Over on the Windows blog they talk about managing Windows 8 with MDOP 2013.
The Microsoft Desktop Optimization Pack (MDOP) 2013 for Software Assurance is now available for download! When people think about MDOP, they often think about its virtualization tools that help personalize user experience, simplify app deployment, and improve app compatibility for Windows. MDOP is much more than that though, it also helps manage and deploy important Windows features like BitLocker and Group Policy, as well as saves time by helping to make desktop repair planning proactive instead of reactive.
We’ve been working for some time to optimize our MDOP products for Windows 8 with the goal of making them easier to adopt and take advantage of all the new Windows 8 platform capabilities. Last November, we took our first step by releasing MDOP 2012, in which Microsoft User Experience Virtualization (UE-V), Microsoft Application Virtualization (App-V) 5.0, and the Diagnostics and Recovery Toolset (DaRT) 8.0 supported Windows 8.
Read the whole article on the “Windows For Your Business” blog.
Back in September, we announced our strategy around unified device management, and how the next releases of Windows Intune and System Center 2012 Configuration Manager will deliver on that vision. As part of today’s update to our Cloud OS vision, we’re pleased to announce that System Center 2012 Configuration Manager and Endpoint Protection Service Pack 1 ……
View more on the Intune Technet Blog….
In IT Operations, the biggest challenge I see is the employees grasping to that box and they fear change. People usually think the keeper of the box is IT Management. This may be true is some cases but it is usually the employees who’s responsibility is to support this box. Change is the way they have neglected doing continued education and finding better ways to do the job. As a consultant we get called in from management to help, as they know they need change and they are ready to embrace it. When statements of work get ironed out with what deliverables they desire is to get their team on-board. It is a harsh reality but the biggest challenge is the team. If it is supporting Windows 7 now and not Windows XP, or having a new delivery method for their Operating System build / deployments, software delivery, in which now they have to learn new standards, or getting away from WSUS and start using System Center to manage their updates. As people get comfortable with the day to day and not realize how un-healthy and non-optimized their structure is. As Bill Gate’s said it best:
“The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency.”
First mistake about System Center Configuration Manager (CM) it will not fix an un-healthy environment. In fact it will not be successful if it is the other way around. A challenge when going into any organization is letting them know in a convincing and well manner way their is a better way of doing this. When tackling an engagement for systems management the first thing to do is tackle Active Directory. You identify clients that have not logged into the domain for a set amount of time, and create a process to move those clients into a Organizational Unit (OU) that is not monitored by CM. After that identification is done then the process can go on managing the clients, via in-place refreshes, OS migration, software delivery, and software updates. Now with CM 2012 you have the ability to manage anti-virus with forefront integrated, and with the direct access coming around with PKI you will start seeing cloud distribution points. But there is plenty of information for you to read on the internet about the features. You will need to think outside of your Organization’s box and strive for optimization. You will not be successful and cause more work then it is necessary. Only you can strive to bring you IT Operations group to the next level and be that trend setter you organization.
Have an SCCM 2007 USMT environment with no fail safe on restore. Well arm your Help Desk with this utility, USMT Local Utility. It is a huge stress saver. Stop wasting time on client side troubleshooting get to a point and say enough is enough just do it local.
Use this ‘Stand Alone’ application to capture Windows XP, Windows 7, and Windows 8 and restore it on Windows 7 or Windows 8 OS’s.
This application was written in Visual Basic .NET (VB.Net) utilizing .NET Framework 2.0 so there is no compatibility issues with Windows XP. This makes the application have no other prerequisites other than the “Source” folder being in the same directory as the executable.
Just type in the location where you want to store the migration file and click on the run button.
This application will encrypt the created “MIG” file with the key hard-coded in the application. If you use this application to capture the computer you can only use this application to restore it.
Wait it gets better, did you capture the PC using SCCM but the restore is failing due to who knows what, bad association or just bad client, well you can restore from SCCM USMT captures. When you hit restore just click specify encryption key and put the path to the State Migration Point path and bamn done.
Click below to start your free download and just remember the “Source” folder MUST be in the same directory as the application.
|USMT Local Utility Version: 18.104.22.168
As a Analyst in IT Operations working his way up starting at the bottom you see a trend in the IT department where Server System Managers are treated higher and more important as the Desktop Managers. Well I am writing this to debunk this myth.
Your IT Operations SMS Admins are very important. Like in my past position I oversaw 7000 workstations in 8 different division, at home employees, resources in India, and mobile workers who only log onto the domain a couple times a month. Unfortunately we didn’t have the PKI infrastructure for Native support and we are running SCCM 2007 R3 SP2. Needless to say the server managers have all there end points / resources typically in a data center and/or network closet and which are on 24×7. So right there off the bat there systems stays contestant in location, and like in IT Operations there is a lot more turn over from a normal stand point. Server hardware rarely gets migrated to a new OS before its end of life cycle has been reached.
Role based servers in which access is highly restricted do not get used to browse the web. When servers are compromised it is mostly due brute attacks specifically targeted. IT Operations deals with each system that it supports. General employees are the biggest risk with dealing with IT Operations Systems Management.
The environment is ever changing and business needs never stay the same. If it is new software or the business thinking a specific group needs local administrative access to perform a job function. Did I mention developers are part of IT Operations. Supporting them is like teaching a infant how to talk. It is very difficult and are always thinking there job is the most important. Dealing with sensitive groups who expect yes on everything becomes difficult in trying to maintain a healthy IT Operations environment.
When IT Operations environment is fragmented and not centrally managed you cannot roam between boundaries, and dealing with the Active Directory group in a huge environment becomes ever more difficult. Now when you do have a centralized system, you have to make sure firewall ports are open for roaming end points to communicate with the local Management Point. Do you see where I am going with this. Challenges are not rare in IT Operations, and getting all the Business Groups with so called VIPs in them on the same page just makes it more difficult.
One day organizations will realize how important and difficult it is to manage desktops, laptops, mobile devices in changing environment.
Remember change is the only constant in this algorithm.
With works comes more projects. Mostly ones I think up my self. I created the SCCM Admin Helper App. As we had a delima at my organization. How can we allow our Analyst access to utilize SCCM but not worry about training costs and compromising the integrity of the environment .
Well, I went to the drawing board. In my brainstorms to come up with a solution that would not take up to much time. Well what I released was a VB.Net application that utilizes the SCCM databases and HTA scripts with VBScript to run WMI operations to update collections.
The problem with the application it takes some coding skills to configuring the application to your specific environment. I have released the project file.
I will not be making any updates to this application, as it was nice to have but I am currently in the works on making this application a PowerShell .Net Forms Application. It will be easily configurable for different SCCM environments. Relying on WMI data to run the app’s tasks.
Application / Security Requirements
- This application relies on Windows Integrated Login.
- Remote DCOM Access to your Primary Sites
- Read access on the primary sites’ DB’s advertisement view.
- .Net Framework 4 Client Profile
- SCCM Security Rights:
- Collection: Read and modify membership rights.
- Site: Read
You will need to configure the following in the project:
- Radio buttons for each primary site.
- The forms that read SQL you will need to configure the connection string in the form VB code.
- In the HTA scripts you need to configure the SCCM site name, site code, and in the re-image ones the collection ID you have configured for OSD.
- In the collection removal form you need to configure the values for the site’s NetBIOS name and site code.
Here are some screen shoots of the working application we use in our organization.
This is used by 40 plus help desk analysts in my organization. It has been a life savor for my partner and me. The best part was, I added a setup package built that and then sequenced it. Then distributed it through App-V. Sometimes if change is needed you have to force it on people. That saved us about a 100 emails a week.
If you need any help let me know and I will try to respond as fast as I can.
|SCCM Admin Helper v22.214.171.124
Hope you enjoy!
I have had the privilege of getting my hands on the SAPIEN PowerShell Studio 2012. Using SCCM-Commands on the backend is so easy. As a SCCM Administrator I have mostly focused right now on making my life easier on the job. Cutting all the unnecessary process I need to do manually. So if you are an SCCM Administrator and you love you some PowerShell than check this link out.
This is a great module.
Active Directory Stale Computer Report
I have created a nice PowerShell script to find your stale computer objects in Active Directory. With being a SCCM Administrator it is crucial you have a healthy AD environment.
Quest Active Directory CMDLET
.AD_StaleComputer_Cleanup.ps1 -DC “Domain Controller” -Old “PC Not logged in for X amount days” -Path “Path of the folder you want the report saved too”
.AD_StaleComputer_Cleanup.ps1 -DC “DCServer01” -Old 90 -Path “C:PathofFolder”