A blog covering Azure, Hyper-V, Windows Server, desktop, systems management, deployment, and so on …
You can download System Center Service Pack 1 from TechNet (for evaluation purposes) now:
It is also on MSDN (for test, demo, and development purposes). There’s no sign of it on the Microsoft Volume Licensing Service Center (for production usage) yet. That final critical publication should not take too long
This is the release that will give you Windows Server 2012 (and Hyper-V) and Windows 8 support.
Why does all the good stuff happen when I’m driving home …
Windows Intune is Microsoft’s client device management system that is run from the cloud. That means that you don’t install a management server; you log into a portal, install agents on a client device, and manage those devices from that portal.
The Competition
Intune competes against products such as Kaseya and Level Platforms. Intune was very late to the market versus these products. And admittedly, these products have huge market penetration and more functionality. They recognised that their target market was the small/medium enterprise (SME). A savvy product manager understands that most SMEs don’t normally have an IT department; anything beyond a password reset is usually (not always) done by a service provider (selling managed IT services). Kaseya and Level Platforms figured that out, and they sell a partner driven product, allowing white labelling, partner invoicing, centralised management, etc.
In Ireland, I’d guess that a big majority of service providers are using one of these two products to manage PCs and servers on their client sites.
Windows Intune – The Past
Windows Intune was released about 2 years ago (exact date isn’t important). As a nerd, I was interested. I saw the potential for partners to use it, and I saw the potential for large businesses to use Intune for mobile workers and small branch offices (retail POS devices).
Microsoft partners evaluated Intune. Unfortunately they found it lacking:
But the real kicker, as I covered back in March 2011, was the price (I got some heat for that blog post from a certain devices and services company):
Imagine trying to promote or sell a product that is twice the price of the competition, and has less functionality than that same competition, and the competition already has huge market penetration. And that’s why Windows Intune barely made any sales at all … anywhere on the planet.
The Shifting Sands
While Intune, Kaseya, Level Platforms are aimed at everywhere from the SME to Fortune 500, their core market is the SME. In Ireland, most of our companies are SMEs. Sure. we’re a small country of 4 million people, but it’s the same in Germany, the UK, France, Australia, Canada, and the USA. There are only so many CitiGroups, Koch Brothers, etc.
In Ireland:
Fact: there is no more SBS. Microsoft isn’t making a Windows Server that is a DC, Exchange server, file/print, and Sharepoint server for that market any more. The solution for that market is “the new Office”, i.e. subscriptions of Offce365 with Office 2013 included in the package (Office Web Apps, Click-to-Run, or temporary run anywhere). If you want, you can sell a Microserver to that 75% of <25 user companies with Windows Server 2012 Essentials to give them:
Microsoft partners have been hearing the story about Office in the cloud since BPOS back in 2008 (or thereabouts – not that important). The majority of partners had no interest: Microsoft was direct invoicing the customer and that stole the customer relationship from the partner. Office365 just did not have market penetration with the market that mattered: the Microsoft partner. They’re the guys that advise, design, and implement IT for the SME. Microsoft screwed the pooch again (that’s one sore pooch!).
Microsoft got the same feedback the world over:
As of February 2013, partners will be able to resell Office 365 (with Office 2013 included) via the Open program to customers. That is a huge deal. The subscription price will also include leased Office 2013 that is installed and managed from the cloud; that means the customer gets more bang from their buck:
That means the role of the server in the smaller SME fades, maybe even disappears. Note: some SMEs will always need local storage, Group Policy, and/or LOB apps that can’t be cloud based, but this is not a back versus white world; it’s all shades of grey. Maybe the server management functionality of Kaseya and Level Platforms isn’t as necessary any more!
The New Windows Intune
The current version of Windows Intune (sometimes called v3) added the ability to manage mobile devices running Android and iOS (iPhones and iPads). That includes policies and software distribution:
The management stuff is good. The app store stuff is very good for larger enterprises that could afford to get custom apps developed for mobile devices, but that just a flashy unrealistic demo for the SME.
v4 of Windows Intune is on the way, as Mary Jo Foley reported yesterday. It will be continuing support for mobile devices (including Windows Phone), and adding Windows 8/RT support too. But here’s the big news: Windows Intune pricing is changing (and in a good way). There will be two SKUs:
Some notes:
€4.89 ($6) per user per month for client device management with managed antivirus. But here’s the nice bit: The likes of Forrester says that the modern worker can have up to 5 smart devices. The per user licensing of Windows Intune covers 5 devices! Let’s compare:
Let’s say you were a Windows Intune v2 user with a PC and laptop. Your cost was €11 per device per month. Your total price is €22. With the new pricing, you are charged €4.89 per user and you can have up to 5 devices, including PCs, laptops, tablets, and smartphones. You just saved €17.11 per month. Nice!
BTW, Windows Intune has always allowed partners to subscribe on behalf of customers. The idea here is that you sell a managed service and include the price of the management into your service charge. You will be able to buy on behalf and cross charge for both Windows Intune and Office365 for your managed SME customers.
What the SME Will Look Like
For the SME, the Microsoft solution is cloud-centric and looks like this:
Everything is cloud connected. Cloud-based management is perfect for mobile devices (tablets on the move, smartphones not on the network, and roaming/home users). Traditional on-site management such as LanDesk or System Center Configuration Manager aren’t really that good for those mobile devices because those management solutions are designed for the WAN, not for the Internet.
Office 365 has the same benefit: the SME with less than 25 users doesn’t want a server with 12+ GB of RAM to run SBS. Sell them Office365 and give them the same basic tools and mobility that a Fortune 500 has. No matter where they go or work, they’ll always have access to their data and communication/collaboration tools.
The managed service provider wins too:
What the Medium/Large Company Will Look Like
Here we’re talking about the bigger company with more complexity:
So here we see a bit of “best of both worlds”. System Center is used to deploy and manage the internal infrastructure and services on Hyper-V/private cloud. PCs and laptops on the corporate WAN are managed by System Center too.
Windows Intune is used to manage:
With SP1, System Center 2012 can integrate with Windows Intune to give IT a single console for device management. That unification of infrastructure is one of the goals of System Center 2012, enabling easier administration (another goal). In this design, System Center 2012 SP1 Configuration Manager will deploy software to, patch, and provide AV for the following on the corporate WAN:
Windows Intune will manage the following mobile devices from the cloud:
Office can reside in both the private cloud/internal infrastructure and in the cloud via Office365.
So there you go, Windows Intune will be:
I was just perusing the (Mark) Minasi forum when I saw a link to a post on the TechNet forums. According to “Mike Jacquet”:
It’s official! SC 2012 SP1 has RTM’d.
Few notes to make the upgrade path crystal clear:
- General Availability is targeted for early January.
- Upgrade from Sp1 Beta is only supported for TAP customers who installed RC.
- Non-TAP customers will only be able to upgrade from DPM 2012 RTM (+ qfe’s) to DPM 2012 SP1 RTM.
- There is no upgrade path from BETA Sp1 to RTM Sp1, you must reinstall DPM 2012 RTM, then upgrade to SP1 RTM.
Technet content will be updated to include new supported workloads in SP1 of Exchange 2013 and Sharepoint 2013.
This was posted after midnight Irish/UK time last night. It doesn’t look very official to me. But there you go! Allegedly you can download the installers come January.
To be clear, I have seen nothing via the usual official channels.
Don’t forget to configure whatever patching solution you’re using to support Windows 8 and Windows Server 2012 if you have those OSs deployed. We got our first security patches for the current OSs this week. I just ran a check in the office and found I had to do some engineering to get patches deployed. Oooh – there’s a reason to configure Cluster Aware Updating on your WS2012 Failover Clusters 
I know … Surveys! … Me and some others are running The Great Big Hyper-V Survey of 2012 (still open) and now there’s another one:
System Center MVP, Paul Keely, (one of the authors of Mastering System Center 2012 Operations Manager) is running a survey on how people are using SQL Server in their System Center implementations. The purpose is to gather data to enable him to write a white paper on the subject – Paul is a very smart guy on the subject of System Center in the enterprise.
Take a couple of minutes, grab a tea/coffee/whatever, and answer a few questions in the survey.
I’ve got 4 blog posts for you to read.
As I was commuting yesterday, Mary Jo Foley blogged about a Microsoft announcement on how System Center Service Pack (SP) 1 – Configuration Manager (SCCM/ConfigMgr) and Windows Intune will be changing in the near future. Some highlights:
A follow up blog entry was posted by Microsoft, discussing the support changes in ConfigMgr and Endpoint Protection for Windows 8 and Windows Server 2012:
ConfigMgr 2012 SP1 will support:
ConfigMgr 2007 SP1 will support Windows 8 Pro/Enterprise and WS2012 Standard/Datacenter as clients only.
System Center 2012 SP1 Endpoint Protection (SCEP) will protect:
You can also protect those OSs with Forefront Endpoint Protection 2012 with Update Rollup 1. Note that this 2010 version won’t support WS2012 as a management server.
Make sure you read the following to get more info and to fill in the gaps:
EDIT#1
Let’s not stop there. You might want to learn about the cross-platform support that’s being added to ConfigMgr 2012 SP1
SCEP 2012 will also support Mac OS – please don’t say that there is no malware on Mac OS because you’re living in a dreamland under a very dark rock if you think that’s the case. If did not realise this but:
Endpoint Protection 2012 Client for Linux is also available now.
VMST 2012 has been released by Microsoft:
Virtual Machine Servicing Tool (VMST) 2012 is designed to work with System Center 2012 Virtual Machine Manager (VMM), System Center 2012 Configuration Manager and Windows Server Update Services (WSUS) 3.0 SP2.
VMST 2012 helps you reduce IT costs by making it easier to update your offline virtual machines, templates, and virtual hard disks with the latest operating system and application patches—without introducing vulnerabilities into your IT infrastructure.
This Solution Accelerator includes the following components:
Just arrived in my inbox:
The Microsoft Solution Accelerators Team is pleased to announce that Microsoft Application Approval Workflow is now available for download!
The Application Approval Workflow (AAW) takes an application request submitted through the System Center 2012 Configuration Manager Application Catalog and transforms it into a System Center 2012 – Service Manager service request, allowing flexible approval lists and activities.
The AAW illustrates the integration of the components of System Center 2012, taking the basic functionality of the ConfigMgr 2012 Application Catalog and extending it into the Service Catalog of Service Manager.
Key feature list:
In the “2007” generation of System Center (how I refer to the last generation of the suite including the 2010 and 2008 R2 products), I quite happily avoided Opalis (which I was quite vocal about not liking) and Service Manager (which was quite rightly a niche product). I put my focus on VMM, ConfigMgr, OpsMgr, and a little DPM.
Folks, the game has changed. It’s one thing to hear MSFT marketing talk about it, or to hear it for 5 days straight at a conference. But it’s something completely different when customers are demanding it. Organisations want a service centric IT department with self-service, automation, governance, deep monitoring, and …. and … you get the picture.
That means 2 things:
At MMS we just had one session after another that illustrated how some business scenario could be dealt with using some component(s) of System Center in combination with the above two products. Every time, the user would request a service in Service Manager, Orchestrator would orchestrate the tasks, and the rest of System Center would implement the desired changes, possibly requiring some manual approval via a service ticket.
With this huge increase in demand, I’ve come to the conclusion that I cannot avoid Service Manager or Orchestrator anymore. They’re very different to the “2007” generation of the same products, and people are aware of the need for solutions that do what these products do. With those two products gluing the rest of System Center together, you can have an incredible service delivery from your (or your customers’) IT organisation. I will have to learn these two products. Damn you Microsoft! Now I need to learn:
Ugh!
Speaker: Gordon McKenna and Sean Roberts, Inframon
I’m live blogging this session so hit refresh to see more.
Private Cloud MOC and Certification
New exams and certifications. 70-246 Monitoring and Operating a Private Cloud. 70-247 Configuring and Deploying a Private Cloud.
The two training courses are available now.
10750 – Module 4: Monitoring Private Cloud Services
To do J2EE APM you download an opensource Java bean. OpsMgr network monitoring is network monitoring for server guys. Existing solutions for network guys won’t be replaced. OpsMgr network monitoring gives the server guys the tools to find a troublesome link/device and enable them to tell the n/w guys. Port stitching figures out what ports your monitored servers are talking to and shows that to you.
MP Templates are a good starting point. Check out the new Visio tool and the MP Authoring tool (latter requires significant time investment).
Distributed Application Monitoring
A new distributed application monitoring tool. 3 types of line:
Note that default management pack is no longer there! Forces you to save your authoring in a suitable MP. Yay!
Health rolls up to 1 of 4 things:
We can configure the rollup to go up to a level of our choice, e.g. don’t roll up or roll up to top level of distributed application.
Creates a service level dashboard for the new MP based on the distributed app model. Add the OpsMgr dashboard viewer and adds the webpart into SharePoint. Grab the URL of the dashboard link in OpsMgr and edit the web part properties to paste the Dashboard link. Now the SLA dashboard appears in SharePoint.
Tips
10750 – Automating Incident Creation, Remediation, and Change Requests
Orchestrator components:
Download integration pack, register it with management server, deploy IP to runbook servers, open Runbook Designer to use it.
Install OpsMgr R2 integration pack Define a connection to the OpsMgr server. You then have the actions available to use. Do the same for Service Manager.
Demo with web service crashing and auto remediation. OpsMgr detects event. Orchestrator waits for that event. It tries to restart the event. Creates ticket to auto restart IIS. If that fails, it lodges a ticket in Service Manager for manual OK to reboot the server.
Opens up Runbook designer. Browses into Runbooks and we see the book in question. Runs the runbook tester, toggles break point, and runs it. Now he stops the website. The runbook kicks off, and they step through the actions. We get into Service Manager where there’s a change request for a reboot. That’s approved and the web server is rebooted.
Note: there is a maximum of 50 running runbooks on a Runbook Server.
When configuring a runbook
10750 – Module 7: Problem Management In The Private Cloud
Incident = one time occurrence that can be handled by an operator. Problem is more complex, e.g. engineering issue that requires escalation.
Information stored in Problem Log in Service Manager. Another demo of automated problem record creation. An alert will come in in OpsMgr for a DB that goes offline. The alert auto pipes in as an incident in Service Manager. Many instances of it in the demo. It’s a problem. A problem record is manually created from these incidents. He fills in information in the New Problem form.
Now he kills the DB again.
There’s a runbook that is looking for occurrences of that incident. It’ll get the service details and the incidents for this service, output data to text file, count lines, if there’s more than X occurrences then it will create a problem based on the data in the file. This workflow replaces the above manual task for this particular incident.
Hints and tips