You are browsing the archive for Uncategorized.

Package Conversion Manager

7:53 am in Uncategorized by nsienaert

Hi there!

As I explained already in my previous posts deploying MSI software is really they way to go in SCCM 2012. Also, Packages (with their program(s)) like we know them with SCCM 2007 are not the prefered way anymore since there is the new Application model in SCCM 2012.

As I explained in my Migration posts you can still migrate such Packages, so yes SCCM 2012 does still support them. But to get benefit of the new Application model and to get control of your complete Application Life Cycle management it’s strongly recommended to move away from Packages.

Well, to help you with this Microsoft created Package Conversion Manager (PCM) to convert such Packages into Applications. PCM integrates seamlessly with SCCM 2012 and is available since last week on Connect.

Chris Adams wrote some great high level blogs about PCM, explaining:

The look and feel in the SCCM Console

http://blogs.technet.com/b/chrad/archive/2011/11/07/configmgr-2012-introducing-package-conversion-manager-pcm-for-seamless-migration-to-appmodel.aspx

Automatic Conversion

http://blogs.technet.com/b/chrad/archive/2011/11/09/configmgr-2012-package-conversion-manager-pcm-amp-readiness-state.aspx

“Manual” Conversion (Fix & Convert)

http://blogs.technet.com/b/chrad/archive/2011/11/16/using-package-conversion-manager-pcms-fix-amp-convert-moving-manual-readiness-packages.aspx

Till next time!

Nico Sienaert

imagesCAIOYXPP

MDOP IT Pro Event

7:28 pm in Uncategorized by nsienaert

 

Hi there!

Microsoft is organizing an MDOP IT Pro Event. I will be one of the speakers.

If you want a showcase of some MDOP tooling register now.

MDOP IT PRO EVENT LABEL

MDOP IT PRO EVENT AGENDA

Hope to see you there!

Nico Sienaert

imagesCAIOYXPP

Technet Livemeeting: BitLocker in the enterprise – After Care

9:37 am in Uncategorized by nsienaert

 

Hi there,

First of all I want to thank all the attendees for joining the meeting and giving a lot of positive feedback.

Some people subscribed and couldn’t make it. Now they are waiting for the recording but I have some bad news…

Because of technical issues we have a recording without audio Verwarde emoticon.

The good news is, that I will do the same presentation internally at Microsoft and at that time we will try a second attempt.

This is scheduled in the beginning of December so please have some patience.

During the LiveMeeting there were some questions that I couldn’t answer directly. Here you have the answers.

– Will there be MBAM support with Intune?

Most probably yes. No official statements can be given so far. In addition to that, there are also rumours to integrate the MBAM agent into the SCCM agent.

– Is there a way to force users to encrypt rather than allow them continue to postpone?

In this version of MBAM it is not possible. In the next version it might be included.

Another attendee asked a question about how to handle Bitlocker  with MBAM in a Refresh scenario when booting in Windows PE. I explained that Niall wrote a great blog about this.

Here you have the link.

http://www.windows-noob.com/forums/index.php?/topic/4173-how-can-i-retrieve-my-bitlocker-recovery-key-from-mbam-in-windows-pe/

 

Till next time!

Nico Sienaert

clip_image014_001E83A8

TechNet LiveMeeting: DaRT

8:43 am in Uncategorized by nsienaert

 

TechNet Live Meetings                    dart

Hi there!

I’m presenting another TechNet LiveMeeting about another MDOP tool:

Diagnostics and Recovery Toolset (DaRT) 7.

What is this toolset? How should you use it an Enterprise? How can you integrate this in your OS Deployment? How can you customize it?

We start Thursday 17 November at 2pm (GMT +1).

Don’t underestimate the power of DaRT, subscribe, watch and learn.

Hope to meet you all there!

Nico Sienaert

clip_image014_001E83A8

SCCM 2012: RBAC

8:36 am in Uncategorized by nsienaert

Hi There,

I was planned to blog something about RBAC basics. I’m not gonna reinvent the wheel as Lin Tang did already a great job last week regarding this topic.

http://blogs.technet.com/b/configmgrteam/archive/2011/09/23/introducing-role-based-administration-in-system-center-2012-configuration-manager.aspx

Till next time!

Nico Sienaert

clip_image014_001E83A8

SCCM 2012: The new Infrastructure Specifics

8:26 am in Uncategorized by nsienaert

 

Hi There!

In this post I’ll talk about the infrastructure enhancements in SCCM 2012.

The product team re-engineered the infrastructure components to simplify and flatten the hierarchy.

1. Today with SCCM 2007, child primary sites were often created mostly for security reasons and to differ site settings.

This “tiered” setup of parent and child primary sites is not supported anymore.

So how do we handle security and site settings today?

Security: You don’t need extra primaries anymore to decentralized management. With a new concept which is called RBAC (Role Based Administration Control) we can now assign roles and scopes to SCCM Console users. I’ll talk about RBAC in detail in my next post.

Clients Settings: These settings are not longer site settings only. You can still configure them on site level but now you can configure these client settings also on collections.

2. Secondary sites do still exist. With SCCM 2012 you will probably decide to use Secondary sites if you still want to manage you upward-flowing WAN traffic via a Proxy Management Point. So not much changed here.

New is that each secondary has also a SQL DB installed (can be SQL Express). Global Data will be replicated to this SQL DB. I talk about Global Data later on in this post.

With Secondary site you can also do Content Routing, which means that you can redirect traffic between secondary sites. This can be interesting in a scenarios where the WAN connection between 2 secondary sites is better than a connection between a primary and a secondary site.

3. Distribution Points improved a lot regarding infrastructure capabilities. Another reason to install a secondary site with SCCM 2007 was to control the network traffic as we could throttle and schedule. Now we can do the same on a Distribution Point role similar like we do on the Site Addresses.

image

Probably you will also want a local DP when using multicast and App-V streaming.

4. Branch DPs do not exist anymore. For small branches you can look into BranchCache. Prerequisites to use this:

  •  
    • Clients need to be compatible with BranchCache
      • Windows 7
      • Windows Vista with KB 960568 installed
    • Your DP needs to be Windows 2008 Server R2 to activate the BranchCache role

New capabilities to simplify Infrastructure administration

1. Content Prestaging

Tools that we knew before with SCCM 2007 like Courier Sender, PkgPreLoadOnSite and Manual Prestaging (Branch DP) regarding prestating content is now collected in one tool, extractcontent.exe.

This tool will be used under the hood to create the prestaged content file. (.pkgx)

image

The way how it works is still similar. You send out the media to read the packages in to the remote DP and registration on the primary site server will happen via extractcontent.exe which you can find on the installation media.

image

Additionally there is also conflict detection, so if there are changes between the prestaging and when the media arrives, SCCM knows which delta’s to update.

 

2. Regarding boundaries, Forest Discovery can be done with SCCM 2012. Further domain, sites and IP subnets are still possible as we know them of SCCM 2007.

Untrusted forests can be discovered as well by providing the necessary credentials of course.

Another cool thing is that you can choose to auto-create boundaries.

image

As I mentioned already in previous blogs, boundary groups are another new concept. You can consider them as logical containers to put boundaries in. So far, so good…

The most important thing to know is that these boundary groups will be used for sites assignments and content lookup, so no longer the boundary itself. So don’t forget to specify your boundary groups on your DPs (see previous post)

3. SCCM 2012 has a new replication model to simplify your administration.

We talk about:

  • Global Data which is replicated via SQL all over the hierarchy. (CAS, Primaries and Secondaries). A rule of thumb to know what Global Data is –> everything created by the admin in the SCCM console.

          Examples: Package metadata and collection rules.

  • Site Data which is also replicated via SQL. The rule of thumb is here, everything that is created by the system itself.

           Examples: collection members, HINV, messages

          This data can be found on the CAS and originating primary

  • Content Replication is still file-based.

          Luckily Microsoft did a good job to keep the SQL replication simple and automated a  

          lot under the hood.

          So you don’t need to be a SQL guru at this point but of course as SCCM Admin it’s  

          always interesting to have a good relationship with your DBA.

          Also, diagnostic files (csv format) can be exported easily so your DBA friend can  

          examine them. Knipogende emoticon 

The clever ones under us might have the remark. “OK so everything is SQL replication but why do I still see inboxes and outboxes on my SCCM Server?” Well that is still used for local registration on the Management Point.

 

The new replication model:

       image

So yes, if you create a collection on the US site it might be visible at the Europe site. To keep control about this you can use Collection limiting and RBAC that will help you to fine-tune security.

 

Till next time!

Nico Sienaert

clip_image014_001E83A8

TechNet Live Meeting Event Coming Up!

1:38 pm in Uncategorized by nsienaert

                                                                   TechNet Live Meetings

Hi There!

I would like to announce that I will present a TechNet Live Meeting session about:

BitLocker in the Enterprise

BitLocker (To Go) is one of the features that are shipped with Windows 7. First, what is the best approach to deploy this in an environment? How does this integrate with OS Deployment? How do you keep control? And how do you recover? Second, Microsoft BitLocker Administration and Monitoring (MBAM). What is this tool? Does it have any added value for you?

If you want to have answers on these questions or just want to win a Microsoft TechNet Laptop Sticker AND TechDays Pen Emoticon met brede lach you cannot miss this session!

Subscribe now!

Hope to meet you all there!

Nico

clip_image014_001E83A8

Migrate from SCCM 2007 to SCCM 2012 Part 3

2:14 pm in Uncategorized by nsienaert

 

Hi there!

As discussed in the previous blog, the package content does not get migrated, only the metadata.

During the migration SCCM 2012 clients can still use the SCCM 2007 DPs to locate content.

You can select such DPs by using “Share Distribution Points”.

clip_image001

How does this work?

Well, all DPs will be gathered, also boundaries associated with these DPs will be migrated. So in case of protected DPs, you are safe.

Stuff you need to take into account regarding Shared DPs.

  • the SCCM 2012 site server needs at least read access to this location.
  • a requirement is that no other Site System roles exist, only the DP role.
  • note that this does not work for boot images and App-V content.

In a later phase the DPs can be upgraded to SCCM 2012 DPs.

image

Now content gets migrated to SCCM 2012, meaning Single Instance Content Store. So no duplicated files will exist anymore on your SCCM 2012 DPs.

Last but certainly not least we have to talk about collections. As you might know subcollections are not supported anymore in SCCM 2012. So how will the migration tool handle SCCM 2007 subcollections?

SubCollections

When subcollections are discovered, the parent collection will get inclusion and exclusion rules to re-establish the relationship between the child collections. A folder will be created to keep the administrative overview.

image

 

Limited Collections

The migration tool will automatically create organizational folders for all collections that don’t have any members or collections membership rules specified in SCCM 2007. Such collections were basically created in SCCM 2007 to have an administrative overview.

So SCCM 2012 will replace them with folders and create an inclusion rule for the corresponding collection.

image

In this example is “Brussels” included into “Laptops Europe”

Note, as discussed in an earlier blog, Collections with “limit to” queries to mulitple collections will not be migrated but the migration tool will identify them for you.

So I think I have touched “high-level” all the involved steps and topics regarding a SCCM 2007 \ SCCM 2012 migration scenario. Next time I’ll talk about…… don’t know it yet Knipogende emoticon so stay tuned!

You can also watch my presentation at the Best of MMS event in Belgium:

http://technet.microsoft.com/en-us/video/configuration-manager-2012-plan-deploy-and-migrate-from-configuration-manager-2007.aspx

Till next time!

Nico Sienaert

clip_image014_001E83A8

Why upgrade to Windows 7?

7:38 am in Uncategorized by nsienaert

 

Hi there!

I would like to start the discussion.

I see a lot of customers still running Windows XP and finally the most of them are thinking to migrate to Windows 7. But is it still worth?

Here are my thoughts…

  • Support of XP is guaranteed till 2014, following my XP Gadget I have installed Knipogende emoticon still 965 days as we speak.
  • Windows 8 is expected somewhere in 2012.
  • Microsoft guarantees in their first Team Blog that each software and hardware that works with Windows 7, will work with Windows 8.

In theory a company can start today with its AppCompat Envisioning and Remediation on Windows 7 to make sure the all Applications are working properly with Windows 7 (and 8).

So once Windows 8 is out they can migrate right away.

Three constraints so far:

  • The customer is willing to be an Early Adopter.
  • A Management Tool needs to be available to administer and deploy Windows 8. (I expect SCCM 2012 will support Windows 8)
  • A tool supports the migration of user data from XP to Windows 8 (USMT?)

What are your thoughts?

Nico Sienaert

 

clip_image014_001E83A8

SCCM 2012 SDK Overview (CEP)

5:00 pm in Uncategorized by nsienaert

 

Hi there!

Today there was a CEP session about the new SDK that will be released with SCCM 2012.

A high-level overview…

Release plan:

As from MMS2011 the SDK was available for a selected audience.

The future plans are a release together with CM 2012 RTM. This version will have details of all modified classes on board.

6 months after RTM a new release will explain the new classes and will have more “How To” guides included.

SDK Architecture:

image

There will be a possibility to create multiple instances on the SMS Provider

1. Admin Console SDK, it will be possible to

  • Program Right Click options
  • Launch executables
  • ShowDialog
  • Group – create submenu
  • Actions can be associated with icons
  • Create Forms
  • Create Wizards
  • Create Navigation Nodes
  • Create Views
  • Create Folders (add folders beneath nodes)

 

  • !!report is deprecated!!

 

2. MP SDK

  • Programmatic access to Management Point
  • Primary used to provide a MP proxy enabling control of non-standard clients

 

3. SMS Provider:

  • Application automation for UI activity
  • Actions through WMI classes, properties and methods
  • 60% of the entire SDK
  • Support of all actions through SMS Admin Console

Scenarios that are not supported:

  • modify or remove core Microsoft provided
  • configmgr console elements and behaviour
  • make changes to the root console XML
  • adding new wunderbars
  • new top level nodes
  • new tabs in the ribbon

Changes:

image

Support Areas:

image

New SDK Areas:

image

A Porting Guide will be available explaining which functions are changed compared with CM2012:

image

Powershell Support:

cmdlets designed around <verb>-<noun>

eg: get-CMadvert, new-CMcollection, update-CMcollection

image

Till next time!

 

Nico Sienaert

clip_image014_001E83A8