A Hypothetical Future of SCCM
I just finished reading an article by Rod Trent where he mentions some possibilities that may come in Satya Nadella’s announcements tomorrow. That brought to mind something I have been thinking and saying for a while now…but never put in print. Just a warning…everything I say in this post is speculation. I have zero inside information from Microsoft that any of this will in fact happen. It is just my attempt to read between the lines of what I see and take a guess about what could happen.
For the last couple of years I have been looking at the future of System Center Configuration Manager. Once SCCM 2012 was released it became pretty clear that this was a very mature product that while could be improved in some feature areas…it wasn’t likely to change significantly from an architecture standpoint. As a consultant, that got me thinking about my IT future…what will I be doing in five years? Add to this the constant move towards the Cloud. And the growing functionality of Windows Intune. And it is not insignificant that Microsoft moved the Intune team into the same building as the SCCM team.
Right now we have SCCM as a VERY solid on-premise solution for managing systems. There is also an Intune connection where you can see systems that you are managing with Intune inside your SCCM console.
Now…what if that got flipped on it’s head?
What if Windows Intune was the “boss” of the management solution. What if you had the option to host an on-premise Intune server for content distribution (app and OS deployment)? In this scenario, Intune would be the equivalent of your current SCCM primary. The (currently fictional) on-premise Intune server would be like an SCCM Distribution Point. Managed from the cloud, but with a local presence for content.
Let that sink in a bit.
And then think about the “Cloud first” mantra that has been coming out of Redmond lately.
Here are some thoughts on how this could change the systems management arena…
- If this becomes a “Cloud first” solution, then Intune would be on the fast track development cycle (the cloud release cadence) and SCCM would be playing catch up (or maybe not).
- Upgrade of the management system? They would take place in the cloud…in Intune. Nothing for you to do.
- Migration to the next version? Again…that would take place in the cloud…as far as a consumer of the service is concerned, the migration wouldn’t exist any more.
- For the consumer of the service (Microsoft’s customers), there are a few appealing aspects of this. Less on-premise complexity to manage. Fewer servers that could go down. Less maintenance/upgrade of internal servers…and the manpower costs associated with that.
- From the Microsoft perspective, let’s be realistic. Microsoft is not a non-profit…they are looking to make money. (I’m not saying that is a bad thing…it is reality.) This would be a recurring revenue stream. If a customer goes down that path and sees the value in the service, then they are likely in it for the long haul.
If this does in fact happen, it would be a big time game changer. It wouldn’t happen overnight, but it would result in a lot of IT folks sweating and figuring out what they will be doing next to pay the bills.
But at this point…it’s all pure speculation on my part. Let’s see if Satya says anything down that path tomorrow.
Sleep well!
A Third MMS Session!
I just found out this morning that I will be presenting a third session at MMS. This one is an updated version of the session I did last year. Bummer is that it is the last session of the event…so attendance will probably be low…and people will probably be half asleep from the exhausting week. Might need to see what I can do to wake them up! So…my three sessions for the week are:
The WHY of Configuration Manager: Methods of Deployment
There are plenty of resources to tell you HOW to perform various tasks with Configuration Manager. For that matter, there are multiple ways of doing many tasks. This session will use lessons learned from numerous Configuration Manager deployments to teach you WHY you would choose one method over another. This will be a broad, fast-paced session that digs into the questions you should ask to ensure you implement Configuration Manager the right way for your company.
Deploy All of System Center: Two Real World Examples (co-present with Phil Pritchett)
Ever wondered what impact deploying all of System Center could have on your business? Join us for a look at real world examples of two companies who did just that. We will look at the impact and value of implementing all of System Center 2012 Configuration Manager SP1, Operations Manager, Service Manager and Orchestrator. We’ll discuss business needs, process management, standardization, pain points and the importance of deployment order.
Hierarchy Simplification with Configuration Manager 2012
The poster child for hierarchy simplification: 15000 systems, 70 locations, 23 Primary sites in Configuration Manager 2007…simplified down to a single primary in Configuration Manager 2012 while expanding ability to delegate management. This session include examples from new hierarchy design/simplification projects. Expect specific real world examples for how to keep your hierarchy as simple as possible.
System Center Roadmap 2011
This was one of the slides from the second keynote at MMS last week. This is a slide they show every year to highlight what is coming in the System Center arena over the coming year. What is really exciting about this one is that a new version is coming for everything in the System Center family this calendar year. This is a lot of very exciting changes coming. This does come with a caution though…there’s a lot of work to be done ahead of time to be prepared for the launches!
App-V protocol specified in OSD file is not supported
I’ve been putting together a proof of concept environment for Microsoft Application Virtualization (App-V), and ran across this error when testing app streaming.
The fix was really easy…don’t forget to escape the backslash characters in the OVERRIDEURL section of the install path…just like the documentation says to do. So…the command line should look something like this (note the double backslashes in the OVERRIDEURL parameter):
msiexec.exe /i "Package.msi" MODE=STREAMING OVERRIDEURL="\\\\SERVER\\SHARE\\FILE.SFT" LOAD=TRUE /Q
User Group SWAG!!!
A while back I wrote that I became president of the Minnesota System Center User Group. Right after becoming president, the former president (Joey Gleason) told us about Microsoft’s User Group Support Services. UGSS helps technical community leaders with speakers, funding, publicity and SWAG for events.
Pretty soon after that, Tim Zabilla (the VP of the user group) signed up our group with UGSS. A couple of months later Tim and I got an email from UGSS giving us the opportunity to register for a “User Group Kit”. The email said the kit would be a $500 value of SWAG to give away at the user group. I jumped on it and immediately registered our group for one of the kits before they ran out.
It arrived today. WOW! So…inside were really two kits. First was the “Leadership Assistance Kit” pictured to the side (click it for a better view). It contained:
- Microsoft Enterprise Software Roadmap
- Business Intelligence Resource Kit
- UGSS Leader Assistance Resource Kit (5 DVD set)
- The Rational Guide to Building Technical User Communities by Greg Low
- Word of Mouth Marketing by Andy Sernovitz
- 5 promo copies of Windows 7 Ultimate for giveaways (not demo or eval)
- 180 Day Eval of Windows Server 2008 R2 (for Itanium)
- An offer from TechSmith for a copy of Camtasia Studio or Snagit to give away
But…that wasn’t all…that was just the Leadership Assistance Kit. The actual “User Group Kit” contained the following for us to use as giveaways:
- Three copies of Windows 7 Inside Out
- Three copies of Windows 7 Administrator’s Pocket Consultant
- Three copies of HALO 3 ODST for the Xbox 360
- Three copies of Forza Motorsport 3 for the Xbox 360
- other small Swag items
Ask my wife…I was excited. Then I read the letter that came with the kit and got surprised again. The exact quote was: “we are getting back on our regular schedule of shipping user group kits on a quarterly basis. Enclosed is your group’s kit for this quarter.” Seriously? In a few months we’re going to get another one of these!
That is AWESOME! I can hardly wait til the February meeting (Feb 18) to give a bunch of stuff away!
Speaking at MNSCUG.ORG
Don’t know why I didn’t think to post this earlier, but I am speaking at the Minnesota System Center User Group (MNSCUG.ORG) this week. I will be talking about Operating System Deployment with ConfigMgr, and addressing some of the particular gotchas to look out for with Windows 7 deployments.
If you are in the Twin Cities, come check out the user group. We’d love to have you.
The meeting is tomorrow (11/18) at the Microsoft office in Bloomington. Food and beverages arrive at 4:30, and the meeting starts at 5:00. We should end around 7:30 or so. There will be some nice door prizes including two copies of the MMS 2009 post conference DVDs…but to be eligible for the door prizes (and to help us plan for food) you must register at the link below. Hope to see you there!
Interview with Mikael Nystrom (Part 1 of 2)
While at TechEd North America earlier this year, I had the pleasure of interviewing Mikael Nystrom from TrueSec. I knew very little about Mikael before sitting down with him, and it ended up being a very fun interview. It also ended up being over an hour long! Below is the first half of the interview. Enjoy!
Just a note…the interviews from TechEd have been taking me a long time to post…mainly because of my frustration with some glitches with my blog host. I have had significant issues getting the audio to work. I have uploaded the audio in the format that is required by the audio player, but the player won’t play the audio. The previous interviews have each taken multiple hours to get the technical glitches worked out. This time I simply gave up on resolving the issues and produced a “video” from the audio and the one picture I have of me with Mikael at TechEd.
Windows XP Downgrade Licensing
Recently while helping out with a Windows 7 event at a training center here in the Twin Cities, I got into a discussion with one of the attendees who was planning the move from XP to Windows 7 for his company. In particular he was expressing concern about the loss of support for Windows XP, and one of his main concerns was related to his perception that the end of support for XP also meant that he would no longer be able to legally install Windows XP.
That prompted me to ask some questions and do some research into whether he was right or not. Does the end of support mean that he would not be able to install XP via his enterprise deployment system? In my research, it appears that he may have confused the lack of ability to purchase Windows XP with the unrelated issue of can he legally install it. He did not take into account OS Downgrade Rights.
In layman’s terms “downgrade rights” is the ability to purchase a newer operating system license, and then downgrade that license to allow you to install an earlier OS. For example, you can purchase Vista or Windows 7 and then use the downgrade rights to install Windows XP…even though the license you purchased is for the newer OS.
BTW…let me make one thing clear now before I am misunderstood in this post…I am not advocating staying on Windows XP. I made the move to Windows 7 at the Release Candidate stage. It was rock solid then, and the RTM is equally rock solid. For that matter…I ran Vista on my production laptop starting at Beta 2…and was very happy with it. This post is not telling anyone to stick with XP…it is simply intended to clarify the licensing issues of what you can do if you have a business need for some systems to stay on XP. (i.e. you have older machines that may not be capable of running Vista/Win7 that will stay in use for a while longer…and you still need the ability to image them as needed.) So…with all that said…
Downgrade rights can be broken out into two categories based on whether you have a Volume License agreement with Microsoft or not. If you have a VL agreement (Enterprise Agreement or a Select Agreement with Software Assurance on Windows), your downgrade rights are practically limitless. The quote from the Downgrade Rights Volume Licensing Brief (this refers to Vista, but my assumption is that Windows 7 Enterprise would also fall under this…although it should be noted that this is my assumption…not anything I have seen officially in writing from Microsoft):
If I have Windows Vista Enterprise, what can I downgrade to?
Downgrade rights in the Volume Licensing programs provide customers with the right to downgrade to any prior version of the same product. Windows Vista Enterprise is a new type of product and does not have a prior version. However, customers licensed for use of Windows Vista Enterprise are licensed for Windows Vista Business, and it can be downgraded to the Windows XP Professional, Windows 2000 Professional, Windows NT® 4.0, Windows NT 3.51, Windows 98, or Windows 95 operating system.
If you don’t have a Volume License agreement and your desktop OS license is from the OEM, you fall under the Downgrade Rights for OEM customers. This is a different section of that document that provides a limited time frame for how long your the OEM Downgrade Rights last. Essentially, the OEM Downgrade rights are for 18 months after the General Availability of Windows 7 or the release of a Windows 7 Service Pack…whichever is earlier. GA was October 22, 2009, which would make the cutoff April 22, 2011 unless a SP is released earlier than that. From the brief linked above:
Can I downgrade my OEM version of Windows 7 Professional to Windows XP Professional?
For a limited time of 18 months after the general availability of Windows 7 or the release of a Windows 7 Service Pack, whichever is earlier, the OEM license of Windows 7 Professional and Windows 7 Ultimate will include downgrade rights to Windows XP Professional. After that period the OEM license will enable downgrade rights to Windows Vista Business.
Okay…so that covers downgrade from Windows 7 to XP. The other question for companies who have a desire to continue to roll out XP would be related to Windows Vista. Vista will continue to have downgrade rights to XP…so when will Microsoft stop selling Vista…because technically you could still purchase Vista and downgrade to XP after the 18 month cutoff mentioned above…if they are still selling Vista at that point.
So…hopefully that makes the downgrade rights issue a bit clearer than mud.
MN System Center User Group – President
Tonight was the monthly meeting for the Minnesota System Center User Group (miscusergroup.org – long story behind the URL MNSCUG.ORG). We had John Vintzel from the ConfigMgr product team talking about some of the features that will be in the R3 release…good stuff.
A few weeks ago my friend Tim approached me to ask me if I would consider running for President of the user group. I was honored to be asked and said yes. Tonight I was elected to be President of the user group! That’s really really cool, and I’m looking forward to trying to get some good programs on the agenda for the meetings over the next year.
BTW…if you are interested, the next meeting will be October 15th at the Microsoft office in Bloomington. Check the user group website above for more information.
KB948098 Typos (SCOM)
Lately I have been working on a SCOM (System Center Operations Manager) engagement for a client. During that engagement, I ran into some issues with the SCOM Gateway server which led me to KB948098. The “result” and “cause” sections are actually very helpful. The “resolution” section should have never been posted in its current form.…and it was posted over a year and a half ago.
First a minor issue. Step 4 in the article has a typo. (the word should be “workaround” instead of “workgroup”). Also, the last line of Step 4 is: “Then go to Step 4.”
Step 5 is simply a disaster. There is a reference to “in step 4” that has nothing to do with Step 4. The command line for the Gateway Approval Tool has TWO mistakes. The command listed in the article is:
Microsoft.EnterpriseManagemt.GatewayApprovalTool /ManagementServer=<management Server FQDN_name> /PrincipalName=<gateway_server_FQDN_name> /Action=Create
The switches in that command line should be:
- /ManagementServerName – NOT /ManagementServer
- /GatewayName – NOT /PrincipalName
Also in Step 5, the SQL Query statement has a typo in the table name. The table name should be “mt_healthservice” instead of “mtv_healthservice”
FYI…I already used the feedback form at the bottom of that page to leave this feedback. Hopefully this will help others who come across that article until Microsoft fixes it.
Interview with Tim Mintner
As promised last week, here is the interview I had with Tim Mintner at TechEd North America in Los Angeles.
Enjoy!
Rod Trent Interview – Part 2
Okay…it has been entirely too long since I’ve posted…over two months. Life has been a little crazy, but I finally cleaned up the rest of the Rod Trent interview to prepare it for posting. Hope you enjoy it. Also…I expect to post the next interview within another week or so…it is with Tim Mintner of the Microsoft Deployment product team!
Desktop Deployment Webcast
With as crazy as the last few weeks have been (traveling two out of three weeks to MMS and TechEd), I forgot to post about a webcast that I am going to be a part of tomorrow. I will be part of a joint webcast with Virteva (the company I work for) and Microsoft Consulting Services. The webcast is focused on desktop deployment and is designed more for the IT manager or decision maker…not necessarily for technical people…it will not be a technical webcast. I will be co-presenting with Steve Campbell from MCS.
The three main aspects of the session will be a high level overview of Desktop Deployment best practices, information on the “Desktop Deployment Planning Service (DDPS)”, and information on “Desktop Optimization Using Microsoft Windows Vista and 2007 Microsoft Office System (DOVO)”
If you would like to attend the webcast, it will be on Wednesday May 20 from 11:30-1:00 Central time. The link to register for the webcast is:
Rod Trent’s MMS v. TechEd Poll
Rod Trent put up a post this week about the possibility of MMS being merged into TechEd. In my opinion this would be disastrous. Merging what is hands down the best event Microsoft sponsors into an already too big and too broad event would simply destroy all that is good about MMS. As part of Rod’s post he includes a poll so that we can let our voices be heard about this possibility. Please, visit Rod’s post and continue on to the poll.
System Center Roadmap
Last week at MMS in Las Vegas, Microsoft announced the general timeline for next versions of products in the System Center suite. For those who were not able to come to MMS, here is the slide from the second keynote laying out that roadmap.
User State Migration Tool Error Codes
I came across this page recently that I found very helpful. It is a list of all of the possible error codes that the User State Migration Tool can produce. This can be very helpful in troubleshooting a USMT issue.
USMT Error Codes on the Deployment Guys blog.
No Assigned Task Sequence
I’ve been setting up a virtual ConfigMgr environment on my laptop to use both for demonstrating at client locations as well as to use for the demo portions of my presentations at MMS and TechEd. It’s running inside Virtual PC 2007, and the server VM is running Windows Server 2008 and ConfigMgr 2007 SP1 R2. It actually runs pretty peppy…I do have the VM running on an external 7200 RPM hard drive connected to my laptop via an eSATA cable.
Anyway…I set up a Task Sequence to do my OS build and capture. It worked fine. Then I imported that WIM file and set up another Task Sequence to deploy that image. It was advertised to both the “All Unknown Computers” collection as well as a special OSD Deploy collection that I had created and imported the name and MAC address of the new VM into.
After booting the new VM with the Bootable Task Sequence media CD, it kept giving me this error message: “Failed to Run Task Sequence” “There are no task sequences available for this computer.” If I looked in the smsts.log file located at “X:\windows\temp\smsts”, I saw an error entry stating: “No assigned task sequence.” Looking through the log file, I could see that it was reading the correct MAC address and had the right SMS GUID that was assigned to the system that I imported. So it was clearly recognizing the machine. It was talking to ConfigMgr correctly. It was downloading policy, but it was determining that none of those policies were applicable. If I looked at the properties of either the Collection or the system, it showed that the advertisement for the Task Sequence was applicable to that computer. So…why would it show as applicable in the GUI, but not be evaluated as applicable during the task sequence?
After beating on this for entirely too long, I finally figured it out this afternoon. I had done a housekeeping task on my VM to move all of the default “All…” collections off of the root of the Collections node (see this post). After doing so, I had forgotten to update those collections after “moving” them. Shouldn’t matter…except that the “All Unknown Computers” collection was completely empty…including not having the “x86 Unknown Computer (x86 Unknown Computer)” or “x64 Unknown Computer (x64 Unknown Computer)” entries.
When the new VM was evaluating policy, it went through the following steps in the SMSTS.log.
Client Identity: GUID:24e41bb6-2d68-451a-9802-29f9f1bdd1ea
Netbios name: NewComputer
Client GUID = GUID:24e41bb6-2d68-451a-9802-29f9f1bdd1ea, Netbios name = NewComputer, State = Unknown
Client is unprovisioned
Using unknown machine GUID: 1b554c94-8eeb-490a-8b10-ae10bd579d3d
Unknown client identity: GUID:24e41bb6-2d68-451a-9802-29f9f1bdd1ea
Preparing Policy Assignment Request.
Setting transport.
Setting site code = CM1.
Setting client ID = 1b554c94-8eeb-490a-8b10-ae10bd579d3d.
Executing Policy Assignment Request.
Note what happens to the GUID. It starts off with the GUID that starts with “24e41…” and a state of “Unknown”. It then switches the GUID that it is going to use for the rest of the process to the “unknown machine GUID” which on my system starts with “1b554…”…this is the GUID for the “x86 Unknown Computer (x86 Unknown Computer)” resource that should be in the “All Unknown Computers” collection. After switching the GUID, you see the last line that I pasted in above where it is “Executing Policy Assignment Request.”
Because I had not updated the collection…and the “x86 Unknown Computer (x86 Unknown Computer)” resource didn’t exist in any collection…there wasn’t any advertisement that was applicable to that GUID. It behaved exactly like it should have. It just took me a long long time to figure out why it was failing. Once I updated the collection, the “problem” went away.
In this instance, it was definitely a PEBKAC issue…Problem Exists Between Keyboard And Chair.
How to Move Collections in ConfigMgr
One of the little aspects of working in the ConfigMgr console that I don’t like is the number of builtin collections that are all at the top level of the collections node (“All Systems”, etc). I don’t like that they take up so much room at the top of the list (since they all start with the word “all”) and causes me to need to scroll/search in order to find the collections that I have created. I would prefer to have them in a folder (which doesn’t exist in the Collections area because of the way security works in collections). You will also note when right-clicking a collection, that there is not a “move” option. So…how do you do it?
While you can’t create a true folder, you can use subcollections. Start off by creating a new empty collection named “Z_All Builtin Collections” at the root of the Collections node. After it is created, right click this “Z_All…” collection and choose New, then “Link to collection”. In the dialog that pops up (screen shot below), choose the topmost “All” collection which is probably “All Active Directory Security Groups”, then click OK. 
Repeat this process for all of the builtin collections. Make sure you don’t skip any of them. Once you do that, you will have the original collection at the root level and a link to that collection underneath the “Z_All Builtin Collections” collection. This link is an identical replica of the original…even down to the Collection ID.
Now…go back to the original ones, right click it and choose “Delete”. This will bring up the “Delete Collection Wizard”. Click next, then note that this is a dialog for deleting an “instance” of the collection. You can delete the original instance while leaving the one that you created in the “Z_All…” collection intact. Repeat for all of the original ones.
After doing this, you will have a Collection node that looks something like this:
Now that you have done this, be sure to update all of these collections…you could run into problems if you don’t. More on that in my next post.
TechEd Bonus – Free Software
Just got an email from the TechEd conference that had two main bits of information. First…they have cancelled the “Attendee Party”. I’m not overly concerned about that. Second was this little nugget:
Additionally this year you will receive a full copy of Windows 7 and Windows Server 2008 R2 when released to market as part of registration.
Sweet! I had just been thinking about building a server for my home as a central place for my wife and I to store data as well as to have a powerful lab environment for me to learn on. Now I will have a copy of Server 2008 to run it with along with a copy of Windows 7 to put on our home computer!
Full Screen Reading – Shortcut Key
One of the features of Word 2007 that I like is the “Full Screen Reading” mode. It really makes it easier to read/review a doc…especially a long one. Matter of fact…I do most of my editing in that mode as well. Most of the docs I work with are long, so pulling it up in full screen reading mode…(two pages on my 1920×1200 laptop screen) makes it easy to see where I am in the document as I am reading/editing. Definitely helps in maintaining the flow of the doc.
So…I switch to reading mode frequently. I also love keyboard shortcuts. Full Screen Reading mode does not have a keyboard shortcut assigned to it as far as I have been able to discover. So…I created my own. This is fairly basic, but here it is in case you’ve never seen how to do it…
Choose the Office “Orb” (top left corner of Word), then Word Options, then Customize, then click the Customize button to open the Customize Keyboard dialog box. In the “Categories” field, select “View Tab”. Then in the “Commands” field, select “ReadingModeLayout”. Click in the “Press new shortcut key” field, then choose what you want the new shortcut key to be. I choose Alt + F…hold down the Alt key and press the F key. This should show something like “Alt+F” in that field…then click “Assign”. That’s it. I now have my Full Screen Reading shortcut key.
Subscribe
Recent Comments
-
The Realm of the Verbal Processor 