Greg Ramsey: Grab the Docs and the Download on
DellTechCenter. Stay tuned for some video demos coming your way in the near future!
What is the Dell Deployment Pack? The Dell Deployment Pack (DDP) is an easy-to-use graphical user interface (GUI)-based tool that integrates directly into the Microsoft® System Center Configuration Manager (SCCM) 2007 (ConfigMgr) console. It eliminates the need for command-line tools and scripts normally used in the Dell™ OpenMange™ Deployment Toolkit (DTK) software. To configure and deploy your Dell systems, you need to select configuration options and commands on the GUI using drop-down lists and check boxes (see "Using The Dell Deployment Pack"). These selections make your system deployment an easy, automated task.
What if OpsMgr is in a state where it is running but not working properly? Maybe your RMS is gray or the notification and alerting systems are down. How do you detect this condition so someone can take action to resolve it? Monitoring the console all day isn't very efficient. This is where monitoring the monitoring solution is required. (
continue at source)
Priyabrata Lahiri: Recently I was working on a project and preparing a Lab environment. The goal was to install and configure MOSS on Windows 2008 and SQL 2008 and monitor it with SCE. Since I faced some roadblocks while trying to install and configure SCE on a Win 08 VM i thought to post the step-by-step here to make someone’s life a little easier.
Note – reference -
http://technet.microsoft.com/en-us/library/bb422968.aspx
(
continue at source)
If you take a look at all the calls we get here in the SMS/ConfigMgr support group, this one would have to rank right up there in popularity. What happens here is the Distribution Point (DP) share, or the DP itself, is removed but you still have packages pointing to the missing resource. (
continue at source)
J.C. Hornbeck: Just a quick FYI that on 2/18 the
Security Compliance Management Toolkit series was updated on the web. So what does this have to do with ConfigMgr? Well, after deploying the security settings you can verify the accuracy of the setting policies and monitor policy changes by applying one or more of 26 Configuration Packs included in the toolkit using the desired configuration management (DCM) feature of Microsoft System Center Configuration Manager 2007 SP1.
I have some of the main bullet points below but you can read all the details
here.
This QFE updates the System Center Operations Manager 2007 Agent to allow it to monitor Windows Server 2008 Internet Information Services 7.0 Servers.
Download:
System Center Operations Manager 2007 SP1 Internet Information Services 7.0 Monitoring support
The Configuration Manager documentation library (
http://technet.microsoft.com/en-us/library/bb680651.aspx) has been updated on the Web. All topics that have been updated have
Updated: February 1, 2009 at the top of the topic.
Of particular note for R2 customers using SQL Reporting Services: This documentation has been has been updated with information about creating Reporting Services Report models and now includes a procedure for creating advanced models using multiple views in the Configuration Manager database. Additionally, the procedure for deploying report models for use in the Configuration Manager console has been revised so that the instructions are more suitable for a variety of environments.(
continue at source)
1E has released an SMS to ConfigMgr Migrat
1E
This tool is designed to allow an SMS Administrator to Migrate all or selected packages and programs from his SMS environment into a System Center Configuration Management (ConfigMgr) environment. The tool has the following features:-
* The Migration of Package and Program details along with source files
* Renaming of Package and Program names during migration
* Direct transfer of packages from your SMS site to ConfigMgr
* Export to flat file structure from SMS site and Import into ConfigMgr from flat file
* Exporting of SMSNomad command line settings to new ConfigMgr Nomad tab settings.
You have to create an account on the 1E website in order to download the SMS to ConfigMgr Migration tool.
Download the SMS to ConfigMgr Migration tool
Ment van der Plas: The App-V 4.5 Full Infrastructure scenario (with App-V Management / Streaming server) only supports User Based application deployment. If you are using the Configuration Manager 2007 R2 integration of App-V 4.5 you can do both User and Machine based deployment.
Since I often receive questions about user based and machine based deployment with App-V 4.5, I thought I would be nice to explain the two scenarios using Configuration Manager 2007 R2.(
continue at source)
In OpsMgr – deploying a SCOM agent to a DC often presents companies with a bit of a challenge. The reason is – in order to install software to a DC and manage it – we need rights on the DC to accomplish this. These rights are needed, anytime we are going to deploy an agent, hotfix an agent, or run a repair on a broken agent to keep the agent healthy.(
continue at source)
Hi folks, my name is Dan Boldo and I’m a Program Manager Lead in Service Manager. I’m also the PM owner of the Self-Service portal, and in this first blog post (ever
), I’d like to share information on that feature. As you might have noticed, the portal was removed from Beta 1 and we noted that it will reappear in Beta 2. Behind the scenes, we reviewed both the value of the original portal and how it was implemented. The conclusion was a difficult one that required going back to the drawing board. And so we spent several months rebuilding the portal from the ground up, while leveraging great feedback from our TAP customers.(
continue at source)
Carol Bailey: Thanks to a recent Configuration Manager TechNet forum posting, I realized that we hadn't documented the prerequisites for the fallback status point, apart from saying that it required IIS. When we released Configuration Manager 2007, we didn't support Windows Server 2008, and configuration for IIS was much simpler. Consequently, I'm not aware of any problems installing this optional site system role on IIS 6.0. (
continue at source)
If you're not familiar with SCUP, System Center Updates Publisher is a stand-alone tool that enables independent software vendors or line-of-business app developers to import software update catalogs, create and modify software update definitions, export update definitions to catalogs, and publish software updates information to a configured update server such as System Center Configuration Manager or System Center Essentials. Sounds cool right? Well Jason Lewis just posted a video of how to install it over on
his blog. If you haven't seen it then you can check it out
here.
Many enterprise customers today rely on a consistent company screen saver, and while that's usually something that's rolled out with the standard corporate desktop image, what if you need to change it later? You can use Group Policy for that, but the problem is that it can disable screen saver settings for users and they will not be able to change them. Fortunately with System Center Configuration Manager 2007 or SMS 2003, changing that screen saver is just a few clicks away(
continue at source)
Carol Bailey: At first glance, dedicating a whole primary site to running Internet-based client management can seem very attractive when you're deciding on site and server placement in your Configuration Manager hierarchy. Then one look at the
Network Diagram for Internet-Based Servers - Scenario 2 with Child Site and you realize that this means two-way SMB traffic, which is not going to fly with your firewall admins or your security folks (and quite rightly so!). However, think again because this configuration might work well with a simple IPsec policy between the site server in the perimeter network, and the site server in the parent site (often the central site). Because you have to run native mode in both sites, both sites are already using PKI. You can take advantage of this and deploy additional certificates on the site servers to support IPsec, and then create IPsec policies that use certificate authentication.(
http://blogs.technet.com/configmgrteam/archive/2009/02/18/using-ipsec-to-secure-an-internet-based-child-primary-site.aspx)
This is v2 and includes some bug fixes:
- Formats orphan steps with no Group
- Added recursive template for Nested conditions for both groups and steps (tested to 3 levels)
- Properly convert Not to Nor for conditions
(
continue at source)
Vin DiPippo has written a tool to check the embedded references in ConfigMgr query-based collection rules.
A very common practice in designing query rules for ConfigMgr collections is to use the SMS_FullCollectionMembership WMI class to effect the inclusion or exclusion of members of other collections into the collection for which the query rule is being written.
While this is a powerful technique and essentially something you can't do without in any active ConfigMgr environment, it is difficult to manage. With a large number of collections that utilize this and the certain change in what is required for the types of collections I mentioned above as "generic," keeping track of these references can be difficult. The purpose of a collection may change (e.g. .NET 2.0 becomes .NET 2.0 or higher, where something that required the collection when it was only .NET 2.0 is not compatible with >2.0) The name may change with it. A collection may be deleted and re-created for any number of reasons, which will not cause any alarm as embedded references are not tracked by the ConfigMgr Admin UI.
In spite of these issues, there is no facility for obtaining an overview of query rules with these references or, even more pressing, to decode the references to check that they still point to an existing, appropriate collection.
I have written a tool that provides for both of these requirements: an overview and a reference checker. The tool uses integrated SQL security to access the database views directly. It is a console application that is invoked with two command line parameters: the server name and the SMS_??? database name.(
continue at source)
Maik Koster: The Settings within the MDT Database cover already a wide area of possibilities during a Deployment. But sooner or later you will probably reach a point, where you are in the need of adding or processing additional information. Think about Static IP Address assignment or prestaging a specific CollectionID for Deployment via SCCM, etc. There are probably a lot of things you might want to have. At least I reached this point quite soon during our deployments and started adding a new table for this and a new table for that and it was getting chaotic. Sure this is a way to secure your job but it could hit yourself if you try to understand or change this half a year later
(
continue at source)
Cliff Hobbs: For those of you with access to Microsoft Connect, the ConfigMgr SP2 TAP has just been announced.
Program Requirements
All participants must:
* Prior to program participation, have a signed TAP Agreement and System Center Configuration Manager SP2 Program Description on file with Microsoft. If you do not have a Master TAP Agreement with Microsoft currently, please work with your Technical Account Manager, Account TS, or other Microsoft representative to get one completed.
* Commit to providing resources for the duration of the program
* Commit to timely response of survey and feedback requests from Microsoft
* Agree to participate in some form of public relations activities as identified in the TAP agreement and the System Center Configuration Manager SP2 Program description
* Have a Microsoft Premier Support contract which includes a Microsoft Technical Account Manager resource
* Provide a project plan for deployment
* Deploy each milestone build of pre-release System Center Configuration Manager Sp2 into your production environment within 14 days of availability
* Meet the following deployment goals:
1. Beta – 500 or more clients installed and actively managed by the product
2. RC – 2,000 or more clients installed and actively managed by the product.
(more)
Vin DiPippo: I recently fixed a problem at one of our clients that had a persistent problem with the DW write actions timing out. After running the profiler and examining the underlying SQL, I found a few tables that were taking an inordinate amount of time to do simple operations. This seemed to be a clear case of a fragmentation problem. The biggest issue was that tables like ManagementPackVersion with 200 rows were taking over 3 minutes just to do a SELECT COUNT(*). The remedy for these tables was to rebuild the indices using ALTER INDEX ALL ON
REBUILD. Please check out the options and caveats regarding that command in the SQL documentation.
After fixing the tables that were causing the immediate issues, I wrote a small utility (TableCount.exe) that does a table count on all the tables in a database and reports the number of milliseconds that the operation takes on each. This identified a few other tables that needed to have their indices rebuilt as well.(continue at source)
Vin DiPippo: Anyone that manages a ConfigMgr environment with any depth to its hierarchy usually spends a fair amount of time waiting for minijobs to replicate changes down the hierarchy. Though not immediate, policy such as site control changes, advertisements, client agent configuration (inventory, discovery, etc.), and so forth do not usually keep you waiting too long to verify the success or failure of the replication down to the bottom of the tree. One notable exception to this is package replication. Especially for large packages, it is not uncommon for replication to take several hours, particularly if senders are configured with rate limits. In an environment with a large number of packages and/or packages that update frequently, it can be quite an organizational challenge to find, check, and remedy replication issues on a regular basis. This is even more true if you manage the ConfigMgr infrastructure but others create and maintain packages. While the console is quite functional in checking the distribution status of packages in general, I wrote a tool that helps administrators zero in on package replication issues much more quickly. First, it accesses the associated views in the database directly, which makes it much faster to get at this information than the console, which is a front-end to the ConfigMgr WMI provider. Second, it offers some sorting and filtering options that highlight the replication issues much more efficiently than reviewing the total status for every package individually.(continue at source)
Some users have encountered 32-bit limitations in monitoring System Center Configuration Manager with Operations Manager. This post is intended to clear up confusion about what is currently supported and why.
By design, the OS operates in two distinct address spaces - 64-bit or 32-bit. System Center Configuration Manager 2007 is a 32-bit application. This is true for the RTM, SP1 and R2 releases.(continue at source)
Carol Bailey: Have you tried to renew the existing site server signing certificate for a native mode site, and wondered how to do this without creating a new certificate? This post provides a procedure to do this that is suitable for when the site server is on either Windows Server 2003 or Windows Server 2008, and your PKI uses Microsoft Certificate Services.(continue at source)
Kevin Reeuwijk: One of the most anticipated features of SCCM 2007 R2 is “App-V Integration”. We have recently tested the end-to-end scenario for this integration and we can say with confidence: it BLOWS 
. In a nutshell, by integrating App-V with SCCM you lose App-V’s best features and reduce the solution to something that’s even worse than SCCM by itself!(continue at source)
The Windows Server Failover Cluster Management Pack provides both proactive and reactive monitoring of your Windows Server 2003 and Windows Server 2008 cluster deployments. It monitors Cluster services components—such as nodes, networks, resources, and resource groups—to report issues that can cause downtime or poor performance.
Download: Windows Server Cluster Management Pack for Operations Manager 2007
A beta of the native Exchange 2007 Management Pack is now available. To
request access to the Management Pack, send a mail to mpcc@microsoft.com.
The Management Pack is currently scheduled to release during Q2 of this year.(continue at source)
Stuart James: Below are steps to create a package for the SCCM admin console and also chain the install of MDT and R2.
One of the primary goals is to reduce the size of the package by removing any content from the SCCM DVD that is not required to install the admin console. This will save space on your DPs and also save lots of network and client disk space if you are using download and execute. Most admins will then also need to install MDT and R2 to get full console usage so this will chain them to the end.(continue at source)
Carol Bailey: I'm going to share some information about an option on the Certificate Services advanced Web enrollment page, because I couldn't find it documented anywhere and it took me a long time to work it out. However, even though I'm explaining how to use this option, I strongly recommend you never do unless your PKI admins insist. Why? Because it explains how to request a certificate using an existing key. It's the same option that you see in the Certificates MMC when you right-click a certificate and see Request Certificate with Same Key. (continue at source)
Maik Koster: In the first posts I showed how you can create (Create your own MDT Webservice - Part 1, Create your own MDT Webservice - Part 2) and access (Calling a webservice from a script using MDT 2008) a simple webservice to be used in Deployments to ease access to the MDT Database.
In the last post you could find a complete set of stored procedures do manipulate the MDT Database on-the-fly (Get access to the MDT Database). Now we are going to combine this. For the ones just interested to download the stuff, find the link at the end of this post. It will include the SQL Script from the last post. Also be sure to come back regularly to this page for changes. BUT use this on your own risk! It is provided AS IS and I will not be responsible for any damage to your systems! (continue at source)
Is it only healthcare organisations that benefits from a jumpstart of the MDT 2008 Toolkit? Heck,no... About everybody does...
The MDT Solution Pack 1.0 used to be Microsoft internal tools only, but they made v1.0 available from the Business & Industry section of microsoft.com.
So what is the MDT Solution Pack 1.0?
The MDT Solution Pack extends MDT 2008 (Lite Touch) with a lot of goodies, for example:
- Readymade scripts for deploying 40+ common apps (from Adobe, Microsoft, Sun etc.)
- Readymade Task Sequences with 50+ common tweaks (scripts) for XP, Vista, 2003 and 2008
- Additional sample rules (customsettings.ini)
- Updated/Extended Wizards
- Additional docs & Tools
Link to the MDT Solution Pack (v1.0) download and other info: http://www.microsoft.com/industry/healthcare/technology/hpo/desktop/mdt.aspx
Note: The MDT Solution Pack 1.0 is provided AS IS and is not supported by Microsoft.
Connected management groups is the mechanism in OpsMgr to allow a 'single pane of glass' view of an OpsMgr environment with more than one management group. This is the OpsMgr answer to the MOM-to-MOM connector available in MOM 2005.
Configuring connected management groups is straight forward. For sake of discussion let's define a couple of terms. The local management group is the one where you want to establish this 'single pane of glass' view. The connected management group is the one that you are connecting to from the top level.(continue at source)
Change management scenarios of embedded devices are sometimes much harder to handle than those of corporate desktops. This is especially true when you consider the way users interact with devices. System Center offers a control panel applet users and administrators can use for local interaction with the Configuration Manager infrastructure. This works fine for Windows Embedded Standard Devices as long as they run explorer shell the same way corporate desktops do. If embedded devices run their own shell these options are gone, because no access to the applets can be provided.(continue at source)
Savision just announced the general availability of Live Maps for Operations Manager version 3. The new release greatly enhances IT organizations’ ability to conceive, build and maintain large-scale monitoring maps. New view types, wizards and templates allow IT professionals to quickly construct dynamically updated business process maps and executive dashboards. These new map types ensure that employees at all levels, from the IT operator to the business executive, have access to the map needed to proactively manage IT problems that affect business operations.
What’s new in version 3?
• Application and Network Topologies: Live Maps v3 allows you to create true end-to-end diagrams of your applications and network from within the Live Maps Authoring console with real Operations Manager objects. Simple drag and drop operations combined with Live Maps v3 new advanced drawing controls make it simple and fast.
• Business Process Monitoring: Using the new business process shapes in Live Maps v3 you can easily model your business process and map them to the IT infrastructure that supports them, giving everybody, IT manager, end- user and the business process owner, instant insight into the health of a business process.
• Auto-updating Geographical Maps: By combining any of the over 300+ built-in maps with the new rule-based dynamic list Live Maps v3 lets you create maps that automatically keep up to date while your IT environment evolves. The built-in ability of Live Maps to create unlimited levels of maps ensures you will never lose overview.
• Dashboards: Dashboards are easy to understand top level views of the state of your environment. And you can take any perspective, locations, business process, IT services, whatever fits your needs. Using the built-in drilldown feature you can still get to the root cause of the problem within a few simple clicks.
Check out an online demo of the new version at www.savision.com/demo. If you like what you see, and we believe you will, request a fully functional evaluation copy of Live Maps v3 at www.savision.com/eval.
This draft article provides detailed technical guidance on the processes and procedures when using Microsoft System Center Configuration Manager 2007 to deploy the 2007 Microsoft Office system in a medium to large enterprise corporate environment.(continue at source)
Carol Bailey: A number of certificate deployment issues I see are down to timing issues. Like other distributed systems with many moving parts, Microsoft Certificate Services often requires more time and patience to do its job than administrators are prepared to give it. And yet this is a little odd, because SMS wasn't affectionately known as "Slow Moving Software" for nothing. Seasoned SMS admins know that packages can take hours to install on all their distribution points, and that an urgently needed application might install in the next few minutes or hours. But tasked with deploying certificates and we suddenly become signed up members of the "I want it now" society.(continue at source)
Jeff Gilbert: Because the Configuration Manager 2007 documentation library on the Web is updated on a regular basis, the Configuration Manager help file installed with the product can become out of date. In an effort to keep the help files installed locally with the Configuration Manger console as close as possible to the documentation published online, the Configuration Manager 2007 Help File Update Wizard was developed by the Configuration Manager 2007 user assistance team. This wizard can update the help files associated with a Configuration Manager 2007 installation to the December 2008 version of the Configuration Manager 2007 documentation library. To use the wizard, simply install the .msi and then located the wizard's shortcut in your start menu.
The installation file can be downloaded from here: http://www.microsoft.com/downloads/details.aspx?FamilyID=71816b0f-de06-40e0-bce7-ad4b1e4377bb&displaylang=en
(continue at source)
Jakub Oleksy: A very powerful new concept in the SDK is the notion of Type Projections. I always describe type projections as a view over our type system, much like a SQL view over tables, with the added capability that our type projections are hierarchal. What projections allow you to do is query over and retrieve collections of objects related somehow in our model in one go. In this post I want to provide a very simply example of how to define and retrieve a type projection, and in future posts I will dive much deeper into working with them.(continue at source)
Daniel Savage: Last year we released a whitepaper that details how to extract Operations Manager data and view this in PerformancePoint dashboards.
The original solution which can be downloaded here : http://www.microsoft.com/business/performancepoint/downloads/default.aspx contained sample data and scorecards to highlight the possibilities.
Thanks to some help from Ted Tasker at Microsoft we have now made this solution more production ready so it can be used direct against your OpsMgr DW.(continue at source)
The Windows Automated Installation Kit (Windows AIK) is a set of tools and documentation that support the configuration and deployment of Microsoft® Windows® operating systems.. By using Windows AIK, you can automate Windows installations, capture Windows images with ImageX, configure and modify images using Deployment Imaging Servicing and Management (DISM), create Windows PE images, and migrate user profiles and data with the User State Migration Tool (USMT).
GImageX is a third-party graphical version of the ImageX command-line tool from the Windows AIK. (continue at source)
Manageability is the key that sometimes can make the difference between a good product and a great product. Fortunately, for the vast majority of Microsoft products, operations and management are a key concern from the very beginning of the development stage.
System Center Operations Manager (OpsMgr) 2007 is the heart of Microsoft management & operations strategy, a product that enables greater control of the IT environment, by means of dedicated Management Packs (MP), a collection of rules, tasks, and scripts that work together to maintain the overall health of the systems.(continue at source)
We've seen this question come up a few times, and the simple answer is no - as long as the communicating computers have a trust in common, and the correct certificates are used, native mode works just fine. This trust in common can use a single certification authority (CA) hierarchy or multiple CA hierarchies. Because native mode is PKI-agnostic, this all happens at a lower level than Configuration Manager - we just need the PKI connection established before we can proceed with native mode communication.
The phrase "trust in common" sounds very simple, but if you're not familiar with PKI, then trying to explain how this requirement pans out for native mode is actually quite difficult to explain, because there are multiple certificates to take into account and each could be issued by a different CA hierarchy. (continue at source)
Microsoft and the Operations Manager 2007 product team would like to know what you think about the quality of Microsoft management packs for Operations Manager 2007. This community survey is your chance to rate the quality and features of several management packs to help Microsoft understand where they need to focus their time and effort to improve management pack quality.
This is a short survey (only 9 questions) allowing you to rate the individual quality of several management packs, and communicate your thoughts on monitoring features, tuning effort required - everything that makes for a good MP. (continue at source)
After some research and reading various websites about how to control Active Directory with Powershell, I finally found what I needed. A lot of articles about this topic immediately start using all kinds of cmdlets developed by several parties, especially the one by Quest. But I wanted to do this stuff without needing any extra libraries/cmdlets. The script shown in this article does a search in the Active Directory for a user object given the SAM account name. It then shows some of the attributes of that user. The third part of the script changes some of the attributes and writes the changes back to Active Directory. And finally it moves the object to a new Organisational Unit (OU). All this with native Powershell. (more)
To improve performance and scalability, you can install the Service Manager management server on a computer separate from the Service Manager database. This can be useful in situation where you only want databases installed on computers hosting SQL Server. In the following diagram, Computer 1 will host the Service Manager management server and Computer 2 will host both SQL Server and the Service Manager database.(continue at source)
John Downing, technical writer for the System Center Service Manager team: I’d like to discuss, at a high level, the topology options that are available with Service Manager Beta 1. I will provide more detail about some of the Service Manager components, and show you additional topologies comparing their relative advantages and disadvantages.(continue at source)
The Microsoft Management Summit (MMS) is the premier event of the year for IT Professionals, offering deep technical information and training on the latest IT management solutions from Microsoft.
This year the Microsoft Management Summit is held from the 27th of April until the 1st of May in Las Vegas, Nevada.
Techlogs Maarten Goet will also give a session about Operations Manager 2007 R2 titled "Driving Compliance with Audit Collection Services (ACS).
Maarten will discuss the ACS architecture in OpsMgr. He will talk about best practices for deploying the out-of-the-box functionality and also how to extend this using the combined Savision Live Maps + Secure Vantage's MP/solution to create a security dashboard. Also, he will complete the session by creating our own custom rules, and a report (on the ACS DB) describing custom compliance issues.
For an overview of the other sessions held look here.
Having trouble to convince your boss of going to MMS2009, have a look at the MMS 2009 Cost Justification Document provided by MyITForum.
Visit the Microsoft Management Summit 2009 Webpage
| 23 Feb '09 - 12:31 | kenneth van surksum | 
no comments | news source ~ http://blogs.technet.com/configurationmgr/archive/2009/02/19/system-center-updates-publisher-scup-installation-video.aspx 
