Category: MDOP

Posted on

New MDOP family Member: UE-V


MDOP, the add-on available to organizations with Windows 7 Pro w/SA that gives a number of great desktop management tools, has a new member coming to join it’s ranks:

User Experience Virtualization (UE-V)

What does it do?

“By implementing UE-V, IT departments can enable a consistent experience for users who have multiple devices provided by their company or choose to bring their personal PC or tablet to work. Now users can change their device and keep their experience without reconfiguring applications each time they login to Windows 7 or Windows 8. “

So you can deploy an app to multiple devices at the same time, keeping the same configurations across the board…improving the user experience and reducing the load on IT – both of which are key as IT continues to become more of a leading part within organizations

Posted on

Microsoft MDOP features and licensing changes


The Microsoft Management Summit has brought more great changes, this time involving MDOP.

The Microsoft Desktop Optimization Pack is a great set of additional tools aimed at making desktop management easier,faster and more dynamic – for more info, see this post:

https://richardgibbonsuk.wordpress.com/2009/09/05/microsoft-mdop/

MDOP 2011 will see both new products, feature enhancements and a change to the way the product is licensed.

Products:

Microsoft recently announced the “Microsoft Bitlocker Administration & Monitoring” tool aka MBAM (codename Malta), which makes the management of Bitlocker devices much easier across an organization; a big one being self-service recovery of keys…I’m sure many IT dept’s will be happy to lose that job!

This will be included in MDOP 2011 and the beta is available on Microsoft Connect here:

https://connect.microsoft.com/site1115/Downloads

Features:

DaRT – Diagnostics & Recovery Toolkit – is getting a new version with at least one new feature; the ability to do an offline remote boot, rather than needing to visit the physical machine. Again, another great time saver for some IT teams!

If you’re interested in this, the beta nomination form can be found here:

https://connect.microsoft.com/site1200/Survey/NominationSurvey.aspx?SurveyID=12358&ProgramID=6840

Licensing Availability:

Previously the only way to purchase MDOP was as an addition to having Windows 7 with Software Assurance (SA) but now it is also available to companies who have either the Virtual Desktop Access (VDA) licence or Windows InTune.

Thanks to Bridget Botelho for her article over at:

http://searchenterprisedesktop.techtarget.com/news/2240033610/Microsoft-sweetens-MDOP-deal-and-releases-Intune

Posted on

Microsoft Windows Intune: Online Systems Management


Microsoft Windows InTune is the new Cloud based systems management tool from Microsoft, formerly known as “System Center Online” and has been long awaited. The ability to manage multiple locations/organizations from one central, online point is attractive to a lot of people for a lot of reasons…so let’s take a look @ InTune.

There are at least 10 sections inside InTune so I’m going to cover them in a number of posts, we’ll start with – System Overview:

image

image

This is the first screen you see when you log in to the Windows InTune Admin Console and it immediately gives you a great overview of yours systems. It shows:

  • If Machines are infected/unprotected
  • If there are updates for your machines
  • A number of other alerts

Malware Protection:

From here you can see which machines have Malware protection turned off completely and also if they have overdue scans or specific parts of the protection, such as USB device scanning, turned off.

1 click takes you to a list of machines, from where you can turn on protection.

Updates:

This, not surprisingly, gives you a list of all the updates that are available for you machines be they for the OS or applications.

One issue with this is that, as default, it shows you ALL possible updates:

image

however, these can easily be filtered:

image

image

Another problem I have noticed is that it wants to give my laptop updates for Office 2007, as well as Office 2010; oddly, this doesn’t happen with my other 2010 machines. I had a number of issues when upgrading Office versions and I’m inclined to believe that there are some Office 2007 remnants on the machine that are being picked up by Intune.

Should you choose to approve an update for a machine/machines, you then reach this screen:

image

Choose the groups on which you want to install the updates, click approve and job done!

I feel it would be a smoother experience and require less clicks, if you could see the machine names on the same screen as all the updates. Currently, you must:

  • Select the update
  • click on “x computers need this update”
  • Check the groups/machines
  • Go back to the previous screen
  • Approve Update

Showing the machines names/groups on the initial screen would remove a lot of that.

You can also access the updates via the individual machine screen, I’ll cover that in a later post.

Alerts by Type:

This section, as well as the above, also includes other types of alerts…not just updates and malware. This is where InTune starts to differentiate itself from other products, for example:

image

If I click through, it tell me:

image

That is pretty cool, and something that is very useful for System Admins. I didn’t expect InTune to cover things like this, certainly not in the beta, so I’m pleasantly surprised Smile However, you can’t initiate the defrag from InTune.

The 2 options on the right hand side “Create Computer Group” and “View a Report” will be covered in later posts.

Summary:

This is a brief look at just the first screen of Microsoft Windows InTune but I’m sure you will agree that it already looks very interesting. So stay tuned for the remaining posts in this series (at least 9!) and ask any questions you may have in the comments Smile

Cheers

Rich

Posted on

Microsoft Windows Intune: Second Beta


Microsoft Windows Intune is a new product aimed at managing pcs in a new way. My original post can be found here:

Read Windows Intune

The initial beta was restricted to the US, Canada, Mexico & Puerto Rico and 1000 participants. Microsoft have now opened that up to another 10,000 users in the following countries:

image

To be eligible you need to deploy it to at least 5 machines and start within 1 week.

If you’re interested, go and sign up here:

http://www.microsoft.com/windows/windowsintune/windowsintune-experience.aspx

Pricing

The pricing of Windows InTune has now been confirmed for the States and it is:

$11 per user per month

That gets you:

  • Cloud based Desktop Management service
  • Anti Virus and Anti-Spyware
  • Windows 7 Enterprise Desktop Upgrades

and, for an extra $1 per user per month, you can get the whole MDOP suite too. More MDOP info here:

Read Microsoft MDOP

Partner Features

Many partners will be looking to InTune to provide them with a new way of generating revenue, through the ability to remotely manage their customers machines. This will reduce the need to travel thus saving money on hotels and petrol and increasing profit margins. Microsoft have quickly, and cleverly, added in a new feature aimed at making this as easy as possible…the “Multi – Account Console”:

This will allow partners to quickly and easily see a top level view of all the customers they manage and, through filtering, spot those needing urgent assistance immediately.

Feedback:

There is already a lot of positive feedback on Windows InTune from the first beta, such as:

“I save about 40% of the time I used to spend managing PC updates, thanks to Windows Intune. It frees me up to focus on developing more custom applications—and bring on more customers”

“I think we could expand our customer base by at least 10-15 percent immediately”

“It accelerates their (customers) decision to make the move (to Windows 7)”

The Future:

Early 2011 will see the general availability of Windows Intune in the countries listed in the 1st screenshot above. It will then move to more European & Latin countries as well as “select” Asian locations.

I’ve signed up to the beta and will hopefully have some post following up on that experience soon.

The MS Blog post can be found here.

Posted on

Windows Intune


Windows Intune is the newest addition to the Microsoft Online Services stable…and it’s a biggie! Do you remember System Center Online Desktop Manager (SCODM)? Did you notice that it all went quiet on that front? Well here it is with a new name…

What is it?

Windows Intune is a cloud based, central management system aimed at SMB’s of up to 250 machines (or so).

“Windows Intune simplifies how businesses manage and secure PCs using Windows cloud services and Windows 7—so your computers and users can operate at peak performance, from virtually anywhere.”

Intune covers many of the areas that IT Managers find difficult and time consuming such as:

  • Managing Updates
  • Pro-active monitoring
  • Malware Protection
  • Asset Tracking (Hardware & Software)
  • Remote Assistance
  • Setting Security Policies

Windows Intune screenshot

Extra Features:

It’s not just great central systems management that Intune gives you also get:

Software Assurance: Subscribing to InTune allows you to upgrade all your machines to Windows 7 Enterprise and take advantage of features including:

    • Bit Locker to Go
    • Federated Search
    • Direct Access
    • and more

You also receive

“new features or updates to Windows Intune or the Windows operating system automatically as long as your subscription is active”

so say “Hello” to Windows 8 further down the line 🙂

Despite this, you can run Vista, or even XP, as your corporate desktop OS.

MDOP: The Microsoft Desktop Optimization Pack is a great set of tools including MED-V & App-V that make managing your environment easier and more cost effective. See more info here. The Asset Inventory Service (AIS) component of MDOP is already included as part of InTune.

How can I get it?

It’s currently in beta, limited to 1000 customers in US, Canada, Mexico & Puerto Rico. If one of those is you locale, go sign up here:

http://www.microsoft.com/online/windows-intune.mspx

 

Relation to existing Products.

Microsoft have had on-site management products for years. First SMS & MOM and now the System Center family such as:

  • SCCM (System Center Configuration Manager)
  • SCOM (System Center Operations Manager)
  • SCE (System Center Essentials)

These products are becoming more and more popular among both corporate customers and the education sector, and have been marked by Steve Ballmer as an area of big focus for the coming years. Microsoft have also put a lot of effort into their Online Services but could still do with a real killer product to help those small to medium businesses (SMB’s) fully embrace “The Cloud”. Thus it make sense that they’ve combined the 2 and created InTune.

My thoughts are all around how InTune will sit alongside products and offering that already exist. It is very much an online version of System Center Essentials, although InTune can’t do Application Deployment and SCE doesn’t include any ForeFront Protection. A breakdown is below:

image

However I do think that it could cause a lot of confusion when it comes to Software Assurance. As a Channel Licensing Specialist I, and my company, have done a lot of work around Software Assurance – especially as it relates to Windows 7. It seems to me that InTune may well undermine a lot of the work we (and other partners) have done in this area to show the whole range of benefits that SA offers…many of which aren’t included with the new offering.

It will also muddy the waters when it comes to purchasing Windows 7 & SA now. InTune is slated to be available in many more countries with 12 months of the beta; so companies considering Software Assurance within the next 6-12 months (say) may now push the projects back in order to evaluate InTune. Not great for partners or the channel.

Conclusion

As a product, I think InTune is great. I’m a big of BPOS (as a concept, although it hasn’t reached its potential yet) and adding management tools to the Suite is really good way of both bolstering the Online offering and helping more people reap the benefits of Microsoft’s management expertise.

I am however, more cautious about it’s effect on the perception of SA and project timelines over the coming 12 to 18 months.

To find out more about Windows InTune, go here:

http://www.microsoft.com/windows/windowsintune/default.aspx

Posted on

Microsoft: The New Efficiency


At today’s “New Efficiency” launch event, Microsoft CEO Steve Ballmer spoke about Windows 7 deployments and how customers can save money with the latest OS. He particularly mentioned that Windows 7 “will bring $90-$160 saving per pc per year”.

He also discussed the “Consumerisation of IT”, where users bring/force change in Corporate IT via their expectations from using software at home. He said that it isn’t a new phenomenon (it just has a new name) and that it will continue to be a huge driving force in the way that software is designed and used-such as the extra social networking features being added into Office, Exchange & Sharepoint.

This all led to the launch of a new website:

http://vepexp.microsoft.com/thenewefficiency

which contains dozens of videos from MS execs covering topics such as:

  • Discover Windows Optimized Desktop
  • Learn about Optimized Server
  • Experience Unified Communications
  • Explore Business Ready Security

There are a bunch of videos on Exchange 2010 such as:

  • Upgrade & Deployment
  • High Availability
  • Mobility & Active Sync
  • Email Archiving

and more. These are a great source of information on Exchange 2010, some of which I’ve collected here.

The banner below is a great representation of the products & ideas behind the New Efficiency.

image

There are way too many sessions to list here but MS have put together some suggested sessions listings for:

  • Enterprises
  • Mid-Size
  • SMB’s

They contain links to the videos on the New Efficiency site and can be downloaded from my SkyDrive here.

Posted on

Windows Server 2008 TS/RDS


I’m sure you’re aware that Windows Server 2008 R2 has now been released, but not everyone is aware that Terminal Service (TS) is no more and has been replaced by Remote Desktop Services (RDS).

RDS offers all the same functionality as TS as well as a whole host of new benefits. These new additions include:

  • Simplified management with a unified and scalable connection broker for both Session Desktops and VDI Desktops providing:
  • Unified Remote Desktop Web Access (RD Web Access) and ‘RemoteApp and Desktop Connection’ feature for access to VDI and Session Desktops
  • Ensures users can only see the apps they are supposed to with per-user RemoteApp permissions and filtering
  • Provides the user a rich remote experience, bringing the experience closer to that enjoyed by users accessing local computing resources such as:
  • True multi-monitor support
  • Windows Media® Player redirection,
  • Bidirectional audio,
  • Enhanced bitmap acceleration for 3D applications and rich media content such as Silverlight and Flash.
  • Improved application compatibility and management of RD session host servers with the inclusion of Microsoft Application Virtualization for TS

This last point is especially interesting-“App-V for Terminal Service” is included with the CAL and is no longer a separate product. This applies not only to the 2008 R2 RDS CALs but also 2008 TS CALs. (I’m going to look into if and how it works with existing CALs and post an update here). *Update* I’ve investigated this today and, despite the blog’s wording, it doesn’t apply to Server 2008 TS CALs…it is Server 2008 R2 RDS CALs only.

*Update 2*I received a mail from Alex, the author of the original blog post, today telling me that my previous update was wrong and that is true*. Looking at the FAQ’s here shows that customers who currently have the Windows Server 2008 TS CAL will receive the App-V for TS functionality too-great news 🙂

Customers should find that the App-V for TS software is now available via the Volume Licensing Service Centre (VLSC) from September 1st.

It’s to be noted that “App-V for Desktops” isn’t included in this and is still separately licensed through MDOP.

Because of these extra features, the cost of the CALs will increase by around 5%. However MS are offering them at an equivalent price to the previous CALs until 31/12/09 (again, I’ll check where this promo is running and let you know).

This is another thing that makes Windows Server 2008 R2 an excellent step forward 🙂

The MS RDS Blog is here.

*I’ve apologised to Alex and I aim to correct the source of the incorrect information too. I also want to apologise to anyone who read the incorrect info on here-sorry!

Posted on

Microsoft MDOP


MDOP AKA the Microsoft Desktop Optimization Pack is one of the least well known Microsoft products, and that’s a shame as it’s packed full of goodness!

It’s only available to customers who have Software Assurance on Windows Desktop OS licences (Vista, Windows 7 etc) and contains the following:

Application Virtualization (App-V)

Microsoft Enterprise Desktop Virtualization (MED-V)

Diagnostics & Recovery Toolset (DaRT)

Advanced Group Policy Management (AGPM)

Asset Inventory Services (AIS)

System Center Desktop Error Monitoring (SCDEM)

These tools can help make managing systems so much easier in so many ways!

They are licensed on a per user per month basis which means they’re not available on all licensing programmes-namely MDOP is missing from Open licensing. If MDOP is attractive to you, you should look at the Open Value Program to get MDOP and other benefits too.

There’s a whole host of MDOP videos from Tech-Ed available here. Be warned though-they require a TechEd Online subscription.

Posted on

MED-V: More info


MED-V (Microsoft Enterprise Desktop Virtualization) is part of the Microsoft Desktop Optimization Pack (MDOP) and has come to the fore somewhat recently, along with Windows 7’s XP Mode.

A number of people had heard of MED-V and knew that it let you run older apps in a virtual environment on new OS’s (such as Windows 7). Then, when MS announced XP Mode for Windows 7 the question became “Why do we need MED-V?”. In short we need MED-V because it’s excellent-so let’s look at why 🙂

XP Mode allows single users to run an app in a local XP VM, and that’s it. It’s a local instance which needs to be looked after by that user/helpdesk but individually on that machine…MED-V however, gives numerous central management controls and that is where it comes into it’s own.

The four key points it offers are:

  • Virtual Image Repository
  • Centralized Management and Monitoring
  • User Policy and Data Control
  • Seamless user experience

Virtual Image Repository: This gives a company a central repository to store all the different virtual images they need (XP, Mac OS, Linux etc) which can then be retrieved by end users and/or automatically deployed. There is also an automated process for keeping the VM’s updated with any changes to the build image. Med-V also allows for automated first-time setup such as:

  • specifying computer name
  • setting up the network
  • joining the domain.

Centralized Management and Monitoring: MED-V can be integrated into Active Directory (AD) to enable VM provisioning based on group policies. There are features aimed at helping Helpdesk too including a central database of all client activity and the ability to easily revert a VM back to it’s original state.

User Policy and Data Control: One of the cool features MED-V offers here is the ability to automatically re-direct specified websites to the Virtual Machine, so if a certain site only runs in IE6 and corporate standard is IE 8, the VM will handle it.

Seamless user experience: Virtual Machine applications are available via the host OS Start menu and apps published via MED-V are still available when offline.

So MED-V is a grown up version of XP Mode that gives corporates the ability to easily, safely and centrally manage a Virtual environment for application compatibility.

All this information is from the awesome free MS e-book “Understanding Microsoft Virtualization Solutions” and there’s a whole lot more in there too…go download it here.

Posted on

Diagnostic and Recovery Tool (DaRT)


DaRT is what was previously known as WINternals and is a great piece of software, a real boon to any IT admin’s toolkit. It comes with all kinds of tools and tricks to troubleshoot unresponsive PCs and get them back up and running by removing malware, fixing drivers and more.

The first part is the Crash Analysis Wizard, which looks at .dmp files (crash dumps) and pulls out the relevant info to tell you why the crash has happened.

The next part is ERD Commander. This lets you create a start up image that you will use in the future on seemingly unbootable machines. Once you have given it an OS (which it can extract from your install disk), you choose which tools you want to include on the disk…the choice is:

  • Computer Management
  • Crash Analyzer
  • Disk Commander
  • Disk Wipe
  • Explorer
  • File Restore
  • Hotfix Uninstall
  • Locksmith
  • Registry Editor
  • Solution Wizard
  • Standalone System Sweeper
  • System File Repair
  • TCP/IP Configuration

    • You can then add any specific .inf files (drivers) that you would need, if you have specific extra hardware requirements in your organization.

    Brandon LeBlanc from the Windows Blog has got a great post on DaRT here.

    Website Powered by WordPress.com.
    %d bloggers like this: