Menu
Modern Workplace Blog
  • Home
  • About: Kenneth van Surksum
  • Cookie Policy
Modern Workplace Blog
June 10, 2015June 11, 2015

Distributing content to Distribution points and Distribution point groups in ConfigMgr 2012

With the release of System Center 2012 Configuration Manager, Microsoft introduced the distribution point groups functionality. Distribution point groups provide a logical grouping of distribution points and collections for content distribution as described in the following Technet Article: Configuring Content Management in Configuration Manager, Create and Configure Distribution Point Groups

A Distribution Point can be made member of one or more Distribution Point Group, based on the content deployed to that Distribution Point Group and whether the Distribution Point is member of that group, the Distribution Point receives content which is defined for the Distribution Point group.

When distributing content you have the ability to choose whether you want to distribute to a either a Collection/Collections, Distribution Point or Distribution Point Groups. This is actually the point where things start to go wrong, since depending on who is performing the distribution of the content, different options are chosen.

My personal preference is to define distribution groups, and always distribute content to distribution groups. The main advantage of this is, that when you add a new distribution group in your hierarchy, you simply add the distribution point to the already existing distribution point group and it will be filled with the content defined for the distribution point group.

clip_image001

In large environments, inconsistent distribution of content can lead to distribution points which are not aligned to each other, while you intended them to be because you grouped them in a Distribution Point group.

Lessons learned:

1. Be consistent in how you distribute content. Either distribute all content to all distribution points, or at least be consistent to always distribute to distribution point groups instead of distribution points. If you have the possibility to do so, use RBAC to restrict access to distribution points while giving access to the distribution point groups

2. If an application is retired, it stays on the distribution point, but you can’t distribute it anymore (leaving compliance in monitoring less than 100%) so if you expire an application remember to remove it from the distribution point groups.

3. Make sure you understand how this works before you start cleaning up the mess, read this blogpost in order to understand the scenario’s. I don’t want to be blamed that content gets removed from your distribution point while you are cleaning things up.

4. Removing content from a distribution point while initially deployed to a distribution point group is evil!

5. If you remove a distribution point from a distribution point group, the content stays on the distribution point.

In order to test the behavior of distributing content to primary I created several scenario’s in my ConfigMgr lab environment.

Configuration:

My lab environment is configured as followed (thanks to Johan Arwidmark for sharing the possibility to install a ConfigMgr environment using his Hydration solution – latest version here)

  • CM01 – Primary Site and Distribution Point
  • MDT01 – Distribution Point
  • MDT02 – Distribution Point

I also created 3 Distribution Point groups (DP_ALL, DP_MDT01 and DP_MDT02)

DP_ALL DP_MDT01 DP_MDT02
MDT01

x

x

MDT02

x

x

In order to see what is really available on the Distribution Points I used the Content Library Explorer, which is part of the Configuration Manager 2012 R2 toolkit provided by Microsoft.

The scenario’s

Scenario 1: Distribution of one of the boot images to the DP_ALL distribution group, remove the boot image from the MDT01 distribution point and perform a redistribute on the DP_ALL distribution group

Outcome scenario 1:

Boot image is distributed to both distribution points, after validating that the boot image has arrived we can see that the boot image is available as content on both the distribution point group and the distribution points.

clip_image002

clip_image003

If we then remove the content from the distribution point group by selecting the content on the content tab of the distribution point properties and clicking remove we validate the content and see that the boot image is removed from the distribution point.

If we now go to the properties of the distribution point group, select the boot image on the Content tab and click on Redistribute nothing effectively happens. The boot image does not get distributed to the distribution point where we previously removed the boot image.

Conclusion: After you remove content from a distribution point, the relation for that content with the distribution point group is gone as well.

Scenario 2: Distribution of a boot images towards two distribution point groups, remove the content from one of the distribution point groups.

Outcome scenario 2:

I distributed one of the boot images towards two distribution point groups (DP_ALL and DP_MDT01), after validation that the content has arrived, I removed the content from one of the distribution point groups (DP_MDT01)and monitored what happened. The boot image is not removed from the distribution point group.

Scenario 3: Distribution of a boot image to a distribution point, distribution of the same boot image to a distribution point group and after validation that the content has arrived, remove the boot image from the distribution point group

Outcome scenario 3:

I distributed a boot image to the MDT01 distribution point, after validation that the content arrived I also distributed the same boot image to the DP_ALL distribution point group. After validation that the boot image arrived on both distribution groups I removed the boot image from the DP_ALL distribution point group. The boot image then is removed from all the distribution points.

Scenario 4: Add boot image to distribution point group, add the same boot image to a distribution point and remove the boot image from the distribution point

Outcome scenario 4:

After we add the boot image to the DP_ALL distribution point group and we want to distribute the content to a distribution point which is already member of a distribution point group containing the content, you can’t choose the distribution point in the Distribute Content wizard. See the screenshot below, both Distribution Points (MDT01 and MDT02) which already have the content due to their DP_ALL distribution point group membership are not available to distribute content to.

clip_image004

Scenario 5: Distribute content to distribution point group, remove the content from the distribution point, distribute the content to distribution point again and then remove the content from the distribution point group.

Outcome scenario 5:

I added the boot image to the DP_ALL distribution point group, validated that the content arrived on both MDT01 and MDT02. After that I removed the content from the MDT01 distribution point, validated that the content was removed and distributed the content again to the MDT01 distribution point and validated that the content arrived. Then I removed the boot image from the DP_ALL distribution point group. The boot image then gets deleted from both the distribution points.

Scenario 6: Distribute content to distribution point group, remove distribution point from distribution point group

Outcome scenario 6:

I distributed a boot image to the DP_ALL distribution point group, validated that the content arrived on both distribution points. Then removed the MDT01 distribution point from the DP_All distribution point group. Nothing happened, the content stays on both distribution points and is not removed from the MDT01 distribution point.

The content after installation of a distribution point

Installation of a distribution point is actually quite simple, you install a server, add the computer account of the primary (or secondary) site to the local administrator group and use the wizard which will configure IIS and make the server a distribution point. Ofcourse this procedure is told very simplified because there are many other options or scenario’s available. Don’t forget to add no_sms_on_drive.sms files on the drives where you don’t want distribution point content files to land.

After you installed the distribution point functionality on a site server, you will notice that the ContentLibrary folder is empty.

clip_image005

After the first content distribution though, the distribution point will contain 3 different contents:

  • The content you distributed (in my case the boot image)
  • The Configuration Manager Client Package
  • An unknown package (actually this is the Configuration Manager Client upgrade package as you can see in the screenshots below)

clip_image006

clip_image007

Tweet
Follow me
Tweet #WPNinjasNL

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Founding member of:

Recent Posts

  • Azure AD Conditional Access authentication context now also available for Azure AD Privileged Identity Management
  • December 2022 update of the conditional access demystified whitepaper and workflow cheat sheet.
  • Conditional Access public preview functionality reviewed (22H2) – Part 3: Granular control for external user types
  • Conditional Access public preview functionality reviewed (22H2) – Part 2: Conditional Access filters for Apps and Workload Identities
  • Conditional Access public preview functionality reviewed (22H2) – Part 1: Authentication Strength

Books

System Center 2012 Service Manager Unleashed
Amazon
System Center 2012 R2 Configuration Manager Unleashed: Supplement to System Center 2012 Configuration Manager
Amazon
System Center Configuration Manager Current Branch Unleashed
Amazon
Mastering Windows 7 Deployment
Amazon
System Center 2012 Configuration Manager (SCCM) Unleashed
Amazon

Archives

  • February 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • May 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • August 2019
  • July 2019
  • November 2016
  • November 2015
  • June 2015
  • May 2015
  • November 2014
  • July 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • November 2013
  • August 2013
  • April 2013
  • March 2013
  • January 2013
  • December 2012
  • November 2012
  • August 2012
  • July 2012
  • June 2012

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Categories

  • ABM (3)
  • Advanced Threat Protection (4)
  • Announcement (42)
  • Azure (3)
  • AzureAD (65)
  • Certification (2)
  • Cloud App Security (3)
  • Conditional Access (50)
  • Configuration Manager (24)
  • Events (11)
  • Exchange Online (7)
  • Identity Protection (3)
  • Intune (17)
  • Licensing (2)
  • Microsoft Endpoint Manager (35)
  • Mobile Application Management (1)
  • Modern Workplace (65)
  • Office 365 (10)
  • Overview (10)
  • Power Platform (1)
  • PowerShell (2)
  • Presentations (7)
  • Privileged Identity Management (5)
  • Role Based Access Control (2)
  • Security (50)
  • Service Manager (4)
  • Speaking (22)
  • Troubleshooting (4)
  • Uncategorized (11)
  • Windows 10 (14)
  • Windows 11 (4)
  • Windows Update for Business (3)
  • WMUG.nl (16)
  • WPNinjasNL (30)

Tags

#AzureAD #community #conditionalaccess #ConfigMgr #IAM #Intune #m365 #MEM #MEMCM #microsoft365 #modernworkplace #office365 #security #webinar #wmug_nl ATP AzureAD Branding Community Conditional Access ConfigMgr ConfigMgr 2012 Configuration Manager Email EXO Identity Intune Licensing M365 MCAS Modern Workplace Office 365 OSD PIM Policy Sets Presentation RBAC roles Security Service Manager SSP System Center troubleshooting webinar Windows 10

Recent Comments

  • Kenneth on December 2022 update of the conditional access demystified whitepaper and workflow cheat sheet.
  • John Barnes on December 2022 update of the conditional access demystified whitepaper and workflow cheat sheet.
  • Intune Newsletter - 24th February 2023 - Andrew Taylor on Azure AD Conditional Access authentication context now also available for Azure AD Privileged Identity Management
  • Azure AD Conditional Access authentication context now also available for Azure AD Privileged Identity Management | Modern Workplace Blog on A first look at Azure AD Conditional Access authentication context
  • Kenneth on Intune: Choosing whether to assign to User or Device Groups

This information is provided “AS IS” with no warranties, confers no rights and is not supported by the author.

Copyright © 2021 by Kenneth van Surksum. All rights reserved. No part of the information on this web site may be reproduced or posted in any form or by any means without the prior written permission of the publisher.

Shorthand: Don’t pass off my work as yours, it’s not nice.

©2023 Modern Workplace Blog | Powered by WordPress and Superb Themes!
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT