Latest posts by Paul Schnackenburg (see all)
- Office 365 Secure Score – Securing Exchange Online - Thu, Aug 3 2017
- Office 365 Secure Score - Reporting and monitoring - Tue, Aug 1 2017
- Office 365 Secure Score - MFA for users and auditing - Mon, Jul 31 2017
Hands up all sys admins that love the MMC based console in SCCM 2007….. No one? Didn’t think so – it’s known to be slow in large environments.
New console ^
Whilst I haven’t been able to test the v.Next console in a large business it does seem snappier and easier to work with. The middle, main pane has tabs at the bottom which makes for less expanding and collapsing of the tree structure. Overall the console adopts the Outlook feel and the new “Wunderbar” (official name) in the lower left hand corner features links to Administration, Software Library, Monitoring and Assets and Compliance.
New Infrastructure ^
There are a number of technical restraints in SCCM 2007 which make large businesses create complex system hierarchies. If you want to have custom agent settings these are site specific so you might create another primary site just for clients where you need different settings. Or you might need to segregate administrative control per primary site.
Most of those limitations are removed in v.Next and the only reasons to have more than one primary site is scale out (about 100 000 devices per site) or fault tolerance. Administrative segregation is taken care of by Role Based Access Control (RBAC, see part3) and client agent settings can now be set by collection. Secondary sites were often deployed just to control WAN bandwidth usage, in v.Next those controls have been moved to Distribution Points (DP).
There’s a new type of site, the Central Administration Site (CAS), which is used when you have more than one primary site. CAS is only used for reporting and administration; it can’t have clients assigned to it. Replication of all config manager settings are done through SQL replication although the old file based model is still used for software and OS files.
Distribution Point groups are mostly cosmetic in SCCM 2007; in v.Next they control content replication. If you add a DP to a group it automatically receives all data from the other DPs in the group and if you add content to a group all DP members automatically receive it.
Desired Configuration Management (DCM) in SCCM 2007 reports configuration drift on managed devices; in v.Next it’s been renamed to settings management and it now goes the last mile by not only reporting on settings out of compliance with company policy but also automatically (if you so desire) remediating settings.
In the final part of this overview we’ll look at Migration, Mobile device support and Role Based Access Control.