RTM: System Center Operations Manager 2007 (MOM 2007)

OM 2007, the successor to MOM 2005, has been released.  I’m a huge fan of MOM 2005.  I haven’t had a look at OM 2007 since early betas last Summer but it’s shaped up to be a worthy successor.

The drive towards Microsoft’s Dynamic Systems Initiative continues with OM 2007.  Features from ITIL/MOF are present in the form of service modeling.  Also of interest, Audit Collection Services (ACS) introduces a new function to centrally gather important security event log entries to a central database.

There’s way more than I can cover in a single blog post.  I’ll save the electronic rain forest and just give you a few links:

Microsoft Whitepaper: Desktop Optimization Pack for Software Assurance

Microsoft has published a free to download whitepaper that discusses the Desktop Optimization Pack and how it can greatly reduce the cost of ownership of a desktop network. 

I covered this package when it was first announced.  It includes some great solutions but Microsoft has really made a huge mistake by only making it available to customers of the extremely unpopular and often uneconomic Software Assurance program.

Six Months In …

It’s six months since I started this blog.  Six months ago I decided to get back into the contracting market and launch myself as an independent consultant.  I left a great company (4sol Ltd) but I felt it was the right thing for me at the time.

This blog was launched with the intention of using it as an extension for my CV/resume.  It’s become way more than that.  I think I’m learning more and more and becoming more aware of the marketplace because of my desire to keep the blog up to date.  For that, I’ve got to thank you, the regular readers and RSS subscribers.  I’ve been keeping an eye on my hit rates which have gone up from a few hits a day to thousands in a week.  That has driven me to keep up with how things are developing.

I truly thank each of you for checking out my blog on a regular basis.  I pledge to keep it up to date as much as I can and I’ll keep adding my own appreciation of how things are going rather than just simply regurgitating RSS and news feeds.

By the way, you may have noticed that my other passion in life is photography.  If you’re interested, I recently started a blog of my photographic efforts and knowledge.  I can’t say I’ll ever be able to keep the updates on that blog coming as frequently but I will add the 2 cents that I have … Windows IT Pro’s surveys do indicate that a significant number of IT pros are into photography!

Microsoft Support: Windows Server 2003 SP2 Compatibility

Microsoft has released a listing of applications that they have tested against Windows Server 2003 Service Pack 2.  Obviously they cannot test everything so you should check with your ISV’s before deploying SP2 onto your Windows 2003 Servers, test, backup and then deploy following a change control process with a rollback plan in place.  I’d recommend pilot machines being selected before you go about deploying on a widespread basis.

And a lesson learned from SP1.  I haven’t checked if MS have released an SMS package definition file yet (PDF).  If they have, make sure you disable the installation time limit.  SP1 had a deadline that was too short for slower servers and would leave them inoperable, i.e. stop the installation half way through.  I’m glad to say I found that one in a test lab.

Windows Server 2003 Service Pack 2 and Automatic Updates

The Microsoft Server team posted a quick article informing us that although SP2 will be available immediately as a high priority update on AU, it will not be forced onto machines for the first 3 months.  If you wish to prevent this installation then you can deploy and manage a blocker tool for SP2.  The toolkit contains an executable, script and a Group Policy ADM template.  You can use either of the 3 methods to create and edit a registry key that blocks or enables SP2 installation.

The key is HKLMSoftwarePoliciesMicrosoftWindowsWindows Update.  The value controlling the installation is DoNotAllowSP.  Setting this to "1" will block installation of SP2 indefinitely via Automatic Update or Windows Update.  The best solution to control this in an AD environment will of course be to use the ADM template and Group Policy.

Quick Look at CM 2007 Beta 2

A lot has changed since Beta 1 of Configuration Manager 2007.  I had a quick look yesterday and some quick things I noticed:

  • The user interface has started to be updated.  SMS is more frequently being referred to as ConfigMgr.
  • After a quick look, boundaries are simplified to just "fast" and "slow and unreliable".
  • When defining a boundary, you can browse for an available AD site or even define an IPv6 prefix.
  • Software update management used WSUS 3.0 for update synchronisation.  The GUI of the role configuration is lifted right from WSUS.
  • OS Deployment now uses WDS as a PXE engine.  It feature a new role for PXE.
  • There is a mixed mode (supporting SMS 2003 in the hierarchy) and mixed mode.
  • Mixed mode requires a PKI.  It also allows for Internet based clients.
  • A management point can be made available to Internet clients.
  • The mixed mode PKI requires a lot of work before you even start installing CM 2007.  The documentation available for beta 2 is flawed.  You need to create 2 new templates and issue certs to your ConfigMgr site role hosts.
  • You can jump from native back to mixed mode.
  • Beta 2 does not support SMS 2003 R2 upgrades.
  • Additional functionality includes desired configuration management.
  • There’s no more mention of legacy clients.

I’ll post some more as I come across it.  I plan to work through the product ASAP.