MMS Day 2 Keynote

I am live blogging from the keynote which is titled as something like “a world of connected devices”.  I’m expecting Intune V3, ConfigMgr, etc to be the focus. Would be nice if they briefed us on how Windows RT (aka Windows on ARM) will be manageable (am thinking some Intune upgrade).

Work/life blur is a theme, so are application deliver, continuous service, people centric, control and governance.  Out comes Brad Anderson.

IDC: the past was one desktop = one user.  In 2011, users have between 5 and 7 Internet connected devices.  They want to use the right device for the job … have a choice.  MSFT want to say “yes, bring your device”.  916million smart connected devices shipped in 2011.  That will double in 2016.  34% of corporations are currently enabling users to access corp apps.  69% of their users are already doing it!!!! Most corps aren’t aware of this usage.  Where there’s a will, there’s a way.

New concepts: corporate controlled devices (traditional) and user controlled devices (BYOD – bring your own device).  In recent past, that was all PC based.  In the near future, we see this changing with lots of smart phones and tablets, all being bought and controlled by the user.  Corp has no control over these with traditional methods.  Ownership not that relevant … control is the important factor, e.g. end user having admin rights over their laptop.

The past has been agent focused control.  That doesn’t work on iOS; no app can control another app because of sandboxing.  The user will never accept an agent that controls their device.  We want to enable the user to be productive on their devices, but we need to control how corporate assets are accessed (governance)

The spoiler is out.  MSFT marketing has issued a press release with the content of the keynote.

Control and governance are two important concepts in enabling BYOD.

Infrastructure considerations

  • Intelligent app infrastructure
  • Security and access
  • Control and governance across all devices
  • User centric

Your opportunity

  • Broaden your impact – don’t be just another guy, another admin, another consultant
  • Enable users to work how/when and where they want.  Good luck with the HR department and the old school managers.  See Lync
  • Differentiate your organization, e.g. why do you rent office space?  Are you a property company?  Why can’t an office worker work from home and do the same job?

Celebrating ConfigMgr 2012 and Endpoint Protection 2012

  • All about the user
  • Unified device management infrastructure
  • Much simplified administration

175,000 registered downloads of the beta.  500,000 production devices.  307,000 Endpoint Protection deployments in TAP.  280,000 devices managed by MSIT.

Intelligent App Infrastructure

The user is at the centre.  They have lots of devices.  We have lots of apps for those lots of apps, with the user in the middle.  VDI is being pushed here.  They are announcing deep integration with with iOS and Android.  Hmm, it’s been referred to as light management up to now.  How are they getting over the app store locks on consumer devices?  Is there a side load aka Jail break.  Ah!  They are integrating with Apple App Store, Microsoft Store, by linking apps.  Is this an SP1 feature?  They are going to side-load apps onto iOS, Windows, and Android without using the app store!!!!!  THIS IS NEW.  Users can roam across different devices and find their apps on those devices.  They’ll have a consistent app experience.  And this is done with a single solution – no point solutions for the device types.


ConfigMgr app deployment to Windows by Bill Anderson (System Center).  He’s got 5 deployment types for Adobe Reader in his demo in ConfigMgr.  He wants to build intelligence and predictability into this.  We can simulate a deployment.  Each deployment type has rules like prereqs, etc.  The simulation is a real test against client devices – it evaluates the rules on the clients, not in the database.  You get real results.  We’re shown the results of this simulations.  We see the success and, more importantly, the machines with it already installed and where there were failures.  We can then use that data to clean up the actual deployment.  This is a pre-flight test in the air without flying.

Deliver Applications To Employee Controlled Devices

This is possible with the new V3 version of Windows Intune.  The non-domain joined devices, e.g. Windows RT, are managed via SSL. 


Self service management of user controlled consumer devices by Bill Anderson.  ConfigrMgr 2012 SP1 to add support for deploying Metro style apps.  They can be built and delivered in house and delivered by ConfigMgr or via the Windows Store via a link.  In the latter it uses a link instead of a distribution point.  For the former, you can distribute that Metro Style app in the DP and deploy from there as you normally would.  In the demo, he makes it available via the ConfigMgr app catalog, so a user can request it via the portal. 

Now we go into Windows Intune.  We see support for iOS.  Android is supported too.  We get the option to make an app available for install rather than push.  Now Brad comes out with an iPhone.  Demo gods kill the projector connection.  Instead we get a Windows 8 device.  There is a self-service app for ConfigMgr vNext and Intune.  It’s an alternative to the MSFT Store.  We can push out MSFT Store linked apps (jumps into a Store deployment).  We can also side load an app for bespoke apps and bypass the MSFT store.  I haven’t seen any of the competition do this on iOS, etc.  At least I haven’t seen it, even if it exists.  In this Center app, you can see your devices and their health status.  We see the Windows Phone location on a Bing Map in the Center.  They can’t get the iPhone on the projector.  We get a similar experience on the iPhone via Intune apparently.  These devices can’t join a domain but they are “domain trusted”.


Going to explode because of BYOD.  App V5.0 is live.  Now App-V apps can interoperate with each other for the first time.  App-V packages can be streamed to a VDI without being committed to disk.  Can have a single cache on a VDI host to save space.

UE-V is user state virtualisation, abstracting the user state from the machine.  Their settings/data move around freely.  The user gets a single working environment across VDI devices.

Windows Server 2012 Reduces VDI Costs

App-V 5.0 reduces cost by using less disk. 


Fast and easy VDI.  Bill is back.  UE-V configured by GPO.  He specifies a server share with a user variable.  He specifies templates for app settings.  In the user side of the policy, he can specify which parts of the state should roam. 

MMS 2013 will be happening: Brad opens a MMS 2013 planning PDF file.

Brad logs into a machine and changes some Adobe Reader settings.  He logs out of his domain joined machine.  Bill is going to set up Windows Server 2012 VDI as part of the demo because it’s quick simple and easy.  He times it and starts up Server Manager.  He’s done in a minute, then the system does the rest of the work in the background.  Brad logs into a VDI VM and his Adobe settings followed him thanks to UE-V.

A camera man comes up so we can get the iPhone demo working.  There we see the Intune center which is an app.  Bill browses available apps and installs one.  And now it installs on the iPhone, and it appears like a normal app install. 

MMS  2013

It will in New Orleans in June 2013.  Hmm, what about TechEd NA. 

One thought on “MMS Day 2 Keynote”

  1. Just caught your blog, searching for MMS 2012 Keynote Day 2. Good write up. It is kind of funny that they are trying to give regular employees the ability to manage their own devices. that probably isn’t going to work. No one realizes the magic that happens behind the scenes to actually make consummation of IT a reality. food for thought..

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.