Windows 10 may be getting all of the attention, but the new management tools are what really excite administrators! The mothership of advanced management tools is the Microsoft Desktop Optimization Pack (MDOP). Microsoft normally releases two MDOP versions each year. Windows 10 pushed us off that cycle. Instead of two minor releases this year, it looks like we are treated to one mega release.

Joseph Moody

Joseph Moody is a network admin for a public school system and helps manage 5,500 PCs. He is a Microsoft Most Valuable Professional (MVP) in Cloud and Datacenter Management and blogs at DeployHappiness.com.

MDOP 2015 does not contain any new products. Instead, the update includes four individual product service packs. These service packs are for the virtualization solutions Microsoft Application Virtualization (App-V) and User Experience Virtualization (UE-V). The management applications, Microsoft BitLocker Administration and Monitoring (MBAM) and Advanced Group Policy Management (AGPM), also received a service pack.

Windows 10 support was also included for five of the six products. This support includes Windows PE 10 in the Diagnostics and Recovery Toolkit (DaRT). Tools in DaRT now have full support for Windows 10 as well.

Building a Windows 10 DaRT recovery image

Building a Windows 10 DaRT recovery image

Only the Microsoft Enterprise Desktop Virtualization (MED-V) portion did not receive any updates. This is logical seeing how Client Hyper-V can substitute for backward OS compatibility with newer Windows OSs. With all of our acronyms out of the way, let us jump into the single best feature of MDOP 2015.

New management and PowerShell features in MDOP 2015 ^

AGPM 4.0 SP3 includes PowerShell support for advanced Group Policy tasks! The new AGPM PowerShell module currently has six cmdlets. After you install the AGPM client, you can see these cmdlets by running the following PowerShell command:

With just six cmdlets, though, an IT administrator now can automate the entire editing process of a GPO. Get-ControlledGPO will allow you to grab GPOs that are checked in and deployed. These objects can then be piped to the Unlock-ControlledGPO cmdlet. Unlocking a GPO is the command-line equivalent of checking it out in the AGPM console. After a GPO is checked out, an administrator can edit it through the Group Policy PowerShell module and then check the GPO back in for deployment.

Installing the AGPM 4.0 SP3 Client

Installing the AGPM 4.0 SP3 Client

Along with support for the Windows 10 operating systems, AGPM 4.0 SP3 makes current and future upgrades easier with the newly introduced Smart Upgrade feature. Smart Upgrade allows an AGPM Server or Client installation be taken to the latest version without the need to provide previously required configuration parameters. Environments running AGPM 4.0 through AGPM 4.0 SP2 can upgrade to AGPM 4.0 SP3 using Smart Upgrade. An APGM environment can jump from 4.0 through 4.0 SP2 to 4.0 SP3 without the need for prerequisite updates.

MBAM 2.5 received SP1 in the MDOP 2015 release. Additional product support has been added to MBAM. Windows 10 support was added for both MBAM 2.5 and MBAM 2.5 SP1. SQL 2014 is now supported on MBAM 2.5 SP1.

Windows 10 devices managed by MBAM 2.5 SP1 gain access to custom pre-boot URLs and recovery notifications. When an OS drive is locked, these devices can see a tailored message on how to initiate the process for unlocking the drive. The message can also include a custom URL. For example, the custom URL could point to your organization’s helpdesk. This feature is made possible by the Configure pre-boot recovery message and URL Group Policy setting. This administrative setting becomes available after the MDOP ADMX templates are added to your Central Store or GPMC. This setting is located in Computer Configuration/Policies/Administrative Templates/Windows Components/MDOP MBAM/Operating System Drive.

New virtualization and roaming features in MDOP 2015 ^

App-V 5.1 and UE-V 2.1 SP1 make up the bulk of the virtualization section in MDOP 2015. To use the App-V client on a Windows 10 device, your App-V infrastructure should be updated from 5.0 to 5.1. Unlike some previous App-V updates, 5.1 is applicable for the client, RDS Client, and Sequencer.

The App-V 5.1 management console has also been completely rebuilt in this release. It no longer relies on Silverlight. This means that the SCCM Application Catalog is one of the last major Silverlight holdouts. The new management console is built off of HTML5 and JavaScript. The new console makes adding and editing packages much easier. Advanced options that used to be hidden several layers deep are now front and center. Even facets of App-V such as the package converter received updates. Converting an App-V 4.6 package to App-V 5.1 can now be accomplished if the package contains complex materials (such as a reliance on custom scripts).

Building a new App-V 5.1 package in the updated Application Sequencer

Building a new App-V 5.1 package in the updated Application Sequencer

Of the virtualization updates, UE-V 2.1 SP1 may be the more exciting of the two (I don’t count MED-V). This service pack makes user/device transitions even more seamless. The following major items now natively sync:

  • Network printers
  • Taskbar settings
  • Outlook signatures (without user intervention)

UE-V 2.1 SP1 is also aware of other syncing platforms, such as Office 365 and Azure. If an organization uses Office 365 to roam settings, UE-V 2.1 will be aware of this and will not roam the same data. This is also true for Windows apps that are synced to Azure. Configuring the Group Policy settings Do Not Synchronize Windows Apps and Sync Windows Settings will prevent UE-V 2.1 from conflicting with Windows app sync to Azure. Both changes make UE-V easier to manage and troubleshoot.

Evaluating MDOP and learning more ^

In past MDOP reviews, I always made a point to address some missing feature that I couldn’t believe the MDOP team didn’t include. AGPM PowerShell support was always at the top of that list. This release of MDOP nailed every top feature request though! A big thank you to the teams at Microsoft for listening to customer feedback.

If you would like to learn more about MDOP 2015 or try it out, you can start here on the MDOP homepage or jump straight past to the good content in the TechNet Library.

Are you an IT pro? Apply for membership!

0
Share
0 Comments

Leave a reply

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2019

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account