Category: Technical

Posted on

Microsoft Windows Intune: Online Systems Management


Microsoft Windows InTune is the new Cloud based systems management tool from Microsoft, formerly known as “System Center Online” and has been long awaited. The ability to manage multiple locations/organizations from one central, online point is attractive to a lot of people for a lot of reasons…so let’s take a look @ InTune.

There are at least 10 sections inside InTune so I’m going to cover them in a number of posts, we’ll start with – System Overview:

image

image

This is the first screen you see when you log in to the Windows InTune Admin Console and it immediately gives you a great overview of yours systems. It shows:

  • If Machines are infected/unprotected
  • If there are updates for your machines
  • A number of other alerts

Malware Protection:

From here you can see which machines have Malware protection turned off completely and also if they have overdue scans or specific parts of the protection, such as USB device scanning, turned off.

1 click takes you to a list of machines, from where you can turn on protection.

Updates:

This, not surprisingly, gives you a list of all the updates that are available for you machines be they for the OS or applications.

One issue with this is that, as default, it shows you ALL possible updates:

image

however, these can easily be filtered:

image

image

Another problem I have noticed is that it wants to give my laptop updates for Office 2007, as well as Office 2010; oddly, this doesn’t happen with my other 2010 machines. I had a number of issues when upgrading Office versions and I’m inclined to believe that there are some Office 2007 remnants on the machine that are being picked up by Intune.

Should you choose to approve an update for a machine/machines, you then reach this screen:

image

Choose the groups on which you want to install the updates, click approve and job done!

I feel it would be a smoother experience and require less clicks, if you could see the machine names on the same screen as all the updates. Currently, you must:

  • Select the update
  • click on “x computers need this update”
  • Check the groups/machines
  • Go back to the previous screen
  • Approve Update

Showing the machines names/groups on the initial screen would remove a lot of that.

You can also access the updates via the individual machine screen, I’ll cover that in a later post.

Alerts by Type:

This section, as well as the above, also includes other types of alerts…not just updates and malware. This is where InTune starts to differentiate itself from other products, for example:

image

If I click through, it tell me:

image

That is pretty cool, and something that is very useful for System Admins. I didn’t expect InTune to cover things like this, certainly not in the beta, so I’m pleasantly surprised Smile However, you can’t initiate the defrag from InTune.

The 2 options on the right hand side “Create Computer Group” and “View a Report” will be covered in later posts.

Summary:

This is a brief look at just the first screen of Microsoft Windows InTune but I’m sure you will agree that it already looks very interesting. So stay tuned for the remaining posts in this series (at least 9!) and ask any questions you may have in the comments Smile

Cheers

Rich

Posted on

Microsoft Windows Intune: Second Beta


Microsoft Windows Intune is a new product aimed at managing pcs in a new way. My original post can be found here:

Read Windows Intune

The initial beta was restricted to the US, Canada, Mexico & Puerto Rico and 1000 participants. Microsoft have now opened that up to another 10,000 users in the following countries:

image

To be eligible you need to deploy it to at least 5 machines and start within 1 week.

If you’re interested, go and sign up here:

http://www.microsoft.com/windows/windowsintune/windowsintune-experience.aspx

Pricing

The pricing of Windows InTune has now been confirmed for the States and it is:

$11 per user per month

That gets you:

  • Cloud based Desktop Management service
  • Anti Virus and Anti-Spyware
  • Windows 7 Enterprise Desktop Upgrades

and, for an extra $1 per user per month, you can get the whole MDOP suite too. More MDOP info here:

Read Microsoft MDOP

Partner Features

Many partners will be looking to InTune to provide them with a new way of generating revenue, through the ability to remotely manage their customers machines. This will reduce the need to travel thus saving money on hotels and petrol and increasing profit margins. Microsoft have quickly, and cleverly, added in a new feature aimed at making this as easy as possible…the “Multi – Account Console”:

This will allow partners to quickly and easily see a top level view of all the customers they manage and, through filtering, spot those needing urgent assistance immediately.

Feedback:

There is already a lot of positive feedback on Windows InTune from the first beta, such as:

“I save about 40% of the time I used to spend managing PC updates, thanks to Windows Intune. It frees me up to focus on developing more custom applications—and bring on more customers”

“I think we could expand our customer base by at least 10-15 percent immediately”

“It accelerates their (customers) decision to make the move (to Windows 7)”

The Future:

Early 2011 will see the general availability of Windows Intune in the countries listed in the 1st screenshot above. It will then move to more European & Latin countries as well as “select” Asian locations.

I’ve signed up to the beta and will hopefully have some post following up on that experience soon.

The MS Blog post can be found here.

Posted on

Microsoft BPOS & Messagelabs


Can Exchange Online co-exist with Messagelabs or other 3rd party scanning tools?

That is the question I have been investigating for the past week or so…and I have an answer…sort of…nearly.

First things first, yes I know Exchange Online includes ForeFront Online Protection for Exchange (FOPE) and I also know that it is a very good product.

However there are a number of situations where customers would like a2nd option too. This could be because they’re mid way through a contract, because they’d like a “safety net” or indeed because they just don’t like Forefront.

I first looked into it last year and got a definite “Yes it can be done”; I used that as the basis for a customer conversation around 3rd party support. The customer then spoke with BPOS support around how to implement it…and they advised that it couldn’t be done! This was something of an issue and set me off on a quest to get a concrete answer, one way or the other.

I posted a question up on the Technet Exchange Online Forum but didn’t get a response so after much confusion internally at Microsoft, conversations with business groups and technical support teams, the final answer was:

“It isn’t supported but it should work”

So this wasn’t as good as my original “yes” but a vast improvement over “No”, which is something.

This is yet another issue that will be resolved with the arrival of Wave 14:

An update to FOPE, scheduled for release at the same time as BPOS wave 14, will include new connector functionality that will enable this scenario.

So within the next 6 months we’ll have full support for 3rd party mail scanning tools, which will be one less thing to worry about 🙂

Posted on

Office 2010 Activation


Microsoft Office 2010 purchased through Volume Licensing now needs activating in the same way as Windows. Previously this only applied to Office through the OEM & FPP channels. This is a new introduction with 2010 and is surprising some people.

There are the same options to activate as with Windows, which are:

  • KMS (Key Management Service)
  • MAK (Multiple Activation Key)
  • MAK Proxy

KMS:

KMS uses a host computer to establish an activation service on your local company network. With a KMS host you can activate thousands of computers at the same time when they regularly connect to the company network. If you use a KMS host to activate Windows, you can use the same host to activate Office 2010.

MAK:

With MAK, each computer activates Office 2010 with the Microsoft hosted activation servers over the Internet or by phone. MAK is recommended when you have fewer than 50 computers to activate, and for computers that are not regularly connected to the company network.

Planning activation:

KMS:

A single internal server authenticated with Microsoft and in turn, the organization’s devices authenticate to that machine.

KMS activation through firewall

A KMS “Client Key” is installed inside every Volume Licensing copy of Office 2010, which means that no action is required by the end user and that a product key doesn’t need to be entered for the clients. All an administrator needs to do is activate the 1 KMS host reducing the amount of time spent on this task.

The KMS service does NOT require a dedicated server and can happily sit on a machine already in production. The Operating System requirements are:

Windows Server 2003

Windows Server 2008 R2

Windows 7 purchased through Volume Licensing <—This means OEM & FPP/retail won’t work

Devices are required to “re-authenticate” every 180 days.

Technet article is here:

http://technet.microsoft.com/en-gb/library/ff603508.aspx

MAK:

MAK activation at each desktop occurs directly with Microsoft, rather than via an internal server.

MAK independent activation via Internet

If machines are unable to connect to the internet, MAK activation can be via telephone too.

This method works well for smaller organizations and also sub-sets of larger organizations, such as mobile divisions who are away from the corporate network a lot.

MAK gives you a number of activations equal to the number of licences purchased.

Technet article is here:

http://technet.microsoft.com/en-gb/library/ff603511.aspx

MAK Proxy:

MAK Proxy activation uses VAMT (Volume Activation Management Tool) 2.0. Using this method, one designated machine collects activation info from multiple other machines and then sends a single centralized request for activation to Microsoft. Only the VAMT device connects to Microsoft’s servers, reducing bandwidth usage.

MAK Info:

MAK activation does NOT require periodic re-activation however it will be needed if significant changes are made such as replacing the hard drive or re-installing Windows. This will reduce the number of available activations, so if you:

Have 100 licences

Install on 90 machines

Re-install Windows and re-authenticate Office on 10

You will have 10 machines on which you cannot activate Office.

In this case, you would need to contact Microsoft to increase the number of available activations.

However if you use MAK Proxy, you can save the Confirmation ID given via VAMT and simply re-apply that to re-activate machines without reducing the number of activations available.

VAMT 2.0:

Volume Activation Management Tool (VAMT) 2.0 is a managed MMC plug-in. VAMT uses Windows Management Instrumentation (WMI) to configure managed systems. A convenient command line interface (CLI) allows automated, scheduled VAMT tasks without UI interaction.
Using the VAMT console, administrators can perform many activation-related tasks on remote computers:

  • Manage product keys obtained from the Volume Licensing Service Center (VLSC) or other sources including retail and Microsoft subscription programs such as MSDN, TechNet and partner programs — and product activations using those keys.
  • Activate remote systems using Key Management Service (KMS), Multiple Activation Key (MAK) or retail activation methods.
  • Perform disconnected proxy activation and reactivation of systems without each system having to connect with Microsoft activation services individually.
  • Assist with license compliance by enabling IT administrators to monitor system license state, including whether systems are licensed and running genuine Windows or Office.

You can download it here:

http://www.microsoft.com/downloads/details.aspx?FamilyID=ec7156d2-2864-49ee-bfcb-777b898ad582&displaylang=en

Troubleshooting

The Technet Troubleshooting page can be found here:

http://technet.microsoft.com/en-gb/library/ee624355.aspx

which will hopefully cover off any issues you may be having.

Posted on

BPOS 2010 aka Wave 14


BPOS (Business Productivity Online Suite), Microsoft’s Online Services offering has been somewhat successful over the last year or so, but it is about to become a much more robust platform. Over the next few months the “Wave 14” rollout will begin, with an aim to being completed by the end of 2010.

The biggest update is that the products will match the versions that are available to purchase “on-site”. That is, BPOS will offer Exchange 2010 and Sharepoint 2010 with near feature parity; removing one of the biggest hurdles to BPOS adoption…at least in my experience.

However, there are a number of other additions and improvements coming…

Identity and authentication has been an issue for many people, as this whole area is quite clunky & “un-modern”. As Program Manager Dan Kershaw says:

“the password policy isn’t configurable, you can’t use the same credentials used inside the company for single sign-on with BPOS so admins have to maintain separate credentials, there’s no two-factor authentication and no role-based administration”.

The fact that Microsoft recognise these limitations is great as that means they’re also working on fixes. The update will bring:

  • Password Policy controls
  • Five admin roles
  • Federated ID’s w/ 2 factor authentication for single sign-on
  • New Admin Console
  • Service connector for managing Pcs & apps.

 

Powershell is definitely the way forward for 21st century system admins and, while it can be used for certain things with the current iteration of BPOS, more is coming soon.

I covered off some of the new features of Sharepoint Online 2010 in this post but now there is more information on what’s coming for Office Communications Online (OCO) over the next year.

Currently OCO gives IM and presence, along with peer to peer video, only within the customer’s domain. One of it’s biggest limitations is the inability to “federate” with on-premise OCS servers…this slightly puzzling block will be removed with Wave 14.

It’s said there will be “full integration” with Exchange & Sharepoint, both on-site and online.

This will lead to:

  • using the calendars on Exchange/Sharepoint to determine someone’s IM availability
  • voicemail in Exchange Online
  • IM functionality in OWA 2010.

One of the biggest questions people have is whether Office Comms Online will have VOIP/Voice capabilities.

"it might be more than a year later," says Ziv Fass, Senior Product Manager in the OCS team "but it won’t be years".

From a reseller AND a customer point of view, the updated versions of Microsoft’s Online Services will be a real benefit to us all.

Posted on

Office 2010: Installing the RTM


The Office 2010 Beta was downloaded and used by millions of people the world over and I imagine that most of them, like me, used it in a live environment; at home and/or at work. (I’ve never met anyone with a dedicated beta machine!)

Well the RTM (Release to Manufacture) version is available now to those of us with Software Assurance, TechNet or MSDN and from June 15th for FPP (Fully Packaged Product) boxed copies. This is great news as there are a few new additions and tweaks, plus you don’t have to worry about it expiring halfway through an important presentation in the future 🙂 There is however a downside to this:

There is no upgrade path from Office 2010 Beta to Office 2010 RTM

What do I do?

You need to completely uninstall the Office 2010 beta from your machine, but in itself, this often isn’t enough. You must also uninstall a number of other products, otherwise you’ll have problems! The total products you must remove are:

  1. Office 2010 Pro Plus Beta
  2. Sharepoint Designer 2010
  3. Project 2010
  4. Visio 2010
  5. Hotmail Connector for Office 2010
  6. SQL PowerPivot

 

I don’t think it would ever have occurred to me that PowerPivot was going to cause me issues, but it did! Luckily I got this list from a friendly neighbourhood Microsoftie before I lost my entire afternoon 🙂

Also, on my home machine I’m pretty sure the Hotmail Connector would have caught me out…but not now, oh no!

Hopefully you’ll see this before you start your RTM install process and potentially lose your afternoon/day/hair/mind 😉

Posted on

Windows Azure: Free Developers Course


Windows Azure is a key part of Microsoft’s “Cloud” strategy moving into the future but of course, it needs people to use it and develop for it for it to be truly successful. They are piloting a new way of training developers & architects Azure, via self paced, web based training…best of all it’s FREE!

The method is one that I’m quite familiar with which aims to offer the best features of classroom training without the hassles and expense of travel, hotels, being out of the office for days etc. It utilises:

  • Interactive Live Meeting sessions with a tutor
  • On-line videos
  • Hands on Labs
  • E-Learning
  • Weekly Assessments

to cover off the topics, and you don’t need to go anywhere! The course lasts for 6 weeks from:

May 10th – June 18th

and covers:

Week 1 – Windows Azure Platform
Week 2 – Windows Azure Storage
Week 3 – Windows Azure Deep Dive and Codename "Dallas"
Week 4 – SQL Azure
Week 5 – Windows Azure Platform AppFabric Access Control
Week 6 – Windows Azure Platform AppFabric Service Bus

and did I mention it’s FREE?!

This is aimed at developers, architects, programmers and system designers and recommends at least 6 months experience programming in .NET and Visual Studio.

It will take around 4 to 5 hours a week to research and complete the tasks and there are timelines etc for submitting the work. However, successful completion gets you a “Microsoft Certificate of Completion” 🙂

This is a new approach from Microsoft and one that I hope will be expanded out to other product areas.

Register:

You can find more information and sign up here:

https://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032449971&Culture=en-GB

If you’re technically minded and interested in Azure, sign up…and get any colleagues/friends that would be interested to sign up too!

I’ve registered and am looking forward to it so hopefully I’ll see you there 🙂

Posted on

Windows 7 Deployment Learning Portal


Windows 7 deployment is definitely a hot topic. The larger/more technically minded end end users are looking to get their IT teams skilled up and more Microsoft partners than ever before are looking to acquire these skills, and offer the services. Add into this the number of consultants and techie home users and there’s a real appetite for information across the board.

Microsoft have already made a lot of great information available via Technet as well as the MS Press books etc. For me, although Technet is great, I do sometimes struggle to find what I need for a certain situation/question and end up none the wiser. I also like online exams as a way of testing/tracking my level of knowledge, and also my (hopeful) improvements. Thus, I got pretty excited (more excited than a Rydberg atom in fact :-)) when I discovered the

Windows 7 Deployment Learning Portal

It’s aim is

“to help you identify the strengths and gaps in your knowledge around Windows 7 deployment and provide some targeted learning to help you reach the top of your game”

and, in my opinion, it does just that…and very well too. Going through the 11 modules showed me there were a few areas that I was already quite strong in as well as a number of modules I needed to work on. <—This is where the targeted Technet materials came in very handy. Rather than leaving me to my own devices, after each question I answered incorrectly there were a few links to specific Technet pages relating to the topic in hand; I was able to quickly read up on the subject, identify my mistakes, find the right answer and then re-take the module.

image

image

Learning Style

I really like the way that Microsoft Technet have approached this site. It’s much more about identifying, and then filling, any knowledge gaps you may have rather than simply passing/failing an assessment; this is a much better approach for all involved.

I failed a few of the modules and hugely benefitted from being able to read through the Technet articles straight away, and then re-take the modules. Once I’d read through the various suggested articles including how to guides/step by step procedures etc, I passed each module but, more importantly, retained the knowledge. If it had simply said “You’ve failed”, I wouldn’t have improved my skill levels anywhere near as much.

For anyone looking to become more au fait with Windows  deployment methods, be it for personal interest or work necessity, this site is a great place to start. Equally, if you’re looking (as I am) to complete the Windows 7 70-680 exam, there is a wealth of information available through this site and I would definitely recommend it! On the subject of the 70-690 exam, Microsoft are running an:

Early Bird Promotion

“The first 150 individuals to pass all modules will receive a free Microsoft Press Microsoft Certified IT Professional (MCITP) self-study guide. The first 500 individuals to pass all modules will receive a free certification exam voucher.”

I have no idea if it’s still within the 150 pass limit (or the 500 for that matter) but if I was you, I’d head over to:

http://technet.microsoft.com/en-gb/windows/ff470986.aspx

get registered and get taking those modules. Worst case you get a great, solid grounding in Windows 7 Deployment tactics and best case you’ll get some great free gifts 🙂 Friendly word of advice, make sure you select the “I want to be included” tick otherwise you won’t be eligible for the free book or voucher 😉

I hope you have fun over there and I just want to say, Thank You Microsoft Technet, for a great resource 🙂

Posted on

Windows Server 2008 R2 & Windows 7 Service Pack 1


Windows Server 2008 R2 introduced many new features over and above Server 2008, and now we hear that Service Pack 1 (SP1) will extend that even further.

Memory Over Commit:

This feature, or rather the lack of it, caused quite a few comments from the VMWare side of the virtualization world as they had it and Hyper-V didn’t.

Basically it allows you to assign more RAM to your Virtual Machines than you physically have available for example:

A physical host with 4GB RAM

4 VM’s each allocated 2 GB RAM

So a total of 8GB assigned with only 4GB available…what the what?! How can this work?!

Although machines will crash if the physical memory isn’t available, it reality it’s very rare for machines to use anywhere near the amount of RAM they have. It does still carry risks though so it isn’t for everyone!

Remote FX

Do you remember when Microsoft bought Calista around the start of 2008? They were a startup who:

“set out to create technology that allows remote workers to enjoy the same rich user experience over a network as with a locally executing desktop”

This includes:

  • Full Fidelity Video
  • Silverlight Support
  • 3D Graphics
  • Windows Aero

Based on this technology, Microsoft are introducing “RemoteFX” with Windows Server 2008 R2 SP1, although there are keen to point out that this is:

“not a new standalone product from Microsoft. Rather, it describes a set of RDP technologies – most prominently graphics virtualization and the use of advanced codes – that are being added”

This will allow remote users/VDI users to have an experience much closer to that of a full desktop PC.

One thing to note is that:

If you want to use RemoteFX with a Windows 7 VM, it must be running on Hyper-V…so no VMWare!

Microsoft have always very closely with Citrix and now it’s been announced that Citrix will be integrating RemoteFX into their XenDesktop and HDX products.

Posted on

Windows 7 Cram Live Meeting


If you saw the Windows 7 Exam Cram session that was running on March 11th but missed the actual event (like me), the recording is now available online here:

https://www112.livemeeting.com/cc/microsoft/view?id=DC031110&pw=webcast

So if you’re working towards some Windows 7 exams (at least 70-680 & 70-685) or would like to but not sure where to start, head over there and get started…I will be ASAP!

Website Powered by WordPress.com.