Michael Kleef ::: MSFT

http://twitter.com/mkleef

Blogs

Security Summit - Melbourne

  • Comments 9
  • Likes

If you had questions WRT the sessions I did at Melbourne's Security Summit....post them here!

I did the SMS and MOM session aswell as the Identity Management session.

Comments
  • Woohoo! First question.

    When you talking about WUS today, you mentioned that it has reporting, but it is not centralised. ie. if you have 18 servers, you need to visit each of the 18 to get deployment statistics.

    Apart from SMS 2003, are there any plans for Microsoft to release a utility to rollup the server DBs into one central DB?
    (yes, I've also looked at WUStatusServer as well...)

    If not, do you know of any third party plans to do so?

    If we run WUS on an SQL Server, are we able to access the backend to create our own reports, say with Crystal Reports?

  • Thank you for your excellent presentations which I throughly enjoyed.
    I didn't get a chance to ask you an SMS related question, which I will do now.
    In relation to the SMS OS Deployment pack, is it possible for SMS to handle a 'bare-metal' deployment from start to finish completely on its own, or do you need a RIS server to get a base OS out first, then once an SMS client is installed, SMS takes over?
    Last time I talked to a Microsoft SMS expert this was the case, but the OS Deployment pack was still in beta at that stage...

    P.S. Where do you get the confidence to present so well?

  • Hi,

    I spoke to you today at the Security Summit in Melbourne about Windows Update Services and the licensing restrictions regarding hosting a corporate Windows Update Services outside of clients enterprises for centralised updating from clients servers directly to ours. We spoke to Derek about this some time ago and he advised us that doing this is actually against licensing regulations of the SUS product, I asked if this was also the case if you used WUS instead and you said "Post the questions to my blog!" And so, here I am!!

    Thanks in advance

    Cheers

    Rob

  • Hi Again,

    One more thing, and I'm not sure if you're the person to ask, but I have your blog so I'm away and asking; We are deploying a few SIP Servers in client sites to eliminate attack vectors from external instant messenger issues. I know that Microsoft has deployed this technology extensively across all of its branches, however I question how this is REALLY possible, as I set up SIP and Instant Messaging for about 60 users last week and to go to each users tab in Active Directory, click SIP Accounts on, configure their email addresses etc took FOREVER. Let alone on each workstation configuring SIP connection profiles and setting up contact lists for every user in the organisation to see every OTHER user without manually doing it. There MUST be a simpler way to do it, particularly if you guys deployed it amongst a workforce of your size. Do you have any inside info on the easiest way to deploy large scale SIP and Internal Messaging solutions using Office Live! 2003 Server and Windows Messenger 5.0?

    If you don't want to post this, if you could pop me an email to rob@aspirence.com.au that'd be great.

    Thanks again in advance, I really enjoyed your sessions today as well, you got a 9 from me for all of them!

    Cheers
    Rob

  • Michael,
    I too attended the Security Summit yesterday.
    We are a small business, about 70 users in all, and I was wondering at what size an organisation needs to be for it to become viable to look at deploying SMS rather than using the 'free' WUS (once it becomes available)? I guess you could say how long is a piece of string but, would you have any guidance for most smallish organisations running standard apps, as the added cost of SMS can be a real killer?

  • Hi Michael,

    Two excellent presentations! well done. Especially the Identity and Access mgmnt. Federated services looks great - nice little demo too. SMS and MOM - I have already been using both so didn't get as much out of that one - good overview though.
    I was wondering if it was possible to use bits downloading (with the BITS software pushed out) on an NT4 PC using the legacy client.


    Paul Kougi

  • Hi Michael,

    Another question from the Melb Summit yesterday!
    Well done on your presentations also.

    You were talking about deploying the SMS Adv. Client using Group Policy. Apart from using an administrative point, is there any way to have it set the site code automatically, or do the discovery process automatically?

    As far as i can see, it needs manual intervention after GP installation.

    If ORCA is involved, are you able to tell me the property name to edit? - i haven't had any luck with this either!

    Again, thanks for your presentations.

    Dave

  • About Windows Update Client:

    When you configure it via GPO to update from your local WUS or SUS all the options become greyed out, which is fine..

    However, I would appreciate a button with a Update from WUS/SUS now! in that area, this will help me a lot to make sure the settings are correct or to tell users how to update immediately if in need..

    May be you can relay this request to MS?

    Cristian Croitoru

  • Are the slides going to be posted somewhere?
    Thx