My name is Herbert Fuchs and together with other members of the Customer Success Unit and the Customer Service & Support Organization we want to help our Customers with This Blog-Series. We gathered information and put
our field and support experience into this. Special thanks to our contributors, reviewers and content-writers, Wilhelm Kocher, Anthony Fontanez, Emilian Bucur, Pavel Yurenev, Anderson Cassimiro and Madalina Zamfir.
In this Blog we want to explain what is necessary to change the Operating System of a Server which hosts the Configuration Manager through the High Availability Feature.
The High Availability Feature was very long requested since SCCM 2007 Times. We can set up a SQL-Cluster, install multiple Management Points, Distribution Points, SMS Provider – but all this never helped when the Site Server was down.
With the Microsoft Configuration Manager 1902 – we introduced this Feature the first time:
High availability – Configuration Manager | Microsoft Learn
Site server high availability – Configuration Manager | Microsoft Learn
This configuration is always Active/Passive, and one advantage is we do not need the Windows Cluster Feature – so this setup is easy, and the Operating System Layer is independent of each Node.
When you need to configure High Availability – always keep in mind that this is not a One-way-Road. So, the entire Eco-System should be designed like that otherwise it does not make sense to go on this route. A simplified Mind-Map will look like this:
In this Example we have SQL-Cluster for our Databases. A File-Cluster where we have our Content-Library and Package Sources. Multiple Management Points, Distribution Points, and Software Update Points. One Server which is hosting the Service Connector Role – which is necessary for our Configuration Manager Feature Updates and the Connection to our Cloud Services like Cloud Management Gateway, Endpoint Analytics, Intune.
Such a configuration brings of course new complexity – but some organizations have a requirement to define all their Services as High Availability. So, these kinds of configurations are not unusual.
High Availability Requirements
Here is a list of what is necessary to use High Availability Feature with Configuration Manager.
- Move Content Library to a File Share/Cluster
This must be an UNC-Path and both Site Servers require Full NTFS and Share Permission. The Trigger to move the Content Library can be done by the Console, WMI or the PowerShell Cmdlets
[String]$SiteCode = ‘FOX’
[String]$UNCPath = FILEMECMContentStore$($SiteCode)
$SiteObj = [WMIClass]”rootsmssite_$($SiteCode):SMS_Site”
Move-CMContentLibrary -SiteCode $SiteCode -NewLocation $UNCPath
You can monitor this progress in the DistMgr.log – If you have a big Content-Library of 2 TB and more – plan enough time for the move – Most of the time this is a weekend task.
- Remove the Distribution Point Role from the Site Server
The Active/Passive Site Server can host any role except the Distribution Point – if you run a Standalone Primary Site, you will need at least one additional Server acting as Distribution Point.
- Move SQL-Database to a dedicated SQL-Server/Cluster
- Install one additional Server which should act as Passive Node
- Install ConfigMgr PreReq for these Server (Features, WADK)
Site prerequisites – Configuration Manager | Microsoft Learn
- Add Site Role Passive-Site-Server through the Console Wizard or the CmdLet Add-CMPassiveSite
Add-CMPassiveSite (ConfigurationManager) – Configuration Manager | Microsoft Learn
The Site Server Installation Progress you can monitor in the Console or through the Log-Files SiteComp.log and ConfigMgrSetup.log
- Add Additional SMS Provider
Since Configuration Manager 2006 this will be done automatically for you.
- Relocate Service Connection Point to a different dedicated Server
- Try/Test a promote of the Passive Site Server
Here it is important to mention that the Site Component Manager will contact each Site System and reconfigure/instruct to use the new Active-Site-Server. Depending on your Site and complexity this can take a couple of minutes.
Determine Active/Passive Node
You can verify the Status of which Site Server is Active/Passive through the console. You can also verify this through the Registry, WMI or SQL:
Name: Site Servers
0 = Passive Node
1 = Active Node
-Class SMS_SCI_SysResUse / -View vSMS_SC_SysResUse_SDK
-Filter “RoleName=’SMS SITE SERVER‘”
ServerState 196611 = Node OK
1 = Active Node
0 = Passive Node
Planned / Unplanned Failover
Planned – Failover
Manual Task through the Console or Automation Script (for instance Orchestration Group)
Flowchart – promote site server – Configuration Manager | Microsoft Learn
Unplanned – Failover
If an Active-Flagged Site Server is not reachable for 30 minutes an automatic Failover will occur
Flowchart – unplanned promotion – Configuration Manager | Microsoft Learn
Summary & Thoughts
Even if this Feature was originally designed to ensure High Availability of a Site, we can use it to keep our Operating System to the latest Version. As mentioned above, we do not rely on the Windows Cluster Feature. So, you can install a new Passive Site Server with a newer Operating System, with a new Name aligning to a newly introduced Name-Convention. If the prerequisites are in place – the Operation Risk is quite low compared to In-place Upgrade or Disaster Recovery – when you face issues you can fallback to your original Site Server. Once the new Site Server is working you can demote the old Site Server or do an In-place Upgrade if you want to keep High Availability Functionality. When the time comes you will do the same exercise again.
In the case you want to keep a High Availability Configuration, we also advise you to separate the Software Update Point to a different server – other than the Site Servers. In the case of a shared Software Update Point Configuration, it is necessary that each Software Update Point has the same Operating System Version.
With this Feature you have another option to Lift and Shift to Microsoft Azure. The Microsoft Core Services Engineering and Operations Team used this Feature to move their Sites to Azure. You can find a tool in the cd.Latest Folder of your Configuration Manager Installation, ExtendMigrateToAzure.exe, which gives you a nice UI (user interfaces) to set up a Passive Site Server in Azure. You will find more details here:
Extend and Migrate an on-premises site to Microsoft Azure – Configuration Manager | Microsoft Learn
To summarize – if the prerequisites are in place – this method gives us an easy option to change the Operating System of our Site Server to a newer Version. Bigger Environments, most of the time, already split workloads to different servers. However, if you are running a Standalone Primary Site, you might not need High Availability in General, setting up additional Servers – at least 3 (SQL, Passive Site, DP), Maintenance and License Cost come into mind. So, this might be too much affordable only to have your Configuration Manager Site on the latest Operating System Version. So, you will probably look more at the options, In-place-Upgrade, Disaster Recovery, Site by Site Migration.
We hope this Blog clarified High Availability in Configuration Manager, and helps you to come to a decision, if you must change the Operating System of your Configuration Manager.
The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.