Microsoft News–13 July 2015

I don’t have all that much for you, but the big news is the Azure Site Recovery (ASR, Microsoft’s DR site in the cloud) now supports VMware virtual machines and physical servers, without using System Center. You do need to run some stuff on-prem and in the cloud to make it work though, so there will be a tipping point where the solution becomes affordable.

Azure

clip_image001

System Center

Office 365

Microsoft News – 25-May-2015

It’s taken me nearly all day to fast-read through this lot. Here’s a dump of info from Build, Ignite, and since Ignite. Have a nice weekend!

Hyper-V

Windows Server

Windows Client

System Center

Azure

Office 365

Intune

  • Announcing support for Windows 10 management with Microsoft Intune: Microsoft announced that Intune now supports the management of Windows 10. All existing Intune features for managing Windows 8.1 and Windows Phone 8.1 will work for Windows 10.
  • Announcing the Mobile Device Management Design Considerations Guide: If you’re an IT Architect or IT Professional and you need to design a mobile device management (MDM) solution for your organization, there are many questions that you have to answer prior to recommending the best solution for the problem that you are trying to solve. Microsoft has many new options available to manage mobile devices that can match your business and technical requirements.
  • Mobile Application Distribution Capabilities in Microsoft Intune: Microsoft Intune allows you to upload and deploy mobile applications to iOS, Android, Windows, and Windows Phone devices. In this post, Microsoft will show you how to publish iOS apps, select the users who can download them, and also show you how people in your organization can download these apps on their iOS devices.
  • Microsoft Intune App Wrapping Tool for Android: Use the Microsoft Intune App Wrapping Tool for Android to modify the behavior of your existing line-of-business (LOB) Android apps. You will then be able to manage certain app features using Intune without requiring code changes to the original application.

Licensing

Miscellaneous

Microsoft News – 16 February 2015

I was away on vacation for a little bit, photographing eagles in Poland. And then I came back and had to dive deep into Azure Site Recovery to prep a training class.

I’m back in the normal swing of things so here we go …

Hyper-V

Windows Server

Windows Client

System Center

Azure

Office 365

Intune

  • How to Set Up Per-App VPN using Microsoft Intune: IT Professionals can specify which managed apps can use VPN on an Intune managed iOS device and makes the connection experience seamless for the user by abstracting the steps taken to connect to a VPN server when accessing corporate documents.
  • February update to Microsoft Intune: New Intune standalone (cloud only) features were made available as part of this service.

Miscellaneous

Microsoft News – 14 January 2015

Here’s the Microsoft updates from the last few days.

Windows Server

System Center

Azure

Office 365

Microsoft News – 10 December 2014

I’ve included a few videos that Carsten Rachfahl recorded at the MVP Summit in Redmond last November.

Hyper-V

Windows Server

System Center

Azure

Office 365

Intune

  • Microsoft Intune App Wrapping Tool for iOS: The tool is a Mac OS command line application that creates a ‘wrapper’ around an app. Once an app is processed, you can then change the apps functionality using an Intune mobile application management policy that you configure.

Microsoft News Summary – 1 October 2014

There’s not all that much news to cover this morning. Oh … hold on …

Hyper-V

Windows Server

clip_image001

Windows Client

clip_image002

System Center

Azure

Security

Office 365

  • Delivering the first chapter of Groups in Office 365: Grouping of users will be rolled out to all customers that have an Exchange Online or Office 365 commercial subscription, both new and existing. Eligible Office 365 plans include the Office 365 Enterprise E1–E4 subscription plans (including the corresponding A2–A4 and G1–G4 plans for Academic and Government customers, respectively), Office 365 Business Essentials and Business Premium plans, Office 365 Small Business, Small Business Premium and Midsize Business plans and Office 365 Kiosk plan.
  • Step-By-Step – Setting up the new Azure AD Sync Tool: AAD Sync is Microsoft’s new directory synchronization tool that simplifies the process of connecting Azure AD to Windows Server AD. It also makes it more simple to connect complex, multi-forest deployments.

The Funnies

  • America’s CBS attempts to out-dumb CNN:

clip_image003

Microsoft News Summary – 11 September 2014

More Azure changes. Keeping up with this is difficult!

Azure

  • More changes announced: VPN Support for Azure Websites, Scalable CMS in the app gallery, role-based access control, and more stuff were announced yesterday.
  • Update for Azure Backup for Microsoft Azure Recovery Services Agent: The agent now supports weekly backups with 120 retention points, and 9 years of retention (one recovery point every 4 weeks). You can use this version of the agent together with the Microsoft Azure Site Recovery service to protect virtual machines that are running on Windows Server 2012 R2 CORE SKU and Microsoft Hyper V Server 2012 R2 into Azure.

Office 365

Legal

Avoiding Microsoft “Fast Fail” Updates Using SCCM 2012/R2 Automatic Deployment Rules

I know there’s a risk in telling you to delay deploying updates for 1 month. Some think that means switching to manual approval – and that is an oxymoron because manual approval rarely happens. No; I would rather see large enterprises use a model that automatically deploys updates after delaying them for 1 month, just as you can do with System Center 2012 (R2) Configuration Manager (SCCM).

I’m going to refer you to the excellent guides by SCCM MVP, Niall C. Brady. SCCM uses WSUS to download the Windows Catalog. When I configure SCCM I configure WSUS to automatically sync and to automatically supersede updates. That means if Microsoft releases a replacement update, the old version is automatically replaced. That’s important so keep that in mind when reading the rest of the solution.

I will configure automatic deployment rules (ADRs) for each product. The ADR will be set up as follows:

  • Software Available Time: Set this to something like 21 days. That means that SCCM will hold back any applicable update for 3 weeks. That gives Microsoft lots of time to fix an update and the replacement will supersede the dodgy update.
  • Installation Deadline: With this set to 7 days, we have 4 weeks before updates are pushed out … and that assuming that we haven’t applied maintenance windows to any collections (servers, VMs, call centre PCs, etc) that might further delay the deployment.

image

With the above configuration, the dodgy August updates would not have been deployed to PCs or servers on your network. Instead, a tested and fixed update will be released, SCCM will sit on it and automatically approve it at a later date.

BTW, I do a similar thing with Endpoint Protection updates by delaying approval for 4 hours with immediate deployment.

I don’t know of a method for accomplishing this in Windows Intune – I’d like to see it. The same goes for WSUS, but a commenter suggested using cmdlets from this site for WSUS to write a script; I’d rather see a clean solution from Microsoft similar to what we have in ConfigMgr but less granular.

Microsoft News Summary – 30 July 2014

The big news here for MSFT techies are the releases of update rollups for SysCtr 2012 SP1 and SysCtr 2012 R2. Please wait 1 month before deploying to avoid the inevitable issues (history indicates that I am probably right) and use that time to carefully review the installation instructions.

Microsoft News Summary – 8 May 2014

Here’s the news for the last 24 hours. I suspect things will remain quiet until the keynote at TechEd. Even then, I’d expect news to be limited to cloud services.