Special Edition, Using Microsoft BackOffice, Ch. 25

25 - Preparing for SMS

by Don Benage

  • Explore the features of Systems Management Server (SMS) - Learn about the features and characteristics of this member of the BackOffice suite.

  • Learn how servers are organized in a site hierarchy - Discover how SMS sites relate to Windows NT domains. Learn about the different roles that servers can play in an SMS site.

  • Examine the components of SMS Servers - Find out what this product can provide your organization. Learn about its advanced features that go well beyond basic software distribution and inventory.

  • Examine the components of SMS Clients - Explore the features of the SMS client applications. Learn how they work synergistically with server components to help you manage your network.


With the advent of distributed, heterogeneous networking in the enterprise environment, the installation, management, and maintenance of software packages has become a major cost issue for organizations. In addition, network management has become increasingly difficult as the complexity of the enterprise network has increased.

Microsoft Systems Management Server (SMS) is a key component of the Microsoft BackOffice suite of server-based applications. SMS provides system administrators with the ability to do the following:

  • Collect and maintain an inventory of computer hardware and software

  • Perform distribution, installation, and configuration of software packages

  • Manage server-based, networked applications

  • Perform network protocol and traffic analysis

  • Perform remote diagnosis of network problems and troubleshooting of networked desktop PCs

The Microsoft SMS system provides network administrators with a centrally managed enterprise network solution that allows for the execution of the these functions from a single Windows NT-based computer.

In this chapter, you learn what the term systems management means. You also learn the key features of Microsoft SMS and how this product can be used to address systems management requirements for an enterprise-wide network. You explore the components of SMS and learn how SMS components can be linked into a hierarchy of servers and client workstations that encompasses the entire enterprise network. In addition, you learn about the various roles servers play in an SMS environment, and the work they perform. At the end of this chapter, you will be fully prepared to install SMS and begin using it to make network management easier.

It is tempting to skip the planning stage and jump right in to the setup program. Don't do it. SMS is a sophisticated product with more than a dozen major components. With a little planning, setting up SMS is not a difficult job. But if you skip the planning stage, you will almost certainly need to repeat much of the work a second time after repairing mistakes.

If your schedule permits, set up SMS for the first time in a test environment on a separate network segment not attached to your corporate network. Some of the decisions you make during the setup process can have a profound impact on the network, and SMS has options to automatically install itself on all the computers in your enterprise. By exercising caution until you have spent some time learning about SMS, you can avoid initiating an unwanted operation that impacts most or all of your network.


Be careful with two options in particular. Automatically detecting logon servers and automatically configuring workstation logon scripts are operations that can have an enormous impact on your network. These features can even reach across routers to other geographic locations! When you are ready for them, these two capabilities can save you hours of work and are a powerful feature of SMS. By default, these options are turned off.

It is unrealistic to assume that you can install SMS on a large enterprise network and begin aggressively using all its functionality immediately. A measured approach to implementation is generally more successful. First, spend a little time working with SMS in a lab environment to familiarize yourself with its operation and test compatibility with your desktop computers and application suite. Then, set up a central site server and add a single logon server and a few workstations to the site. Set up a few packages for inventory only. After a day or two, set up a package for distribution and installation on a few workstations. Review the log files to see what is reported. If all goes well, you can quickly add other servers and workstations to the SMS system.

SMS uses another BackOffice component, SQL Server, as the repository for all the information it collects and manages. Although you don't need to be an expert on SQL Server to use SMS, it is important that you be able to back up and restore the information collected by SMS in case of a computer failure or other catastrophic event.

In addition to SQL Server administration, the full use of SMS delivers features that impact a number of different areas in network administration. It therefore requires expertise in these different areas. It may be appropriate to involve a team of people with a variety of skills to work together with SMS. For example, SMS can automate the installation of software packages. However, you must still be familiar with the process of manually installing software on a single machine to effectively use SMS to automate software installation.

See "Backup (Dump) Devices," (Ch. 18)

Understanding Systems Management

The management of both large and small networks requires the network administrator to perform certain tasks. Many of these tasks are time consuming and repetitive. They can cause systems to be unavailable while the work is performed, adding to the cost of the operation.

The Desktop Management Task Force (DMTF) is an advisory council formed through the collaboration of computer industry organizations for the purpose of delivering an open standard for the management of networked desktop systems. The goal of these standards is to enable the creation of products to simplify network administration and to control the prohibitive costs of managing a network.

Another standard established for the purpose of managing networks is the Simple Network Management Protocol (SNMP) developed primarily by the UNIX-based community to monitor and troubleshoot routers and bridges. SNMP provides a mechanism for viewing and correcting problems with networked environments, independent of the diverse hardware platforms and networking software implementations.

As networks become more and more distributed and heterogeneous, the need for a uniform, standards-based network management strategy becomes evident. Standards like SNMP and the work of the DMTF have laid the foundations necessary for managing large, complex networks. Until recently, however, available products focused on the networking components themselves and did not allow management and control of desktop PCs.

Exploring Systems Management Server

Microsoft SMS is a key component of the Microsoft BackOffice suite that allows system administrators to perform centralized administration of networked desktop PCs.

SMS supports a variety of industry standards. By supporting these standards, Microsoft has made it possible for other companies like Digital Equipment Corporation (DEC) and Hewlett-Packard (HP) to build upon the basic functionality of SMS and add important additional functionality. Some standards supported and used by SMS include the following:

  • Desktop Management Interface (DMI) standard defined by the DMTF

  • Management Information File (MIF) standard defined by the DMTF

  • Simple Network Management Protocol (SNMP) using the Windows NT SNMP Service

  • NetView by IBM using the SNA Server NetView Alert Service

The integration of BackOffice applications is evident in the design of SMS. It is implemented as a set of Windows NT Server services, with complimentary client applications and administrative utilities. SMS also leverages services built into the base server operating system to perform a multitude of functions. It takes advantage of Windows NT Server services such as the Replicator Service, Remote Access Service, and the Server Service. The SMS Administrator tool complements standard tools like User Manager for Domains, Event Viewer, Server Manager, and File Manager to provide a powerful set of utilities for system management. Figure 25.1 depicts the relationship of SMS to other BackOffice components.

Fig. 25.1 - SMS is tightly integrated with other Microsoft BackOffice components.

SMS is tightly integrated with other components in the BackOffice suite. It uses SNA Server for sending information over SNA-based communication links to other sites on the enterprise network using site-to-site communications. It also uses the SQL Server relational database to store its system configuration information, inventory information, network topology, and software package distribution information.

By creating custom MIFs on desktop computers, it is possible to include additional information in the SQL Server database specific to your organization. You can, for example, include the location of a computer, the name of the person who normally uses it, and that person's phone number with the inventory information for a particular computer. SMS includes two sample applications for creating MIFs.

Because SMS uses SQL Server as its data repository, it is possible to create applications and custom reports based on SMS information. A large number of applications and development tools have been created to access and manipulate information in SQL Server databases. A full range of tools, from easy to complex, is available. You can add to the information stored in your database and use a broad range of tools to display forms and print reports based on that information.

SMS can manage networks of all sizes and shapes. Whether the organization is comprised of a simple 20-node local area network (LAN) or a large-scale wide area network (WAN), SMS provides the tools to effectively manage the environment. SMS is capable of administering a broad base of platforms including the following:

  • Windows NT Server

  • Novell NetWare

  • LAN Manager

  • Windows NT Workstation

  • Windows 95

  • Windows for Workgroups

  • Windows

  • MS-DOS

  • IBM OS/2

  • Apple Macintosh

SMS allows administrators to perform all tasks from a central location using a single Windows NT-based machine. You can run the SMS Administrator directly on an SMS server or on computers running Windows NT Workstation. You must set up your central site server and any other primary site servers manually. You must also configure the communications components and special SMS services called senders that move information between sites. After these steps are complete, the rest of the SMS installation can be automated.

See "Setting Up Your Site," (Ch. 26)

Surveying Features in Microsoft SMS

The SMS system provides a comprehensive set of features for managing the networked desktop environment within the enterprise. To allow network administrators to perform effective systems management, SMS offers the following features and functions (see fig. 25.2):

  • Hardware and software inventory

  • Management of applications that are run from servers

  • Software distribution and installation

  • Remote control of client workstations and other troubleshooting utilities

Fig. 25.2 - This figure depicts the major features of Microsoft SMS.

Computer Systems Inventory

The SMS database maintains an inventory of all computers on the network - both servers and desktop computers. As part of the inventory collection process, SMS gathers and stores information about the items in the following list. Although this list is representative of SMS's capabilities, SMS will recognize other components.

  • Central Processing Unit (CPU), for example, Pentium, 486, 386, and so on

  • Random-Access Memory (RAM)

  • Hard disk drives, their sizes and the amount of storage space used and available

  • Video display device

  • Mouse or other pointing device

  • CD-ROM drives

  • Network adapters

  • Operating system used by the computer

You can separately control when hardware and software inventory information is collected. The hardware inventory scan is very fast. The exact time varies depending on the specific computer, but it is typically three to eight seconds. Because it is so fast, it is common to let SMS scan hardware daily or even each time the user logs on to the network. Software inventory can take considerably longer because the hard disk drives must be scanned. On a large hard disk, this can take more than 30 seconds. Consider scanning for software only once a month to avoid antagonizing users. The flow of information during inventory collection is depicted in figure 25.3.

Fig. 25.3 - The flow of information during the computer systems inventory process.

It is not necessary to explicitly add computers to the SMS database. If you want, SMS automatically detects all logon servers and updates the logon scripts of all users on the network. Then, as users log on, it detects, collects, and stores inventory information about their computers. If you prefer, you can manually add selected servers and update the logon scripts of selected users.

As a user logs on to an SMS administered network, SMS collects inventory information about the computer and processes it, eventually storing the information in its SQL Server database. The SMS system then allows administrators to view inventory information about the computers on the network using the SMS Administrator. Administrators can also develop and execute custom queries against the SMS database to obtain inventory information.

Software (Package) Distribution to Desktop PCs

As the size of the enterprise network grows, you need to have an effective method of distributing software to network users. The SMS system provides the capability to perform software distribution, installation, and maintenance in a timely and cost-effective manner. The other capabilities that SMS includes, such as inventory, also aid in the implementation of a software distribution and installation strategy.


Administrators can query the inventory database to determine which computers on the network have the necessary disk space available to install a software package.

SMS gives you the capability to automatically distribute, install, and configure software through the use of packages. Packages are made up of information about a software application and how to install it. This information may include custom scripts that perform installation tasks. The distribution and installation of software applications is shown in figure 25.4.

Fig. 25.4 - The software distribution and installation process.

An SMS package can be used to distribute:

  • Commercial software

  • Custom software

  • Version upgrades of currently installed software

  • Virus detection software

  • Data files

  • Updated HTML pages for an Internet Information Server

  • Batch files used to perform system administration tasks

Two methods are used for software installation on client workstations. A client-based utility called the Package Command Manager displays a menu of available commands that can be run on a workstation. You can force the installation of a package, or one or more applications can be selectively installed. Using the first method, the new software is automatically installed on the user's PC the next time the user logs on. The SMS administrator may also specify that a package installation should not be forced if the user is currently connected to the network over a slow link such as a dial-up line. Using the second method, users are given the option of installing the software at their convenience. The second method also allows users to reject software installations they do not want.


Although SMS provides network administrators with a powerful mechanism for distributing and installing applications, it is still important to follow the guidelines for software licensing agreements provided by various software vendors.

Management of Networked Applications

SMS also provides a means of distributing and installing packages on servers (see fig. 25.5). Once installed, they can be run as shared applications from client PCs. SMS also provides the capability to offer these applications to one or more groups of users defined in the Windows NT user account database. As these users log on to the network, icons for the shared applications will be dynamically added to their Windows desktop. This capability is called Program Group Control.


Program Group Control is only available for computers using Program Manager. Because Program Manager is not used by most Windows 95 users, Program Group Control is not generally available on Windows 95 PCs.

Fig. 25.5 - The flow of information for distributing applications to distribution servers for subsequent use by networked workstations.

Networked applications offer users the following advantages:

  • A central location for all user application software makes it easier to update or change.

  • Availability of applications is based on user groups, not on the PC being used. Therefore, if a particular user moves from one computer to another, the applications that she uses moves with her.

  • The capability to use multiple servers as network application servers helps to balance network load.


The networked application environment presents administrators with added challenges in terms of complying with software licensing agreements. Using Windows NT Server, it is possible to specify the maximum number of users who can connect to a shared directory. Care should be taken to make sure that enough licenses are available for all potential users of a software package.

Network Protocol Analysis

The Network Monitor utility allows the SMS network administrator to monitor the information sent over the network cable for analysis of network traffic and troubleshooting network problems. Figure 25.6 shows a typical display as network information is being captured for analysis.

Fig. 25.6 - The Network Monitor can be used to perform network protocol analysis.

Network protocol analysis allows the network administrator to "see" the packets of information transmitted on the network cable. This information can be used to develop historical data on network usage and analyze network traffic flow for better utilization of the network. By studying the information provided by Network Monitor, the network administrator can make informed decisions on how the network could be re-routed to alleviate congestion in certain areas and to better tune the performance of network operations. In addition, problems with a connection or interaction between two specific machines can be investigated in greater detail.

Remote Diagnosis and Troubleshooting

The Help Desk utilities provided with SMS allow the network administrator to remotely connect to client PCs and gain control of the mouse and keyboard for troubleshooting purposes (see fig. 25.7). They also allow the network administrator to perform the following functions:

  • Remote reboot of client PCs

  • Chat with a remote user by interactively typing messages to each other (useful when you are helping a user without access to a phone)

  • Execute a program on a remote client PC

  • Obtain information about memory usage in a client PC as programs are executing

  • List device drivers loaded into memory

  • Define alerts for reporting problems and system failures

  • Enable the creation of trace logs to provide a detailed log of SMS system activity and errors


The Remote Control utility can be used as a means for providing quick user training sessions. By taking control of the client PC's mouse and keyboard, the user can be walked through learning to use a new software application. This is only practical for brief tutorials.

Fig. 25.7 - The Remote Control utility from the Help Desk tools can be used from an administrative console on Windows NT Workstation or Windows NT Server to operate the mouse and keyboard of another workstation on the network. The remote computer's display is visible inside the window with the striped border.

Now that you have been given an overview of SMS and its capabilities, the features and functions of this powerful product will be explored in detail.

Understanding Sites and Domains

In Chapter 4, "Becoming Part of the Enterprise," you learned about Windows NT domains and some of the organizational structures that various BackOffice products use. In this chapter, the site hierarchy used by SMS is discussed. The relationship between sites and domains is also explored.

SMS sites do not necessarily correspond directly to Windows NT domains. It may be logical, and convenient, to set up SMS sites to correspond exactly to domains, but it is not required. For example, you may have a single SMS site span multiple Windows NT domains, as illustrated in figure 25.8.

Fig. 25.8 - This figure depicts an SMS site spanning three domains.

If you are using a master domain model, it is common to have a master domain server at each geographic location. This may entail having servers from the master domain belonging to many SMS sites, as illustrated in figure 25.9. Such a configuration would make sense if you need only one domain for security, but would like to have multiple SMS sites subject to separate systems management control. Domains are created to enforce security. Sites are created to enable systems management. These two functions may or may not correspond.

See "Understanding BackOffice Structures for Organizing Servers," (Ch. 4)

Fig. 25.9 - A Windows NT domain can encompass several SMS sites.


If you want to implement the Use All Detected Servers option, which can be a convenient way to add servers to a site, you cannot have different servers from a single domain belong to multiple sites. This option detects all servers within the domain that contains the site server where the option is set and adds them to the site. If some of the servers belong to different sites, a serious configuration problem will occur.

An Overview of the Site Hierarchy

Two distinct types of sites used by SMS: primary sites and secondary sites. A primary site has its own SQL Server database, and a secondary site does not. A secondary site must be linked to a primary site in a parent/child relationship. A primary site uses SQL Server to store information about itself and any secondary sites to which it is linked. A primary site doesn't necessarily have secondary (child) sites, but secondary sites, if they exist, must be linked to a primary (parent) site.

A primary site may also be linked to other primary sites. In this case, one primary will be the child of another primary. Every SMS installation has one central site. This is the primary site at the top of the hierarchy. All other sites, primary and secondary, are linked to the central site. All information about the entire SMS system is transmitted to the central site. Information in the SMS hierarchy flows upstream and is eventually reported to the central site. An administrator of the central site can manage systems anywhere in the SMS system. An administrator of a primary site farther down in the hierarchy can manage that primary site and any child sites, but has no ability to manage the parent site.

The main reason for creating a primary site with its own database is to allow that site, and any child sites, to be managed as a separate entity. If you want to separate administrative duties for a subset of your network, you can create a primary site, and possibly one or more secondary sites, that encompass the computers you want to manage separately. You can then assign administrative control of that primary site to an individual or group.

A secondary site is needed when you have a group of computers at a geographic location that does not require a separate administrator, but does need to be managed as a distinct entity. By creating a secondary site that encompasses these computers, they can be managed by the administrators of the primary site, but can still be treated separately. The installation of a software package, for example, could be scheduled for only the secondary site.


Each site is designated by a three character code. The codes are arbitrary and are not case-sensitive, but they must be unique across the entire SMS enterprise. One individual or administrative group should be responsible for assigning site codes to avoid conflicts. If you are setting up a site that needs to be added to an existing SMS system, get a site code from an administrator of that system.

Understanding Different Server Roles

A large enterprise network has many servers performing different tasks. SMS allows you to use multiple servers to perform the work required. This helps to avoid single points of failure and allows the SMS system to span large geographic areas with many servers and desktop PCs. It also gives the designer of the SMS system a great deal of flexibility when deciding what resources are required and how to implement different elements of the SMS system.

A number of different roles are filled by server-based components. These different components work in harmony to perform systems management tasks. A particular server may be dedicated to performing only SMS tasks, or SMS components may be added to a server already in place and doing other work. The right choices regarding configuration and sizing of servers can only be made by analyzing the work to be done. See "Sizing Your Server" later in this chapter.

SQL Server

As you already learned, SMS stores all its information in a SQL Server database. This may be an existing SQL server, or a new server set up just to support SMS. It may be located on the same machine that is used as the primary site server or on a separate machine.

Primary Site Server

Primary site servers must be installed from the distribution media, either diskettes or CD-ROM. You can think of the primary site server as the hub of activity in an SMS site. Most of the server-based services that perform the work of SMS will reside on the site server. A directory structure is set up on the hard disk drive you specify to be used as a work area as SMS processes jobs, to store information in interim form before it is moved to the SQL Server database and to maintain some configuration information about the site.

Secondary Site Server

Secondary site servers are similar to primary site servers but there are differences. No SQL Server database is at a secondary site, so all information is forwarded to the parent primary site rather than stored in a local database. The administration tools are not installed on secondary site servers because there is no local administrative capability. Secondary site servers can be automatically installed from a primary site server without using the distribution media.

Logon Servers

A server that contains logon scripts, processes user logon requests, and is added to the SMS site is called a logon server. It is used as a temporary repository for inventory collection. As users log on to the network and their computer is scanned, the resulting inventory information is placed in a subdirectory on the logon server. By modifying users' logon scripts, either manually or automatically, you can control which computers are added to the SMS system. A logon server can also act as a distribution server.

Distribution Servers

A distribution server has two primary functions: a temporary repository for package distribution and the location for shared network-based applications. Packages set up to be installed on desktop computers (workstations) first are stored on a distribution server. If the SMS system has been properly designed, the distribution server for a particular workstation will be located on the same high-speed network segment. A logon server may also be a distribution server.

Helper Servers for Running Senders or Other Services

The server-based components of SMS are implemented primarily as services. Six primary services process SMS tasks. By default, they are installed on the site server. SMS also includes components designed to move information from one site to another called senders. Each sender type is designed to move information over a particular type of link. The three types of senders are as follows:

  • LAN senders

  • RAS senders

  • SNA senders

You do not need to understand the functions performed by these services to effectively use SMS. However, the more you understand about their operation, the better you will be at troubleshooting problems. Perhaps the most important thing to know is that it is possible to move some of the services off the site server to a helper server. If the workload placed on your site server is too great, you can reconfigure your site so that some services are relocated to another server with available processing power. Senders are particularly good candidates for location on a separate server. Helper servers must also be logon servers.

Understanding Machine Groups

In some situations, it is useful to select particular computers and group them together for systems management functions. Such a collection is called a machine group. For example, in a large corporation, members of the Audit department might be dispersed throughout the organization. The computers used by these individuals would require the use of different applications from those being used by most of the people around them. By placing these computers into a machine group, you can schedule the automatic installation of software for all auditors wherever they may be physically located.

Organizing Your Enterprise

Now that you know more about the components of an SMS system, it is important that you spend some time planning. Think about what you want SMS to do for your organization. Here is a short list of the questions you should be able to answer:

  • Will you be using SMS to collect and maintain inventory information?

  • Will you want to use SMS to distribute and install applications?

  • How many applications need to be installed?

  • What size are the applications and how often will you need to install or upgrade your applications?

  • How many computers do you have?

  • How fast is your network?

  • What is the current bandwidth utilization on your network?

Geographically

As you plan your SMS system, it is very helpful to have a diagram of your network that shows wide-area links (bridges, routers, brouters, and network hubs) and clearly identifies slower links that could become bottlenecks. Indicate the type of link (LAN, RAS, or SNA) between network segments. It is a good idea to show on the diagram the number of computers and users on each network segment. Also indicate where administrators are located and areas that need to be managed autonomously. If your network has redundant components or areas particularly likely to be cut off from the enterprise network in case of a component failure, indicate it on the diagram. A sample diagram is shown in figure 25.10.

Fig. 25.10 - This figure depicts a sample network diagram showing the geographical relationship of various network components.

Functionally

To your existing geographic map, overlay functional considerations. Try to map groups of users with similar computing platforms and needs. Don't forget to indicate the smaller, special purpose groups that may have special needs. As you estimate application needs, the frequency of update information, and the size of the information to be distributed, you can better decide where to place distribution servers and senders.

Sizing Your Server

Microsoft provides guidelines for sizing your server(s) on the BackOffice CD. In addition, guidelines regarding system requirements are included with BackOffice components that have been purchased separately. Chapter 3, "Preparing to Implement Microsoft BackOffice," contains a detailed discussion about sizing BackOffice servers.

Some useful rules of thumb regarding the resources needed for different server roles are presented in the following list. These should be viewed only as guidelines.

  • SMS does not generally make heavy demands on a SQL Server database. It may be possible to use an existing database server or add other work to a SQL Server established for SMS at a later date. For better performance, the SQL Server should be installed on a different computer than the primary site server.

  • Primary site servers run a number of server-based services. During package distribution, compression is used to minimize the amount of information to be transmitted. These are processor-intensive tasks. Primary site servers, therefore, will benefit substantially from multiple processors.

  • The work performed by primary site servers also benefits from the addition of RAM. Use the system requirements given by Microsoft as absolute minimums. If your budget can support it, and especially if you intend to use SMS aggressively, additional RAM is an excellent investment.

Now that you've learned about the hierarchy in an SMS system and the different types of servers, it is important to understand the components of SMS that are installed on the servers and clients. These are the server-based services, administrative utilities, and client-based applications that actually perform the work of the SMS system.

Understanding Server Components

Most of the components that make up an SMS system are Windows NT services that run in background mode on a server. An overview of these services is presented in this section to aid your understanding of SMS processes.

See "A Flexible Set of Services," (Ch. 2)

SMS Services

SMS includes these services:

  • SMS Executive

  • SMS Site Hierarchy Manager

  • SMS Site Configuration Manager

  • Package Command Manager

  • Inventory Agent

  • SMS SNA Receiver (if an SNA Sender is installed)

The SMS Executive is itself made up of component parts that can be controlled separately, or as a group. The following components make up the SMS Executive:

  • Inventory Data Loader

  • Inventory Processor

  • Despooler

  • Scheduler

  • Applications Manager

  • Maintenance Manager

  • SMS Alerter

  • Site Reporter

  • LAN Sender

  • RAS Sender (if installed)

  • SNA Sender (if installed)

The first four items can be moved to a helper server if you want to off-load some of the processing from the site server. If one or more of these services are installed on a helper server, the SMS Executive will also be installed, and they will run as components of the SMS Executive on the helper server.

SMS Service Manager

The SMS Service Manager (see fig. 25.11) is the utility that gives you the greatest level of control over the execution state of individual services and components of the SMS Executive. Using the Services applet in the Control Panel you must start and stop all the SMS Executive components as a group. With the SMS Service Manager, you can start, stop, pause, and continue all SMS services, and the components of the SMS Executive can be controlled individually. You can also enable or disable tracing for the individual services.

Fig. 25.11 - The SMS Service Manager can be used to control the individual server-based services that make up SMS.

The standard Windows NT tools for controlling services can be used to control SMS services also. These two tools are the Server Manager, which can control services on the local or remote servers, and the Services applet in the Control Panel, which can control services only on the local computer. Neither of these tools can separately control the individual components of the SMS Executive. Only the SMS Service Manager offers that level of control.

Although the SMS Service Manager lets you turn the services of SMS on or off, another tool, the SMS Administrator, allows you to assign work to the SMS system and to monitor the status of the jobs you create.

SMS Administrator

A common misconception among those new to SMS is that the SMS Administrator program does the work of SMS. The SMS Administrator is not the workhorse of SMS. It is a powerful program that lets you create packages and jobs that are then carried out by the various SMS services. The SMS Administrator (see fig. 25.12) also allows you to view much of the information stored in the SQL database used by SMS. But the SMS services act as the "engines" of an SMS system.

Fig. 25.12 - The SMS Administrator is used to manage all facets of the SMS system.

You can think of the SMS Administrator as the "master control panel" for the SMS system. You can use it to set properties of sites and initiate the many tasks that SMS executes for you. The next five sections describe some of the things that you can create or define with the SMS Administrator.

Packages

A package is an object that you define using the SMS Administrator. It defines an application or arbitrary group of files to the SMS system. A package can optionally have up to three separate purposes. You can define a package for inventory, for installation on a desktop PC, or for installation and sharing on a network server.

The package includes information about the application's configuration. Depending on the type of package you have created, the package may also include the location of the files that make up the application and information about how to identify the package for inventory purposes.

Microsoft has included some package definition files (PDFs) with SMS. These text files contain settings for each of the three areas of package definition. You can import these PDFs to quickly define packages for popular applications from Microsoft. There are also PDFs for operating systems from Microsoft.

Jobs

Jobs are composed of instructions for the SMS system to carry out. The system itself creates some jobs to accomplish tasks, and you can define jobs to manipulate packages. You can think of a job as a package combined with a target for installation and a schedule.

The target you select for package installation may be chosen in several ways. You can select an individual desktop PC, a single server, or an entire site. You may also use a machine group as the target for a job. You can even create a query that selects a subset of the site and uses the resulting group of computers as the target for your job.

With many applications you run on computers, you get almost instant results. Most of the jobs you create using SMS happen more slowly, over a period of minutes, hours, or even days. Using the SMS Administrator program, you can track the status of your jobs. By checking the status of jobs and by reviewing updated inventory information, you can verify the current condition of your SMS system.

Program Groups

If you have installed and shared network-based applications, you can create program groups and assign them to particular groups of users. You can assign a program group, with icons for the applications that you have shared, to groups of users defined in a Windows NT Server or NetWare user account database. When users in these groups log on to the network, a Program Manager program group is built dynamically. If the user logs off one computer and logs on to another, the shared application icons follow him to the new desktop.

This capability is only available on computers running Windows, Windows for Workgroups, and Windows NT. To provide the dynamic building of groups on the desktop, you must be running the Program Group Control utility on the client computer. See "Understanding the Client Components of SMS" later in this chapter.

Queries

Queries are one of the most powerful features of the SMS system. After you set up SMS, it takes a period of time before the inventory information on all computers you have added to the system has been collected. For various reasons (vacations, illnesses, and so on), it usually takes from one to two weeks before the system has an accurate description of all machines in the system.

After SMS has been operational long enough to have a complete inventory, you can use queries to answer many interesting questions. Here are some sample queries that SMS is capable of answering:

  • Which computers are currently running Microsoft Word version 6.0?

  • How many computers have an Intel 486 processor?

  • How many computers have 16M of RAM installed?

  • Which computers have more than 30M of available disk space on their hard disk drive and are running Microsoft Excel version 4.0?

It doesn't take much imagination to see how useful this capability can be. Without a system like SMS, these questions are so time-consuming to answer that they usually don't get asked. In a large enterprise network, by the time an answer is developed (over a period of days or weeks) it is already out of date and incorrect. SMS gives you up-to-the-minute answers quickly and easily.

Experiment with this capability and use it to your fullest advantage. It is one of the best examples of the leverage you get by installing SMS. After you set up your SMS system, which admittedly takes a significant amount of effort, you are repaid for your work by being able to do things you couldn't do before. With your SMS system is in place, it should take less than five minutes to answer any of the preceding sample questions.

Alerts

Alerts provide the administrator of an SMS system with a powerful tool for automated management. Alerts are based on queries. You define a query that will quantify an area of interest. For example, if your organization owns licenses for one hundred copies of Microsoft Excel, you could define a query to count the number of machines that have Excel installed. Then you could create an alert that would notify you if the hit count is greater than one hundred. The alert can create an entry in a log, execute a command line, or send a message to a particular user or computer.

Like queries, alerts are powerful tools that are often overlooked. It is common to get so focused on installing software and monitoring inventory that alerts are forgotten. Experiment with alerts, and you will discover how valuable they can be. They can help you find problem areas before users are inconvenienced or shut down and help keep your network operational.

Understanding the Client Components of SMS

In addition to server-based components and the objects created by the SMS Administrator program, a number of components that run on client workstations play an integral role in the SMS system. These components vary slightly depending on the type of client you are using. See Appendix B, "SMS Client Reference," in the SMS Administrator's Guide.

In general, the SMS client components are set up to run automatically. The administrator of an SMS system can use the SMS Administrator to make settings in the Clients dialog box that control what client components are loaded by default on workstations (see fig. 25.13). After these settings are made, the SMS system automatically sets up workstations that are added to the system.

Computers are usually added to the SMS system when a user at a particular computer logs on to the network with a logon script that has been changed to include SMS components. It is also possible to manually connect to the site server and run the client setup utility.

Fig. 25.13 - You can use the SMS Administrator program to set which client components are loaded by default.

Client Setup and Configuration

A number of logon scripts and programs handle the tasks of adding a workstation to the SMS system, setting up the client computer, and making sure that, on subsequent logons, it is still configured properly and no changes are required. In many SMS systems, these components can be automatically set up and run without the administrator needing to manually initiate their use. The components that play a role in setup and configuration are as follows:

  • SMSLS.BAT (or SMSLS.CMD for OS/2 computers). This is the SMS logon script. It initiates client involvement in the SMS system by calling the SETLS program, which sets the logon server for a client and starts the client setup program.

  • SETLS This program uses information from the SMSLS.INI file to choose a logon server. After a logon server has been chosen, the client setup and inventory agent programs can be run. The two versions of this program - SETLS16 and SETLS32 - support different types of clients.

  • Client Setup. There are three different versions of client setup. They are CLI_NT.EXE, CLI_DOS.EXE, and CLI_OS2.EXE. These utilities perform a myriad of services. Client setup sets up new clients, but it also takes care of upgrade, reconfiguration, and removal operations. Seven optional switches can be used to control this command.

  • SMSRUN. This utility creates program groups on the client and starts components that have been set to automatically start in the Clients dialog box of the site properties. The two versions of SMSRUN - SMSRUN16 and SMSRUN32 - support different types of clients.

  • SMSSVR. This utility is not installed on the client. It is run by a client from a logon server to upgrade or remove SMS components. It works in conjunction with the client setup program to complete these actions.

If this list seems a bit daunting, don't worry. You will not usually need to run these utilities manually. SMS is good at automating client installation. The one exception is the client setup program, which can be manually run from a workstation to include it in an SMS system without modifying any user logon scripts.

Inventory Agent

The Inventory Agent is responsible for scanning the hardware and (optionally) the software on a computer. It reports what it finds to the logon server. This information is then incorporated into the SMS database on the SQL Server being used by SMS. It can also collect files to be included in the database, for example, CONFIG.SYS.

Package Command Manager

The Package Command Manager (see fig. 25.14) is the component that initiates installation of software packages on client computers. It can automatically launch installation for mandatory packages or offer a menu of optional packages for selection by the user. A package can be set up so that it is optional for a period of time and then becomes mandatory.

Fig. 25.14 - The Package Command Manager on a Windows-based computer.

Program Group Control

Program Group Control is only available on computers running Windows, Windows for Workgroups, or Windows NT. This component uses two programs, APPSTART and APPCTL, to create Program Manager groups that include icons to launch shared, network-based applications (see fig. 25.15). These groups are dynamically built as the user logs on, based on the groups the user is a member of, and the assignments made by the administrator of the SMS system.

Fig. 25.15 - Program Manager groups can be dynamically created by Program Group Control.

When a user launches an application from one of these groups, Program Group Control is responsible for finding an available server from a list of servers that contain the shared application. It then connects to the server and launches the application. When the user exits the application, Program Group Control disconnects the client from the server.

Help Desk Options

There is a configuration utility (see fig. 25.16) that can be run on client PCs allowing the user to configure how the remote troubleshooting options can be used. This utility is available only for computers running Windows and Windows for Workgroups. You can also configure help desk options on a computer running MS-DOS using a command line.

Fig. 25.16 - The Help Desk Options dialog box is used to select the SMS Help Desk components you want to enable for use on your workstation.

This completes the overview of SMS system components and operations. You should now have a solid understanding of most of SMS's mechanisms and be well prepared to successfully use SMS to manage your network. In the next chapter, you set up your server, create the primary site, and use the SMS Administrator program to set properties for your site. You then learn how to use SMS to inventory the computers on your network.

From Here...

In this chapter, you have been introduced to the components that make up SMS. You have learned about the various Windows NT Server services that comprise the server-based components, and the client components that work together so that a computer inventory can be created and users can automatically install software. You have also learned how servers are organized in a site hierarchy and the various roles servers can adopt in an SMS site.

  • For information on setting up your SMS site and collecting inventory information, see Chapter 26, "Implementing SMS."

  • For information on automatically distributing and installing software and using the Help Desk features of SMS, see Chapter 27, "The Role of the SMS Administrator."

  • For information on establishing policies for improved security and specific guidelines for securing your site, your servers, and client workstations, see Chapter 28, "Implementing Real World Security."

  • For information on developing a proactive approach to avoiding network problems and server outages, see Chapter 30, "Proactive Network Administration."

Table of Contents

24 - The Role of the SNA Server Administrator

26 - Implementing SMS