Microsoft Deployment Toolkit 2012 Update 1 Beta 1—Now Available for Download

We are pleased to announce that Microsoft Deployment Toolkit (MDT) 2012 Update 1 Beta 1 is now available for download!

Download MDT 2012 Update 1 Beta 1 now! [http://connect.microsoft.com/site14/Downloads/DownloadDetails.aspx?DownloadID=8689]

Download the latest release to stay up-to-date on your deployment needs. New features and enhancements make large-scale desktop and server deployments smoother than ever!

This release expands your deployment capabilities with support for the latest software releases, including Windows 8 Release Preview, Windows Server 2012 Release Candidate, and System Center 2012 Configuration Manager SP1 Community Technology Preview.

Notable new features include:

· Support for using the DaRT 8 Beta with the Windows 8 Release Preview version of the Assessment and Deployment Kit (ADK).

· New “Build Your Own Pages” support for User-Driven Installation (UDI), enabling IT pros to create new wizard panes using simple drag-and-drop operations – no coding required.

· Integration with System Center Orchestrator, enabling task sequences to invoke Orchestrator runbooks at any point in the deployment process.

· Completely reworked “Roles and Features” logic, supporting both installation and removal, as well as providing a new Lite Touch wizard pane for selecting roles and features to install at deploy time.

· Support for PowerShell 3.0 to make it easier to run PowerShell scripts inside task sequences on Windows 8, Windows Server 2012, and Windows PE 4.0.

· Simple monitoring functionality for Configuration Manager task sequences, leveraging the monitoring capabilities provided initially in MDT 2012 for Lite Touch deployments.

· Improved “boot from VHD” deployment capabilities, supporting both bare metal and refresh deployments.

Learn more

Visit the MDT home page: http://www.microsoft.com/MDT [http://www.microsoft.com/MDT]

Get the latest news straight from the MDT team: http://blogs.technet.com/b/msdeployment/ [http://blogs.technet.com/b/msdeployment/]

MDT works with the Microsoft Assessment and Planning Toolkit and Security Compliance Manager to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. Learn more at http://www.microsoft.com/solutionaccelerators [http://www.microsoft.com/solutionaccelerators].

Overview of System Center Advisor #sysctr

In this blog I’d like to introduce you to System Center Advisor. What is it, what are the benefits and what’s in for me? In this post I’ll start with some background and go through the installation and configuration of System Center Advisor.

What is System Center Advisor?

System Center Advisor is an online service that analyzes installations of Microsoft SQL Server 2008 (and later versions) and Windows Server 2008 (and later versions). The System Requirements can be reviewed here. Advisor collects data from your installations, analyzes it, and generates alerts that identify potential issues (such as missing security patches) or deviations from identified best practices with regard to configuration and usage. Advisor also provides both current and historical views of the configuration of servers in your environment.

Advisor is developed by the Microsoft System Center Advisor product group in partnership with Microsoft Support engineers to ensure that the issues customers report to Microsoft are detected before they affect your environment. Advisor is regularly updated to reflect the most recent experiences of these engineers, who support customers around the world.

What does Advisor analyze?

With System Center Advisor, the following workloads are analyzed:

• Active Directory
• Hyper-V Host
• General operating system
• SQL Engine Continue reading →

0.000000 0.000000

Forefront Endpoint Protection 2010 Update Rollup 1 #sysctr

Update Rollup 1 for Microsoft Forefront Endpoint Protection 2010 introduces new features and updates. These new features and updates are summarized below.

The following list is a summary of the updates in FEP Update Rollup 1 for server functionality.

• A tool that facilitates the use of the Configuration Manager software updates functionality to download FEP definition updates and make them available to client computers running the FEP client software.In order to use the software updates feature for definition updates, you must perform the following high-level steps:
  • Download and install the Update Rollup 1 package.
    
  • Configure software updates to download definitions for FEP.
    
  • Configure the package by which the definition updates will be distributed, and configure the distribution settings for it.
    
  • Install and configure the FEP Software Update Automation tool.
    

  Addition of support for the FEP client software for Windows Embedded 7 and Windows Server 2008 Server Core. For more information on the added client support, see Prerequisites for Deploying Forefront Endpoint Protection on a Client
  

Continue reading →

0.000000 0.000000

First day impression of Microsoft Management Summit 2011

Today MMS2011 officially launched. After registering at the registration desk and help build the booth OpsLogix we are ready for an exciting week.

First session was Instructor-led Lab session of Advanced Software Distribution in Configuration Manager 2012, given by Wally Mead. As usual, we left the lab manuals for what it is and we were a bird in flight taken to the new features of SCCM 2012.

What struck me is that the ribbon is introduced as we know from Office 2010, using sophisticated software deployment is made ??of (global) conditions (expressions/clauses) requirement rule, so it enables refined user centric dispensing. As software distribution relationships and conditions can be complex they are visualized in a mapview. Today we also had a scoop! The Exchange Connector in SCCM 2012. Jeff Wetlaufer demonstrated us the Exchange connector which enables Windows and non-windows (Nokia, iPhone, Symbion) Mobile Devices can be easily discovered and managed. Really awesome! Continue reading →

0.000000 0.000000

MDOP 2011 released! App-V 4.6 SP1 and Med-V 2.0 Resources #sysctr

9th of March the MDOP team announced new releases of App-V and MED-V, the two Desktop Virtualization products in MDOP which are general available right now! You can access App-V 4.6 Service Pack1 and MED-V 2.0 as part of MDOP 2011 through the Microsoft Volume Licensing website, MSDN or TechNet.

Just getting started? Check out the App-V 4.6 SP1 Trial Guide or the MED-V 2.0 Trial Guide. Need more information about App-V sequencing? Download the App-V 4.6 SP1 Sequencing Guide. You’ll also want to check out the new App-V videos that walk you through some of the new features, and the new MED-V 2.0 video series. For information about all of Microsoft’s Desktop Virtualization solutions, visit the Springboard Desktop Virtualization Zone.

Continue reading →

0.000000 0.000000

Configuration Manager clients Auto-Site Assignment with DirectAccess IPv6 #sysctr

Currently I’am implementing DirectAccess (DA) infrastructure for a Dutch customer. First I must say I am very satisfied with its operation of DA. Part of DA is remote management (Eventlog, RDP, SCCM, DPM) of Internet DA clients from Intranet, which is pretty nice working as well!

I was wondering how SCCM client auto-site assignment works through DA. Is it a supported scenario and how does I have to define site boundaries as auto site-assignment is based on? Does I have to define my DA server IPv6 or corporate IPv6 prefix as SCCM IPv6 site boundary? Yes, yes, yes!!! Auto-site assignment is supported by DA and works pretty straight foward as it does for your intranet clients :-)

But first some background of IPv6 prefix.

If you have an IPv4 address on the internal facing interface of UAG DirectAccess server, DirectAccess assumes that you don’t have IPv6 deployed in your organization. An IPv6 address is 128 bit – the first 64 bits are the IPv6 “prefix” (which is similar to the IPv4 network ID) and the last 64 bits represent the IPv6 Host ID (similar to the IPv4 host ID). The UAG DirectAccess wizard configures the network prefix information using a 6to4 prefix based on the public IP address bound to the UAG DirectAccess server. Continue reading →

0.000000 0.000000

Using Collection Variables on collections and sub-collections #sysctr #sccm

Using Configuration Manager collection variables be aware these variables set on parent collections aren’t inherented by sub-collections.

Based on a scenario of multiple Divisions and underlaying Departmental collections structure workstations are deployed by Configuration Manager OS-Deployment. Two variables will be used to automatic determine the OU path. Workstations will be joined to Active Directory (AD) and dynamicaly placed in the correct Organizational Unit (OU).

LDAP://OU=WORKSTATION,OU=%DEP%,OU=%DIV%,DC=CONTOSO,DC=COM

Collection variables can be configured two ways: 

1. Both Division and Department variables are configured on a single collection where the clients are member off.
2. Division variable to parent collection and Department variable on sub-collection. Clients should be member of both collections.

 

Use the Collection Variables tab of the Configuration Manager 2007 Collection Name Settings dialog box to define custom task sequence variables and their associated values to be used by the resources in this collection. For more information about task sequence variables use the following link: About Task Sequence Variables

Tip for SCCM 2012 Product Team feature request enabling collection variable equals advertisement applies to sub collections!

0.000000 0.000000

AD System Discovery causes crashdumps

Last week I was confronted with the fact that smsexec services was collapsed at one of the ConfigMgr servers. My first thought was to analyze the server logs. What struck me was the presence of the crash dumps folder. This corresponds to the new crash dump sub-directories wich contains smsexec as part of the description.

The crash.log pointed me to Active Directory System Discovery as the culprit. When checking the AD System Discovery properties, I discovered a typo of a custom attribute pwdLastSt.

After corrected typo (pwdLastSet) and run an AD System Discovery cycle…no crashdumps anymore Problem solved!

0.000000 0.000000

System Center Service Manager Exchange Connector

The System Center Service Manager – Exchange Connector connects Service Manager to Exchange for processing incoming emails related to incidents and change requests. The emails can update the incident action log or change the status of an incident to resolved or closed. Incoming emails with special keywords allow a change request reviewer to approve or reject a review activity and activity implementers can mark activities assigned to them as completed. The SendEmail solution allows analysts to send messages to users via email from the console.

Feature Summary
This release is compatible with Service Manager 2010 SP1. It contains the final set of features for this version, including

• Create incident from email
• Update incident action log from email
• Resolve or close incidents from email
• Approve/reject change requests from email
• Update change request “action log” from email
• Mark manual activities completed from email
• Add email file attachment to work items as attachments
• Send notifications to users from the console

Exchange Connector is a welcome addition to the standard available Service Manager connectors. Besides the Exchange Connector, there are default connectors available for Active Directory, Operations Manager and Configuration Manager. The connector is operates with Microsoft Exchange 2007 SP3 or Exchange 2010 SP1 versions.

The Service Manager Exchange Connector can be downloaded here.

0.000000 0.000000

In control with preloading packages

There are several good blogs which describes the proces of preloading packages, explains the tool used and how to troubleshoot.

Preloading packages is proces which can be used to deploy packages to distribution points which couldn’t deployed throughout the hiearchy over slow WAN/LAN connections or to avoid overloading links. The Preload Package Tool (PreloadPkgOnSite.exe) can be used to preinstall packages on distribution points in those scenarios.

This post will explains in a few steps the proces of preloading packages works and how this progress can be monitored.

The “how” you get the files there is really not the most important thing to worry about. Once they’re there and moved to the appropriate location, preloadpkgonsite.exe is required to install the compressed source files. Once done, a status message goes back to the parent server which should stop the upstream server from copying the package source files over the wan to the child site.

Anyway, if it’s a relatively small amount of packages, you can run the execution like so:

preloadpkgonsite.exe <pkgid>

Of course, if it was a small amount of packages, we wouldn’t be having this conversation right now. so what do you do when you have an enormous directory with 75gb worth of packages? On the site server, navigate to <installdir>\bin\i386. this is where the preloadpkgonsite.exe should have been dropped. If not download the preload package tool here. Well, it would look a little something like this…

for /f “delims=.” %a in (‘dir /b \\<siteserver>\sms_<sitecode>\inboxes\pkginfo.box\*.pkg’) do preloadpkgonsite.exe %a

That will effectively run preloadpkgonsite.exe against every known package on that child site server. Now there are caveats to making this work – one being that the .pkg has to exist on the child site server. Verify \\<siteserver>\sms_<sitecode>\inboxes\pkginfo.box if all package information is replicated to your distribution point.

Ensure the compressed packages are locally available at the distribution point and the read-only attribute is set (if archive attribute is set, the procedure will fail)

****** Preload Package On Site ******
Forward package status for pkg <package-id> to site <sitecode>
****** Successfully set the Compressed Package Path on this site ******
****** Successfully forwarded the information up the hierarchy ******

When all packages processed succesfully a status messages goes back to the parent server . Use the query below to determine whether the compressed packages status is ‘Received ‘.

USE <sccm database>
SELECT distinct
PS.ID as ‘PackageID’,
PS.SiteCode as ‘SiteCode’,
PCK.Name as ‘Package Name’,
‘Location’= Case PS.TYPE
when ’1′ then ‘Compressed Package’
when ’2′ then ‘Distribution Point’ End,

‘Status’= Case PS.Status
when 0 then ‘NONE’
when 1 then ‘SENT’
when 2 then ‘RECEIVED’
when 3 then ‘INSTALLED’
when 4 then ‘RETRY’
when 5 then ‘FAILED’
when 6 then ‘REMOVED’
when 7 then ‘PENDING_REMOVE’ END

FROM dbo.PkgStatus PS
INNER JOIN dbo.SMSPackages PCK on PS.ID = PCK.PKGID
WHERE PS.SiteCode = ‘<sitecode>’

Run above query to determine if all status messages succesfully forwarded. If all compressed packages indicates status ‘Received’ the status messages sent succesfully to the database. The siteserver is aware of the packages are locally available at the distribution point(s). If not registered packages nevertheless still be copied though the WAN/LAN connection. Continue with the next step adding package(s) to the distribution point(s). Do this using the Copy Package Wizard.

When finished adding package(s) to the distribution point(s) packages open the distribution manager log (distmgr.log) @ the distribution point site. Packages are extracted from SMSPKG folder instead of rather copied over WAN/LAN connection. Bear in mind the proces of extracting packages can take a while depending the number and size of packages. The default value for the simultaneous extraction of packages is 3. You can temporarily increase up to 7 simultaneous operation to speed up the proces.

Run again the above SQL query when all packages extracted and updated to the distribution point(s).  Each package has a status message ‘Received’ and ‘Installed’.

This, the packages successfully registered on the distribution point(s) without copying them over the WAN/LAN

Have fun!

52.141655 5.045668