SCCM 2012 Rollout Issues

Overall, the SCCM 2012 migration at NCSU went better than can be expected.  That doesn’t mean that it was without issues.  Those are documented here in case other groups run into them:

  1. KB2552033 – This patch is needed in order for the SCCM 2012 Site Server not to crash randomly.
  2. WMF3/KB2506146 – The update to WMF 3 causes all sorts of issues with Management Points and ccmeval on clients. Fixed in SP1.
  3. AD Group Delta Discovery – Delta discovery in 2007r3 didn’t catch constructed attributes (like memberOf for groups) so Delta Discovery was sorta useless for Group changes, which is why we were running full discoveries multiple times per day.  This has changed with 2012, so we cranked back the full discoveries and let the delta’s do the work.  And we noticed things were getting missed.  If you are running cron jobs or using an IDM system that touches very large numbers of objects multiple times per day, then a given delta discovery will overrun its allotted interval.  If it does so, and the next delta doesn’t run, it misses things because the USNChanged (Universal Sequence Number) that its using for the first delta that isn’t overrun, isn’t the right one anymore.  So if you have alot of automation going on, don’t just trust the deltas.  Hopefully fixed in SP1.
  4. Windows 8 – We installed the 2012 non-SP1 agent on Windows 8 and Server 2012 and they seemed to work well enough.  There were 2 issues though. 1) Ccmeval.exe was causing intermittent client issues and 2) since there are no Windows 8/Server 2012 x86/x64 checkboxes in the Program requirements for deployment, any Packages we had split off the x86 and x64 versions (like SAS, AutoCad) would not deploy to Windows 8/2012.  Fixed in SP1.
  5. SQL Native Client – SCCM 2012 RTM uses the SQL 2008 SQL Native Client for the SMS provider to talk to the SQL server.  We’re running SQL 2008r2 sp2, which is supported by the 2008 (non-R2) native client.  But if you install the 2008r2 SQL Server Management Studio on the SMS provider server, it upgrades the SQL native client. And the next time you reboot the site server, the SMS provider won’t start.
  6. Permissions on All Systems – In order to populate the Deployments tab on a client or to view the Deployment Status under Monitoring, you need at least Read on the Package and the Collection that its deployed to (2007 had instance permissions for Advertisements).  This doesn’t work so well in a delegated permissions environment with centralized application packaging.  After you work through the permissions and roles, what you end up with is that in order for a departmental support person to see the Deployment status, they end up needing Read on All Systems.  Which, if you support 50 of 15000 machines, greatly complicates your console.  Hopefully fixed in SP1.
  7. In Place DP Upgrades – We have yet to have a distribution point that went through the in-place upgrade process finish converting all of the packages successfully.  For various reasons from falling off the network to taking a reeeeeeally long time and so forth.  So we’ve used the Distribution Point Configuration Status reporting view to find out what packages didn’t finish and then redistribute them to the DP.
  8. Removing NLB – We used NLB for load balancing our old Management Points (which also are distribution points).  When deleting the computer from the NLB cluster, it falls of the network completely, and we have to connect via the ILOM.  We were doing this as part of moving them from 2007 to 2012.