Wrong assumptions about the System Center Suite

6:45 pm in Uncategorized by mikeresseler

Hey All,

It’s Friday (TGIF) and I’m sitting on the train (for quite a long time) heading home after an exiting, but exhausting week.  I’ve had some nice successes with my customer and I went to the Techdays 2010 in Belgium.  As I am sitting here, I was thinking about a few things that were said on the techdays about System Center, and also what the new products will mean for System Administrators in their day-to-day work.  And I realized that many people are having the wrong ideas about the system center suite.  So here are my thoughts about some wrong assumptions.


Wrong assumption #1: System Center is a technical solution


Every time I’m talking to IT-pro’s, I basically meet two kind of people: the ones that are convinced about System Center tell me that it can do practically everything.  And the ones that are not yet convinced will tell me that it is a great suite, but needs some additional work, and most of them will tell me that they either use it in their environment, or certainly looking at it at a constant base.  But this is were tehy all go wrong.  We look at it as a great tool that can do great technical things.  So what are most people doing?  They integrate it as a technical solution, deploy as many management packs, DCM rules, packages or whatever, as possible, and finally deploy all the agents.  Oke, we are monitoring everything, deploying everyting, backing up everything… how cool is that. 

Yes, it is cool, but we should also look at it from a business perspective, and preferred BEFORE we start to implement this solution.  Why?  To deploy it as a monitoring tool for services.  Or a deployment solution for services or… Think about it.  What if you can say to your peers (and I know I am talking now an easy example) that you monitor the email system as a whole.  They will like it (and probably ask a monthly report about it).  Imagine that you say to your peers that you can use Operations Manager to monitor all your exchange servers, both the virtual and physical ones, your switches, your internet line for sending and receiving emails, your gateway, your anti-virus, your …  What will the response be?  If you are lucky, they will say ‘Good for you’ and if not they will say ‘I don’t care’ or even worse ‘Did I pay that much money and that’s the only thing you can do with it?’.

Back to the ‘email service’.  Peers or managers or directors or whatever title your bosses have will not care what technical magic you are doing.  They only care about the fact that their email is working, that it is safe, and that they can’t catch viruses.  That’s it.  So if you say that you monitor the email service (call it messaging service, sounds even better for them) and can give a report about it, then they will say “Job well done” and you are on the way for buying your next system center product 😉

Doing it like this, will give you additional benefits.  Think about it, the only thing that you need to monitor is the “messaging service”.  As long as it runs, no problem.  So if you have failover, clustering, DAG, live-migration and who knows what extra protection then you can deliver your 99,99% messaging service availability almost every time.  Even if one of the components go down, you get an alert, your SLA is not violated, you fix it with the knowledge in the system, case closed, nobody cared, no time pressure, and no slap on the head because you didn’t meet your SLA’s.


Wrong assumption #2: Opalis takes the ITPro’s work away

A new product is coming to the system center suite.  For the moment, still called System Center Opalis (no idea if they going to rebrand it) and it is the talk of the town.  Opalis is what they call an ITPA (IT Process Automation) or RBA (Run Book Automation).  A few weeks ago, I was telling about Opalis to a colleague and the first thing he said was ‘Damn, something to create automatic ITIL processes, keep it away from me as long as possible’.  Wrong assumption.  While it can be perfectly used to implement ITIL processes (or Cobit, or MOF) it can also do general maintenance.  So he says, it is a ‘scheduler’.  Wrong again, true, this can be done by it, but it is also event-driven.  ‘So what is it?’ he asked.  I explained him, that the purpose of this tool is to create processes in such a way that it takes away as much as possible of the day-to-day work and to automate solutions to problems when it goes wrong.  Before I could say more, he drew his gun and shot me down :-).  The reason for that?  I was talking away his work.  He would get fired because he wouldn’t be necessary anymore.  And if it wasn’t him, it would be one of his colleagues.  Wrong assumption.  Although that he was wrong three times, it is quite a clever IT guy.  I told him that there still were people necessary to build these processes.  And that these processes aren’t always working.  Ill explain that a little bit later with an example given by Maarten Goet yesterday at the techdays in Belgium which I found a very good example.  Anyway, what Opalis will be doing is:

  1. Try to solve issues out of its own
  2. Fill in data (ticketing systems, alerts, …)
  3. Do day-to-day maintenance out of its own without a user intervening so stopping human errors (and we all know that these most of the time happen when you need to do repetitive work)
  4. Be faster then humans! Think about it, if you can automate many things, the problem will be much faster resolved then you can as an IT pro.  And is that a bad thing?  No way, the lesser fires you need to put out, the better.

So what’s the IT Pro is going to do more?  Simple.  As I said, he is a clever guy, so he can use his time to improve the IT infrastructure and processes.  He can use his time to think actively about the requirements of the users, his customers.  If he’s lucky, he will even have the change to discuss the future roadmap of the company.  And that is exactly what he should do.  No, changes are that he won’t be taking the decisions.  Hey, he will probably not be in the meeting where the decision is taken.  But he will be actively involved in finding a good solution for the business requirements and assist his manager in finding and defending a good solution towards the management.  The manager who doesn’t want this is in my opinion not a good manager.  And the IT Pro that doesn’t want time to investigate new things on the market, study on business requirements but only wants to fight fires?  I still have to meet this guy.  And even if he doesn’t get the ability to do these things, it will still mean less evening work, less weekend work, and less stress.  Hooray!

Now about that example.  Maarten showed us a process where Operations Manager alerted that a certain windows service went down.  The process created a ticket in the helpdesk system, changed the alert in Operations Manager, tried to start the service again, and on success updated the alert, the ticket and case closed.  Nobody did something except see that there was a new ticket in the helpdesk system.  But Maarten created also the path when the service didn’t start again.  And then the ticket got escalated.  An SMS was sent to an engineer (in the demo a pop-up but you get the picture right :-)) and now it was time for the engineer to troubleshoot why the service doesn’t start anymore.  Still, the first step, restart the service was already taken, the ticket already existed, so basically the engineer won at least 15 minutes if not more.


Wrong assumption #3: The suite are stand-alone separate products

The system center suite consists out of x number of applications, and they don’t work together.  Difficult one, because it is true, and not true.  Yes, you can perfectly setup an infrastructure where all these tools are running next to each other, and where they don’t work together.  In fact, I hear that many projects are dealt this way.  Why?  Probably because it is much cheaper this way, and the project is much faster implemented so you have quicker results.  This is (of course) short term thinking, and should be avoided.  Operations Manager and Virtual Machine Manager work perfectly together.  Configuration Manager and Operations Manager work perfectly together.  And while you are busy, deploy your virtual machines with Configuration Manager, just the same way you are deploying your physical machines.  Don’t forget to use the patch management within Configuration Manager and view the failures in Operations Manager.  Data Protection Manager and Operations Manager.  Check.  Data Protection Manager and Virtual Machine Manager.  Check.  Deploy your different agents with configuration manager.  Check.  (I can continue for a while but I hope you get the picture.)

The statement is also true, because it was lacking two important things within the suite.

  1. A central helpdesk system (or service desk, whatever term you are using and don’t get me wrong, I refuse to look down on the “helpdesk”.  I invite every engineer, architect or whatever to run a few weeks in an average helpdesk, they will start smoking and drinking after day 3 ;-))
  2. An automation system

Hey, number 2 is just discussed, and number 1 will be there very soon.  Say again that Microsoft has no vision, they just proved you wrong :-)

But for all those guys that like to shoot at Microsoft, it was already possible before.  There were connectors to other products that could do the job very fine.


Wrong assumption #4: It is only for technical guys

No, no, three times no.  Almost every product within this suite can be organized so well that whoever needs access to whatever data, you can arrange it WITHOUT risking that those persons screw up everything.  This takes me back quite a few years where I wanted to delegate the right to create, update and disable (not delete) users within Active Directory to the secretary of Human Resources.  Reasons:

  1. I’m lazy and type to many times a name wrong :-)
  2. By the time I knew that somebody new started at department x, he was already standing at my desk for a username (don’t you just hate that, but hey, another reason for Configuration Manager and OS Deployment, or MDT if that fits your needs)
  3. I never had the time (I used to be an excellent fire fighter.) to drop everything and create that user.  Not to mention that I always wanted to see paperwork from HR, you never know who tries to fool you :-)

About every colleague I had started to shout that that was about the most stupid idea I could have (And I can assure you, from time to time I really can have stupid ideas ;-)).  Why I asked? Answer: Nobody wanted the secretary (there were actually 2) to do something inside the heart of our infrastructure.  Now you have to image that Identity Management solutions were or extremely expensive or basically not usable so that was not an option.  So I tried to convince them with delegation of rights, tutored the secretaries for 2 hours, and let them use it, closely monitored by the colleagues.  After one month, nobody cared anymore, and no one of us needed to create a user anymore.  Only if the user needed to be deleted (which I think is bad practice…) we needed to get in action.  No more changing AD data because a user had a new address, changed her last name into her married one and so on.

Back to 2010 and system center.  Why not delegate certain jobs to other people.  Wouldn’t it be great if the helpdesk could use Config Manager to take over desktops.  To deploy workstations.  (I even have the scenario where the guy from the warehouse accepts the new workstations, takes the attached email sheet received from VendorX (I can’t advertise here right :-)), puts it in SCCM, takes out the computers to a desk, plugs in the cable and magic is happening… 50 new workstations ready to be given to new users.  Or what about the SQL team?  Give them a limited view in Operations Manager so that they can see their alerts.  And how about some managers?  Give them reports about the software metering, number of alerts on a monthly base (Imagine this, a manager sees 500 alerts in one month, but no user complaints and more important, he never noticed anything… Meet your new nickname: Speedy Gonzalez).  I can probably continue here with hundreds of examples but just think about your own situation in the office.  How many times do you need to deliver data or reports or whatever to managers, other IT teams and so on.  Give them the rights to look at them their selves.  Then they won’t bother you, and you just have some more free time.


Wrong assumption #5: First we implement a project, then we think about System Center.

Yeah, common mistake, but big mistake.  Try to convince your co-workers, peers and whoever is involved to think about the management upfront.  I promise you, you will gain with it.  We actually use sometimes Operations Manager to take away human errors out of our implementations.  If it is there, use it.  Oh, and never forget Backup before you start a new project.  I hate it when they do that and it always costs me way too much time to resolve everything afterwards.  First thinking, then touching the keyboard.



Do you agree with me?  Some will say no, others will say yes and others will say yes but…  And it is normal.  You should look at the system center suite as a framework.  Don’t just install everything with next next next finish, but think about it before you start.  Think about the advantages that you can have if you model the suite to the business needs.  You will save valuable time to spent with your family, investigate new stuff or get a go from your boss to be at the techdays next year and come over to the SCUG booth and have a discussion with me :-). 

If you have comments about these Friday evening thoughts just shoot.  Don’t agree? Fire away.  The more people, the more ideas and hey, the better the results.  Some of you will probably have even more wrong assumptions about System Center.  Will be glad to hear them.

Hoping that you do these things above so that you don’t read this in the weekend 😉 Oh and sorry about my proza, it is friday evening after all, and I really just typed my thoughts :-)