This post provide a checklist for an upgrade to SCCM 2012 R2 and a list of known problems…
Update 19.11.2013: Some Issues are solved by a KB.
Update 21.11.2013: More Issues are solved by a KB.
Pre-Upgrade
- Check if Firewall Ports are open between SCCM and SQL Server
- Check if the SQL Instance SPN’s are registered.
- Read the release notes for R2, and be aware of notable configuration changes such as noted here.
- You should also have a look on the published considerations from Microsoft.
- Get your product key. You will need it to install R2.
- Download everything you need, some packages are over 3 GB.
Here’s a list of things to download: - Latest SQL Server SP (Check Supported Configurations)
- Latest SQL Server CU for the latest SP (Check Supported Configurations)
- ConfigMgr R2 installation files
- Download Latest SCCM R2 CU
- ADK 8.1
- Download the ConfigMgr 2012 R2 pre-requisite files using setupdl.exe from the install media and replicate these to all site servers also for use during setup.
- Run the Pre-requisite checker on all site servers using the same account that you will use when performing the upgrade.
Errors about USMT, Deployment Toolkit and old WinPE are normal and ok. They will be resolved after upgrading ADK. - Backup your site server and database.
Mostly I do a full server backup with Acronis or another imaging tool.
Reported Issues
Thanks for input to Roger Zander, Mirko Colemberg and Jürg Koller.
- After updating to SCCM 2012 R2 all reports are listed twice in the Reporting section.
Once with a __ Prefix. The reports with __ are the old reports, which could be deleted if you haven’t made any customizations to the built-in reports. - PXE won’t work, because wimgapi.dll has an issue. –> Solved http://support.microsoft.com/kb/2905002
- The official supported work around is to create a PXE enabled distribution point on another system as the site server.
- Another way could be to reinstall Wimgapi from \sms\wim\wimgapi.msi or reinstall the ADK.
- Also note that there is a updated version of ADK 8.1 since 18.10.2013 http://blog.colemberg.ch/2013/10/config-manager-update-r2-pxe-dont-work/
- Device Variables of new added devices aren’t available during OSD and OSI Task Sequences.
This is a well known problem in the Microsoft support team. They can provide you with a script which reads the variables directly from the SCCM server and put them to the local TS environment. –> Solved, you have to call MS Support for KB2907591
http://social.technet.microsoft.com/Forums/en-US/455c8ddb-97c9-4874-8168-aca30f8ab306/task-sequence-variables-are-not-applied-in-sccm-2012-r2-osd?forum=configmanagerosd - OSD is much slower, the WIM download takes 15minutes, without R2 5 minutes… –> Solved http://support.microsoft.com/kb/2905002
The problem is known by the product team. A Hotfix will be released…soon :S - A workaround is to enable “Access content directly from a distribution point” or to use multicast.
- Work hour and presentation settings are lost after client upgrade.
This is also mentioned in the update considerations from Microsoft. - Network access account credentials are lost during update.
- Remove the network access account and re add it to the list of network access accounts.
- USMT of ADK 8.1 does not support Windows XP.
- Custom Global Condition are not correctly updated.
Applications which use a custom global condition will fail on install. To solve this problem, edit these global conditions (Add a comment). - Workgroup clients cannot find their SCCM server.
There was a problem, that the anonymous authentication was disabled on the root of the default website.
DB Upgrade
- Set your DB servers in your Monitoring Tool to maintenance mode.
- Upgrade SQL Server to the latest supported SP and Cumulative Update.
- Resolve any major issues identified in the site status or component status.
Windows Upgrade
- Install the latest Windows stability and security updates.
- Backup your site server and database.
SCCM Upgrade
- Restore a copy of the DB to a test server and test the DB upgrade process using the /TESTDBUPGRADE option.
It’s important to use another SQL server and not only another instance on the SQL Server, because the TESTDBUPGRADE Task changes some files on the server. There are also possibilities to specify locations with this parameter, for this see my older blog post. - Put your site servers in your Monitoring Tool to maintenance mode.
- Remove all of your boot images from your DPs and make a copy of the files.
This will help you get your boot images back if you need an older WinPE Version. - Create Screenshots of all Settings in your Boot Images
- Uninstall ADK 8 and install the ADK 8.1.
The needed Features are USMT\WinPE\Deployment Tools - Run the pre-requisite checker on all site servers.
Everything should be OK. Only if you have child sites, you get a warning about their version. I get also a message, that the site server has no permission to the system management container in active directory. It was mostly because I have granted the appropriate permission to a group and not directly to the site server. - Disable your virus scan tool.
Mostly the anti-virus breaks the generation of new boot images. So it’s the best way to disable it completely. Jürg Koller told me that he has also problems with a disabled McAfee IDS Agent. The only solution was to temporary uninstall it. - Disable the “Delete Aged Client Operations”, “Delete Aged Discovery Data” and “Backup Site Server” site maintenance task on all sites.
- Restart the site servers.
- Start the Setup and follow the wizard.
- Check the log file during installation and wait until the setup and the log file told that the setup completed successfully.
When you are using CMTrace to watch the log file, it marks every line red where the word error occurs. So there are also tables and files which are named error… This means not every red line is a problem.
Now you have to wait until all site components are reinstalled. This can take a while. - Check the sitecomp.log, some role installations fail multiple times because other installations are currently running.
Post Upgrade
- Perform your standard health checks like reviewing replication, site status, and component status.
- Perform a functionality check.
Create a new deployment, run a deployment, try remote tools, run a report, run a query, update a collection, import a new computer, etc. Basically, anything that is critical in your environment. It may be worth having a whole separate checklist for this. - Re-enable the “Delete Aged Client Operations”, “Delete Aged Discovery Data” and “Backup Site Server” site maintenance task on all sites.
- Recreate any necessary boot images using the new WinPE and deploy them to the DPs or simply redeploy the default boot images to your PXE enabled DPs if they were successfully updated.
- Check if your add-ons are working correctly.
MDT has often problems after an upgrade and you won’t be able to open task sequences built with them. - Upgrade the client with the new agent version.
- Re-enable your Anti-virus product.
- Recreate WIM Files with the new Agent Version
Congratulation, you have successfully updated your environment!!!
Principal Security Consultant | MVP at baseVISION AG
I’m a consultant, trainer and architect for modern workplace and enterprise mobility projects with Microsoft Technologies in the past ten years. I love to push and design the modern workplace based on Microsoft 365 for my customers which is the only answer for the current security threats, agile world and the fast-changing business requirements of my customers. Important for me is to simplify and automate the operational processes, because there are the highest costs.
Latest posts by Thomas Kurth (see all)
- Microsoft Sentinel ASIM Parser demystified - March 31, 2024
- Enhancing Network Security Insights with IDS/IPS of Ubiquiti Dream Machine Pro and Microsoft Sentinel - March 10, 2024
- Ubiquiti Dream Machine Pro Logs to Microsoft Sentinel - February 6, 2024
0 Comments