Kevin Remde's IT Pro Weblog
Jason Buffington announced on his blog that DPM 2010 RC is available for download.
Get it HERE.
“What is Data Protection Manager?”
It’s one of the Microsoft System Center set of tools for Enterprise-class IT Management. Basically DPM is Microsoft’s solution for data protection (backup, recovery, and archiving). It works natively with our biggest products (Exchange, SharePoint, SQL, Virtualization) as well as Operating Systems (both client and server) to provide a powerful backup and recovery solution.
“What’s new that’s coming in DPM 2010?”
Check out the video interview with Jason on the DPM site.
Watch that site, plus Jason’s blog, for additional news around this product.
Are you still on the fence about Windows 7? Are you wondering whether it is worth your time? Are you wishing you had some proof that would help you convince your boss that now is the time to start rolling it out?
“How did you know?”
I’m a lot like you. And I got an e-mail about this webcast coming up on Monday, Feb 22, 2010 entitled “Momentum Webcast: Windows 7 Enterprise Return on Investment: New Forrester Study and Model (Level 100)”. Here is the webcast description:
Event Overview On the fence with Windows 7 operating system adoption? In this challenging economic climate, every IT investment needs to show a strong, tangible financial return. To help organizations assess the business value of migrating PC infrastructures to Windows 7, analysts Ben Gray and Jeffrey North of Forrester conducted an in-depth study of 12 enterprise early adopters. This informative webcast details the results from these industry thought leaders and illustrates how the new Forrester Total Economic Impact model can be used to estimate Windows 7 savings in a variety of organizations. We discuss the impact Windows 7 has on operating costs, client manageability, help desk calls, remote PC management, power consumption, management automation, and compliance; and we show you how to use the Total Economic Impact model. Presenters: Benjamin Gray, Senior Analyst, Forrester Research and Jeffrey North, Principal Consultant, Forrester Research
Event Overview
On the fence with Windows 7 operating system adoption? In this challenging economic climate, every IT investment needs to show a strong, tangible financial return. To help organizations assess the business value of migrating PC infrastructures to Windows 7, analysts Ben Gray and Jeffrey North of Forrester conducted an in-depth study of 12 enterprise early adopters. This informative webcast details the results from these industry thought leaders and illustrates how the new Forrester Total Economic Impact model can be used to estimate Windows 7 savings in a variety of organizations. We discuss the impact Windows 7 has on operating costs, client manageability, help desk calls, remote PC management, power consumption, management automation, and compliance; and we show you how to use the Total Economic Impact model.
Presenters: Benjamin Gray, Senior Analyst, Forrester Research and Jeffrey North, Principal Consultant, Forrester Research
You can register to attend the live webcast, or to watch the recording from the webcast, HERE.
“Hey Kevin.. I want to deploy Windows 7, and hear good things about IE8, but I don’t know how to start evaluating what I need to make the move off of Internet Explorer 6. I am sure I have at least one critical application that might not work in IE8, and need to know what it takes to plan for and perform the upgrade.”
Chris Jackson (“The App Compat Guy”) is hosting a set of webcasts that will help you answer those questions, and give you a good summary of the options you have as well as the tools available. And it’s not just one webcast held at one time, but at several times so that you can attend the one that fits your schedule best, and get your questions answered LIVE as well.
From an announcement I saw about the webcast:
You are probably excited about the new Windows 7 operating system, and the Windows Internet Explorer 8 Web browser comes as part of the package. You may have seen the demos of new features and tools that are available, but you are still using Internet Explorer 6. The demos are sometimes simplified, with pages with a single issue conveniently fixed using a click of a button. But it is definitely not that easy. You could have thousands of apps, many of them packaged, or you could be prevented from accessing the code because it is part of a product you bought. Attend this demonstration-heavy webcast, have your questions answered by the experts and learn what IT professionals do in real-world scenarios to configure, manage, deploy, and ensure the compatibility of their Web applications with Internet Explorer 8. Click this link to sign up for a webcast that best fits you schedule. Each session will include a 45-minute pre-recorded session, with live chat Q&A with an IE expert during the session, and 15 minutes of phone Q&A at the end. Times have been varied to maximize coverage across international time zones.
You are probably excited about the new Windows 7 operating system, and the Windows Internet Explorer 8 Web browser comes as part of the package. You may have seen the demos of new features and tools that are available, but you are still using Internet Explorer 6. The demos are sometimes simplified, with pages with a single issue conveniently fixed using a click of a button. But it is definitely not that easy. You could have thousands of apps, many of them packaged, or you could be prevented from accessing the code because it is part of a product you bought.
Attend this demonstration-heavy webcast, have your questions answered by the experts and learn what IT professionals do in real-world scenarios to configure, manage, deploy, and ensure the compatibility of their Web applications with Internet Explorer 8.
Click this link to sign up for a webcast that best fits you schedule. Each session will include a 45-minute pre-recorded session, with live chat Q&A with an IE expert during the session, and 15 minutes of phone Q&A at the end. Times have been varied to maximize coverage across international time zones.
The LINK above is the webcast “month view” calendar, on which you’ll find the links to the webcasts. But if you’d like to know the specific dates and times…
“What are the specific dates and times?”
I was just getting to that. Here they are:
So look for these on the calendar. Register. Register for more than one. Attend, learn, and ask your questions. And move to IE8 when you’re ready!
When I deliver a presentation, or during the breaks, I’m invariably asked a question that I can’t answer.
“A single question? Really?”
Okay.. SEVERAL questions. (Who’s counting?!) The point is that I consider it a valuable learning opportunity. I write the question down and then later find the answer. Hopefully the person asking will check my blog and get the answer, or they’ll e-mail me and I can get the answer to them.
Today was no exception. My great Kansas City (Overland Park) audience had some super questions. Most of them I could answer.
“Most? Really?”
Yes, really. (Stop picking on me!) And I do have a few that I wrote down because I wanted to either find the answer, or give more details on the answer to these great questions.
---
Question: “If I buy, for example, Enterprise Edition of Windows Server 2008 R2, I understand I get 4 licenses to use as virtual machines. Where do I get product keys for those? Or how do I activate them?”
It depends upon how you bought the Server license:
Question: “How easy is it (or is it even possible) to expand the size of a .vhd file?”
It’s actually pretty easy. Ben Armstrong (the “Virtual PC Guy”) documents it like this:
Hyper-V adds the ability to increase the maximum size of a dynamically expanding or fixed-size virtual hard disk. To do this you need to open the Edit Virtual Hard Disk Wizard (by selecting Edit Disk... from the Hyper-V manager), select the virtual hard disk you want to expand, select Expand on the Choose Action page and then enter the new size of the virtual hard disk that you want. Three things to note: You can't do this to a virtual hard disk that is associated with a running or saved stated virtual machine. You shouldn't do this to a virtual hard disk that is associated with a virtual machine that has snapshots (as you will invalidate the snapshots). After expanding the virtual hard disk there will be an empty space at the end of the virtual hard disk. You will either need to create a new partition to use the new space, or expand an existing partition into the new space.
Hyper-V adds the ability to increase the maximum size of a dynamically expanding or fixed-size virtual hard disk. To do this you need to open the Edit Virtual Hard Disk Wizard (by selecting Edit Disk... from the Hyper-V manager), select the virtual hard disk you want to expand, select Expand on the Choose Action page and then enter the new size of the virtual hard disk that you want.
Three things to note:
Question: “When I create a snapshot and then later remove (delete) a snapshot, I want a merge to happen. But it won’t happen until I stop the virtual machine. That’s not an option for me, because this server needs to be running at all times. And I also am programmatically taking snapshots daily for a fallback option. I don’t want to give that up, but when I finally do shut down the machine the merge takes forever. What can we do about that?”
I posed this question to an internal Virtualization discussion list, and the response from a couple people was “Snapshots are not supposed to be (or not designed to be) a backup solution”. To this I pointed out that you weren’t using it as a backup, but as a convenient “just in case” rollback option.
That said, the reality is that there isn’t any way to do what you want currently using snapshots. Merges can’t happen unless the machine is turned off. Sorry I don’t have better news for you.
Question: “Clustering changed in Server 2008 in removing support for SCSI disks. iSCSI or Fiber-Channel only. What are my options in Hyper-V? And is Microsoft going to fix this in future versions of Hyper-V?”
Due to my personal lack of experience with clustering, I wasn’t able to give you a good answer because, to be honest, I didn’t fully understand the question.
A quick BING on “windows server 2008 r2 cluseter hyper-v” found some good resources. Hopefully you’ll find your answer there. And as for future versions of Hyper-V and what they’ll support or fix, I really can’t say.
Question: “In XP we configured the ‘default’ options in images that then were populated when we rolled them out. How is this done in Windows 7?”
Take a look at this screen snip:
This is the list of folders that are found under C:\Users\Public by default. Notice that I’m showing the hidden folders (they display slightly dimmed), and that they include the kinds of folders that we might pre-populate so that the items within them (Favorites, Libraries, the Desktop) will be available to all new user profiles. I think that’s what you’re looking for.
Thanks again to my Kansas City TechNet Event attendees! I look forward to seeing you next time.
Thursday – it’s Omaha! (If you haven’t signed up yet, there’s still time.)
As a parent of four (count ‘em! 4) kids, three of whom are in High School or College, I think it’s great when someone provides easy-to-use resources for young adults to help them figure out what they want to do with their working lives in the near future. So I’m thrilled to see this really well-done “S2B Career Streams” site go live.
“S2B?”
That’s “Student-to-Business”. The idea is to address the fact that students have a lot of questions about what sorts of jobs are available in the Computer Sciences. So we want to make it easy for them to find out more about what kinds of jobs are out there.
Here’s a portion of the blurb I received in e-mail about it:
It’s hard for students to understand the wide variety of careers in the technology industry and even harder to know that their choices are connected to jobs when they graduate. Developer, technical sales, business analyst, Web designer... Students are asking: What do people in these careers do? What skills are needed to get started? How do you get experience? Are there jobs if you have the skills? At the same time Microsoft's partners and customers are asking: "Why can't we find the employees we want with the skills we need?" To address these gaps, we are thrilled to announce the launch of Microsoft S2B Career Streams. Career Streams will introduce students to a variety of technical careers that are in demand today and tomorrow in the Microsoft community. It will help them get the skills they need to get started in a technical career and offer them opportunities to gain that vital first work experience.
It’s hard for students to understand the wide variety of careers in the technology industry and even harder to know that their choices are connected to jobs when they graduate. Developer, technical sales, business analyst, Web designer... Students are asking: What do people in these careers do? What skills are needed to get started? How do you get experience? Are there jobs if you have the skills? At the same time Microsoft's partners and customers are asking: "Why can't we find the employees we want with the skills we need?"
To address these gaps, we are thrilled to announce the launch of Microsoft S2B Career Streams. Career Streams will introduce students to a variety of technical careers that are in demand today and tomorrow in the Microsoft community. It will help them get the skills they need to get started in a technical career and offer them opportunities to gain that vital first work experience.
Check out the site, and forward the link to your kids if you think they’ll find it useful. Or simply use it to find out more about the “other jobs” that are out there.
And hey, if you like what you see… Consider becoming a fan on Facebook, or following on Twitter.
(…and as an added bit of fun.. click on all of the displayed video links one right after the other, and listen to the mayhem. It’s hilarious!)
A couple of new tools are available for those of you either in the planning stages of an Exchange 2010 deployment, or looking to verify the configuration of your Exchange organization’s configuration:
The Exchange Pre-Deployment Analyzer performs an overall topology readiness scan of your environment and provides you with a list of decisions that need to be made before you deploy Exchange Server 2010.
Get the Pre-Deployment Analyzer HERE.
Overview
“You can use the Exchange Pre-Deployment Analyzer to perform an overall topology readiness scan of your environment. When you run the Exchange Pre-Deployment Analyzer, it provides a detailed report that will alert you if there are any issues within your organization, which could prevent you from deploying Exchange 2010. For example, the Exchange Pre-Deployment Analyzer will notify you if you haven't deployed the minimum required Exchange service pack on all your existing Exchange servers.”
“Microsoft Baseline Configuration Analyzer 2.0 (MBCA 2.0) can help you maintain optimal system configuration by analyzing configurations of your computers against a predefined set of best practices, and reporting results of the analyses.”
Get the MBCA 2.0 HERE.
“Microsoft Baseline Configuration Analyzer 2.0 (MBCA 2.0) can help you maintain optimal system configuration by analyzing configurations of your computers against a predefined set of best practices, and reporting results of the analyses. Best practices are developed by a product development team or domain experts, and are packaged in the form of a best practice model. Models are available as separately-downloadable packages that can be run and analyzed by MBCA. MBCA lets users work with best practice models in a consistent, user-friendly way.”
We had a great time in Omaha! Thanks to all of you that came to our TechNet Event last Thursday.
As usual, I had a few questions that I wanted to find the answer to so that I could put them here in my blog. Here they are:
----
“In Windows Azure you say that the fabric controller watches for what servers are running, and can recover a role instance if it sees that the server is down. But what assurance do we have that the fabric controller won’t go down?”
I am told that you can check the XML file and look for the setting: <disk_merge_pending type="bool">False</disk_merge_pending>
Beyond that I wasn’t given any details. I hope that helps.
“I had a virtual machine with a hard disk on a running server that ran out of space. I needed to expand it, but couldn’t do it while the machine was running, and then couldn’t because there were snapshots. I needed to delete the snapshot and let it merge first. The merge took quite some time - which my customers didn’t appreciate at all, since I am hosting web services for them. What should/could I have done (if anything) to avoid this?”
Well.. obviously the first thing you do is always to consider treating your virtual hard disks as having a definite limit that you need to watch. Yes, it’s nice that you have the option to expand the disk, but as you saw, there are limitations as to when you are allowed to expand a disk. So the best approach is to monitor the disk usage just as if it were a physical piece of hardware.
That said, the people at Microsoft who are responsible for Hyper-V definitely know about these issues that some people are having with snapshot-delete / offline-merges. They won’t tell me whether they’re addressing this in future versions, however. I do hope they are.
“I want to build servers and deploy Windows Storage Server, but I’m unable to attain that software, because I’m not a big enough reseller. Is this something that may change someday?”
Unfortunately I was not able to get a reply from anyone responsible for making this decision. Very frustrating.
“FIM 2010? Is that a new product?”
In name, yes. But “FIM has evolved from Microsoft Identity Lifecycle Manager (ILM) 2007, which was previously Microsoft Identity Integration Server (MIIS) 2003, which originated from Microsoft Metadirectory Services (MMS).”
“Wait.. Who are you quoting there?”
I’m quoting Alan Le Marquand and his very informative blog post about the release.
“So, FIM 2010 is an identity manager?”
As the name implies.. yep. Some organizations (you know who you are) have more than one directory of user accounts to manage. That’s tricky.. creating them for new employees, keeping them in sync, making sure they’re all disabled or deleted in a timely manner if the employee leaves, etc. And add to that the prospect of managing certificates, or even just the upkeep of employee information. Wouldn’t it be great if employees had a way to manage some of that information in a self-service way?
So, in a nutshell, FIM 2010 helps you focus more on the higher-level security aspects of your infrastructure, and focus less on managing user identities in those more complex scenarios.
I highly recommend you check out Alan’s post, as it contains links to related TechNet webcasts, Technet Edge videos, and other useful tidbits.
Here’s another TLA for you all to learn: CEC. Microsoft’s Common Engineering Criteria.
The Microsoft Common Engineering Criteria is a set of engineering requirements and guidelines that govern all of Microsoft’s server products. The idea here is that we build products that work well together, and work to help you reduce your TCO (another TLA I’m sure you’re familiar with). So by creating a list of criteria for our products that define our “engineering and quality standards”, you and your companies benefit.
“How so?”
Okay… here’s an easy example. Have you noticed that PowerShell is now used as the foundation for configuration and management for all new server products coming from Microsoft?
“Yeah. I like that.”
There you go. If we had different scripting methods or sets of tools and utilities for every product, you’d have to learn or re-learn all of them, or have a bigger learning curve, or have more people trained in each different product. But having a common platform for management and configuration is going to reduce your TCO dramatically. PowerShell is one of the items required for server products in the CEC, and a good example of how we define and enforce requirements for products – to your benefit.
The three main areas and goals of the CEC are:
Publishing the CEC for the world to see means that you have another way to “get into Microsoft’s head”. It will help you understand the product and technology areas that Microsoft feels are important to manage and improve from a product development perspective. And in a way, it’s also like a fortune teller’s crystal ball.
“Huh?”
Sure. Now you can know that in the future, these are the things that the Microsoft server product teams are forced to implement when building the next new server products or the next versions of products.
Go to the CEC Program Page to learn more about the program. Drill down into your favorite product or technical area and see specifics about what has guided us to make it better for you.
What do you think Microsoft should include in their CEC?
So you’re running SCCM to its full potential. You’re doing operating system deployments, software rollouts, updates, inventory… and you want a simple web dashboard to have a quick and easy view of the status of all of these items.
“It’s like you read my mind!”
Yeah, I’m good like that. Anyway.. now you have a Solution Accelerator from Microsoft that will do just that. It’s the new System Center Configuration Manager Dashboard.
From the “About System Center Configuration Manager 2007 Dashboard” page…
The Microsoft System Center Configuration Manager 2007 Dashboard lets customers track application and operating system deployments, security updates, the health status of computers, and IT compliance with key regulations—with an easy to use, customizable Web interface. Because the Dashboard is built on Windows® SharePoint® Services, IT staff can access information without using the Configuration Manager console. The Dashboard is a free Solution Accelerator, and fully supported by Microsoft.
Key Benefits Benefits of the dashboard include: Actionable information out of the box. The dashboard comes with valuable, built-in datasets that IT managers can access without using the Configuration Manager console. Centralized, near-real-time access to key information. The graphical dashboard lets customers view any Configuration Manager data set in near-real time—without leaving their desk. Easy to build and configure. The dashboard’s wizard-based tools let customers easily create new dashboards in minutes. Easy to customize. The dashboard can easily be customized to meet the needs of different departments and other groups. Any data set in the Configuration Manager database can be presented on the dashboard, in chart, gauge, and table formats. Flexible & interactive. Users can easily filter data and create ad hoc, custom views. Filters allow users to quickly drill down from high-level to more specific data.
Benefits of the dashboard include:
“Sounds great, Kevin! …but what does it cost?”
How much would you pay?
“Nothing. It’s a Solution Accelerator from Microsoft. Those are free!”
Bingo.
Again, here’s the Information page.
And here’s the download page if you want to jump right in.
Today a new IDC White Paper (sponsored by Microsoft) was made available:
http://download.microsoft.com/download/5/B/D/5BD5C253-4259-428B-A3E4-1F9C3D803074/IDC_Business_Critical_Workloads.pdf
The purpose of the write-up is to document what’s happening in the world of x86-based Servers; why they are THE platform businesses choose for their business-critical workloads. This is not a Microsoft story…
“Oh really? You sponsored it!”
Yeah, you got me there. (smile) But, really, this is an objective look at how businesses are taking advantage of new advances in server hardware. The paper also goes into detail about the kinds of workloads being tackled with this kind of hardware married with Windows Server as the OS platform, and the benefits businesses are getting out of it.
And as a bonus: Al Gillen – Program Vice President – System Software at IDC, has recorded a webcast that goes through a “discussion of the findings” documented in the paper. You can view this webcast HERE: http://event.on24.com/r.htm?e=201258&s=1&k=6C98B819B986DC8179F71CF8D4F0324C
WAG = Windows Administrator Groups
Last week I decided to try something new, and it’s catching on in a big way. I wanted to create a new set of user groups for IT Administrators who primarily work with MIcrosoft Windows-based infrastructures. So I came up with the acronym WAG.
I’m also a recent big fan of LinkedIn. And based on the example/success of people like my friend John Weston and others, I decided to use the LInkedIn groups capability to create the Windows Administrator Groups group, and to create sub-groups for various geographies. The idea is that people can join the parent group and any subgroups they want to be a part of, and the subgroups will lead to the formation of regularly meeting WAG user groups.
“So, if I’m in Omaha, I should join the Omaha WAG?”
That’s right! I’ve created WAGs for several of the cities I visit on a regular basis. (Minnesota, Des Moines, Omaha, St. Louis, and Kansas City.) I really want to help form or support IT Pro user groups in those cities – whether or not they are focused on Microsoft solutions. But I am betting that a general administration group would be very valuable in a lot of cities. We all want a place to get together and share best practices, see presentations from skilled professionals, and generally network with your IT Pro peers. (And sharing some Pizza and Beer now and then is good, too!) On behalf of Microsoft, I cover the States of Minnesota, North Dakota, South Dakota, Nebraska, Iowa, Kansas, and Missouri. So I’m hoping to form and support groups in any-or-all of those states.
“What if I’m not in one of those locations, but I still want a group in my area?”
Then I want to hear from you, too! I’m creating subgroups for anyone that wants one – until we reach the subgroup limit in LinkedIn. So if you’re interested, send me a note or create a new discussion in the WAG discussions, and I’ll create it. In fact, if you’re interested in being the manager of your subgroup, I’ll be happy to let you do that as well. I’ve already created subgroups for Chicago, Heartland, Northern California, and Toronto, Ontario. I will also likely get my Microsoft counterparts involved in helping you support those groups.
“So.. are these groups always going to be Microsoft-lead groups?”
NO! My goal is not to continue to be the leader of a bunch of user groups! Quite the opposite. My goal is simply to help get the snowball rolling down the hill and in the right direction. Ultimately I will continue to support the group, but leadership and direction ultimately need to come from the local community. (Sure.. I’ll come and speak to the group whenever you want me.)
So..
..and get your WAG on!
“Yeah, Kevin.. what’s so cool about Office 2010?”
Lots of things. I sure don’t want to have to write them all up here; though I’m sure I will eventually. But today, if you’re an IT Manager, and if you have time, you should definitely attend our IT Manager Community Talk , because I’ll be speaking with Adam Carter about that very topic.
CLICK HERE to register for and attend the live discussion, or to listen to the recording afterwards. (We’ll have it up on TechNet Edge later, too.)
I don’t know what it is yet, but I hear it’s going to be important.
At 9:00am PST today, the “Desktop Virtualization Hour” site will have a live broadcast/webcast, where I’m told there will be some exciting news around Desktop Virtualization.
I’ll watch, and report back here with an update when I have the details. Stay tuned, or watch with me.
Update: Here is the official announcement: http://www.microsoft.com/Presspass/press/2010/mar10/03-18DesktopVirtPR.mspx
VERY EXCITING STUFF!
The announcements really came in three parts:
New Technologies Many of you have complained to me (and to Microsoft about XP-Mode in Windows 7, and the requirement for hardware/CPU virtualization support. Today we have removed that barrier. Let me say it another way: If you have older hardware that doesn't have virtualization support on the CPU, you WILL NOW be able to use XP-Mode on Windows 7.
“Wait a sec… ‘Now’? Really? Now? No update required?”
Yes.. NOW. If you are already using XP-Mode, you’re fine. If you weren’t able to before, then the version you can download as of today will include the switch that allows it to run without the hardware-supported virtualization.
Another new technology announced today, that is coming in Windows Server 2008 R2 SP1. It’s called RemoteFX. This is an improvement/addition to the RDP (Remote Destkop Protocol) that will support multimedia, 3D graphics, and full Silverlight fidelity in a remote desktop session. Imagine the old Terminal Services session now supporting rich graphics! Yes.. I even saw my friend Michael Kleef demonstrate full AERO desktop capabilities like AERO Peek and AERO Flip-3D, and the new "Street-Side View" in Virtual Earth. Event HD video! Amazing. So, virtualized desktops basically won’t look virtualized any longer. How about that?
Another benefit coming in SP1 on the Server/Hyper-V side will be support for something called Dynamic Memory. Under Hyper-V, you'll be able to configure virtual machines to dynamically adjust memory allocated to them, based on performance. So, you can set a minimum and maximum, and let the machines adjust up or down as their load requires. So if you’re hosting dozens of virtual desktop machines in a VDI implementation, you’ll be able to make better, more efficient use of your virtualization host memory.
“So.. when can I get SP1?”
Sorry – Microsoft didn’t announce any timeline for SP1 yet. Stay tuned.
Licensing, Simplified!
Beginning July 1, 2010, if you have Software Assurance on your Windows Clients, you won't have to buy a separate Virtual Desktop Access license in a VDI (Virtual Desktop Infrastructure) environment. Thin clients will sill need a VDA license, but if you already have an SA covered Windows Client, you won't need an additional VDA license for that client. SA covers it.
Another big bit of news today is that companies will now have an option to extend virtualization licensing out to remote or home-based employees. Home PCs, Kiosks, and their mother-in-law's PCs. Now you will have "roaming rights". These rights will also include licensing for things like Software Assurance-covered Microsoft Office applications. “Beginning July 1, 2010, Windows Client Software Assurance and new Virtual Desktop Access license customers will have the right to access their virtual Windows desktop and their Microsoft Office applications hosted on VDI technology on secondary, non-corporate network devices, such as home PCs and kiosks.”
A renewed relationship with Citrix We announced a couple of new promotions along with Citrix Systems:
VDI Kick-start program - to lower the barrier to entry. Offering $28/user for up to 250 devices. Sweet.
Also, some additional technological collaboration was announced. For example, Citrix HDX being able to detect RemoteFX capabilities on the server and taking advantage of it for an even greater, richer media experience.
More details about the offers and the collaboration can be found on this special website: http://www.citrixandmicrosoft.com/
“Kevin.. The webcast discussed Application and Desktop Virtualization solutions like App-V and MED-V that are in the MDOP. But what if I want to start trying out App-V , MED-V or VDI right now? I don’t have MDOP. How can I try this out?”
Are you a TechNet Plus Subscriber? If so, your subscription allows you to download the MDOP (Microsoft Desktop Optimization Pack) it and try it out. (And if you’re not, CLICK HERE to find out more about the subscription, and take advantage of the near-$100 savings promotion that ends at the end of March 2010!)
What's not in the announcement that you would have liked to see, Kevin? I want to be able to run 64-bit guest machines in MED-V. We haven't yet addressed that. I presume that it's not I want
Today a security update is being released out-of-band to address a known and recently exploited vulnerability in Internet Explorer 6 and Internet Explorer 7. (See the MSRC Blog for more information about the advanced notification.)
“The vulnerability used in these attacks, along with workarounds, is described in Microsoft Security Advisory 981374. The out-of-band security bulletin is a cumulative security update for Internet Explorer and will also contain fixes for privately reported vulnerabilities rated Critical on all versions of Internet Explorer that are not related to this attack.”
The good news: The most current version of Internet Explorer, IE 8, and Windows 7, are not impacted or affected by the exploit we're addressing here. However, the cumulative update does include fixes for other less-critical issues, including some in IE 8. Apparently the IE team were able to sufficiently test fixes that would have waited for the April 13th "patch Tuesday" updates, so they were able to add them this time.
More good news: If you're running any of our antivirus products such as Microsoft Security Essentials or Microsoft Forefront Client Security, and have the most up-to-date definitions installed, you'll also be protected.
Microsoft is hosting a webcast today (March 30, 2010) at 1:00 PM Pacific Time (US & Canada) to address customer questions on the out-of-band security bulletin. Register now for the March 30, 1:00 PM webcast. After this date, this webcast will be available on-demand.
For more information, see Microsoft Security Bulletin Summaries and Webcasts.
“But how do I get these updates, Kevin? Just give me the link!”
At the time of this writing, the updates aren't available. They should be in about a half-hour from now. I'll update this post when I see it go live.
UPDATE: Here is the security bulletin page that just went live: MS10-018
Microsoft recommends you use Windows Update (http://windowsupdate.microsoft.com), or WSUS, or allow your PCs to update automatically. Or use whatever other update distribution mechanism you currently use (such as SCCM).
If you simply want to download the update packages and install or deploy them manually, you can get them at the Microsoft Update Catalog: http://catalog.update.microsoft.com/v7/site/Home.aspx
IMPORTANT UPDATE: This promotion and promotion code have expired.Please CLICK HERE for the most current promotion.
CLICK HERE for details about the subscription, and about the promotion (28%-off) that ends at the end of today (March 31, 2010).
Or CLICK HERE to dive right in and save 28% using promo code TNITQ404
UPDATE: The 28%-off promotion, and my promotion code, have expired as of today, April 1, 2010 (and it's no joke, I'm afraid).
There is a new promotion that runs through May 15, 2010, for 25% off. The new promotion code for 25% off new TechNet Plus Direct subscriptions is TNITQ404.
CLICK HERE to purchase at 25% off.
For those of you looking for something to do today, and are just itching to try out some new software, here is a quick compilation of links to useful downloads of the latest and greatest.
“But Kevin.. I don’t have a roomfull of machines to install these on.”
Well.. if you have one spare machine with decent memory that can run 64-bit OS like Windows Server 2008 R2, you can install that evaluation, and then build virtual machines in Hyper-V to try the rest of these products out.
Better yet – if you have a TechNet Plus Subscription, you can get all the software to evaluate with no time limits.
“Where do I get that subscription?”
I’m glad you asked.
Just saw this on my Windows Media Center…
Good for a chuckle, I thought.
The advisory from yesterday (1/18/2010) at the Microsoft Security Response Center is a good read for anyone interested in the latest news on known exploits to Internet Explorer.
The bad news:
For IE 6, “attacks remain targeted to a very limited number of corporations and are only effective against Internet Explorer 6”
The good news:
“…at this time, we have not seen any successful attacks against Internet Explorer 7. However, earlier today, we were made aware of reports that researchers have developed Proof-of-Concept (PoC) code that exploits this vulnerability on Internet Explorer 7 on Windows XP and Windows Vista. We are actively investigating, but cannot confirm, these claims.”
The best news:
“We have not seen successful attacks on Internet Explorer 8. We continue to recommend customers upgrade to Internet Explorer 8 to benefit from the improved security protection it offers.”
“So what are you saying, Kevin?”
I’m saying that you should get you and your companies standardized on IE 8 sooner rather than later; especially if you are still running Internet Explorer 6. Do what you can to roll it out into production. Help is available.
“But, why should I use IE at all? Won’t I be safer with some other browser?”
In the sense that those browsers are simply TARGETED less often (because there are fewer of them out there), you might think so. But they are not less vulnerable. In fact, NSS Labs found that in some very important areas they were MORE vulnerable than IE8.
“Breaking news? Didn’t this happen yesterday, Kevin?”
Yeah.. well.. I was busy yesterday traveling and attending meetings in Chicago. I’m still there (here), but really needed to blog this.
SCVMM 2008 R2 is released to manufacturing (RTM).
“What’s new?”
Well.. in a nutshell this is the version that natively support new functionality in the recently released Windows Server 2008 R2 – primarily supporting the new Live Migration functionality supported by Clustering, Clustered Shared Volumes, and Hyper-V. So now, just like you can manage fully manage Microsoft AND VMware virtualization (including launching Vmotion-based migrations of virtual machines), you’ll now be able to configure the new capabilities using SCVMM.
“Awesome! When can I get it?”
I love your enthusiasm. It will be generally available on October 1st, 2009.
“Where can I learn more?”
Certainly the SCVMM site, and the TechNet SCVMM Site are good resources.
Also, there’s a webcast happening on Sept 9 being delivered by the Technical Product Manager for SCVMM.
And last but definitely not least, you can download your 180-day evaluation copy HERE.
--
“Wait, Kevin.. I’m a TechNet Plus Subscriber. Is it available for me to download yet?”
As of the time of this blog post, no. Not yet. I’m sure it will be there soon, and I’ll try to remember to update this post when I hear or see that it’s there.
I fired up my tweetdeck just a minute ago and saw this tweet from Jeffrey Snover (the architect of PowerShell):
“What does it mean?
It means that the new version of PowerShell (version 2.0) is now RTW (Released to Web). And not only PowerShell 2.0, but also WinRM 2.0 and BITS 4.0. It’s called the “Windows Management Framework”.
“But aren’t those already included in Windows Server 2008 R2 and Windows 7?”
Yes.. but you who are running Windows Server 2008, Windows Server 2003, Windows Vista, or even Windows XP would like to (or need to) take advantage of this powerful new management platform as well. And now you can!
Here’s the link to the PowerShell Blog that Jeff’s tweet mentions above: http://blogs.msdn.com/powershell/archive/2009/10/27/windows-management-framework-is-here.aspx
And here’s the KB where you can learn more about it, as well as download these tools: http://support.microsoft.com/kb/968929
Oh.. and one more link – this one to the Windows Management Infrastructure team blog: http://blogs.msdn.com/wmi/
Microsoft Learning has a new site (and really a global campaign) devoted to helping you plot out your career, and to help you then find the trainings and resources that can help you get there.
From the site:
“Today, more than ever, your career is the best investment you can make. Microsoft provides certifications, guidance, career paths, and special offers associated with some of the most commonly recognized IT job roles in the industry. Microsoft Learning Plans and offers help you train on and become certified in the most notable and current Microsoft products, including Windows Server and Windows client technologies, Microsoft Exchange Server, and Microsoft SQL Server.”
Click here for more information.
Just got an e-mail from Stephen Rose. He writes:
17 film teams in the Seattle area competed. Rules were to create a 30 second to 2 minute film, targeted to IT Pros. Each team picked a different genre from a hat (e.g. Comedy, Music, Parkour, Blast from the Past, etc.). And they had to include the following in their film: 1) a character called “CIO Wiggins”, 2) a line of dialog “The guys in IT are going to like this” and 3) mention “Windows 7”. The results are hilarious and interesting. Check them out! http://www.youtube.com/user/Win7FilmFest
Good stuff!
Greetings!
Here are the resources relating to the TechNet Webcast: “Automating Windows 7 Deployments using System Center Configuration Manager 2007 R2 SP2”, delivered November 11, 2009.
I hope you find them useful!
-Kevin
___
Demo Screencasts
“Best of” Q&A
Best of Q&A post is now available here!
Related Resources
System Center Configuration Manager 2007 http://www.microsoft.com/sccm
Asset Intelligence in Configuration Manager 2007 http://technet.microsoft.com/en-us/library/cc161988.aspx
Inventory in Configuration Manager 2007 http://technet.microsoft.com/en-us/library/bb632437.aspx
Modifying Task Sequences http://technet.microsoft.com/en-us/library/bb978347.aspx
Windows 7 Deployment http://technet.microsoft.com/en-us/library/dd349337(WS.10).aspx
Step-by-Step: Windows 7 Upgrade and Migration http://technet.microsoft.com/en-us/library/dd446674(WS.10).aspx
U.S. Live, In-Person TechNet Events http://www.technetevents.com/KevinRemde
Hurry! Save $$$ on a TechNet Plus Subscription! http://blogs.technet.com/kevinremde/archive/2010/01/20/TNITE04.aspxIMPORTANT UPDATE: This promotion and promotion code have expired.Please CLICK HERE for the most current promotion.
As promised, here are the best of the questions (with answers) from our November 11, 2009 “TechNet Webcast: Automating Windows 7 Deployment Using System Center Configuration Manager 2007 R2 SP2”
BIG THANK YOU to John Weston, John Baker, and Dan Stolts for handling the Q&A during the live event. Most of what follows started with their answers to these very good questions.
I hope you find these resources useful!
PS – The resources, including links to screencast recordings I did of the complete demos for this content, are available HERE.
Questions and Answers
“Is it possible to manage Blackberry devices with SCCM?”
No. Only the following devices are supported: Windows Mobile 2003 Smartphone Windows Mobile for Pocket PC 2003 Second Edition Windows Mobile for Pocket PC 5.0 Windows Mobile for Pocket PC Phone Edition 5.0 Windows Mobile 6 Standard Windows Mobile 6 Professional Windows Mobile 6 Classic
“How well does this integrate into MDT 2010?”
The two actually share some technology. Both use tools from the Windows Automated Installation Kit (WAIK) for portions of their solution. Both create and drive task sequences.
But as far as integration, they are different tools. The Microsoft Deployment Toolkit (MDT) is free, and is purely for addressing the creation and management of Operating System deployment. System Center Configuration Manager 2007 (SCCM) is not free, but does deployment of applications, updates, operating systems, as well as collection and management of computing inventories (hardware and software) and licensing. SCCM is also scalable to support the largest of any businesses out there, with an architecture that lets you define and distribute roles across large geographic boundaries.
So.. if you are a small-to-midsized business who just need a toolset to drive deployment, and if you don’t already have SCCM, you’ll want to look at the MDT.
“How do you capture an image?”
You can capture images using ImageX, which is a part of the Windows Automated Installation Kit. Instructions are here: http://technet.microsoft.com/en-us/library/cc749003(WS.10).aspx
You can also use SCCM 2007 to build a deployment of your “reference computer”, so that your task sequence will install the OS, install apps, drivers, packages, and then capture the image for you. A description of this, plus instructions, can be found here: http://technet.microsoft.com/en-us/library/bb632585.aspx
“Can you have a SEPARATE server added into SCCM that can host the PXE environment... we have a separate MDT2010 server stood up today...”
MDT and SCCM can be integrated in the sense that you can use either to build deployments, and to take advantage of the same capture, PXE, WDS, and image tools. They also natively support the same boot and os image files (.wim files – the first containing WinPE, and the second having the captured OS).
At the end of the session, could you go over implementation costs for this new system before logging off? Also could you address user licence agreements. I have three office locations in the US and Canada with 15-20 computers.
These webcast are so packed full of information, and with one hour to fill, we really can’t get into these kinds of details. Certainly this information is available either online, or from your local reseller or Microsoft Partner.
If you only have a total of 15-20 systems, you might want to just use the MDT 2010. (http://www.microsoft.com/downloads/details.aspx?familyid=3bd8561f-77ac-4400-a0c1-fe871c461a89&displaylang=en )
Here’s the licensing information for SCCM: http://www.microsoft.com/systemcenter/configurationmanager/en/us/pricing-licensing.aspx
“Why is he using a winpe boot.wim made from build 7100? doesnt sp2 install a boot.wim that build 7600?”
These images were created before RTM occurred.
“How do you find the smbios guid on a machine?”
“Where does SMBIOS GUID come from? How do you know it from a bare metal ws?”
“Where did he get the guid for his bare metal pc?”
“How did he come up with an SMSBIOS GUID for the machine provisioning when it is bare metal system and has never been an SCCM client? I can see how you can give it a NetBIOS name and a MAC address but how do you pre-determine an SMSBIOS GUID?
One way against a running machine would be to use WMI and the .\root\cimv2 namespace “Win32_ComputerSystemProduct” class. Or using PowerShell, you can run this command:
Get-WmiObject Win32_ComputerSystemProduct uuid
But if, as in the example I demonstrated, the machine doesn’t have an OS installed yet, that’s not going to help much. What you’ll do in that case is boot into the system settings. You should be able to find it there. (On my Lenovo, the UUID is right there on the first screen in the BIOS info.)
“In SCCM 2007 R2 SP1, you could also advertise the task sequence and packages to unknown computers. Is this option still available in SCCM 2007 R2 SP2?”
Yes. Here’s a really good post on how to enable and use this:
http://www.deploymentforum.com/Community/Forums/tabid/124/forumid/23/postid/2133/view/topic/Default.aspx
“What are the options for advertising a task sequence via PXE to all KNOWN computers without advertising the task sequence to a collection?”
SCCM advertises to collections only, but that certainly that collection could contain all of your KNOWN computers.
“If the image is captured using standard TS, the Configmgr client is installed into the WIM image. Why therefore does the deployment TS install the client if it is already there?. I believe the capture TS "prepares" the SCCM client i.e. removes sitecode, stops ccmexec service and removes cetificates so I would expect the deploy task sequence running ccmsetup to realise client is already present and just activate it - instead it does a reinstall which wastes time - why?”
Good point. If your captured image already has the client, then I don’t see why another install would be necessary. My image didn’t have it.
Remember also that you could use the ‘intall.wim’ file directly off of the Windows OS DVD, which has absolutely nothing in it. In that case your deployment would include the ConfigMgr Client, as well as any-and-all other drivers, updates, and applications.
“Is there any advantage to importing the computer information vs. using R2's ‘Unknown Computer’ support?”
The only advantage I can see is to restrict just anyone from being able to start an installation.
“I missed the first part. Did he talk about configuring WDS and the PXE for SCCM?”
Yes, I did briefly. Basically I just showed where in the Server Manager you add the WDS server role. I took the defaults. And then I showed where I added the PXE Service Point site server role in SCCM.
“What version of WinPE are supported with SCCM?”
Configuration Manager 2007 requires Windows PE 2.0. Configuration Manager 2007 SP1 requires Windows PE 2.1. Configuration Manager 2007 SP2 requires Windows PE 3.0.
“For WDS, do we need to configure it to reply to PXE boot? Do I need to configure any options in WDS or i just install the feature and only do the configuration on the PXE site system in SCCM?”
The default in WDS it to respond to Known and Unknown computers. But in my demonstration, I didn’t do anything at all in WDS, other than add the role. The PXE Service Point, and allowing only known or unknown computers support, is where this happens in SCCM.
“Where do i get the USMT for windows 7?”
It is part of the Windows AIK http://go.microsoft.com/fwlink/?LinkId=136976
“Where does USMT store the data it gathers? How do you set that up?”
Here is the User Guide: http://technet.microsoft.com/en-us/library/dd560801(WS.10).aspx
“Can you use the SCCM tools to add an image to an existing wim or do you have to use something else for that?”
I don’t think there is a way to have SCCM do that automatically for you – unless perhaps you could add a custom step to a task sequence that drives the ImageX tool to merge a newly captured image into another file. (“I’ll leave that for you as an exercise.”)
“How do i install USMT on Windows XP?”
You can install the WAIK on Windows Vista and later, and then copy the USMT files over. NOTE that you can only run the ScanState utility on XP. You can’t use LoadState. (And why would you?)
Check out Dan Stolt’s excellent blog post and video: http://blogs.technet.com/danstolts/archive/2009/09/02/migrate-windows-xp-to-windows-7-using-usmt-user-state-migration-tool-upgrade-xp-or-vista-step-by-step.aspx
“Can you put the Product Key in there? Do you need KMS server?”
You can do either.
“Can i use the USMT if i have a x86 XP but want to image/migrate over to x64 Win7 PC?”
Yes. You can use USMT to migrate x86 to x64. You can’t go 64-bit to 32-bit, though.
“What does the USMT4 Hardlinking feature do with the data on disc during the OS installation?”
It simply keeps it in a folder that it doesn’t touch during the installation. Starting with Windows Vista, these “image-based” installations are non-destructive by default, as a benefit of the fact that the image is a file-based image and not an image that simply throws bits on a disk. So if you don’t partition and/or format the drive, and if you have sufficient space on the disk for the installation files on top of your existing disk, then you can keep the data on the local disk.
“For OEM editions that do not require a product key (Dell DVD's for example), does licensing carry over in the imaging process?”
You don’t have a distributable OS with just the copy that comes on your computer. The OEM copy is firmly linked to the hardware it was sold on. To do what we’re discussing here, you have some kind of volume licensing on top of this that allows you to create and deploy OS installations onto those boxes.
“Do I need to configure any options in WDS or i just install the feature and only do the configuration on the PXE site system in SCCM?”
The WDS role is simply added to the server. You'll do all you configuration from within SCCM.
“Do we install the PXE role on secondary servers and primary servers or just the central server?”
PXE service point is configured on a site system. It doesn’t have to be a primary or secondary site server and definitely shouldn’t be put on the Central Site server. It will however, be servicing a primary or secondary site.
“Leveraging the new Virtual Windows XP Mode available in Win7 Pro and Ultimate, would it be possible to deploy that along with the Windows 7 image, and simultaneously create a virtual machine running Windows XP for legacy applications?”
It would be a rather fat image, but I don’t see why you couldn’t build a reference system that included the XP mode .vhd, and Windows Virtual PC already configured. There’s nothing special about the XP machine (it’s just a .vhd after-all). Don’t boot it before capturing the image. Leave it be in a pre-run state.
“Where do i get the Windows PE 3.0?”
Windows Automated Installation Kit
Where does USMT store the data it gathers? How do you set that up?
Two choices: You can point the scanstate tool to the destination using command-line parameters, or you can configure the appropriate .xml files to make these designations.
See the User State Migration Tool “components” page for more details: http://technet.microsoft.com/en-us/library/dd560755(WS.10).aspx
“Where can you configure USMT like what files,settings get backed up?”
See the User State Migration Tool “components” page for details on how you can specify such things: http://technet.microsoft.com/en-us/library/dd560755(WS.10).aspx
“Does the USMT copy all the multiple users info?”
It can, yes. In my demo, it did (though I only had the one user).
“Can i have your email?”
Can I have yours?
“How do you capture data and save it locally instead of on the server?”
In my last demo that’s exactly what I did. I configured the task sequence to store the users settings locally. If you’re just using USMT from the command-line, you can do that in options for the scanstate tool.
“The last demo - Was it using USMT hard links”
Yes. It’s a very fast restore.
“Is SCCM SP2 supported in windows 2008 R2?”
Yes.
“How to you create a wim image for Windows 7”
See the WAIK and the documentation on the ImageX tool. But if you simply want to have an OS image to deploy (with nothing extra installed within the image), you can just use the install.wim file found on the Windows 7 DVD, or in the Enterprise installation you got with Volume Licensing.
“What is the difference between SCCM and MDT 2008?”
http://www.bing.com/search?q=What+is+the+difference+between+SCCM+and+MDT+2008%3F&src=IE-SearchBox&FORM=IE8SRC
“When the LTI deployment fails, where are the log files stored?”
A list of the log files in SCCM and where they’re found can be found here: http://technet.microsoft.com/en-us/library/bb892800.aspx