System Center Configuration Manager 2012 added support to manage a range of *nix based machines which is rather handy if you want to keep under control any *nix machine deployed in your infrastructure, once you install the SCCM Linux client on a machine the following features will be available:
- Hardware Inventory
- Software Inventory (via Software Inventory)
- Software Distribution
- Endpoint Protection
- SCCM Reporting
- Maintenance Windows (useful when the machines are monitored via SCOM and to deploy software on the client)
While software updates are not natively supported you can extend SCCM through third-party add-ons or write your own scripts deployed through software distribution which will take care of updating the Linux OS.
SCCM Linux Client Architecture
Before moving to the actual SCCM Linux Client installation I would like to spend a few words on the client’s architecture and how this interact with the Linux OS as while how this happens in the Windows world is probably clear the same does not hold true for *nix machines, so let’s have a look at an image courtesy of Technet:
As you can see in the image above in addition to installing the SCCM Linux client itself the installation package will also deploy something called OMI which is the Linux equivalent of WMI in the Windows world together with a bunch of providers that are used by the client to gather information that will be reported back the Management Point server, all communications will happen via either HTTP or HTTPS depending on your site configuration, of course SMB is not an option in this case.
As every *nix OS can be architecturally different in terms of features or characteristics Microsoft build up different SCCM Client packages for the different OSes which can be downloaded from here. If you want to know which *nix OSes are supported you can refer to this article on Technet , throughout the article I will be using a CentOS 7 machine for the purpose of demonstrating the installation but using different distribution will not be much different.
Last but not least it has to be noted that while SCCM will treat any *nix machine as a Workgroup automatic client deployment will not be available so you will have to either install manually or use custom scripts to deploy the client.
SCCM Linux Client Installation
The first logical step in deploying the Linux SCCM client is of course downloading it, as I wrote Microsoft released multiple clients for the various *nix OSes supported which can be downloaded from this link, extract the exe content to a location of your choice and transfer the package to the Linux machine where the SCCM client will be installed (I personally used SCP via cygwin but an NFS/Samba share or FTP will do equally well):
Once you’ve transferred the needed packages, I’ve just transferred everything to be quicker, you can use the supplied install bash script which has the following syntax:
# SCCM Linux Client installation script syntax ./install -mp -sitecode
The scripts support multiple command line arguments and describing them here would impractical but you can find a full reference here. Below you can see a screenshot of the command I’ve used to install the Linux SCCM Client in my lab environment:
As you can see the installation process is completely automated and no interaction from your side is generally needed, there are parameters that can be modified to, for example, change logging level but I’ll leave that for another post.
Once the Linux SCCM client is installed the machine will appear in the SCCM Console in the All Systems default collection as Client Not Approved all you have to do is to manually approve the client so that it can start communicating with the SCCM Server:
Once you have approved the new client you can force a policy refresh and hardware inventory cycle with the following commands:
# Force policy refresh for a SCCM Linux client /opt/microsoft/configmgr/bin/ccmexec -rs policy # Once Policy refresh is comeplted force a hardware inventory /opt/microsoft/configmgr/bin/ccmexec -rs hinv
You can even check the SCCM client activity log with the following command:
# Check SCCM Linux Client Log file tailf /var/opt/microsoft/scxcm.log # If your system does not have the tailf alias use tail -f /var/opt/microsoft/scxcm.log
Once the Hardware Inventory cycle is complete you can start Resource Explorer from the SCCM Administration console and data gathered from the client:
As you can see managing Windows and Linux SCCM clients is not that different, probably you are wondering why you should care about *nix machines in your role as SCCM administrator, I know for experience that even in most Microsoft centric environment there are more often than not AIX or Linux machines lying around while these machines are probably managed by a dedicated team, or that mythological “admin” that nobody ever meet but you know is hiding somewhere, being able to manage all systems through a single pane of glass is a big advantage.
In a future post I will dig deeper into customizing inventory and how to distribute software to Linux clients like, for example, scripts that will carry on tasks like updates deployment.
I hope you enjoyed the post if so please take a second to leave me a comment or share it with your social network.