Although our focus here is on the use of
collections in the package distribution process, collections have many
other uses. Collections are groups of SMS resources and can consist not
only of computers, but also of Microsoft Windows users and user groups,
as well as any resources discovered through the Network Discovery
method or the Active Directory directory service discovery methods. Package programs can be advertised to collections
that consist of users, user groups, or computers. Computer collections,
however, are the starting point for performing many client management
tasks. For example, you can initiate Remote Tools, view inventory
information through Resource Explorer, and view Event Viewer and
diagnostic information for each client by selecting the client through
a collection.
Caution
Collections
represent discovered resources. The computer resources that are
discovered and displayed in a collection might not actually be
installed as SMS clients. If a client hasn’t been installed and the
appropriate client component hasn’t been enabled, you won’t be able to
initiate a Remote Tools session, collect inventory, and so on, even
though the discovery data record (DDR) exists. |
We
know that if a computer is discovered but not installed as an SMS
client, that computer can’t be the recipient of an advertisement since
the Advertised Programs Client Agent is an SMS client component. On the
other hand, a discovered Windows user
obviously can’t be installed as an SMS client, since there’s no
equivalent user installation method. However, a discovered user can be
the recipient of an advertisement when that user is logged on at an SMS
client. For example, suppose that a company’s auditing department has
developed a spreadsheet that its auditors use when auditing other
departments. If SMS has discovered the auditors’ user accounts, those
user accounts can be grouped into a collection called Auditors. The
audit spreadsheet can then be advertised to the Auditors collection and
would subsequently be available to each auditor at whatever SMS client
they log on to, in whatever department they’re visiting.
In
many ways, collections are similar to Windows global groups. You use
Windows groups to organize users into easily managed units. Groups are
used to assign access permissions to Windows resources such as
printers, folders, files, and shares. When a new user joins a group,
that user automatically inherits all the permissions assigned to that
group.
The same concept applies to SMS
collections. You use collections to organize your SMS discovered
resources into manageable units. For example, suppose you’ve installed
1000 clients as SMS clients. These clients will appear as part of the
All Systems collection in the SMS Administrator Console. If each of
these clients belongs to a different business unit or department within
your organization and you need to send these computers packages based
on their affiliation with their business unit or department, you could
create a collection for each business unit or department and add each
client to the appropriate collection. Your clients are now grouped into
manageable units to which you can easily target packages.
Collections
can contain sub-collections to give the SMS administrator more
flexibility (or more headaches, depending on your point of view).
Subcollections work in much the same way as nested groups in Windows.
Actions performed on a main collection can also be performed on its
subcollections. The most common use for subcollections is in connection
with advertisements. Package programs are advertised to collections,
but you can also configure an advertisement to target a collection’s
subcollections as well.
Subcollections are not considered to be members
of the collection that contains them. Think of subcollections more as a
convenient way to link different collections so that they can be
treated as one unit. Membership rules are unique for each subcollection
and don’t affect any other collection. We’ll look at collection
membership in the next section.
Collection Membership
Collection membership rules can be either direct or query-based. Direct membership
is a manual membership method, meaning that you define which resources
are to be members of the collection. You’re also responsible for
maintaining the collection over time. If, for example, computers are
added or removed from the business group or department, you’ll need to
add or remove those computers from their corresponding collections.
Query-based membership,
on the other hand, is more dynamic in nature. You define the rules by
which the collection membership is established, and then SMS keeps the
collection up-to-date by periodically rerunning the query. For example,
suppose your company standard for naming computers is to include a
business unit or departmental code—say, all computers in the finance
department are named FIN203-PCx, where x
is a value that’s incremented each time a new computer name is needed.
You could create a collection named Finance whose membership rule is
based on a query that searches the database for all computers whose
names begin with FIN203. SMS would automatically populate the
collections with the appropriate computers. If computers are added or
removed from the finance department, the collection would be updated
automatically when the collection query was next executed.
As you can see, query-based collections are generally more practical and efficient than those based on direct-membership rules.
Let’s
build on our query-based collection example, in which all computers in
the finance department are named FIN203-PCx and a Finance collection
has been created whose membership rule is based on a query that
searches the database for all computers whose names begin with FIN203.
Since package programs are always advertised to collections, all
members of the Finance collection would receive any advertisement to
that collection. If computers are added or removed from the finance
department, the next time the Finance collection is (automatically)
updated, this change will be reflected to the collection and any new
computers that were added to the collection will receive advertisements
made to the collection. Similarly, if a computer has been removed from
the Finance collection, that computer will no longer receive any
advertisements made to the collection. This
process makes it easier for the SMS administrator to automate some
client management tasks, such as applying virus updates. Suppose your
advertisement is to copy a new virus update to each client in the
finance department once a month. You already have the Finance
collection, so all you need to do is create a recurring advertisement that copies a new virus update file to the clients on a specified day of each month. Working
together, the advertisement and the collection ensure that all
computers in the finance department will receive the virus update file
once a month. If new computers are added to the finance department, the
next time the collection is automatically updated they will
automatically receive the same advertisement for the virus update file
that every other member of the Finance collection will receive.
Similarly, if a computer is moved to another department, the next time
the collection is automatically updated that computer will no longer
receive advertisements for the virus update. The only administrative
task that you need to worry about is obtaining the virus update file
once a month and making it available to the advertised package. |
|
Predefined Collections
As
mentioned, collections represent discovered resources that haven’t
necessarily been installed as SMS clients. For example, Windows users
and user groups can be discovered as resources for an SMS site and the
discovered users and user groups are automatically made members of the
All Users and All User Groups collections—two examples of predefined
collections.
Collections are used to group
resources into more easily managed units. When you install SMS 2003, 12
default collections are created. These default collections are
described in Table 1.
Table 1. Default collections created during SMS site server installation
| Collection | Description |
|---|
| All Systems | Displays
all computers and IP-addressable resources discovered through any
discovery method except Windows User Account Discovery and Windows NT
User Group Discovery |
| All User Groups | Displays all Windows users discovered through the Windows User Group Discovery method |
| All Users | Displays all Windows users discovered through the Windows User Account Discovery method |
| All Windows 2000 Professional Systems | Displays all discovered computers running the Windows 2000 Professional operating system |
| All Windows 2000 Server Systems | Displays all discovered computers running the Windows 2000 Server family operating system |
| All Windows 98 Systems | Displays all discovered computers running the Windows 98 operating system |
| All Windows NT Systems | Displays all discovered server or workstation computers running the Windows NT operating system |
| All Windows NT Workstation 4.0 Systems | Displays all discovered computers running the Windows NT Workstation 4.0 operating system |
| All Windows Server 2003 Systems | Displays all discovered computers running th Windows Server 2003 family operating system |
| All Windows Server Systems | Displays
all discovered computer systems running the Windows NT 4.0 Server,
Windows 2000 family, and Windows Server 2003 family operating system |
| All Windows Workstation or Professional Systems | Displays
all discovered computers running the Windows NT Workstation 4.0,
Windows 2000 Professional, and Windows XP Professional operating system |
| All Windows XP Systems | Displays all discovered computers running the Windows XP operating system |
As
you can see, these default collections are designed to group resources
by operating system. The collections can be used as targets for
receiving advertisements. They’re updated once a day by default, but
you can change that frequency by clicking the Schedule button in the
Membership Rules tab in the collection’s Properties window. Note that you can manage the default collections
only from the central site. You can’t modify them from child sites.
