SmartDeploy Enterprise provides a simple yet robust solution to OS deployment. This second of two articles covers the last three steps in the SmartDeploy process: driver packaging, PE media creation, and image deployment.

SmartDeploy is raffling off 50 end-point licenses with 1 year of basic support (value $1610 USD). The deadline for this contest is June 1, 2012. If you want a chance at winning this license, please fill out this form.

SmartDeploy Enterprise is a powerfully simple deployment suite. In fact, it is so simple that the entire process can be summed up in five steps, with steps 1 and 2 being covered in the previous post. In short, the steps are:

1. Building the image
2. Capturing the image
3. Packaging the drivers
4. Creating the PE media
5. Deploying the image

We have already built and captured our image. Now we face a humongous hurdle with driver management. In nearly every organization, model sprawl reigns. Even in organizations where machines are regularly replaced, some department will buy a make and model that wasn’t previously supported. This is the area where SmartDeploy Enterprise really shines.

(more…)

In this final part of our overview of Orchestrator 2012 we’ll cover extending it with Integration Packs as well as look at Orchestrator as the hub of the System Center 2012 suite and the benefits the new web service brings, along with a list of resources for further learning.

Extending Orchestrator 2012

When the standard activities aren’t enough to accomplish the automation you need, the next step is to turn to Integration Packs (IP). Currently there are IPs available from Microsoft for the System Center 2012 suite as well as for earlier SC versions, there is also IPs for HP iLO hardware and HP Operations and Service Manager; IBM Tivoli and VMware vSphere. There are also community IPs available on TechNet Gallery and Codeplex for various tasks (see resources). Configuration management tools such as Remedy and CA are also slated to have integration packs. Today there are also community IPs for SharePoint and VMware’s vSphere but I would expect more IPs, from Microsoft, third parties and the community to be published as SC 2012 gains market share.

Extending Orchestrator with IPs involves several steps: download the IP(s), register them using the Deployment Manager and then deploy them to the relevant Runbook servers. Finally they need to be configured using the Runbook Designer.

(more…)

SmartDeploy Enterprise provides a simple yet robust solution to OS deployment. Their five-step solution makes image management a breeze. In this first part, I will cover image building and image capture.

SmartDeploy is raffling off 50 end-point licenses with 1 year of basic support (value $1610 USD). The deadline for this contest is June 1, 2012. If you want a chance at winning this license, please fill out this form.

SmartDeploy Enterprise Architecture

(more…)

In the last part in this overview of Orchestrator 2012 we looked at creating runbooks, in part four we’ll investigate how to make good, robust, secure runbooks.

Considerations for creating a good runbook include knowing when and how often it’s going to run, which steps to include, how it’s going to start, what data is passed along from activity to activity and what’s the end result as well as how you are going to report on the results? Good design includes handling failures and warnings of activities, clear naming conventions, using link colors wisely and splitting long and complex runbooks into parent and child tasks that pass data to each other. Establishing a good naming convention and an agreed upon folder structure will minimize confusion and exporting your runbooks regularly for backup purposes is prudent.

Permissions can be set at the individual runbook level or you can group runbooks together and control security at the folder level. Read permissions let a user run and view runbooks, write makes changing possible and with full control users can alter the permissions. Security can also be controlled at the IP level, for instance you could have three different configurations for connecting to a ticketing system to match permissions for level 1, 2 and 3 help desk staff. Orchestrator provides simple version control; once a particular user has checked out a runbook for editing, no one else can alter it until it’s checked in again.

(more…)

System Center 2012 is here and Microsoft recently held its annual MMS 2102 conference focusing on this expanding product suite. I’ll give you an overview of what was covered, and resources you can use to start evaluating this massive release.

I recently attended the Microsoft Management Summit in Last Vegas with 5,000 fellow admins and engineers who specialize in the System Center product line. In its 14th year, MMS is still a unique Microsoft conference for sysadmins in that it’s focused exclusively on systems management using a pure Microsoft stack.

Good News! If you missed MMS, nearly all the sessions and keynotes are free online at the Digital MMS site (over 150 hours worth!). If you want to take the videos offline, someone’s written a PowerShell script to download them. Common topics beyond System Center 2012 include Hyper-V, PowerShell, Windows 7 deployment, MDT, and many more.

(more…)

In the previous two parts of this overview of Orchestrator 2012 we looked at what Runbook automation is and why it’s so important as well as the components of Orchestrator. In this third part we’ll look at how runbooks are created in the Runbook Designer.

Once you’ve worked through with the business which processes to automate the actual steps in Orchestrator are easy and the user experience is almost identical to Opalis. You drag Activities from panes on the right into your workspace. These activities are either Standard Activities (known as Foundation Objects in Opalis) that are available out of the box or they come from Integration Packs (IPs) that you’ve installed.

You then configure each activity to accomplish what you want and link the activities together, taking into account branching for different outcomes. Activities can also take into account variables and counters that you’ve configured as well as perform manipulation of data; this is then passed onto the next activity on the shared data bus as Published Data.

(more…)

In part one of this Orchestrator 2012 review we looked at IT Process Automation in general, in this part two we’ll look at the different pieces of Orchestrator and who in your organization is likely to use each component. We’ll also look at the installation requirements and experience.

Orchestrator 2012 Overview

Orchestrator is made up of the Runbook Designer, where IT Pros create runbooks by dragging activities into the workspace, configuring and linking them, in a similar way to how Visio works. The Runbook Server is the central hub that runs the actual tasks, the Orchestration Console is a web based interface that tracks the execution of runbooks and the new web service lets you access Orchestrator functionality from other programs. The Deployment Manager is used for registering Integration Packs (IPs) as well as deploying them to your runbook servers.

The Orchestration Console, for checking on Runbooks and their statistics as well as executing of runbooks by non-administrators.

(more…)

In this five part article we’ll look at Orchestrator as a part of the System Center 2012 suite and how automation and orchestration is going to be a part of the future sysadmins skillset. Part 1 will cover what Runbook Automation is all about.

Many years ago telephone switchboard operators were made redundant by automation and this is exactly what’s happening in the IT world. Don’t worry, this isn’t going to be another rant about how the cloud is going to do all us IT Professional’s out of a job but it is a reminder that the times are changing.

The Orchestrator 2012 Runbook Designer – a lot easier to become friends with than PowerShell.

(more…)

The final article in a series covering the Microsoft Desktop Optimization Pack (MDOP), will detail Microsoft’s Enterprise Desktop Virtualization (MED-V).

An organization deploying Windows 7 can be daunted with many issues. User training, setting migration, and application compatibility can all keep a Windows administrator up at night! The first two can be easily surmounted with proper planning. The third can prove a bit more difficult. While technologies, like the Microsoft’s Application Compatibility Toolkit, make this simpler; a critical application refusing to work with Windows 7 can completely derail a migration schedule.

Microsoft’s Enterprise Desktop Virtualization (MED-V) can solve nearly any compatibility problem. MED-V is the enterprise version of Microsoft’s XP Mode. Choosing between XP mode and MED-V can be a bit difficult though. The table below breaks down the major differences between MED-V and XP Mode to make selection easier.

(more…)

In this article we will review some of the advantages and disadvantages of the Windows 8 Metro user interface for systems administrators. We’ll also learn how to disable the Metro UI by using Windows Server 8 Beta (aka Windows Server 2012) Group Policy.

What do you think of the new Start Screen in Windows 8? Does the touch-centric Metro user interface (UI) throw you for a loop, are you a fan, or do you really care at all?

Those of us who have used Windows for several years remember the days before the Start Screen or even the Start menu. For instance, who recalls the Program Manager in Windows 3.1?

Windows 3.1 program group

(more…)

This article, the sixth of seven in a series covering the Microsoft Desktop Optimization Pack (MDOP), will detail Application Virtualization by Microsoft (App-V)

While server virtualization and desktop virtualization have been dominant technologies over the last few years, software virtualization has yet to be so widely adopted. The benefits of hardware virtualization are constantly touted but software virtualization has a persuasive list of merits. The main benefits of software virtualization are to ensure conflicts never arise between programs, real time software usage metrics, and for ease of upgrading.

In this package, some shell extensions were found to be unsupported.

(more…)

This article, the fifth of seven in a series covering the Microsoft Desktop Optimization Pack (MDOP), will detail the Microsoft BitLocker Administration and Monitoring tool (MBAM).

BitLocker, introduced in Windows Vista/Server 2008, addressed the lack of hardware level encryption desired by many organizations. BitLocker initially proved valuable on laptops and tablets. As more devices became equipped with a TPM module, a chip required for BitLocker implementation, organizations began to enable BitLocker on a larger scale through the encryption of desktops. Hardware level encryption protects user created data, secures against boot sector viruses, and allows for machines to be decommissioned without formatting the hard drive first.

With the release of Windows 7/Server 2008 R2, Microsoft made strides in BitLocker implementation and administration. The deployment, management, and reporting features still lacked though. While BitLocker could easily be setup on a case by case basis, wide scale distribution was difficult. Microsoft’s BitLocker Administration and Monitoring tool (MBAM) addresses the three biggest pitfalls with a wide scale BitLocker implementation. These are: Deployment/Management, Reporting, and Cost of Support.

(more…)

In this blog post we provide Windows systems administrators with a high-level overview of the remote management tools DameWare NT Utilities and Mini Remote Control management tools.

SolarWinds, the new owner of DameWare NT utilities, raffles off a two 2-seat license worth $680 USD. If you want to take part in this contest, please fill out this form. Notice that your data will be submitted to SolarWinds. The deadline of this contest is May 22, 2012.

DameWare NT Utilities

(more…)

In this article you will learn how domain join behavior works between Windows Server 8 Beta and Windows 8 Consumer Preview.

Have you had the chance to evaluate the recently released Windows Server 8 Beta and Windows 8 Consumer Preview software? More to the point, how familiar are you with Microsoft’s changes to Active Directory Domain Services (AD DS) in Windows Server 8?

Well, that is precisely what we are concerned with in this blog post. By the end of this lab, you’ll know how to:

• Set up a Windows Server 8 Beta computer as a domain controller
• Join a Windows 8 Consumer Preview computer to the domain
• Experiment with Windows Server 8 Beta AD administration tools

Building a Windows Server 8 Beta Domain Controller

As I described in my Windows Server 8 Installation notes blog post, in Windows Server 8 we use the completely revamped Server Manager as our GUI hub for managing server roles and features. As Figure 1 shows, we can launch the Add Roles and Features wizard by clicking Add roles and features from the Server Manager Dashboard. (more…)

This article, the fourth of seven in a series covering the Microsoft Desktop Optimization Pack (MDOP), will provide an explanation of Advanced Group Policy Management and a basic overview of configuration.

In terms of desktop management, Group Policy is the cornerstone of a Windows administrator’s arsenal. With Group Policy, you can deploy software, printers and drive mappings. You can configure default settings and manage client behavior. But how do you manage Group Policy? The built-in mechanics for managing Group Policy are simply inadequate for most organizations. Windows administrators either have complete access or no access by their addition and removal from the Group Policy Creator Owners Security Group. Further, Group Policy Object (GPO) management lacks in terms of change control, automated backups, and role based delegation. Microsoft’s Advanced Group Policy Management (AGPM) addresses all of these issues.

AGPM is comprised of a server side component and a client. The component will add a Change Control Node to the Group Policy Management Console (GPMC) on the AGPM server.

The Change Control node within the GPMC

(more…)