Deployment

My Take On Windows Nano Server & Hyper-V Containers

Microsoft made two significant announcements yesterday, further innovating their platform for cloud deployments.

Hyper-V Containers

Last year Microsoft announced a partnership with Docker, a leader in application containerization. The concept is similar to Server App-V, the now deprecated service virtualization solution from Microsoft. Instead of having 1 OS per app, containers allow you to deploy multiple applications per OS. The OS is shared, and sets of binaries and libraries are shared between similar/common apps.

Hypervisor versus application containers

These containers are can be deployed on a physical machine OS or within the guest OS of a virtual machine. Right now, you can deployed Docker app containers onto Ubuntu VMs in Azure, that are managed from Windows.

Why would you do this? Because app containers are FAST to deploy. Mark Russinovich demonstrated a WordPress install being deployed in a second at TechEd last year. That’s incredible! How long does it take you to deploy a VM? File copies are quick enough, especially over SMB 3.0 Direct Access and Multichannel, but the OS specialisation and updates take quite a while, even with enhancements. And Azure is actually quite slow, compared to a modern Hyper-V install, at deploying VMs.

Microsoft use the phrase “at the speed of business” when discussing containers. They want devs and devops to be able to deploy applications quickly, without the need to wait for an OS. And it doesn’t hurt, either, that there are fewer OSs to manage, patch, and break.

Microsoft also announced, with their partnership with Docker, that Windows Server vNext would offer Windows Server Containers. This is a means of app containers that is native to Windows Server, all manageable via the Microsoft and Docker open source stack.

But there is a problem with containers; they share a common OS, and sets of libraries and binaries. Anyone who understands virtualization will know that this creates a vulnerability gateway … a means to a “breakout”. If one application container is successfully compromised then the OS is vulnerable. And that is a nice foothold for any attacker, especially when you are talking about publicly facing containers, such as those that might be in a public cloud.

And this is why Microsoft has offered a second container option in Windows Server vNext, based on the security boundaries of their hypervisor, Hyper-V.

Windows Server vNext offers Windows Containers and Hyper-V Containers

Hyper-V provides secure isolation for running each container, using the security of the hypervisor to create a boundary between each container. How this is accomplished has not been discussed publicly yet. We do know that Hyper-V containers will share the same management as Windows Server containers and that applications will be compatible with both.

Nano Server

It’s been a little while since a Microsoft employee leaked some details of Nano Server. There was a lot of speculation about Nano, most of which was wrong. Nano is a result of Microsoft’s, and their customers’, experiences in cloud computing:

Infrastructure and compute
Application hosting

Customers in these true cloud scenarios have the need for a smaller operating system and this is what Nano gives them. The OS is beyond Server Core. It’s not just Windows without the UI; it is Windows without the I (interface). There is no logon prompt and no remote desktop. This is a headless server installation option, that requires remote management via:

WMI
PowerShell
Desired State Configuration (DSC) – you deploy the OS and it configures itself from a template you host
RSAT (probably)
System Center (probably)

Microsoft also removed:

32 bit support (WOW64) so Nano will run just 64-bit code
MSI meaning that you need a new way to deploy applications … hmm … where did we hear about that very recently *cough*
A number of default Server Core components

Nano is a stripped down OS, truly being incapable of doing anything until you add the functionality

The intended scenarios for Nano usage are in the cloud:

Hyper-V compute and storage (Scale-Out File Server)
“Born-in-the-cloud” applications, such as Windows Server containers and Hyper-V containers

In theory, a stripped down OS should speed up deployment, make install footprints smaller (we need non-OEM SD card installation support, Microsoft), reduce reboot times, reduce patching (pointless if I reboot just once per month), and reduce the number of bugs and zero day vulnerabilities.

Nano Server sounds exciting, right? But is it another Server Core? Core was exciting back in W2008. A lot of us tried it, and today, Core is used in a teeny tiny number of installs, despite some folks in Redmond thinking that (a) it’s the best install type and (b) it’s what customers are doing. They were and still are wrong. Core was a failure because:

Admins are not prepared to use it
The need to have on-console access

We have the ability add/remove a UI in WS2012 but that system is broken when you do all your updates. Not good.

As for troubleshooting, Microsoft says to treat your servers like cattle, not like pets. Hah! How many of you have all your applications running across dozens of load balanced servers? Even big enterprise deploys applications the same way as an SME: on one to a handful of valuable machines that cannot be lost. How can you really troubleshoot headless machines that are having networking issues?

On the compute/storage stack, almost every issue I see on Windows Server and Hyper-V is related to failures in certified drivers and firmwares, e.g. Emulex VMQ. Am I really expected to deploy a headless OS onto hardware where the HCL certification has the value of a bucket with a hole in it? If I was to deploy Nano, even in cloud-scale installations, then I would need a super-HCL that stress tests all of the hardware enhancements. And I would want ALL of those hardware offloads turned OFF by default so that I can verify functionality for myself, because clearly, neither Microsoft’s HCL testers nor the OEMs are capable of even the most basic test right now.

Summary

In my opinion, the entry of containers into Windows Server and Hyper-V is a huge deal for larger customers and cloud service providers. This is true innovation. As for Nano, I can see the potential for cloud-scale deployments, but I cannot trust the troubleshooting-incapable installation option until Microsoft gives the OEMs a serous beating around the head and turns off hardware offloads by default.

Technorati Tags: Windows Server 2016,Hyper-V,Virtualisation,Deployment

Microsoft News – 27 March 2015

Welcome to the Azure Times! Or so it seems. Lots of Azure developments since I posted one of these news aggregations.

Windows Client

Reducing Windows Deployment time using Power Management: Saving up to 50% of time.

Azure

Creating a Recovery Plan for Hyper-V VM failover to Microsoft Azure: A post I wrote for Petri.com
Getting the Most Out of Azure Site Recovery: A post I wrote for Petri.com
Microsoft Azure uses Error-Correcting Code memory for enhanced reliability and security: With details on testing for an exploit called "Rowhammer" .
Protecting large data disks using Azure Site Recovery: How to overcome the issue that Azure has with data disks larger than 1 TB. Also check the comments on "write order consistency".
New additions to the Azure VM PowerShell DSC Extension: The Azure PowerShell Desired State Configuration (DSC) Extension team has announced some new additions to provide a seamless experience for using DSC on Azure Windows VMs.
Allocation Failure and Remediation: Weird crap that can happen when creating, starting, or resizing a VM or adding new web instances.
How to Create an Azure RemoteApp Template: A post I wrote for Petri.com
Create an Azure RemoteApp Template from an Azure VM: A post I wrote for Petri.com
Introducing RemoteApp PowerShell Cmdlets and SDK: Very useful for automating the provisioning of RemoteApp app collections
Announcing the Preview of Disaster Recovery for VMware Virtual Machines and Physical Servers to Azure using ASR: DR in the cloud via Azure is COMING to vSphere.
Azure VM OS drive limit has octupled: Meaning that you can migrate or replicate those badly configured VMs you created on-premises.
New troubleshooting Remote Desktop connections topic: Figure out why you can’t RDP to an Azure VM.
Announcing Azure App Service: Lots of stuff merging in with Websites.
How to Create a Hybrid RemoteApp Collection: A looong post by me on Petri.com
Backing Up Microsoft Azure Virtual Machines: A much needed feature on Azure finally arrives, even if it is a little ropey on day #2.
Azure AD Connect Preview 2 is available: I’ve used Preview 1 to quickly connect on-prem AD to AAD for demo labs.
What’s the best way to connect to Office 365 and Azure? Some stats on what people are actually doing.

Office

Announcing the Office 2016 IT Pro and Developer Preview: Announcing he IT Pro and Developer Preview of Office 2016 for the Windows desktop.

Office 365

Get ready for Skype for Business: Lync is rebranded and a new client is in preview.
Office Delve—discover exactly what you need, when you need it: A machine learning-based way of finding stuff has gone live.
ExpressRoute for Office 365: Bringing Azure’s hybrid WAN to O365.

Technorati Tags: Microsoft. MDT,Deployment,Azure,Cloud,Cloud Computing,Hybrid Cloud,DR,Networking,Storage,PowerShell,Scripting,RDS,Backup,Office,Office 365

Microsoft News – 13 March 2015

Quite bit of stuff to read since my last aggregation post on the 3rd.

Windows Server

Enable and Use Remote Commands in Windows PowerShell: For when you get the error “Unable to connect to the server using Windows PowerShell Remoting”.

Hyper-V

KB3031598: Hyper-V host crashes and has errors when you perform a VM live migration in Windows 8.1 and Windows Server 2012 R2. Wait before deploying, as with all hotfixes, unless this issue is breaking stuff for you (test and decide).
Update Emulex VMQ Issue – They finally did it: It’s only taken 1.5 years for Emulex/HP to sort this disaster out. Choose better hardware 🙂
Best practices for migrating a datacenter from VMware to Microsoft Hyper-V: From the System Center Virtual Machine manager team.
Checking and Correcting Virtual Hard Disk Fragmentation: By Ben Armstrong
How Hyper-V Backup Got Better in 2012 R2 (but now requires a SCSI controller): By Ben Armstrong
Hyper-V and "Event ID: 58 – The disk signature of disk 2 is equal to the disk signature of disk 0": By Ben Armstrong

Windows Client

Sluggish Tablet Market Will See Some Windows 10 Gains This Year: By 2019, IDC expects Android to lead with 62.9 percent of the tablet market. iOS will show weaker growth (23.0 percent), while Windows will gain "significant share" (14.1 percent) yet still remain in third place, according to IDC.
Microsoft to accelerate its release pace for Windows 10 preview: Microsoft appears to be on the verge of releasing an updated Windows 10 preview build. And this time, the company says, it’s serious about picking up the pace.
MDT 2013 Update 1 Preview – What’s Changed: In case you missed it at, the new preview of MDT 2013 Update 1 is now available for download from the Connect website. This new release works with the new ADK preview for Windows 10, which is available on the download center.

Azure

New A10/A11 Azure Compute Sizes: Two new high-spec standard A series VMs
Reduce RTO by using Azure Traffic Manager with Azure Site Recovery: Using Microsoft’s load balancer to failover name resolution of external services from primary site to Azure. Clever stuff!
Simplifying Virtual Machine Troubleshooting using Azure Log Collector: The Azure Log Collector extension can collect and upload logs from Cloud Service instances or Virtual Machines without requiring to log into the remote Virtual Machine.
Introducing Email notifications for Azure Site Recovery: Email notifications are a new feature for Azure Site Recovery that allows you to easily monitor the replication health of your protected virtual machines.
Azure Active Directory Solutions Architecture White Paper: This white paper describes the Microsoft Azure Active Directory Identity and Access Management solutions offered to customers of Azure, Office 365, Intune, Microsoft CRM and all Microsoft Online services.
Azure AD Conditional Access preview updated: Now supports On-Premises and Custom LOB apps: Conditional Access is powerful policy based evaluation engine that lets you create access rules for any Azure AD connected application. More sensitive apps can be assigned stricter policies, such as requiring Multi-Factor Authentication (MFA) from a registered device while less sensitive apps can have more open policies.
Final Word on IOPS in Azure: Striping multiple data disks.
Planned Maintenance – Azure Style: How Microsoft does maintenance.
ADFS Publishing via Azure Traffic Manager: He doesn’t say but I think the endpoint of Damian’s post is to make a geo-resilient ADFS farm.
New Active Directory Assessment Intelligence Pack in Azure Operational Insights: Designed to assess the risk and health of AD environments on premises, in the cloud or hybrid, it will scan weekly, and present information as a monthly rollup. The report provides a prioritized list of recommendations tailored to your environments.
Replicating Hyper-V Virtual Machines to Microsoft Azure: A post I wrote for Petri.com
5 Reasons Why I Like Microsoft Azure RemoteApp: An edited post of an article I wrote for Petri.com
How to preserve the drive letter for protected virtual machines that are failed over or migrated to Azure: Azure use will the next available drive letter for the temp drive.

Office 365

What’s new: February 2015: Lots of new stuff.

Intune

March updates coming this week to Microsoft Intune: Should be live now.
Conditional Access for SharePoint Online with Microsoft Intune: With this feature, you can restrict access to SharePoint Online to only those users who have enrolled their devices in management with Microsoft Intune and are compliant with IT policy.

Miscellaneous

Revenue and usage numbers for Microsoft’s most important new business: Following up the revelations of the not-so-secret methods of sales to hit targets.

Technorati Tags: Microsoft,Hyper-V,Windows Server 2012 R2,Networking,Hardware,System Center,VMM,Windows 10,MDT,Deployment,Azure,Cloud,Cloud Computing,Hybrid Cloud,DR,Storage,Active Directory,Remote Desktop Services,Office 365,Intune

An Open Letter To W2003 Upgrade Objectors

This post is dedicated to the person that refuses to upgrade from Windows Server 2003. I’m not targeting service providers and those who want to upgrade but face continued resistance. But if you are part of the problem, then please feel free to be offended. Please read it before you hurt your tired fingers writing a response.

I’m not going to pussy-foot around the issue. I couldn’t give a flying f**k if your delicate little feelings are dented. You are what’s wrong in our industry and I’ll welcome your departure.

Yes. You are professionally negligent. You’ve decided to put your customers,stockholders, and bosses at legal risk because you’re lazy.

You know that support is ending on July 14th 2015 for Windows Server 2003, Windows Server 2003 R2, SBS 2003 and SBS 2003 R2, but still you plan on not upgrading. Why?

You say that it still works? Sure, and so did this:

Photo of Windows Server 2003 administrator telling the world that they won’t upgrade

You think you’ll still get security fixes? Microsoft is STOPPING support, just like they did for XP. Were you right then? No, because you are an idiot. So you work for some government agency and you’ll reach a deal with Microsoft? On behalf of the tax payers of your state, let me thank you for being a total bollocks – we’ll be paying at least $1 million for year one of support, and that doubles each year. We’ll be landed with more debt because your incompetent work-shy habits.

You think third parties like some yellow-pack anti-malware or some dodgy pay-per-fix third party will secure you? Let me give you my professional assessment of that premise: HAHAHAHAAHAHAHAHAH!

Maybe other vendors will continue supporting their software on W2003? That’s about as useful as a deity offering extended support for the extracted failed kidney of a donor patient. If Microsoft isn’t supporting W2003, etc, then how exactly is Honest Bob’s Backup going to support it for you? Who are they going to call when there’s a problem that they need assistance on? Are you really that naive?

Even regulators recognise that “end of support” is a terminal condition. VISA will be terminating business with anyone still using W2003 as part of the payment operation. You won’t be able to continue PCI compliance. Insurance companies will see that W2003 as a business risk that it outside the scope of the policy. And hackers will have an easy route to attack your network.

“Oh poor me – I have an LOB app that can’t be replaced and only runs on W2003”. Well; why don’t you upgrade everything else and isolate the crap out of that service? Allegedly, there is an organ rattling inside that skull of yours so you might want to shake the dust off and engage it!

I have zero sympathy for your excuses. I know some of you will protest my comments. Your excuses, not reasons, only highlight your negligence. You’ve had a decade and 4 opportunities to upgrade your server OS. You can switch to OPEX cloud systems (big 3 or local) to minimise costs. You could have up-skilled and deployed services that are included in the cost of licensing WS2012 R2 instead of spending your stockholders or tax payers funds on 3rd party solutions. Yeah, I don’t have many good things to say to you, the objector, because, to be quite honest, there is little good to be said about you as an IT professional.

This post was written by Aidan Finn and has no association with my employers, or any other firm I have associated with. If you’re upset, then go cry in a dark room where you won’t annoy anyone else.

Technorati Tags: Windows Server 2003,Deployment

Microsoft News – 2 February 2015

The big news of the last few days was the announcement that the next version of “Windows Server and System Center” won’t be released until 2016. This is quite disappointing.

Windows Server

Windows Server and System Center roadmap update: We won’t see new versions of Windows Server and System Center until 2016 🙁
New Guided Walkthrough for troubleshooting problems relating to Slow copying from a shared folder over a network: This article is intended for IT administrators to help diagnose and resolve situations in which users may experience slow file copying over a network.

Windows Client

Windows 10 for Enterprise – More secure and up to date: How businesses will get and can control updates for Windows 10 features.
Windows Assessment and Deployment Kit (Windows ADK) for Windows 10 Technical Preview: The Windows Assessment and Deployment Kit (Windows ADK) is a collection of tools that you can use to customize, assess, and deploy Windows operating systems to new computers
Remote Server Administration Tools for Windows 10 Technical Preview (January 2015): Remote Server Administration Tools for Windows 10 Technical Preview enables IT administrators to manage roles and features that are installed on computers that are running Windows Server Technical Preview from a remote computer that is running Windows 10 Technical Preview.

Azure

Announcing Azure Preview Portal Improvements: Codename Ibiza has been improved based on feedback.
New Cloud Platform Roadmap Site: See what’s coming (that Marketing has allowed to be announced) in the Cloud OS.
Automating Azure Virtual Machine Deployment with Chef: But what does "Infrastructure as Code" mean and how do I leverage this concept with Azure?
Microsoft Azure makes business productivity easier and more secure with updates across SQL Server, Enterprise Mobility, and Azure Media Services offerings: Marketing post – just look at the title.
Linux Virtual Machine Management with Kundana Palagiri: Channel 9 video covering how to have Azure automatically run shell scripts on Azure VMs as they provision without having to manually SSH into each machine, Chef and Puppet.
Azure Websites and the "Deploy Button" with Elliot Hamai: Channel 9 video on how to easily deploy websites from GitHub.
Azure AD Conditional Access and Azure AD Connect Health – Now in Preview: Conditional Access for SaaS Apps and Azure AD Connect Health.

Licensing

IaaS Gotchas: Compliance gotchas as it pertains to providing infrastructure as a service.

Technorati Tags: Microsoft,Windows Server 2015,System Center,Networking,Windows 10,Deployment,Azure,Hybrid Cloud,Cloud,Cloud Computing,Linux,Active Directory,Licensing

Microsoft News Summary – 17 September 2014

Microsoft’s patch woes continue. A September update for Lync was pulled this week. Please: do not approve updates immediately; wait 1 month and let some other mug find the bugs for Microsoft.

Azure

Scale is never a problem with Azure Websites: Starting today, Azure Websites supports above 10 load balanced instances.

Networking

Announcing the Message Analyzer 1.1 Release: The completely indecipherable replacement for Network Monitor has just been upgraded to v1.1. I find this replacement for NetMon to be a complete mystery and the UI looks like something Symantec would come up with (random). It’s no wonder WireShark remains the #1 choice.
Introduction to Message Analyzer 1.1: A YouTube video to give you a high-level introduction to Message Analyzer 1.1. Includes a run-through of the UI and an overview of general features.

WDS multicasting deployment results in corrupted installation images on cluster nodes: Hotfix – Windows Deployment Services (WDS) multicasting deployment may result in corrupted installation images (Microsoft Windows Imaging (.wim) file format images), and this situation causes the installation to fail on cluster nodes.

Office 365

Azure Active Directory Sync is now GAAzure Active Directory Sync is now GA: According to this Microsoft post, AAD Sync is Microsoft’s new "one sync to rule them all".
Microsoft Azure Active Directory Sync Services: This AD to WAD synchronisation tool went GA on Monday and is a replacement for DirSync.

Miscellaneous

Round two of Microsoft layoffs coming September 18: More of the 18,000 are about to receive their notice.

Technorati Tags: Microsoft,Azure,Cloud,Cloud Computing,Networking,Deployment,WDS,Failover Clustering,Office 365,Active Directory

Microsoft News Summary – 10 September 2014

In other news, Apple proves that wearable devices are a pointless Gartner-esque fad, and those preachy tax-avoiding frakkers, U2, suck donkey balls.

Hyper-V

Boot a Hyper-V Virtual Machine Using PXE: A post I wrote for Petri.com

System Center Operations Manager

OM12 Sizing Helper: This is a Windows Phone app version of the OpsMgr 2012 Sizing Helper document.

Azure

Everything You Ever Wanted to Know About Data Protection and More: A new white paper provides in-depth information about protecting critical data in Azure at every layer, whether structured or unstructured, in-transit, or at-rest.
Microsoft Azure Hybrid Connection Client: This download installs the Hybrid Connection Client which enables your Azure VM or a Web/Worker Role instance to access your on-premises data & services using Hybrid Connections.
Windows Azure Poster: I’m sure this will be out of date by the end of the week (if not already).
Scaling Azure VM with Azure Automation, with help of Azure SQL: Using Azure Automation to power down/up VMs when they are not needed, i.e. save money.
Step-By-Step – Enabling A Primary AD FS Server in Azure for Office365 Single Sign-On: This Step-By-Step will provide instruction to setup a primary AD FS 3.0 server on a Windows Server 2012 R2 virtual machine in Azure. This is how you can overcome dependency on HQ Internet connection for roaming O365 users.

Miscellaneous

Microsoft rumored to be poised to buy Minecraft creator for $2 billion: This blocky game is the hottest thing with kids. I’ve spent many an hour *cough* helping *yes, helping* with constructions & adventures on an iPad and Xbox. And to be honest, it is a good problem solving game and it encourages kids to interact, based on what I’ve observed.

Technorati Tags: Windows Server 2012 R2,Windows Server 2012,Hyper-V,Virtualisation,Deployment,System Center,Operations Manager,Windows Phone,Azure,Cloud,Cloud Computing,Hybrid Cloud,RDS,PowerShell,Scripting,Active Directory,Microsoft

Microsoft News Summary – 22 August 2014

Here’s the latest news from the Microsoft wires. More new services have popped up on Azure, mostly for devs, but the SQL AlwaysOn template should be a massive time saver.

Hyper-V

Manually Install a Guest OS in a Hyper-V Virtual Machine: A post by me on Petri.com

Azure

New DocumentDB NoSQL Service, New Search Service, New SQL AlwaysOn VM Template, and more: All of these improvements are now available to use immediately (note that some features are still in preview).
Azure Automation Capabilities in Depth: The Azure Automation PowerShell Cmdlets: Whether you want to use Azure Automation completely headless, or you’re just looking to script a few key actions like bulk runbook import, the Azure Automation cmdlets are for you.
WordPress Troubleshooting Techniques on Azure Websites: You may run into some issues with your WordPress websites and might want to troubleshoot them. This post will review some common issues and discuss the best techniques to resolve them.
Automate Linux VM Customization Tasks Using CustomScript Extension: CustomScript extension provides even more power for customizing your VM, it can run your scripts during or after provision; it can also run on any Azure supported Linux VM.
How to create a hybrid deployment of RemoteApp: This tutorial walks you through the process of creating a hybrid deployment of the Azure RDS service.
Manage your Azure Websites directly with Websites Process Explorer: This is especially useful when your site has been scaled out and misbehaving in some specific instances but not in others. You can quickly identify runaway processes, find open file handles, and even kill a specific process instance. This feature is freely available for all Azure Websites.

Security

Using the Microsoft Security Compliance Manager Tool: Study for those certification exams!

OS Deployment

Utilizing Windows Deployment Services in Windows Server 2012 R2: A free OS imaging solution with multicast, driver management, and all that jazz. A real Ghost killer.

Office 365

Creating an Office 365 Support Organization: Available now on the Partner Learning Center is a new training on best practices for creating an Office 365 Support Organization.
Why FastTrack and the Adoption Offer for Office 365 is great news for partners: The FastTrack and the Office 365 Adoption Offer less than two weeks away, here are some details and resources.

Avoiding Microsoft “Fast Fail” Updates Using SCCM 2012/R2 Automatic Deployment Rules

I know there’s a risk in telling you to delay deploying updates for 1 month. Some think that means switching to manual approval – and that is an oxymoron because manual approval rarely happens. No; I would rather see large enterprises use a model that automatically deploys updates after delaying them for 1 month, just as you can do with System Center 2012 (R2) Configuration Manager (SCCM).

I’m going to refer you to the excellent guides by SCCM MVP, Niall C. Brady. SCCM uses WSUS to download the Windows Catalog. When I configure SCCM I configure WSUS to automatically sync and to automatically supersede updates. That means if Microsoft releases a replacement update, the old version is automatically replaced. That’s important so keep that in mind when reading the rest of the solution.

I will configure automatic deployment rules (ADRs) for each product. The ADR will be set up as follows:

Software Available Time: Set this to something like 21 days. That means that SCCM will hold back any applicable update for 3 weeks. That gives Microsoft lots of time to fix an update and the replacement will supersede the dodgy update.
Installation Deadline: With this set to 7 days, we have 4 weeks before updates are pushed out … and that assuming that we haven’t applied maintenance windows to any collections (servers, VMs, call centre PCs, etc) that might further delay the deployment.

With the above configuration, the dodgy August updates would not have been deployed to PCs or servers on your network. Instead, a tested and fixed update will be released, SCCM will sit on it and automatically approve it at a later date.

BTW, I do a similar thing with Endpoint Protection updates by delaying approval for 4 hours with immediate deployment.

I don’t know of a method for accomplishing this in Windows Intune – I’d like to see it. The same goes for WSUS, but a commenter suggested using cmdlets from this site for WSUS to write a script; I’d rather see a clean solution from Microsoft similar to what we have in ConfigMgr but less granular.

Technorati Tags: System Center,ConfigMgr,Configuration Manager,Deployment

Microsoft News Summary – 15 August 2014

Here’s the latest from the last 24 hours:

New – Configurable Idle Timeout for Azure Load Balancer: Microsoft announced that the Azure Load Balancer now supports configurable TCP Idle timeout for your Cloud Services and Virtual Machines. This feature can be configured using the Service Management API, PowerShell or the service model.
Integrate System Center Advisor into Operations Manager Dashboards: Drive System Center Advisor search using Operations Manager dashboards.
Introduction to Azure Backup: What we expect to be the hottest selling Azure feature for SMEs.
Old IPv4 Router Settings May Be Causing Internet Slowdowns This Week: The number of routes across the Internet is beginning to exceed the number that IPv4 routers were set to handle.
Understanding the files collected by the Test-StorageHealth.ps1 PowerShell script: Understand the results of health and capacity tests done to a Storage Cluster based on Windows Server 2012 R2 Scale-Out File Servers.
Bare Metal Post-Deployment – Running the Post-Deployment Automation and Bonus – Part 5: Final part in this VMM series.
Businesses Using Windows Server 2003 Could Face VISA & MASTERCARD Backlash: End of support in July 2015 = 2015 no more security patches = security vulnerabilities = no PCI compliance = bankruptcy.
Edge Show115 – Azure AD Connect Preview (configuring hybrid identity with Azure AD): This video takes an exclusive look at Azure AD Connect to implement hybrid identity. Jen Field (Senior Program Manager Azure AD Fabric) takes us through using the new deployment tool to deploy Active Directory Federation Services (AD FS), Directory Sync (DirSync / AAD Sync), Azure AD and the accompanying SSL certificates. These are components that you’ll commonly deploy for Office 365, Windows Intune and more.
Replacing TMG with IIS ARR for an Exchange Hybrid: Lots of people looking to replace the now-dead Microsoft Forefront Threat Management Gateway.

Technorati Tags: Azure,Cloud,Cloud Computing,Networking,System Center,Operations Manager,Backup,Hybrid Cloud,Storage,Storage Spaces,Windows Server 2012 R2,Deployment,VMM,Windows Server 2003,Active Directory,Security,Exchange,IIS