Unpacking System Center 2012 Orchestrator

Exclusive offer: get 50% off this eBook here
Microsoft System Center 2012 Orchestrator Cookbook

Microsoft System Center 2012 Orchestrator Cookbook — Save 50%

Automate mission-critical tasks with this practical, real-world guide to System Center 2012 Orchestrator with this book and ebook

$24.99    $12.50
by Andreas Baumgarten (MVP) Samuel Erskine (MCT) Steve Beaumont | September 2013 | Cookbooks Enterprise Articles Microsoft

In this article by Andrew Duckworth, Steve Beaumont, and Baumgarten Andreas, authors of Microsoft System Center Orchestrator 2012 Cookbook, we will cover the following recipes:

  • Planning the Orchestrator deployment
  • Installing a single-server deployment
  • Installing the Management Server in a multiserver deployment

(For more resources related to this topic, see here.)

Planning the Orchestrator deployment

The installation of SCORCH is simple. You must plan the deployment appropriately according to your needs. This recipe discusses and provides steps on common planning tasks to be performed before inserting the DVD or mounting the ISO for organizations who have successfully deployed SCORCH.

Getting ready

The authors recommend you to review the latest information on SCORCH at http://technet.microsoft.com/en-us/library/hh420383.aspx as the requirements of the product and supported platforms are regularly updated by Microsoft.

How to do it...

There are three planning categories, people, process, and the technology (SCORCH product).

  1. Identify and agree on the roles and responsibilities of the SCORCH team. SCORCH deployments typically have three types of users; service accounts, Administrators, and operators.
    • Services accounts: They perform actions for the specific components of SCORCH
    • Administrators: They will typically perform all activities including, but not limited to, SCORCH installation, Runbook creation and management, and delegation of security to operators
    • Operators: They will typically use the SCORCH console and the Runbook Designer to create and manage Runbooks
  2. Identify and document initial prototype processes to be used as the first candidate for automation and testing. The types of processes for this purpose should be simple repeatable tasks that fall into an organizations required standard service requests. Good candidates are service request which do not require authorization and approval. An additional example category is Windows operating system services that can be stopped and started as a part of trouble shooting.
  3. Plan for the following technology requirements areas for SCORCH:
    • SCORCH deployment type

      Deployment type

      Description

      Single Server

      All SCORCH roles installed on one physical or virtual machine

      This scenario is typically implemented in test environments but is fully supported in production. This however becomes a single point of failure for highly automated environments.

      Multi-server

      The SCORCH roles are separated and installed on one or more machines

    • Minimum hardware requirements for each SCORCH component

      Component

      Requirements

      Management Server

      • Operating system: Windows Server 2008 R2 or Windows Server 2012*
      • 1 gigabyte (GB) of RAM, 2 GB or more recommended
      • 200 megabytes (MB) of available hard disk space
      • Dual-core Intel microprocessor, 2.1 gigahertz (GHz) or better
      • Microsoft .NET Framework 3.5 Service Pack 1

      Orchestration database

      • Database: Microsoft SQL Server 2008 R2 or SQL Server 2012
      • Collation: SQL_Latin1_General_CP1_CI_AS
      • Local or Remote (Basic Engine only)

      Runbook Server

      • Operating system: Windows Server 2008 R2 or Windows Server 2012*
      • 1 gigabyte (GB) of RAM minimum, 2 GB or more recommended
      • 200 megabytes (MB) of available hard disk space
      • Dual-core Intel microprocessor, 2.1 gigabyte (GHz) or better
      • Microsoft .NET Framework 3.5 Service Pack 1

      Orchestrator Console/Web Service

      • Operating system: Windows Server 2008 R2 or Windows Server 2012*
      • 1 gigabyte (GB) of RAM minimum, 2 GB or more recommended
      • 200 megabytes (MB) of available hard disk space
      • Dual-core Intel microprocessor, 2.1 gigahertz (GHz) or better
      • Microsoft .NET Framework 3.5 Service Pack 1
      • Web Service: Internet Information Services (IIS) 7.0 and enabled IIS role
      • Microsoft .NET Framework 3.5 Service Pack 1
      • Microsoft .NET Framework 4
      • Microsoft Silverlight 4**

      Orchestrator Runbook Designer

      • Operating system: Windows Server 2008 R2, Windows 7 (32/64 bit) or Windows Server 2012*
      • 1 gigabyte (GB) of RAM minimum, 2 GB or more recommended
      • 200 megabyte (MB) of available hard disk space
      • Dual-core Intel microprocessor, 2.1 gigabyte (GHz) or better
      • Microsoft .NET Framework 3.5 Service Pack 1

      SCORCH 2012 SP1

      It is required only for the computer running the console in its web browser but not the Web Service server.

    • Services accounts and delegation groups

      Account/Group

      Type

      Notes

      Orchestrator management service

      Service account

      Create an Active Directory user account for this service. This is the main management server service account and it is granted log on as a service during the installation.

      Orchestrator Runbook monitor service

      Service account

      Typically this is the same account as the Orchestrator Management Service.

      Orchestrator Runbook service

      Service account

      Same user account as the Management and Runbook Server monitor service in a single deployment but can be different for multi-server deployments; Active Directory domain account recommended.

      Runbook authors (SCO_ADMINS)

      Group

      Create an Active Directory group. This group will have the equivalent access of full administration to the SCORCH deployment.

      Runbook operators (SCO_CON_USERS)

      Group

      Create an Active Directory group. This group will have the equivalent access of a Runbook operator to the SCORCH deployment.

      Installation user

      User

      The user with full administrative rights on the SCORCH servers is required to perform the installation and configuration of the SCORCH deployment.

    • Network Communication Ports

      Source

      Targeted computer

      Default port

      Configurable

      Runbook Designer

      Management Server

      135, 1024-65535

      Yes.

      Management Server, Runbook Server, and Web Service

      Orchestration database

      1433

      Yes; specified during the installation on the SCORCH supported version of Microsoft SQL Server. This is the case where the SQL Server instance is not using the default port.

      Client browser

      Orchestrator Web Service

      81

      Yes; during the SCORCH installation.

      Client browser

      Orchestration Console

      82

      Yes; during the SCORCH installation.

How it works...

The planning activities discussed are the minimum activities the authors recommend. The tasks performed at this stage will ensure that you ask for and plan for all your requirements before investing time in the actual installation. An additional benefit is identifying any people or budgetary risks before the deployment.

There's more...

There are two additional planning areas which are typically ignored in technology focused deployments. These areas are communication strategies and stakeholder management.

Communication strategy

One of the inaccurate myths of SCORCH is that it would automate the IT professional. SCORCH when implemented right would improve efficiency but will not replace people. On the contrary you need to communicate with the people who perform the manual tasks as they hold the key to how to best automate their efforts. Early engagement with all IT team members should be one of your key planning tasks.

Stakeholder management

Stakeholders are all users affected by the SCORCH deployment. An important category of stakeholders are the management team responsible for policy creation and enforcement. Automation without organization buy in may lead to conflicts at the political level of your organization. An example of such a scenario is the ability to create Active Directory user accounts with rights to specific organization areas and restricted resources.

Microsoft System Center 2012 Orchestrator Cookbook Automate mission-critical tasks with this practical, real-world guide to System Center 2012 Orchestrator with this book and ebook
Published: August 2013
eBook Price: $24.99
Book Price: $54.99
See more
Select your format and quantity:

Installing a single-server deployment

This recipe provides the steps required to install all the SCORCH roles on a single server. The single server deployment is appropriate for test and development environments. This deployment type will assist you with evaluation of the product, initial Runbook creation, and validation prior to deploying in your production environment. Though supported in production you must plan to implement the multi-server deployment to provide flexibility and availability.

Getting ready

You must plan to review the Planning the Orchestrator deployment recipe before performing the steps in this recipe. There are a number of dependencies discussed in the planning tasks which you must perform in order to be able to successfully complete the steps in this recipe.

The authors assume that you have access to all the installation media and the user account performing the installation, has administrative privileges on the server nominated for the SCORCH deployment.

How to do it...

The following figure provides a visual summary and order of the tasks you need to perform to complete this recipe:

The deployment will be implemented in an Active Directory environment and with the Windows Server 2012 operating system. Perform the following steps to deploy SCORCH on a single machine:

  1. In Active Directory create the required and recommended user accounts and groups. In this example we will create the following groups:
    • Users: SCO_MGTSVCA and SCO_RBSSVCA
    • Groups: SCO_ADMINS and SCO_CON_USERS

  2. Install a supported Windows Server operating system and join the server to the Active Directory domain in scope of the SCORCH deployment.
  3. Add the two services accounts and the SCORCH Administrators group to the local Administrators group on the SCORCH server.
  4. On the SCORCH server enable the following role and feature:
    • Role: Web Server (IIS) (default settings), note that the installation will enable this role for you if it is not found on the target server
    • Feature: .NET Framework 3.5 SP1, you must specify a source file for .NET Framework 3.5 SP1 in the case of Windows Server 2012 and ensure that the DVD for Windows Server 2012 is loaded

  5. Install .NET Framework 4 if the operating system version is lower than Windows Server 2012 (.NET Framework 4x is already part of Windows Server 2012).
  6. Optionally install Silverlight. After the SCORCH installation you will be prompted to install Silverlight if you run the console on the server.
  7. Install a supported version of Microsoft SQL Server. In our example we will install Microsoft SQL Server 2012 standard edition with Service Pack 1. The following are the minimum options required for the installation:
    • Instance features: database engine services
    • Share features: Management Tools—Basic
    • Collation: SQL_Latin1_General_CP1_CI_AS
    • Authentication Credentials : Windows Authentication (recommended)
  8. Insert or mount the SCORCH installation media on the server. Log on with a user account with administrative rights.
  9. Launch the installation using the SetupOrchestrator.exe file. Click on Install under the System Center 2012 Orchestrator Setup section on wizard page.

  10. On the Product Registration page enter your organization details and the product Key (though the product key can be entered post installation, it is a best practice to enter this during the installation to reduce the risk of product evaluation expiry after the default 180 day period). Click on Next .
  11. Review the Please read this License Terms page and accept to continue with the installation. Click on Next .
  12. On the Select features to install wizard page ensure all options are checked. Click on Next .

  13. On the Configure the service account page type the user account you created for the management server service account and password. Click on Test to verify the details. Click on Next .
  14. On the Configure the database server page type the server name and if applicable the instance of SQL where the Orchestration database will be created. Click on Test to verify the connection to the database server. Click on Next .

  15. On the Configure the database page, ensure that new database is selected and the default name is Orchestrator for the database. Click on Next .
  16. On the Configure Orchestrator users group page, click on Browse… and specify the Active Directory group you created for the SCORCH administrators role (SCO_ADMINS in our example). Click on Next .

  17. On the Configure the ports for the web services page leave the default options (81 and 82) or provide your custom options. Note that make sure you document the custom port if you change the default values. Click on Next .
  18. On the Select the installation location page, accept the selected installation location or specify a custom location. Click on Next .
  19. On the Microsoft Update page select your preferred option. Click on Next .
  20. On the Help improve Microsoft System Center Orchestrator page select your preferred options. Click on Next .
  21. Review the Installation summary page. Click on Install to start the installation.
  22. On successful installation you are presented with final configuration options as follows:
    • Launch Windows Update
    • Visit System Center Orchestrator Online
    • When Setup closes, start the Runbook Designer

This completes the installation steps.

How it works...

Installing SCORCH in single server deployment mode is very simple. The most important aspect is to plan and configure all the prerequisites before you start the actual installation.

The installation requires a number of options, which the wizard guides you throughout the process. The installation creates the Orchestration database and prepares it for use in your deployment. The account specified for the service account is granted the required permission in the database and on the local server.

The following screenshot shows the database permissions granted to the management server service account:

About service accounts

In our prerequisites we created two service accounts, one for the Management Service and the other for the Runbook service. In a single server deployment only one account is requested, which in our case is the management server service account. The Runbook Server service account will be used for additional Runbook Servers and is a best practice to separate the two accounts as they are granted different rights in the database. An additional benefit of using two or more accounts is to reduce the risk of a single point of failure for all service components.

There's more...

There is one additional configuration you must perform post installation on the Management Server.

Enabling network discovery is applicable to the Orchestrator database Runbook Designer role. Perform the following steps to enable network discovery:

  1. In control panel navigate to Network and Sharing | Change advanced sharing settings | Expand the Domain profile | Turn on network discovery .
  2. Click on Save changes .

Enabling network discovery enables auto-population of fields, which requires the selection of a computer name when creating Runbooks.

See also

The official online documentation is updated regularly and should be a point for reference at http://technet.microsoft.com/en-us/library/hh420371.aspx.

Installing the Management Server in a multiserver deployment

SCORCH features and components can be installed on a single server or across multiple servers. The multi-server deployment requires you to perform the installation in a specific order. The first server you must install is the Management Server which requires a supported instance of Microsoft SQL Server. This recipe provides the steps for installing the SCORCH Management Server.

Getting ready

You must plan to review the Planning the Orchestrator deployment recipe before performing the steps in this recipe. There are a number of dependencies in the Planning the Orchestrator deployment recipe, which you must perform in order to successfully complete the tasks in this recipe.

The authors assume that you have access to all the installation media and the user account performing the installation, has administrative privileges on the server nominated for the SCORCH deployment.

The example deployment in this recipe is based on the following configuration details:

  • Management Server and database server TLSCORCH01 on the same machine
  • SCORCH SP1
  • Microsoft SQL Server 2012
  • Service account created in Active Directory: SCO_MGTSVCA
  • Administrative users group created in Active Directory: SCO_ADMINS

How to do it...

The following figure provides a visual summary and order of the tasks you need to perform to complete this recipe:

The deployment will be implemented in an Active Directory environment and with the Windows Server 2012 operating system. Perform the following steps to deploy a SCORCH Management Server in a multi-server deployment scenario:

  1. Install a supported Windows Server operating system and join the server to the Active Directory domain in scope of the SCORCH deployment.
  2. Add the service accounts and the SCORCH Administrators group to the local administrators group on the SCORCH server.
  3. On the SCORCH server enable the following feature:
    • Feature: .NET Framework 3.5 SP1, you must specify a source files for .NET Framework 3.5 SP1 in the case of Windows Server 2012 ensure that the DVD for Windows Server 2012 is loaded
  4. Install .NET Framework 4 if the operating system version is lower than Windows Server 2012 (.NET Framework 4x is already part of Windows Server 2012).
  5. Install a supported version of Microsoft SQL Server. In our example we will install Microsoft SQL Server 2012 standard edition with Service Pack 1. The following are the minimum options required for the installation:
    • Instance features: Database engine services
    • Share Features: Management tools—Basic
    • Collation: SQL_Latin1_General_CP1_CI_AS
    • Authentication Credentials : Windows Authentication (recommended)
  6. Insert or mount the SCORCH installation media on the server. Log on with a user account with administrative rights.
  7. Launch the installation using the SetupOrchestrator.exe file.
  8. On the splash screen under Orchestrator click on Install under the System Center 2012 Orchestrator Setup section on wizard page.

  9. On the Product Registration page enter your organization details and the product key. Click on Next .
  10. Review the Please read this License Terms page and accept to continue with the installation. Click on Next .
  11. On the Select features to install wizard page uncheck all options (the only option checked should be the mandatory Management Server ). Click on Next .

  12. On the Configure the service account page type the user account you created for the management server service account and password. Click on Test to verify the details. Click on Next .

  13. On the Configure the database server page type the server name and if applicable the instance of SQL where the Orchestration database will be created. Click on Next .
  14. On the Configure the database page, ensure that new database is selected and the default name Orchestrator for the database. Click on Next .
  15. On the Configure Orchestrator users group page, browse and specify the Active Directory group you created for the SCORCH administrators role. Click on Next .
  16. On the Select the installation location page, accept the selected installation location or specify a custom location. Click on Next .
  17. On the Microsoft Update page select your preferred option. Click on Next .
  18. On the Help improve Microsoft System Center Orchestrator page select your preferred options. Click on Next .
  19. Review the Installation summary page. Click on Install to start the installation.

  20. On successful installation you are presented with final configuration options as follows:
    • Launch Windows Update
    • Visit System Center Orchestrator Online

This completes the installation steps for the SCORCH Management Server in the multi-server deployment.

How it works...

The installation wizard guides you through the required settings. Once all the prerequisites are properly configured, the installation process creates the Orchestration database and installs the required program files for the Management Server feature.

The account specified for the service account is granted the required permission in the database.

The following screenshot shows the database permissions granted to the management server service account:

See also

The How it works… section of the Installing a single server deployment recipe.

Summary

In this article we saw how to plan the Orchestrator deployment, install a single server deployment, and install the Management Server in a multi-server deployment

Resources for Article :


Further resources on this subject:


Microsoft System Center 2012 Orchestrator Cookbook Automate mission-critical tasks with this practical, real-world guide to System Center 2012 Orchestrator with this book and ebook
Published: August 2013
eBook Price: $24.99
Book Price: $54.99
See more
Select your format and quantity:

About the Author :


Andreas Baumgarten (MVP)

Andreas Baumgarten (MVP), IT Architect with the German IT service provider H&D International Group, has worked as an IT pro for more than 20 years. He has always been interested in Microsoft technologies and he can also look back on 14 years of experience as a Microsoft Certified Trainer. Since 2008, he has been responsible for the field of System Center technology consulting and ever since he has taken part in SCSM 2010, 2012, 2012 SP1 and 2012 R2 and System Center Orchestrator 2012 Technology Adoption Program with H&D. With his deep inside technology know-how and his broad experience across the System Center product family and IT management, he now designs and develops private cloud solutions for customers. In October 2012, he was awarded the Microsoft Most Valuable Professional (MVP) title for System Center Cloud and Datacenter Management.

Samuel Erskine (MCT)

Samuel Erskine (MCT) has over 15 years experience in a wide range of technologies and industries (public and private) including working for fortune 500 organizations. In 2009 he founded a consultancy practice organization in the United Kingdom focused on implementing Microsoft System Center systems management and IT Service management products. He merged the original United Kingdom organization with Syliance IT Services in 2012 and became the third member of the Syliance IT Services (www.syliance.com) global management team. He is a Computer Engineering graduate and holds various technology vendor/industry certifications. Apart from this book, Samuel is also the lead author for Microsoft System Center 2012 Service Manager Cookbook and one of the contributing authors to the System Center 2012 Configuration Manager Unleashed book. He is an active participant in the System Center community with a blog at www.frameworktorealwork.com.

Steve Beaumont

Steven Beaumont has been working in the IT field since 1998 and is a known authority on everything related to System Center. His career started with low-end system building and support, graduating to manage a crack team of enterprise class support specialists; with the release of Service Manager 2010, he ventured into customization and released some solutions to the community via the TechNet Gallery, helping to show how to extend the usage
of the product.

Steve provides consultancy and designs specifically for System Center 2012 and Private Cloud solutions. He is the co-author of Microsoft System Center Service Manager 2012 Cookbook, which includes a host of tips and techniques to administer System Center, providing best practice advice and 'recipes' to get the most from Service Manager. He also runs his own blog (http://systemscentre.blogspot.com), which covers the full range of System Center components and areas related to desktop design, deployment, and optimization.

Books From Packt


 Microsoft System Center 2012 Endpoint Protection Cookbook
Microsoft System Center 2012 Endpoint Protection Cookbook

(MCTS): Microsoft BizTalk Server 2010 (70-595) Certification Guide
(MCTS): Microsoft BizTalk Server 2010 (70-595) Certification Guide

 PowerShell 3.0 Advanced Administration Handbook
PowerShell 3.0 Advanced Administration Handbook

SOA Cookbook
SOA Cookbook

BizTalk Server 2010 Cookbook
BizTalk Server 2010 Cookbook

Microsoft System Center 2012 Service Manager Cookbook
Microsoft System Center 2012 Service Manager Cookbook

 Microsoft System Center Data Protection Manager 2012 SP1
Microsoft System Center Data Protection Manager 2012 SP1

Microsoft System Center Virtual Machine Manager 2012 Cookbook
Microsoft System Center Virtual Machine Manager 2012 Cookbook


Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Resources
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software