NOTE: TechDays Online (Autumn) 2013 full agenda and dates can be found here .
It’s not long now until TechDays Online 2013 will be in full swing! If you haven’t registered already for this unique online 3 day event then register now!
Join Microsoft experts for three, free days of interactive learning; online and direct from your browser. Learn all about the latest Microsoft Technologies and with even more exciting topics, discussion and interactivity.
For a chance to win a HTC Windows Phone 8, all you need to do is follow @TechNetUK and tweet the following: Tech.Days Online is back!! http://aka.ms/k35pwq RT & follow @TechNetUK for a chance to win a Windows Phone 8 #UKTechDays2013
By registering for Tech.Days Online 2013, you will also be automatically entered into a prize draw to win a Sony VAIO laptop (Terms and Conditions apply)
By Vicky Lea
In a previous blog I discussed how the licensing of Windows 8 works at home. As a natural follow on to that we now need to think about how applications are also licensed to run on employee’s own devices, so that is what I am going to cover in this blog.
When we think about Office nowadays we need to consider Office 2013 and Office 365 ProPlus. I am going to start with Office 2013, the on-premises licensing option for the new Office.
Office 2013 is licensed Per Device. This means every device that runs Office 2013 needs a licence to do so, irrelevant of whether Office 2013 is installed locally on that device, or whether Office 2013 is being delivered to that device in another manner, such as via RDS or VDI. So for any device that is on the corporate premises accessing Office 2013 you would need to purchase an Office 2013 licence. However, it could be that you want access Office 2013 from a home computer, how do we make sure that home computer is licensed for Office 2013?
Well, there are a number of ways to tackle this:
First of all we could make use of the Office Roaming Use Rights Software Assurance benefit. When you purchase Office 2013 with Software Assurance you receive a number of benefits. One of these is the Office Roaming Use Rights which by definition (from the PUR) allows the primary user of the device licensed with Office SA to:
· remotely access the software running on your servers (e.g., in your datacenter) from a Qualifying Third Party Device,
· run the software in a virtual OSE on a Qualifying Third Party Device, and
· install and use the software on an USB drive on a Qualifying Third Party Device.
· When the primary user is on your or your affiliates’ premises, Roaming Use Rights are not applicable.
· You may not run the software in the physical OSE on the third party device under the Roaming Use Rights.
We can see from the definition then that Roaming Use Rights will allow Office to be delivered to an employee’s computer in a virtual OSE, via RDS or VDI for instance, whilst outside of the corporate premises. However, what happens if we would like Office 2013 to be installed locally on the employee’s device rather than virtualised onto that device?
Well here we could make use instead of the Home Use Program. This is another Software Assurance benefit that you receive when covering Office 2013 with SA. The Product List states:
Under the Home Use Program, customers’ employees, who are users of the licensed qualifying applications, may acquire a single license for the corresponding Home Use Program software, to be installed on one home computer. The license terms for that software permit the primary user of the home computer to install and use another copy on a portable device.
So with the Home Use Program an employee can purchase the Office 2013 Professional Plus media and then install the software on their own computer for use whilst they are an employee of the organisation and Software Assurance has been maintained on the underlying Office 2013 licence.
Another alternative is to license Office 2013 via the Work at Home rights received with some volume licensing agreements. Select Plus and Enterprise Agreement customers receive Work at Home rights for Office 2013. The Work at Home right allows the organisation to acquire a Work at Home licence for use on the employee’s home computer, but this licence must correspond to a licence purchased for the same product that has been deployed on an “at work computer”.
The above options all relate to licensing Office 2013, the on-premises offering of Office, but as I mentioned before there is another way in which to license the new Office. And that is via an Office 365 subscription. Office 365 is Microsoft’s cloud offering of their user productivity products, including amongst other things Office 365 ProPlus, Exchange Online, SharePoint Online and Lync Online. Office 365 is licensed via a USL (User Subscription Licence), meaning that you license each user, on a subscription basis, to access the services provided through Office 365.
Office 365 ProPlus provides the licensed user access to an always-up-to-date Office experience, with the licensed user being able to install Office on up to 5 PCs, as is confirmed in the PUR:
· Each user to whom you assign a User SL may activate the software for local or remote use on up to five concurrent OSEs.
These 5 devices can include home owned computers as well as corporate ones, which means that you can easily license your users to access Office 365 ProPlus on home owned devices just via their Office 365 subscription.
The last area I wish to discuss today, and then I will leave you in peace, is the licensing of Office 2013 on a Windows RT device. When you purchase a Windows RT device it comes with a copy of Office Home and Student 2013 RT preinstalled. This suite includes Word RT, Excel RT, PowerPoint RT and OneNote RT. There is one very important factor you need to be aware of with Office Home and Student 2013 RT, and that is the fact that the default usage rights of the product do not allow it to be used for commercial purposes.
This obviously has an impact when you need to use the copy of Office preinstalled on a Windows RT device for commercial purposes, but it is possible to acquire commercial usage rights for Office Home and Student 2013 RT. This can be done in a couple of ways:
Firstly the commercial usage rights for Office Home and Student 2013 RT can be accessed via Office 2013 or Office 365 ProPlus. When you license a PC for Office 2013, or a user for Office 365 ProPlus, the primary user of the device licensed with Office 2013, or the user licensed for Office 365 ProPlus is then provided with commercial use rights for Office Home and Student 2013 RT that can be applied to their Windows RT device and the copy of Office that comes with it.
Alternatively, it is possible to purchase Office Home and Student 2013 RT Commercial Use Rights. These are purchased per device and will remove the non-commercial usage restriction from the licensed Windows RT device, as detailed in the PUR:
1. You must assign each license to a single device.
2. This license modifies your right to use the software under a separately acquired Office Home & Student 2013 RT license, by waiving the prohibition against commercial use of the software.
I have covered a number of areas here, and just as a reminder, if you want to check out any of the detail referred to in this blog the Product Use Rights and Product List documents are a good place to look!
With the advent of the public cloud, cheap compute resources used on a pay-as-you-go and only-pay-for-what-you-use basis, a new phenomenon is emerging. The pop-up lab.
Pop-up labs are used by Devs and IT Pros to create multiple server lab environments that are popped-up for the few hours they are needed and then popped back down again, ready to be re-ignited on a different occasion.
At the end of the day it’s just the start-up/shutdown of collections of virtual machines, but the things that make this different are that the machines live in a public cloud operator’s data-centre; like Windows Azure. If you think about it – when you need to say, replicate a problem, you only need the lab usually for a few hours, probably less than a day. Great if you’ve got a large data-centre to build the virtual environment in. But what if you don’t have the luxury/money to have such a resource at your disposal?
That’s where pop-up labs come in. They are used for dev and test purposes, for self-education/career advancement, training, problem replication and just simply getting experience with a new technology. The free Windows Azure trial subscription means you can often run pop-up labs for free. But say if you want to fire up a 2-server SharePoint farm with SQL Server and AD to replicate one of your customer’s problems: you could do that for an afternoon’s work for less than £2.
If you want to know more about this emerging phenomenon – go to this URL: http://aka.ms/Popuplabs
Are you still thinking about attending? Are you still trying to get sign off from your boss to travel?
My colleague Denise recently blogged about some of the announcements we've made on the certification side of things:
A Microsoft certification confirms to everyone—employers, clients, your peers—that you're a technical expert with proven skills. It also makes you part of the elite community of Microsoft Certified Professionals (MCP), which allows you access to exclusive Microsoft resources and benefits such as the MCP member website, career-building tools, and training.
In the Certification Center at TechEd North America and TechEd Europe 2013, you'll have access to onsite training, Exam Prep sessions, and practice tests, as well as the assistance of MCT Ambassadors who have passed multiple exams.
Take advantage of this great opportunity to fulfil your certification requirements at a 50% discount at TechEd North America 2013 and TechEd Europe 2013. This opportunity is only available to registered TechEd 2013 attendees.
Learn more and sign up to take a Microsoft Certification exam at TechEd North America or TechEd Europe.
Not registered yet for TechEd 2013? Register today and start planning your ideal conference schedule!
Register for TechEd Europe
All Microsoft Certification Exams will be offered at 50% off the regular price to TechEd Europe attendees.
It's always difficult to demonstrate the value of these types of events to colleagues of bosses who have not attended, the advantages gained on the certification side of things may be one way to support your case.
Yesterday we showed a whole range of devices in the TechDays Online 2013 session called the Device Showcase. Devices shown are (or will be) all listed at our online Windows 8 tool : http://bubl.com/Microsoft/Windows_8
Note the devices section Is the best place for released devices.
The Devices shown on TechDays Online were:
The most important thing to remember is you now have a lot of choice, not just down to the choice but how simple it is now to deploy to a wide selection of devices using management tools like System Center Configuration Manager 2012 SP1. Two laptops and two desktops won’t cut it anymore, your end users have expectations based on what they can see in the retail/consumer world. If you spend the time looking at user-profiling you will find it much easier to align your role out strategy of the OS, Apps, devices and experience.
By passing an MCP exam during the months of March, April or May 2013 you will be able to enter a prize draw to win one of the fantastic prizes below. What's more, if you pass another exam in a later qualifying month you can enter again (see terms and conditions for full details).
Neil Hodgkinson has provided a step by step guide to getting started with System Center 2012 Configuration Manager. This is part of a 15 part series which will cover the installation, setup, configuration and usage of Microsoft System Center 2012 Configuration Manager. To find the additional articles in the series please take a look at Neil’s site.
http://SCCM2012 IIS Default for group policy is not needed if you are using SCCM push, read more about it here http://technet.microsoft.com/en-us/library/bb632380.aspx
Remote Differential Compression for site server and branch distribution point computers
Site servers and branch distribution points require Remote Differential Compression (RDC) to generate package signatures and perform signature comparison. By default, RDC is not installed on Windows Server 2008 or Windows Server 2008 R2 and must be enabled manually.
Use the following procedure to enable Remote Differential Compression for Windows Server 2008 and Windows Server 2008 R2 and now 2012
Delegate Permission to the System Management Container
Open Active Directory Users and Computers. Click on view, select Advanced Features. Select the System Management Container, and right click it, choose All Tasks and Delegate Control.
When the Welcome to Delegation of Control Wizard appears click next, then click Add. Click on Object Types, select Computers. Type in your SCCM server name and click on Check Names, it should resolve.
Click Ok, then Next. Choose Create a Custom Task to Delegate, click next, make sure this folder, existing objects in this folder and creation of new objects in this folder is selected.
Click next, select the 3 permissions General, Property-Specific and Creation-deletion of specific child objects are selected then place a check mark in FULL CONTROL, and click next then Finish.
Extent the AD schema for sccm
Perform the below on your Active Directory server, simply browse the network to your AD Server server \\adminserver\c$ and copy the contents of SC2012_SP1_RTM_SCCM_SCEP and find \SMSSetup\Bin\x64\Extadsch.exe, right click and choose Run As Administrator.
Open SQL ports
Create an OU for your SCCM server and allow port 1433 and 4022 for SQL replication with group policy – Select Computer Configuration, Policies, Windows Settings, Windows Firewall with Advanced Security and select Inbound Rules, choose New and follow the wizard for opening up TCP port 1433, repeat for port 4022.
If using group policy refer to step 2 below Image
To open a port in the Windows firewall for TCP access
To open access to SQL Server when using dynamic ports
Install .net frame work and IIS WCF activation and BITS
In Server Manager select Features, Add Features, Select .NET Framework 3.5, also select WCF Activation and when prompted answer Add Required Role Services click next and next again. (Make sure the BIT and IIS service is running/restart after install).
SQL Server 2012
Install SQL on D:\Program Files... and when running setup.exe right click and choose Run as Administrator, Select all options on install, click on the account name and enter the admin username and password.
Click next and finish install (takes a long time).Make sure SCCM computer is a member of the built-in administrators.
Check TCPIP properties for listening IP address in SQL Server Configuration Manager Start up the SQL Server Configuration Manager, and expand SQL Server Network Configuration on the left pane, highlight Protocols for <Instancename> and double click on TCPIP in the right pane
Click on IP addresses
Change IP2 to enabled yes
Leave default IP
Change IP4 to enabled yes
SQL Memory Configuration
The logon account for the SQL Server service cannot be a local user account, NT SERVICE\<sql service name> or LOCAL SERVICE. You must configure the SQL Server service to use a valid domain account, NETWORK SERVICE, or LOCAL SYSTEM. SEE BELOW PIC
Installation of System Center 2012 Configuration Manager with SP1
Here is the download link for the Assessment and deployment kit http://www.microsoft.com/en-us/download/details.aspx?id=30652 this is one of the prerequisites.
Also restart your server
When the wizard appears, click on Install, click next and then select Install a Configuration Manager Primary Site
Click next, and then create a folder on your D/E Drive called rc_updates
Click next on your Language of choice and enter your site installation settings install on D/E not C:
Install as the first site in a new hierarchy
Click next, leave the FQDN as default
Select Configure the Communication method on each site system role and review all setting.
Client Computer Communication Settings (HTTP or HTTPS). Select Configure the communication method on each site system role.
Any warnings can be fixed after the install
Make a brew this part can take a while!
After the install has finished restart the server.
The next step in the guide we will be going through the different discovery methods and creating boundary Groups.
Head on over to http://www.technodge.co.uk for more Deployment guides.
Neil Hodgkinson has been working in the IT industry for 14 years with 9 of those working in the education sector, I have worked with many versions of Windows Server, Exchange and Group Policy . Over the last few years I have been specializing in Deployment methods starting with Microsoft's deployment tool kit and the migrating over to Microsoft System Center, the Holy grail of servers- for Endpoint Protection, Deployment, App Control for windows 8 and the ability to manage smart phones.
I also do a lot of free consultancy for all the local primary schools on the best way to deploy and control their windows environment Via system center and Group policy's.
IT is a passion and I feel you have to be passionate about the IT industry for things to keep things moving forward.
At first glance you could be forgiven for thinking that deploying a Windows 8 to a bunch of enterprise devices is hard, complex or time consuming. The reality is that Windows 8 apps are actually quite easy to deploy once you understand the basic requirements and methods for deployment. The nomenclature that we use here has changed a little since the source of our apps has changed with the Windows Store. Deeplinking is the process of deploying an advertisement through a company portal that an app is available (or recommended you could say) for installation by your company, the application package remains in the store. Sideloading is the process of taking the application package provided to you by your in house Line of Business (LoB) developers or a 3rd party software vendor (ISV). Let’s take a look at both more carefully.
Requirements for modern UI apps
Before we look too deeply (pun intended) at Deeplinking and Sideloading lets look at the requirements for successful installation of a Windows 8 app.
With that understood lets take a look at how we install an app on a device. Typically a user finds the app in the Windows Store and taps Install or Buy, both of which start the app installation although Buy obviously also completes a purchase transaction with the Windows Store. The key thing though is that installing and buying an app are essentially the same process – essentially the user is consenting to the install, and more importantly they are consenting to the association of the app with their personal Microsoft account.
Now lets consider the Deeplinking process. Deeplinking can be performed using either System Center Configuration Manager 2012 SP1 or Windows Intune for Windows 8 devices. For Windows RT devices System Center Configuration Manager 2012 SP1 can be linked up with Windows Intune to support deeplinking. The two products can also be linked to support Windows 8 clients if you want to centralise management too. I’ve created a series of videos, The Deployment Sessions, that explain how to make the links required and how do the deployments.
Once you’ve decided upon your deployment targets and your deployment method it’s time to build your deployment. The first thing you’ll need to do is to designate a device as your reference device, just as you would for any other type of applications packaging. In this case though you won’t need to run a monitor app to capture what the app is doing. Simply go to the Windows Store and install the app. Now go to a Configuration Manager console and create an application in the Software Library making sure to select Windows app package (in the Windows Store). You’ll then be asked to specify the location which you do by connecting to your reference computer by name (you’ll need to have run winrm quickconfig on the reference machine first). The wizard will return a list of all the apps installed on the device, then simply select the app you need, complete the Wizard and deploy just like you would any other (msi or App-V) application. Whilst completing the deployment wizard you’ll be able to say if the app should be available or required, normally a required app will be installed for the user and an available app will just appear in the Configuration Manager Application Catalog. However with deeplinked apps this isn’t the case.
When deeplinking in Config Manager 2012 SP1 a required installation will still need user interaction, the store will open for them to the right app but they will have to click / tap Install. This is because the app is being added to their personal Microsoft account so they need to consent. Required then becomes a constant reminder to the user to install the app, and arguably this looses it’s value. Most users are today comfortable with the idea of a store, the device in their pocket almost certainly has one, so self service should be a key consideration in your deployment plan.
Deeplinking with Windows Intune differs from the above in that you don’t need to install the app onto the reference device, you simply need to get the URL for the app from the Windows Store. There are a couple of ways to achieve this, but I commonly email the app to myself using the Share charm. You will also notice that available is the only option within Windows Intune for a deeplinked app.
The only other thing to mention on deeplinking is that it’s available on platforms other than Windows. Deeplinking works for Windows 8, Windows RT, Windows Phone 8 and also for Android from Google Play and for iOS devices from the Apple App Store.
Lets take a look at the Sideloading process. Sideloading is the business of taking an Appx Package which is generated from Visual Studio at build time and installing that package onto a target device. The appx package is signed at the time of building the app by the developer, usually with a certificate issued by your enterprise CA but a certificate issued by any trusted CA can be used. This type of deployment is most commonly used for Line of Business (LoB) apps. As with Deeplinking both Windows Intune and System Center Configuration Manager 2012 Sp1 can be used but also PowerShell can be used.
The first step to Sideloading is to obtain the appx package and to place it on a share that you can access from Configuration Manager or from Windows Intune. The second step is to add the app into the Configuration Manager console and create an application in the Software Library making sure to select Windows app package (appx file). You’ll then be asked to specify the location of the appx file and specify details about the app. You’ll then need to deploy the app to a collection of users that you want to have access to it. If you want you can also add the app to any Task Sequences you use to deploy your operating systems.
If you’ve chosen to do your deployment to a Windows RT device using Windows Intune and you’re using an enterprise CA to sign the Appx package you’ll need to provide that certificate to your Windows RT devices since they cannot join your domain. Windows Intune takes care of this for you and if you’ve got your Windows Intune account linked to Configuration Manager you can add the certificate you’ll use to sign your apps through the Windows RT tab of your Windows Intune subscription in the Hierarchy Configuration node of the Administration Workspace. Once provided this certificate will be automatically added to your Windows RT device. You’ll also need to provide a Sideloading Product Key which is available from the Volume Licensing Portal in the same place and again Windows Intune will allocate a key and enable sideloading on any enrolled Windows RT devices.
I’ve created an ongoing series of videos on my blog entitled The Deployment Sessions that will walk you through most of the permutations of deployment of Windows 8 apps, using Configuration Manager 2012 Sp1 and Windows Intune.
Posterous was bought by Twitter on the 12th March last year and is about to be shut down on the 30th April this year.
If you have a blog on Posterous Spaces, you have until the 30th April to move it. After that date, your content will be gone and it will no longer be possible to get hold of it.
If you only do one thing between now and the 30th April – use the Posterous backup facility to create a zip file with all your blog posts in it. You can then use tools at a later date to import that blog.
But maybe this is exactly one of those compelling events that forces you to eventually act; to get on and do the thing you’ve been meaning to do for over 12 months: move your blog to a private website, running the Wordpress blogging engine.
That’s exactly what this click-by-click video shows you, using a Wordpress blog on a Windows Azure website – one you can easily scale out and back using the scale slider. Watch the video for exact instructions on how to set up the Wordpress website and then import your Posterous blog in to it.
More info at http://www.posterousblog.com which has been set up to help with this challenge.
For those of you who are focused on SQL Server I thought it would be good to let you know that following on from SQL Bits in May is SQL Relay in June. You will find all the details in the flier below: