’
     • Press Win + R > type adsiedit.msc > press Enter
     • In the left pane, right-click ADSI Edit > Connect to ‘Leave the defaults’
     • Navigate to,  CN=System,DC=YourDomain,DC=com > CN=System > right click > New > Object
     • Choose Container,  click Next
     • Name it exactly System Management > click Finish
   • Delegate Permissions to SCCM Site Server ‘You must allow the SCCM server to publish to the container’
     • In Active Directory Users and Computers, go to System > Right-click “System Management” > Properties > Security tab
     • Click Add > Add the SCCM Server’s Computer name (e.g. ‘dc’ on which server we are going to install SCCM) > Grant the permissions ‘Full Control’ > click OK to Apply > on the same page, click Advanced > select the SCCM computer name ‘dc’ > Edit > select ‘This object and all descendant objects’ on Applies to > OK
2. Install SQL Server and SQL Server Management Studio
   • Install SQL Server 2019/2022 with required features
     • Database Engine
     • Reporting Services (optional)
   • Configure memory limits and service accounts
   • Ensure SQL ports (default 1433) are open
3. Install Windows ADK + PE Add-on
   • Download ADK+PE Add-on from Microsoft Website, ‘ADK: https://go.microsoft.com/fwlink/?linkid=2289980 PE Add-on: https://go.microsoft.com/fwlink/?linkid=2289981‘
   • Open ADK and install
     • Deployment Tools
     • User State Migration Tool (USMT)
     • Windows PE add-on ‘separate installer’
4. Install SCCM (Primary Site)
   before installing SCCM you need know about, Types of Sites and Site Roles in SCCM.
   • Types of Sites in SCCM: there are three types of sites, each serving a specific role in the hierarchy. Understanding site types is critical for designing your SCCM infrastructure.
     1. Central Administration Site (CAS): Used in large enterprise environments with multiple primary sites. This type is used if you have a global organization with different primary sites for different regions.
        • Top of the SCCM hierarchy.
        • Manages configuration and reporting for all child primary sites.
        • Does not manage clients directly.
        • Required only if you have more than one primary site.
     2. Primary Site: Manages clients and handles content distribution and client communication. This type is used if you have a data center or office that needs to manage its own set of clients (100+ recommended).
        • Can manage clients directly.
        • Stores data in SQL database.
        • Supports management points, distribution points, and software update points.
        • Can operate standalone or be child of CAS.
        • Recommended for mid to large environments.
     3. Secondary Site: Extends the capabilities of a primary site to remote or slow-link locations. This type is used if you have a branch office with slow WAN links, and you want local content distribution without full SCCM infrastructure.
   • SCCM Site Roles: SCCM has two categories of site roles, Core Site and Optional/ Extended site roles.
     1. Core Site Roles: Required for SCCM functionality and client management.
        • Site Server: The central component of the site — hosts the Configuration Manager services
        • Site System: A server where you install one or more site system roles
        • Component Server: Any server running an SCCM component or service (like Management Point)
        • Management Point (MP): Facilitates communication between clients and SCCM (client policy, inventory, status messages, etc.).
        • Distribution Point (DP): Stores content (apps, OS images, patches) for clients to download.
        • Software Update Point (SUP): Integrates with WSUS to deploy Microsoft updates.
     2. Optional/ Extended Site Roles
        • Fallback Status Point (FSP): Helps monitor client installation and identify communication issues.
        • Reporting Services Point (RSP): Enables reporting with SSRS (SQL Server Reporting Services).
        • Asset Intelligence Synchronization Point: Downloads asset intelligence catalog data from Microsoft.
        • Endpoint Protection Point (EPP): Integrates Microsoft Defender (or third-party AV) management into SCCM.
        • State Migration Point (SMP): Stores user state data during OS deployment.
        • Enrollment Point / Proxy Point: Used for mobile device and Mac enrollment (less common today)
        • Cloud Management Gateway (CMG): Allows management of internet-based clients via Azure.
   • Pre-requisites for Installation:
     • • Prereqchk.exe is Stand-alone application from the version of Configuration Manager that you want to use to verify server readiness.
       • Identifies and fixes problems that would block a site or site system role installation.
       • Open Command Prompt ad Administrator > Navigate to the folder containing Prereqchk.exe. ‘Be patient on running the prereqchk.exe, it will take about 15-30 minutes based on your computer CPU and RAM.’

     cd \SMSSETUP\BIN\X64 prereqchk.exe /? prereqchk.exe /LOCAL

     • • Read the errors and fixed all of them before installing SCCM.

     All the pre-requisites are installed, now let’s get start with the Setup wizard

     • • Run splash.hta from the installation folder to launch the installer.
       • Select Install > on Before You Begin page, select Next
       • Choose Install a Configuration Manager Primary site
       • On Product Keypage, type the license or select evaluation edition of this product for the lab purpose, Select Next
       • On Product License Terms, check all the boxes and select Next
       • Select Download required files, choose the location by clicking the Browse button ‘e.g. C:\SCCM’ select Next.
       • Select Language ‘e.g. English’, Select Next
       • Choose or create a site code ‘e.g., PR1’, and site name ‘Lumo365’, select Next.
       • On Primary Site Installation, select ‘Install the primary site as a stand-alone site’ , Select Next
       • On Database Information, leave default and select Next > select Next
       • On SMS Provider Setting, Leave default, Select Next
       • On Client Computer Communication Settings, select ‘Configure the communication method on each site system role’, select Next
       • On Site System Roles, leave default and select Next > Next > Next
       • On Service Connection Point Setup, leave default and select Next
       • Click Begin Install

     Verify the Installation

     • • Start > search for, Configuration Manager Console and open it
       • Go to Administration Module > Site Configuration > verify the ‘Sites’ and ‘Servers and Site System Roles’
       • Go to Monitoring > Overview > verify ‘Site Hierarchy ‘ and ‘System Status’ > verify the site
       • Go to Active Directory Users and Computers > System > Verify the ‘System Management‘