Thursday, April 25, 2013

During OS deployment, format the C drive only

When OS deployment is done on systems, sometimes it's needed to wipe just the C drive and keep existing data on the D drive. When using a default task sequence in SCCM/ConfigMgr or MDT all data is wiped. This because exiting partitions will be deleted and created again. In this blogpost I explain what to do in this situation.

Just create a default task sequence for OS deployment first. Just edit it after creation and remove any “Format and Partition Disk” step. You can't use this step without wiping the disk at all. In the "Apply Operating System Image" step, make the following modifications before deployment: Set the destination to a specific Disk 0 and Partition 1 (for example), so it's fixed after that.

That way only the partition configured will be used. Other partitions or disks will be saved this way! During the "Apply Operating System Image" step, the configured Disk and Partition will be formatted first before installation. Job completed!

Wednesday, April 24, 2013

Tape support is coming in Veeam Backup and Replication v7

Sponsor post

Excitement is growing! Tape support is coming in Veeam Backup & Replication v7.

We’re excited to announce tape support coming in Veeam Backup & Replication v7, delivering another option for archiving Veeam backups - disk, cloud and tape. Archive to Tape in v7:
  • Supports virtual tape libraries (VTLs), tape libraries and standalone drives
  • Tracks specific VMs and restore points on tape for easy restores
  • Backs up files from Windows and Linux servers (virtual or physical) to tape for FREE
Sound exciting? Learn more!

Jalasoft’s Brand New Xian SNMP Simulator v4

Sponsor post

Whether it serves for testing purposes or for demonstrations, an SNMP Device simulator is always a useful tool to have at hand if you have to deal with SNMP Devices. Instead of creating an unnecessary overhead on your network, you simply use a certain tool and keep it local. However, finding a good one might be hard.  A straightforward and simple tool to use is the Jalasoft Xian SNMP Simulator v1.0. This version has been built based on previous experiences with our former simulator and has been thought of from the ground up to deliver an easy and robust simulated network experience.

Just have a look at this blogpost, which mentions Jalasoft’s Brand New Xian SNMP Simulator v4.

Tuesday, April 23, 2013

Microsoft: No plans for Service Packs anymore?

When I'm talking about Windows 8 at customers they say, first wait for Service Pack 1. For Windows 7 it's the same. After installing Service Pack 1, there are still more then 100 critical and security updates needed. There is no Service Pack 2 yet, so no way to create an easy up-to-date OS image. The reason for this is Microsoft doesn't want to release Service Packs anymore, but they need to. Windows 7 SP2 and Windows 8 SP1 should come in late 2013 or early 2014. Till then monthly updates will be released as usual.

Microsoft is busy writing a big update for Windows 8, Windows RT, Windows Phone 8 and Xbox 360 called Windows 8.1 also known as "Blue". Windows Server 2012 will have it's own R2 update also. In late June the release will be showed on the Microsoft Build Developer conference. The final 8.1 update is planned for October this year. This update brings more integration between Windows devices and a better SkyDrive experience. Also the Start button will be back, and it's possible to start to desktop again after boot.

Because of bad sells, Windows 8 needs a big update. For myself I'm happy to own an Xbox 360, Surface and Windows Phone 8 already. That way I can experience "Blue" on all devices when it's released later this year. Let's hope Windows 8.1 will be great!

Monday, April 22, 2013

Useful Information from MMS 2013 Las Vegas

Last week I was at Microsoft Management Summit in Las Vegas. I've done a lot of sessions which I want to share with you. More about my experience can be found in this blogpost. Hope you can find something useful in it! 

Here's the information I have gained partly during MMS:
- Ruben Spruijt first person speaking in MMS 2013 keynote opening video
- Video about Domino's Pizza, having 15.000 VM's managed with System Center
- 99% reduction in helpdesk calls to Domino’s Pizza since they moved to Hyper-V and Windows Server 2012
- System Center Advisor integration in SCOM/OpsMgr 2012 to show active alerts
- System Center Advisor is free usage, showing alerts on Windows Server 2012 and other Microsoft products
- In Windows Azure Microsoft's doing 50.000 changes a day
- Windows Intune is used or in trial about 35.000 customers right now
- Video on Toyota using Windows Intune for software deployment and monthly updates
- Enable People-Centric IT with Windows Azure Active Directory and Windows Intune
- With the SCCM/ConfigMgr 2012 Intune connector role, cloud-devices can be managed in the ConfigMgr console
- Secure your data with Windows Server 2012 permissions for mobile devices
- System Center is more powerful when using when using multiple components

Windows Server 2012 - Easy to setup, just 6 clicks needed (or PowerShell) for VDI setup
- Choice between pooled (stateless) and personal (stateful) desktops (VDI)
- User Profile Disk, store user data and settings on a seperate VHD
- High Availability with active/active broker, SQL cluster needed
- Rich user experience with RemoteFX, 90% reduce traffic possible
- RemoteFX agressive rendering for images, text is displayed immediately
- RemoteFX media streaming for QuickTime, Silverlight, flash, html5
- RemoteFX USB device redirection for all configurations
- Optimized for Windows 8 (better/faster caching)

Windows 8 (VDI)
- Always leave the 350 BitLocker partition in place (not for VDI)
- Project VRC mentioned during ‘Optimizing Windows 8 VDI’ session for anti-virus purposes
- Windows 8 Pro or Enterprise? For RemoteApp ‘Enterprise’ is needed
- 32-bit or 64-bit? It depends, 32-bit small footprint but 4GB memory max
Memory, recommended minimum in VDI: 1GB
- ‘DoNotCreateExtraPartition=Yes’ in MDT (no 350MB BitLocker partition)
- VDI optimizer (AutoIT) for Windows 7 (no Windows 8 support yet)
- VDIConfig_1.1-Win8 script
- Windows Performance Monitor (part of Windows ADK)

Windows To Go
- In reality Windows To Go needs to be domain joined
- Choose between an online or offline domain join (includes all certificates and policies)
- Direct Access is preferred for remote access with WTG
- Add drivers in the WTG image for storage, graphic and network. Other drivers will be installed by using updates
- Use Generic (oem-oem) drivers for Windows To Go
- You need a Windows To Go certified device, require 2 partitions
- Using roaming profiles with WTG is not the best solution. USB stick full within 45 minutes
- Windows To Go creator in ConfigMgr application catalog available

MDOP 2013
- MDOP 2013 is RTM (MBAM 2.0, SP1 on AGPM 4.0, DaRT 8.0, App-V 5.0, UE-V 1.0)
- ConfigMgr 2012 SP1, App-V 5.0 and UE-V 1.0 can be used together for rich management
- MBAM 2.0 has support for Windows 8 and Windows To Go
- MBAM 2.0 can be used standalone or integrated in ConfigMgr for BitLocker
- Upgrade process (MBAM 1.0 to 2.0) keeps recovery keys intact
- MBAM will encrypt one volume at a time, volumes are displayed before encryption
- MBAM integrated in task sequence for client deployment (BitLocker)
- UE-V is used for application and Windows settings on desktops, sharing the same user experience
- UE-V can be incorporated into master image as it is installed in a dormant state by default
- Settings in Active Directory home directory or storage share
- UE-V agent on the desktop is needed, not on the management server
- Use in-box templates for applications and Windows settings
- Settings management with GPO, PowerShell or Registry possible

Windows Intune
- Unified Device Management solution (cloud solution)
- Android features supported through the Exchange Connector only
- Setup single sign-on for users (AD synchronization needed)
- Directory sync configuration tool download (needed once)
- When synchronization is done for Office365 no need to sync again
- Platforms and certifications/keys are needed per Mobile device solution
- When using ConfigMgr, don't go in the Windows Intune admin console at all
- Remote retirement is removing ‘management’ from the device only
- Settings management for Windows RT, Windows Phone 8 and iOS 5.0+
- For privacy reasons, Microsoft do not collect app inventory for apps installed
- One security policy for all kind of mobile devices. System figures out for each platform
- Retirement possible only for Windows Phone and Windows RT
- Wipe effects depend on the platform, iOS and WP8 are best platforms
- Android support is minimal, maybe future support (because of custom ROMs)
- When there's no policy set, users can retire the device itself
- No Windows Intune app for iOS and Android, but only a web based portal
- Applications in the company portal will be visible with a 5 minutes delay

System Center
- All ConfigMgr upgrades must be top-down (starting with the CAS)
- System Center integration with OpsMgr, SCOrch, ConfigMgr, Service Manager
- Great integration: provisioning user creation from SCSM and creating the user through an SCOrch workflow
- Create a new VM with a SCOrch runbook in just 3 steps
- Application approval workflow with SCSM, SCOrch and ConfigMgr possible
- SCOrch and OpsMgr are the base of system center installations
- Always use an dedicated SQL server installation for OpsMgr
- Use second OpsMgr management server for a better performance

Endpoint Protection
- Merge antimalware policies in SCEP to only 1 policy (best practice?)
- SCEP offers integration with UEFI trusted boot, early-launch antimalware
- Automatic failover when using multiple SUPs (supported in SP1)
- Common antimalware platform, it's ALL the same client (Essentials, Defender, Intune, Azure)
- Secure boot loads anti-malware early in the boot process, better in Windows 8 now
- Dynamic collection with query: antimalware infection status = pendingofflinescan
- Run a Windows Defender Offline Scan using ConfigMgr 2012 OSD

For next year there is no information yet if there's an MMS again. Hope it will be mentioned soon! #mms2014

Thursday, April 18, 2013

How to install a multiple SMS Provider in ConfigMgr 2012 SP1

In ConfigMgr 2012 it's possible to install multiple SMS Providers for High Availability. The SMS Provider is the interface between the ConfigMgr console and the Site database. In an earlier blogpost I have described what to do for installing multiple SMS Providers: How to install a multiple SMS Provider in ConfigMgr 2012. Just follow the steps and you are fine!

Last week I installed an additional SMS Provider in ConfigMgr 2012 SP1. An error message followed because Windows ADK wasn't installed (oops). Because ConfigMgr 2012 SP1 uses Windows ADK, this is needed also on the site server where an additional SMS Provider is installed.

Before you run Setup, you must download and install Windows ADK on the site server and on each computer that runs an instance of the SMS Provider. That's mentioned HERE.

The error messages are:
  • CWmi::Connect(): ConnectServer(Namespace) failed. - 0x8004100e
  • INFO: WMI namespace root\MSCluster not exists on <server>
  • CWmiRegistry::WmiOpen: Failed to read key SOFTWARE\WOW6432Node\Microsoft\Windows Kits\Installed Products on <server>
  • CWmiRegistry::WmiOpen: Failed to get values from SOFTWARE\WOW6432Node\Microsoft\Windows Kits\Installed Products
  • CWmiRegistry::WmiOpen: Failed to connect to registry on machine <server>. Error code: 2
  • ERROR: Failed to query registry values. 'Windows Deployment Tools' component of ADK not found.
  • ERROR: Failed to query registry values. 'Windows PE' component of ADK not found.
  • Failed to install SDK

After installing "Windows Deployment Tools" and "Windows PE" (both Windows ADK) setup was running fine again. Hope it helps!

Wednesday, April 17, 2013

Why is the Network Monitoring provided by OpsMgr 2012 not enough?

Sponsor post

A much too common scenario; you acquire Operations Manager 2012 so naturally you feel very happy that you’ll finally have a way to monitor your network and regain control over it again. Well, sorry to bust your bubble but you are wrong, you have technology that works great, but is actually obsolete.

I can practically hear you guys thinking, you’re probably saying “Of course you say that, Jalasoft want to sell their product Xian Network Manager 2012 which provides better network monitoring than what System Center Operations Manager 2012 offers.” Well in a way that is true, but I’d like to give you guys some information and leave it up to you to decide. My point here goes a bit further than this.

Jalasoft has extensive experience with network monitoring since 2003 and in all of the years in the business one of the questions that often arrives to support people is: “Ok, now I now there is too much traffic going over interface 18 on this switch, what do I do now?” yeah, what do you answer? So we worked on a way to solve this dilemma for over two years and came up with Xian Network Manager 2012 Netflow traffic analyzer, which certainly helps in answering the question above. With Xian NM it’s become a piece of cake to know who and what is responsible for this high amount of traffic, without any huge investments or hardware intervention. And the best part is, you just get this information in Operations Manager 24/7, alerts and performance data are available just as you are used to.

For those of you who know Operations Manager 2012, you have to admit that they are actually at a state where we were 8 years ago, and it definitely cannot analyze any traffic, something that is absolutely necessary in the era of public and private clouds and a 100% dependency on a stable and efficient network.

Curious? Just contact Jalasoft for a demo!

Tuesday, April 16, 2013

Winning the coveted Surface from Twitter Army!

Last week on MMS I did a lot of tweeting. Unfortunately I have no specifications about how many tweets, retweets and new followers, but believe me when I saying it was hugh. Because I love doing community stuff I subscribed to the myITforum Twitter Army. Lucky me I was the grand prize winner of Twitter Army, winning the coveted Microsoft Surface RT (32GB) with touch cover.

Thanks to myITforum and @rodtrent for the opportunity to win!

No MMS 2014 next year anymore?

Rumors are saying there's no MMS next year anymore. This because no new date and location were mentioned during MMS 2013. Still there were 5,200 attendees this year, and it was almost sold out. I hope it will be continued next year, because MMS is the best event for System Center geeks! Let's wait for an official statement first.

This year MMS would be taking place in June in New Orleans. Then TechEd America is scheduled also. Because of community reasons Microsoft decided to split-up both events again, and schedule MMS for Las Vegas. For community reasons Las Vegas is still the place to be! For me it can be any place, as long there is space enough for networking and community! We'll see :-)

The MMS 2013 Keynote Opener Video

This year the MMS keynote was started with a video. The first person showed up in this video was Ruben Spruijt from PQR, which is my colleague! Just have a look at this great video to see Ruben, and other MVP's from all over the world speaking about new Microsoft solutions based on Private Cloud and System Center.

In case you missed it: The MMS 2013 Keynote Opener Video 

Have fun watching the video!

Monday, April 15, 2013

Back from MMS 2013 in Las Vegas

Back again from the best event on Device management and Microsoft Cloud solutions. MMS 2013 was great on networking and community too. Very nice to meet a lot of people who are known and not known to me. This year the event was hold in Mandalay Bay, which is placed at the very end of the Las Vegas strip. I stayed in the hotel where the event was hold (Mandalay Bay); that's better to walk and meeting people after session time is easier also.

First some information about the event. This year there were 5,200 attendees which is almost full house. There is (most of time) space for 5,500 attendees, which was reached last year in The Venetian. Then System Center 2012 was released, and many announcements were done. This year there was no big announcement to make; the only one known to me was MDOP 2013. Let's have a look.

This release includes Service Pack 1 updates of AGPM 4.0, DaRT 8.0, App-V 5.0, and UE-V 1.0. However, the biggest new addition is the official release of MBAM 2.0 which include a Self Service Portal for end-users with common PC support tasks and automation of BitLocker encryption for Windows 8 based computers. MBAM can be used standalone or integrated in ConfigMgr (which I prefer).

User Experience Virtualization (UE-V) is used for application and Windows settings, which brings a seamless experience when using multiple systems. Both application and Windows settings are saved immediately after changing, so no need to logoff first. Settings will be saved in AD home directory or on storage share. Settings management is done with GPO, PowerShell or Registry. Microsoft BitLocker Administration and Monitoring (MBAM) provides enterprise management capabilities for BitLocker and BitLocker to Go.

Video: MBAM 2.0 Overview
TechNet: MBAM Information

Most of sessions I've done are on SCCM/ConfigMgr, Windows Intune and Windows 8 (VDI). Expect additional blogposts about that topics later this week. There's a lot to tell about these solutions! 

MMS is (besides of doing breakout sessions and labs) the place for having party's also. I visited two Microsoft party's (Dutch party & Closing party at the XS Nightclub at the Wynn Resort) one 1E Pre-conference party and one myITforum party as well. This year I had the luck to visit this party, where 350 attendees can meet and geek. That way it's possible to party every night and meet geeks after sessions also! Much better then a daily walk on the strip :-)

Expect a lot of blogging next week(s) on MMS 2013!

Thursday, April 4, 2013

Next week in Las Vegas for MMS 2013

Next week I will be in Las Vegas for Microsoft Management Summit (MMS) 2013. For me it's the third time for this great event. Nothing better than MMS for me :) Just have a look at the MMS website for more information:

Expect a lot of information next week on twitter @HenkHoogendoorn and this blog. Hope I have some spare time during the week to write some blogposts. When there's no spare time follow twitter and a blogpost is coming after the event.

Topics for me this year are Client device management with SCCM/ConfigMgr and Windows Intune for Mobile device/application management. Also I will do a few sessions on Monitoring (SCOM/OpsMgr) and MS Private Cloud, Server 2012.

Stay tuned for more information next week!

Tuesday, April 2, 2013

How to find the SQL Server used for OpsMgr installation

When looking in the OpsMgr console, you cannot see which SQL Server is used for the OperationsManager and OperationsManagerDW database. There are however a few ways to find this server. I will explain them in this blogpost.

1) Install the SQL Server management pack and wait till the SQL Servers are discovered. Expand the Databases tree and type 'OperationsManager' into the look for field. Select the database and in path name you will see the server (and instance) hosting the database. (Or look at the databases immediately)

2) You can determine the SQL database by reviewing the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Operations Manager\3.0\Setup\DatabaseServerName. On this location the server (and instance) hosting the database is found.

3) Go to Monitoring, Discovered Inventory and run the 'Change Target Type' task. Select 'Operations Manager Operational Database Watcher' and choose OK. You will only see one instance.  Scroll to the right until you see the 'Operational Database Server Name' and 'Operational Database Name' columns.

Hope you find this as useful as I did.