ConfigMgr | Aidan Finn, IT Pro

Avoiding Microsoft “Fast Fail” Updates Using SCCM 2012/R2 Automatic Deployment Rules

I know there’s a risk in telling you to delay deploying updates for 1 month. Some think that means switching to manual approval – and that is an oxymoron because manual approval rarely happens. No; I would rather see large enterprises use a model that automatically deploys updates after delaying them for 1 month, just as you can do with System Center 2012 (R2) Configuration Manager (SCCM).

I’m going to refer you to the excellent guides by SCCM MVP, Niall C. Brady. SCCM uses WSUS to download the Windows Catalog. When I configure SCCM I configure WSUS to automatically sync and to automatically supersede updates. That means if Microsoft releases a replacement update, the old version is automatically replaced. That’s important so keep that in mind when reading the rest of the solution.

I will configure automatic deployment rules (ADRs) for each product. The ADR will be set up as follows:

Software Available Time: Set this to something like 21 days. That means that SCCM will hold back any applicable update for 3 weeks. That gives Microsoft lots of time to fix an update and the replacement will supersede the dodgy update.
Installation Deadline: With this set to 7 days, we have 4 weeks before updates are pushed out … and that assuming that we haven’t applied maintenance windows to any collections (servers, VMs, call centre PCs, etc) that might further delay the deployment.

With the above configuration, the dodgy August updates would not have been deployed to PCs or servers on your network. Instead, a tested and fixed update will be released, SCCM will sit on it and automatically approve it at a later date.

BTW, I do a similar thing with Endpoint Protection updates by delaying approval for 4 hours with immediate deployment.

I don’t know of a method for accomplishing this in Windows Intune – I’d like to see it. The same goes for WSUS, but a commenter suggested using cmdlets from this site for WSUS to write a script; I’d rather see a clean solution from Microsoft similar to what we have in ConfigMgr but less granular.

Technorati Tags: System Center,ConfigMgr,Configuration Manager,Deployment

Microsoft News Summary – 30 July 2014

The big news here for MSFT techies are the releases of update rollups for SysCtr 2012 SP1 and SysCtr 2012 R2. Please wait 1 month before deploying to avoid the inevitable issues (history indicates that I am probably right) and use that time to carefully review the installation instructions.

Using PowerShell to Provision Member Servers in Microsoft Azure: How to provision a new member server using a couple of simple commands.
Getting Started with Azure Automation: Automation Assets: What is says on the tin.
New Office 365 admin tools: You can now receive Office 365 service communications in Microsoft System Center by importing the newly available Office 365 Management Pack. And you can integrate Office 365 service communications into your monitoring systems and tools by interfacing with the Office 365 Service Communications API.
How to Setup a Microsoft Azure Virtual Network: This article show you how to setup a Microsoft Azure virtual network and talk about the new Azure point-to-site and site-to-site VPN.
Microsoft Azure Growing Faster than Amazon, IBM, and Google in Cloud Services: A news article I did on Petri.com that also covers Azure in Open Licensing.
Update Rollup 7 for System Center 2012 Service Pack 1: Wait 1 month and read the instructions CAREFULLY before deploying.
Update Rollup 3 for System Center 2012 R2: Wait 1 month and read the instructions CAREFULLY before deploying.
System Center Management Pack for Office 365: Monitor O365 using OpsMgr/SCOM. Through Operations Manager, datacenter admins can monitor the health of their Office 365 subscriptions and provide alerts when subscribed services may be experiencing an outage.
System Center 2012 R2 Management Pack for Virtual Machine Manger Host and Virtual Machine Dashboards: Two new dashboards focused on visualizing resource consumption of virtualization hosts and VMs.
Best Practices for Task Sequences in System Center 2012 Configuration Manager R2: Create and manage SCCM 2012 R2 task sequences using Microsoft best practices.
Avoiding IP Blacklisting with Azure Web Sites: In a multi-tenant environment where customers share a number of IP addresses, it’s not uncommon to have malicious content on a site or two. In some case they may be result of compromise and in other cases this may be intentional. Either way, this can lead to one or more shared IP addresses getting added to the lists of the various black list services that exist on the web. Once a shared IP is blacklisted, this would typically affect innocent sites as well.
Analyst: Cloud Backup Services Should Be a Consideration: Organizations should strategically consider using public cloud services for backup and disaster recovery (DR) scenarios, according to a Tuesday Forrester Research webinar that was sponsored by Microsoft.
MICROSOFT: The (US) Government Has A Sneaky Way Of Forcing Tech Companies To Turn Over Your Emails: Microsoft’s general counsel Brad Smith announced in a Wall Street Journal op-ed Tuesday night that the company will fight a tactic used by the U.S. government to force tech companies to turn over customers’ emails stored on remote servers.

Technorati Tags: PowerShell,Scripting,Azure,Cloud,Cloud Computing,Office 365,Networking,System Center,ConfigMgr,Configuration Manager,Operations Manager,OpsMgr,Deployment,Backup,Microsoft

Microsoft News Summary – 14 July 2014

After a week’s break in Finland, I am back with news from the last 10 or so days. It was a busy period!

Setting up a Highly-Available VMM 2012 Environment: This article will guide you through the recommended way to setup and configure a typical, highly available (HA) System Center 2012 R2 Virtual Machine Manager (VMM) installation.
Introducing Microsoft Azure File Service: Learn about this SMB 2.01 shared configuration/settings/diagnostics feature.
Persisting connections to Microsoft Azure Files: Making the authentication survive logouts.
Virtualization Fabric Design Considerations Guide: This guide details a series of steps and tasks that you can go through to design a virtualization fabric that is able to host many virtual machines. Throughout the steps and tasks, the guide presents options available to you to meet functional and service quality requirements.
Windows Azure Pack Infrastructure as a Service Jumpstart: This clashes with the much more important presentation by me with Petri and sponsored by Veeam.
Using deduplication for Hyper-V Replica out-of-band (OOB) initial replication: A hack to squeeze more VMs into your removable media.
Azure Site Recovery – case of the “network connection failure”: A handy tip for the few that can run ASR.
Step-by-Step: RemoteApp Hybrid Deployment–Part 1: Deploying the managed RDS in Azure.
Introducing Microsoft Azure StorSimple: Introducing the new niche scenario tiered storage models THAT ARE NOT A SAN REPLACEMENT – they are a supplement for the storage of suitable data.
Free ebook – Rethinking Enterprise Storage: A Hybrid Cloud Model: How the Microsoft Cloud OS is and the needs of cloud computing scale and availability have changed the needs and capabilities of storage in the enterprise and hosting environments.
Best practices for setting up Remote Desktop Licensing (Terminal Server Licensing) across Active Directory Domains/Forests or Workgroup: This article provides information on the questions around the supportability (or recommended approach) of setting up Remote Desktop (RD) Licensing across domain, forest or workgroups.
System Center 2012 Configuration Manager SP1 and System Center 2012 R2 Configuration Manager now support Microsoft SQL Server 2012 SP2.
"Not enough disk space" error when you run a V2V conversion to a CSV in Virtual Machine Manager: When you try to perform a virtual to virtual (V2V) conversion to a cluster shared volume in Microsoft System Center 2012 Virtual Machine Manager, the cluster that you selected may have a placement rating of zero stars (unacceptable). File this under FFS.
Beware Keyloggers at Hotel Business Centers: The U.S. Secret Service is advising the hospitality industry to inspect computers made available to guests in hotel business centers, warning that crooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guests.
6 Important Things To Know About Microsoft’s New Volume Licensing Program: The program for >250 users that is replacing Slect Plus, MOSA, and MBSA, is slowly being rolled out worldwide.
Create a NIC Team Inside of a Hyper-V Virtual Machine: A post by me on Petri.com
Using the Microsoft Azure IaaS Cost Estimator Tool: A post by me on Petri.com
Pinning a File in Tiered Microsoft Storage Spaces: A post by me on Petri.com
Pause and Drain Actions on Windows Server 2012 R2 Clusters: A post by me on Petri.com
Live Exporting Windows Server 2012 R2 Hyper-V VMs: A post by me on Petri.com
Evolving Office 365 plans for small and midsized businesses: Renaming and repackaging of SME O365 plans. This is a confusing read to most – MicroWarehouse Ltd customers in Ireland should talk to Nicole to get a breakdown.
Nadella Outlines Microsoft Organizational Changes: Major engineering and organizational moves will be made by Microsoft over the next month, according to CEO Satya Nadella.
Microsoft Enhancing Azure Management, Expanding U.S. Locations: Microsoft is adding improvements to its Azure Portal preview, which are expected to arrive next week.
Report: Windows, PCs to Rebound in 2015: PC sales to increase in 2015, but tablet sales to pass those of PCs for the first time, according to Kool-Aid distributor, Gartner.

Technorati Tags: System Center,VMM,Failover Clustering,Azure,Cloud,Cloud Computing,Storage,Networking,Hyper-V,Hybrid Cloud,DR,RDS,Licensing,ConfigMgr,Security,Office 365,Microsoft,Hardware

Microsoft News Summary-30 May 2014

Greetings from Belgium where I will be presenting a Hyper-V over SMB 3.0 session (designing & implementing a SOFS) at E2EVC, a community virtualization conference. Here is the Microsoft news of the last 24 hours. It appears that the momentum to signing up to support and partner with Azure is growing.

KB: Configuring and Troubleshooting Operating System Deployment in System Center 2012 Configuration Manager: While there are no simple guides to implement something as powerful and complex as OSD, this article describes the step-by-step process for configuring System Center 2012 Configuration Manager (ConfigMgr 2012) to capture an existing Windows image, then walks you through creating a Client Package and Task Sequence to deploy and install that image.
TechEd NA 2014 Interview: Microsoft GM Mike Shutz Discusses End User Computing and More: Part 2 of my interview with Mike Schutz, where I start of by asking “should IT pros fear the cloud” and then move into end-user management and mobile device management.
Recreate a Virtual Machine in Microsoft Azure: Learn how to quickly recreate a virtual machine configuration in Microsoft Azure without having to reinstall or back up the virtual hard disk.
Understand OData Services with Windows Azure Pack IaaS: This topic provides basic information about what OData is and how it works. This is extremely important because IaaS for Windows Azure Pack is offered through an OData service, specifically by Service Provider Foundation through the Service Management API. If you are new to OData, it would benefit you to read this entire topic.
Microsoft Azure users to get access to Salesforce tools: Microsoft Azure users will soon get access to Salesforce.com’s customer management tools, following the announcement of a new strategic partnership between the two firms.

TechCamp 2013 Wrap Up

Yesterday we ran TechCamp 2013, the Irish community launch of Windows 8.1, Windows Server 2012 R2, System Center 2012 R2, and Windows Intune. All the feedback I have heard has been positive – thankfully! 🙂

We kicked off with Dave Northey (Microsoft CAT Program Manager). Dave was the IT Pro DPE in Ireland for quite some time and has spoken at every launch event since Windows NT. It would have been wrong not to have Dave in to do the keynote.

After that we broke into two tracks. I did the WS2012 R2 session and next door, Damian Flynn (MVP) did the Windows 8.1 in the enterprise session. I wanted to attend Damian’s session – I hear it was excellent, covering the BYOD and mobile worker scenarios.

In the desktop track, some speakers from Microsoft introduced the new generation of devices that the various OEMs are bringing to market for Windows 8.1 and Windows RT 8.1, and what Windows Intune now offers for distributed end users, mobile workers, and BYOD device/app management.

Back in the server & cloud track, Paul Keely (MVP) did a session on service automation.

Damian was back on stage in the server & cloud track talking about using SCVMM 2012 R2 and Windows Azure Pack to build a hybrid cloud on Azure and Windows Server 2012 R2. Kevin Greene (MVP) wrapped up the track explaining how System Center can be used to manage service availability and quality.

Niall Brady (MVP), an Irish man living and working in Sweden, wrapped up the desktop & devices track by talking about System Center Configuration Manager 2012 R2.

We asked for a small registration fee to encourage legitimate registrations and to get a higher turn-up rate. That fee went to a good cause, an NGO called Camara. We had Mark Fox in from Camara. This gave Mark a chance to tell the audience (after the keynote) about the good work that Camara does. They take unwanted PCs from businesses, securely wipe the PCs, track them, and reuse those machines to provide a digital education to needy kids. Education is the best weapon against poverty and war, and Camara is on the frontline. Mark also staffed a stand in the exhibition room, and hopefully businesses found a way to get rid of machines in their drive to rid themselves of Windows XP, and make a difference in the world while doing it.

We have a whole bunch of sponsors to thank:

MicroWarehouse: My employers were the primary sponsor. This event would not have happened without the huge effort by John Moran. I would have been happy with a projector in a shed (with VPN access to my lab) but John made this a professional event.
Microsoft: Thanks for the support from Ciaran Keohane, the help from Michael Meagher.
Ergo: One of the leading Microsoft partners in Ireland, regularly winning Server partner of the year.
DataOn Storage: One of the manufacturers of certified Storage Spaces hardware
Savision: Creating dashboards for System Center that aid IT operations.
Toshiba: who had some devices on hand (including their new 8” Windows 8.1 tablet), most of which aren’t even on sale yet!

A big thank you goes out to each speaker who prepared 75 minute sessions (two of them in the case of Damian). In case you don’t know, that’s probably a couple of days work in preparing slides, demos, and rehearsing, sometimes into the wee hours of the morning.

And finally, thanks to everyone who helped us communicate the event, and of course, came to the event to hear about these new solutions. I hope the day proved valuable.

We had a number of people ask if we’ll run more events like this next year. I believe that this is something that we will strongly consider. There won’t be any launch stuff for us to cover for a while, so maybe we’d look at doing more “here’s how” content. We’ll have to review and consider our options before we make any decisions.

Technorati Tags: Events,Windows Server 2012 R2,MVP,System Center,VMM,Virtualisation,Storage,Networking,OpsMgr,ConfigMgr,Intune,Windows 8.1

Launch Event – Learn From The Best; Not From The Rest

There are only hours now between now and the start of TechCamp 2013 in City West in Dublin, where Irish MVPs (and a couple of Microsoft folks) will be presenting on:

Windows Server 2012 R2
Service automation using System Center 2012 R2
Hybrid cloud using Hyper-V Network Virtualization, NVGRE, SCVMM 2012 R2 and Windows Azure Pack
Service level management using System Center 2012 R2
Windows 8.1 in the business
New Windows devices
BYOD, consumerisation of IT, and mobile device management
Enterprise desktop management using System Center 2012 R2

You could wait for a sales person come to town and tell you stuff that they’ve read about.

Or, you could make a little effort to come to TechCamp 2013 where some of the worlds leading experts independent experts (all with international followings and tech book credits to their names) on these technologies (who are Irish BTW) will be there to present an honest appraisal of this technology that they have worked with every day since the 2012 R2/8.1 previews were launched.

Technorati Tags: Events,Windows Server 2012 R2,System Center,Windows 8.1,Windows Azure Pack,VMM,Operations Manager,ConfigMgr,Intune,Cloud

Windows Intune “Wave F”

The new version of Windows Intune is not actually called “Wave E”. I found a presentation by Microsoft Norway that calls the latest release “Blue/Wave F”

Some of the slides hint that Intune is doing single sign-on for BYOD. That’s not strictly true; that functionality is accomplished via new functionality in WS2012 R2:

ADFS + PKI
Workplace Join via Device registration service
Web Application Proxy
Work Folders synchronization and selective wipe

Intune can make use of single sign-on for the end user/admin experience to secure, apply policies, audit, remote control, offer support, and deliver apps to Android, Windows (real, RT, and Phone), and iOS.

Intune has pretty much evolved into Microsoft’s mobile device management (MDM) solution, also equally capable of managing the traditional on-premise PC. Intune gives you a manage-it-anywhere platform that can control devices directly or through System Center Configuration Manager (like an extension of SCCM into the cloud for integrated MDM). It’s either your BYOD management system and/or your remote device management system, partnering with the advancements in WS2012 R2.

You can find out more about the new functionality in Windows Intune in this post.

Technorati Tags: Intune,ConfigMgr,System Center

Event: TechCamp2013 – Learn About Windows Server & System Center 2012 R2 And Windows 8.1 (Dublin)

I’m delighted to announce that on November 28th in City West Hotel (just outside the M50 in Dublin), there will be a community launch of:

Windows Server 2012 R2
System Center 2012 R2
Windows 8.1 (in the business)

For all intents and purposes, this is the launch of the next generation of infrastructure products in Ireland. Community launch means that you’re getting independent experts telling you the facts about these products. The experts are Microsoft Most Valuable Professionals (MVPs), including:

Myself
Damian Flynn
Paul Keely
Kevin Greene
Niall Brady

All the details can be found on the event website at http://techcamp2013.wordpress.com/. The site isn’t finished yet, but I was keen to get information out to you ASAP. More event, speaker and sponsor information will be added in the coming days.

You can also follow @techcamp2013 on Twitter to keep up with the latest news.

We’re really excited to present this event to you. We really hope to see you there!

Notes:

There is a small registration fee but all proceeds are going to a worthy tech-related charity
The event will be held once in Dublin and will not be repeated or travel. This is too big of an event to take on the road.
We’ve deliberately selected a location outside of the city to make travel easier for long distance travellers.
The location, City West Hotel, has pretty economic accommodation and we’ve listed some nearby hotels that offer good rates on the site.
There will be no streaming of the event.

Agenda:

This is a two-track event so I’d strongly recommend that you come in pairs, maybe taking and sharing notes in OneNote or whatever your favourite note-taking tool is.

Time

Windows Server & System Center

Windows 8.1 & Device Management

09:00-09:40

Keynote

Speaker: Dave Northey, Microsoft

Learn how the entire package from Microsoft fits together

09:45-11:00

Windows Server 2012 R2

Speaker: Aidan Finn, MVP

What does WS2012 R2 bring to virtualisation, cloud, storage and networking?

Windows 8.1 in the Business

Speaker: Damian Flynn, MVP

How Windows 8.1 Pro and Enterprise can chance user experience an enable BYOD.

11:00-11:30

Break

Get a drink/snack & meet the sponsors.

11:30-12:45

System Center Virtual Manage Manager & Hybrid Cloud

Speaker: Damian Flynn, MVP

Start deploying and taking control of the entire data center with VMM 2012 R2!

Windows 8.1 Devices

Speaker: Microsoft TBA

Devices are a central ingredient to the “Windows 8.1 in the business” story. What are Microsoft and partners doing?

12:45-13:30

Lunch

Get something to eat & meet the sponsors

13:30-14:45

System Center Service manager & Self-Service/Automation

Speaker: Paul Keely, MVP

See how System Center can automate repetitive processes, optimise time planning for IT, and change the business.

Windows Intune

Speakers: Microsoft TBC

Windows Intune is a much bigger solution than you think, including branch offices, BYOD, and covering all kinds of devices (Windows & others).

14:45-15:00

Break

Refuel for the afternoon push & meet the sponsors.

15:00-16:15

System Center Operations Manager & Service Management

Speaker: Kevin Greene, MVP

It delivers a service, but just how is that service performing?

System Center Configuration Manager

Speaker: Niall Brady, MVP

Take control of every device in your enterprise like you’ve always dreamed, but keep the users happy with self-service? That’s not possible, right? Wrong!

Technorati Tags: Events,Windows Server 2012 R2,System Center,Hyper-V,Virtualisation,Cloud,Windows 8.1,ConfigMgr,OpsMgr,VMM

Event – The Path To Windows 8

I will be speaking at an event in London UK called The Path To Windows 8.

The Path to Windows 8 event brings together the brightest IT professionals from around the world to talk about Windows 8 and how Microsoft can help you migrate your current desktop infrastructure to Windows 8.

In addition, the team will demonstrate all aspects of a Windows migration and, with Windows XP life support ending april 2014, it is time to learn what and how you can do these tasks.

Date: 5 July 2013
Location: Microsoft UK Cardinal Place, 80-100 Victoria St, London SW1E 5JL
Capacity: 104 people
Click here to register

Agenda:

8:30 – 9:30 Registration
9:30 – 10:00 Keynote, Edward Cook – Microsoft Partner Technology Advisor
10:00 – 11:15 Path to Windows 8, David Nudelman – Microsoft MVP
11:15 – 12:30 Successful migrations to Windows 8 with Configuration Manager, Raphael Perez – RFL Systems – Microsoft MVP
12:30 – 13:15 Lunch Break and Networking
13:15 – 14:30 Creating your Configuration Manager Infrastructure with Hyper-V, Aidan Finn – Technical Sales Lead at MicroWarehouse – Microsoft MVP
14:30 – 15:45 The Future of Desktop, Simon May – Microsoft Evangelist
15:45 – 16:00 Break
16:00 – 16:45 Ask the experts and Prize draw

Technorati Tags: Hyper-V,Virtualisation,System Center,ConfigMgr

Reminder: Re-Download Configuration Manager & Endpoint Protection 2012 SP1

You may have noticed some issues being reported with System Center 2012 SP1 Configuration Manager deployments. It turns out that there were also some issues with the Linux/iOS Endpoint Protection agents. As a result, you might need to re-download your media. Check out this blog post to get more information.

Technorati Tags: ConfigMgr,System Center