Apr 22

All ConfigMgr 2012 related releases combined

Posted on April 22, 2012 by Peter van der Woude

What a week it was! As we all expected the last week was one full of cool announcements and releases. In this post I will give an overview of all the ConfigMgr 2012 related releases of last week.

System Center 2012 empowers you with a common management toolset for your private and public cloud applications and services. System Center helps you confidently deliver IT as a Service for your business. System Center 2012 is available in English.
Download System Center 2012: http://bit.ly/Jzfak9
System Center 2012 Configuration Manager Component Add-ons and Extensions
- Package Conversion Manager (PCM). The Microsoft System Center 2012 Configuration Manager Package Conversion Manager allows for converting packages and programs into applications and deployment types in System Center Configuration Manager 2012. There is a migration feature which will be released with the Configuration Manager 2012 that allows packages to be migrated from 2007 to 2012. Once you have migrated your package objects and installed PCM then it is just a matter analyzing your packages in order to determine which readiness state each are in, and then converting those packages that are in the appropriate readiness state. This release comes in 4 languages.
- Physical to Virtual (P2V) Migration Toolkit. The System Center 2012 Configuration Manager P2V Migration Toolkit facilitates the re-utilization of existing x64 server hardware using virtualization technologies, Windows Server 2008 R2 and Hyper-V. The P2V Migration Toolkit was specifically designed to assist in situations where there are remote Configuration Manager 2007 SP 2 site servers that need to be retained during side-by-side migration process to System Center 2012 Configuration Manager. The P2V Migration Toolkit is geared to supporting P2V migrations at remote, branch offices that do not have existing onsite Virtual Machine Manager infrastructure.
- System Center 2012 Configuration Manager Toolkit. The Microsoft System Center 2012 Configuration Manager Toolkit contains nine downloadable tools to help you manage and troubleshoot Microsoft System Center 2012 Configuration Manager. The toolkit contains the following tools: Client Spy, Policy Spy, Security Configuration Wizard, Send Schedule Tool, Power Viewer Tool, Deployment Monitoring Tool, Run Metering Summarization Tool, Role-based Administration Modeling and Auditing Tool and the License Tracking PowerShell Cmdlets.
Download Configuration Manager Component Add-ons and Extensions: http://bit.ly/Hi5ARZ
Microsoft Deployment Toolkit (MDT) 2012 is the newest version of Microsoft Deployment Toolkit, a Solution Accelerator for operating system and application deployment. MDT 2012 supports deployment of Windows 7, Office 2010 and 365, and Windows Server 2008 R2 in addition to deployment of Windows Vista, Windows Server 2008, Windows Server 2003, and Windows XP.
Download MDT 2012: http://bit.ly/HRYyce
(Actually not released this week but it does contain some really cool ConfigMgr related tools, like USMT 5.0!) Windows® Assessment and Deployment Kit (Windows ADK) is a collection of tools and documentation that you can use to customize, assess, and deploy Windows operating systems to new computers. You can install the Windows ADK directly from the internet, or you can download the tools and copy them to a computer that does not have internet access.
Download Windows ADK: http://bit.ly/y9gQRl

Well, that’s a nice list of some very cool releases. While I’m busy sharing links now anyway I think it’s also cool to mention that Maik Koster released a new version of his MDT Web Frontend (with support for ConfigMgr 2012).
Download MDT Web Frontend: http://bit.ly/I63EBv

Feb 12

Overlapping Boundaries and ConfigMgr 2012

Posted on February 12, 2012 by Peter van der Woude

In ConfigMgr 2007 everybody’s first reaction about overlapping boundaries was “don’t do it!”, but is that the same in ConfigMgr 2012? Well, the answer on that differs per situation. In this post I will describe the three different situations/ scenario’s about overlapping boundaries and ConfigMgr 2012.

Scenario 1 – Overlapping boundaries for automatic site assignment: NOT supported! The site to which the client will assign is still unpredictable when there are multiple boundary groups that includes the current network location of the client (and of course, the boundary groups are assigned to different sites).
Scenario 2 – Overlapping boundaries for content locations: Supported! It will enable the client to get a list of all the content locations that are connected with a boundary group that includes the current network location of the client. So it creates a sort of fallback scenario.
Scenario 3 – Overlapping boundaries across a ConfigMgr 2012 and a ConfigMgr 2007 hierarchy (specific for automatic site assignment):
- Supported for ConfigMgr 2012 –clients. ConfigMgr 2012 –clients are able to check the version of the CofigMgr –site and they can’t assign to a ConfigMgr 2007 –site.
- Not supported for ConfigMgr 2007 –clients. ConfigMgr 2007 –clients are not able to check the version of the CofigMgr –site and they can incorrectly assign to a ConfigMgr 2012 –site.

So how can we prevent to get into one of these situations? Well, that actually easier then we might think. For ConfigMgr 2012 –sites it is possible to add a boundary to multiple boundary groups. Also it’s possible to use a boundary group only for site assignment (red square in the picture), or only for content locations (green square in the picture). So this makes it possible to use a set of boundary groups for automatic site assignment and a different set of boundary groups for content locations. This can help to avoid the overlapping boundaries for automatic site assignment.

Besides that it’s almost not possible to avoid the overlapping boundaries between the different hierarchies… The only thing that can done to stop the problems, is to stop automatic site assignment for ConfigMgr 2007 –clients. This avoids the ConfigMgr 2007 –clients from automatic assigning to the wrong site and the ConfigMgr 2012 –clients will keep on assigning to their own site.

See for more information: http://technet.microsoft.com/en-us/library/gg712679.aspx

Jan 18

System Center 2012 Configuration Manager RC2 is available!

Posted on January 18, 2012 by Peter van der Woude

For those who didn’t read it on Twitter, Facebook or mail yet, ConfigMgr 2012 RC2 is available for download! Last night I received the following mail:

Dear :
Thank you for downloading one or more System Center 2012 pre-release components. System Center 2012 Release Candidate is now available as part of the Microsoft private cloud evaluation:

» Download Microsoft private cloud evaluation software

Enjoy!
Your TechNet Team

By starting the download I was pleasantly surprised to see that a part of this download is ConfigMgr 2012 RC2 (see picture).

Oct 30

System Center 2012 Endpoint Protection point in System Center 2012 Configuration Manager (RC)

Posted on October 30, 2011 by Peter van der Woude

Last week there was finally another update on ConfigMgr 2012. Besides some small changes, they also slightly changed the name of the products in the System Center –family. It all (including Endpoint Protection) now starts with System Center 2012!

This post will be about the new Endpoint Protection point in System Center 2012 Configuration Manager. During the beta’s it was already clear that Microsoft was going to change something about the integration of ConfigMgr 2012 and FEP 2012, and they did! They removed the Endpoint Protection from the Forefront –family and fully integrated it with ConfigMgr 2012!

I also mentioned before that I’m not really the “step-by-step guide maker”, but in some cases there are exceptions and this is another one of these cases. In this post I will show how to install the Endpoint Protection point and at the end some of the nicest/ biggest changes, so enjoy!

Go to Administration > Site Configuration > Sites and select Add Site System Roles in the ribon.
On the General page Browse to the specific Site Server, select the Site Code and click Next.
On the System Role Selection page select Endpoint Protection point and click Next.
On the Endpoint Protection page select I accept the Endpoint Protection license terms and click Next.
On the Microsoft Active Protection Service page select whether or not you want to join the Microsoft Active Protection Service and click Next.
On the Summary page click Next.
On the Progress page just wait…
On the Completion page click Close.

The nice part about the integration is that the installation files are now part of the ConfigrMgr client package (source). On the <InstallationDirectory>\Microsoft Configuration Manager\Client –location there are now two extra files:

scepinstall.exe – This is the installer of the “new” SCEP client.
ep_defaultpolicy.xml – This is the default policy for the “new” SCEP client.

Another nice thing is that the installation of the SCEP client can now be forced via the ConfigMgr client –settings.

And here is the “new” SCEP client! Besides that it now says System Center 2012 Endpoint Protection, the look-and-feel of the client is luckily still the same.

Oct 27

System Center 2012 Configuration Manager RC1 is available!

Posted on October 27, 2011 by Peter van der Woude

For those who didn’t read it on Twitter (my Twitter almost exploded), Facebook or mail yet, ConfigMgr 2012 RC1 is available for download! For more information, read here the mail of Microsoft Connect:

We are extremely excited to announce the availability of the release candidates for System Center 2012 Configuration Manager and System Center 2012 Endpoint Protection (formerly known as Forefront Endpoint Protection 2012) today. Both releases are available through a single download package on the Microsoft Download Center. You can learn more about this release at our Server and Cloud Platform blog.

Thank you for your on-going program participation and product feedback as it was instrumental in achieving this important milestone!

Our next CEP session will focus on the System Center 2012 Configuration Manager Release Candidate. Adwait Joshi, Technical Product Manager for Configuration Manager, will discuss improvements and what’s new in RC. We hope you will join this session and hear first-hand about the features now available!

Configuration Manager CEP Online Meeting
System Center 2012 Configuration Manager RC
Wednesday, November 2, 2011
9:00 – 10:30 AM PST
Online Meeting Information

Thank you,
The Configuration Manager Community Evaluation Program Team
cmcep@microsoft.com | https://connect.microsoft.com/ConfigurationManagervnext

Aug 14

Application Relationships in ConfigMgr 2012 (B2)

Posted on August 14, 2011 by Peter van der Woude

As we all know now for a while already, ConfigMgr 2012 (B2) has a new Application Model. The old fashion Packages are still possible, but there is nothing changed and no features added. They are just there to make a migration easier… Instead we’ve got Applications now, which make it easier to detect installed products, to create dependencies, to supersede, etc.. This post I want shine a light on the different relationships of an Application. ConfigMgr 2012 (B2) knows three different types of relationships for an Application:

Dependencies
Supersedence
Global Conditions

Dependencies

Let’s start with the first relationship, dependencies. Dependencies make it easy to specify the software prerequisites of an Application. The cool thing is that this can be multiple things and it can even contain AND and OR statements. For example it’s possible to say that Adobe Reader 9.0 OR Adobe Reader X needs to be present. Besides that it’s also possible to define what needs to be done when neither of them is present. It’s possible to specify which version needs to be auto-installed, or it’s possible to just let it do nothing.

Also good to notice is that this can be done per Deployment Type. See as example the picture on the right. This picture shows the 7-Zip Application, which contains three Deployment Types. One x86 -version, one x64 -version and one App-V –version. This App-V version has as dependency that the App-V Desktop Client needs to be installed.

Supersedence

The second relationship is supersedence. Supersedence makes it easy for an administrator to create a relationship between two Applications and “declare” one Application newer than another previous Application. This is actually the same idea that is used with Software Updates already for years now. The supersedence –relationship needs to be specified on an Application –level, but the actions can be specified on a Deployment Type –level. This makes it possible to specify per Deployment Type what the new Deployment Type will be and whether the old version needs to be uninstalled, or that the new version will do an upgrade to the old version (default is upgrade). By specifying the uninstall option, the uninstall command of the superseded Application will be used.

See as example the picture above. This picture shows the new 7-Zip Application, which contains two Deployment Types. One x86 –version and one x64 –version. The x86 –version supersedes the x86 –version of the old Application and the x64 –version supersedes the x64 –version of the old Application.

Global Conditions

The third relationship is Global Conditions. Global Conditions are the most “variable” relationship, because these conditions can be almost everything. Actually Global Condition is, in my opinion, not even the correct term here, it should be Requirement Rules. The relation between these two is that a Global Condition has to be added to a Requirement Rule to be evaluated. Besides this a Global Condition can contain one or more System Attributes, which can be anything from WMI Queries until Registry Values. The extra cool thing is that Global Conditions can be assigned per Deployment Type. This makes it possible to deploy multiple Deployment Types to the same (User) Collection, but only the one which has all requirements met will be truly deployed.

See as example the picture on the right. This picture shows the x64 –version Deployment Type of the 7-Zip Application, which contains three Requirement Rules. One for the required Free Disk Space, one for Desktop Type and one for Primary Device. In this case this means that there has to 100 Mb free disk space AND it has to be a x64 –system AND it has to be the users primary device.

Think of all the possibilities this will generate, like deploying the App-V –version Deployment Type only to non primary devices. There is a whole new world going open!

Jun 02

Microsoft Deployment Toolkit 2012 Beta is available!

Posted on June 2, 2011 by Peter van der Woude

For those who didn’t read it on Twitter, Facebook or mail yet, MDT 2012 B1 is available for download! Some of the best things that are mentioned in the release notes, are that it supports ConfigMgr 2012 B2 and also still supports ConfigMgr 2007 SP2! Besides that it also supports the deployment of ALL operating systems from Windows XP and Windows Server 2003 until now. So it only delivers extra’s! For more information, read here the mail of Microsoft Connect:

Thanks for your ongoing interest and participation in the MDT beta review program. We hope you’ll take the time to preview and provide feedback on MDT 2012 Beta 1.

Download the beta materials on Connect: https://connect.microsoft.com/site14/Downloads/DownloadDetails.aspx?DownloadID=8689

Microsoft Deployment Toolkit (MDT) 2012 Beta 1 rides the next wave of System Center releases with support for System Center Configuration Manager 2012. For Lite Touch installations, MDT 2012 improves the overall client-side user experience, while also providing behind-the-scenes enhancements for partitioning, UEFI, and user state migration. These features, combined with many small enhancements, bug fixes, and a smooth and simple upgrade process, make MDT 2012 Beta 1 more reliable and flexible than ever.

Key Benefits:

Fully leverages the capabilities provided by System Center Configuration Manager 2012 for OS deployment.

Improved Lite Touch user experience and functionality.

A smooth and simple upgrade process for all existing MDT users.

Tell us what you think!
We value your input. Download the beta on Connect and tell us what you think!Please submit your feedback through Connect and direct any support questions you may have to satfdbk@microsoft.com.

Availability
This program is now open. The beta review period will run through August 2011.

Tell your friends
To join the beta review program for Microsoft Deployment Toolkit (MDT) 2012, visit Microsoft Connect:
https://connect.microsoft.com/site14

Learn more
Visit the MDT home page: http://www.microsoft.com/MDT

Get the latest news straight from the MDT team: http://blogs.technet.com/mniehaus/

MDT works with the Microsoft Assessment and Planning Toolkit and Security Compliance Manager to help you plan, securely deploy, and manage new Microsoft technologies—easier, faster, and at less cost. Learn more at http://www.microsoft.com/solutionaccelerators.

Thank you for your interest in the development of MDT. We look forward to receiving your feedback!

Sincerely,
Solution Accelerators MDT Team
Microsoft Corporation

May 22

Forefront Endpoint Protection 2012 B for ConfigMgr 2012 B2

Posted on May 22, 2011 by Peter van der Woude

There was still something missing with ConfigMgr 2012 B2 and that was the Forefront Endpoint Protection (FEP) integration. Well, that’s been taking care of now. It’s now available already for a week (see: Forefront Endpoint Security Blog), so it’s about time to take a first look at it. The installation hasn’t changed much since FEP 2010 with ConfigMgr 2007 (see also: ConfigMgr 2007 and Forefront Endpoint Protection 2010), except that it’s now ConfigMgr 2012 B2 aware.

The first thing that I noticed was that the FEP 2012 B client is not really the FEP 2012 client yet, but the still FEP 2010 client (evaluation version). Both have version number 2.0.657.0.

The next thing that I noticed was that there actually didn’t change that much… Of course there are now subfolders (under the Device Collections) instead of subcollections and everything can be found in the “new ConfigMgr 2012 –workspaces”, but for example the packages are still the “old” packages.

So did nothing change then? Of course there are some new things. One of these things is that there are new/ more Reports. Another bigger one is an add-on to the new Role-Bosed Security of ConfigMgr 2012. FEP 2012 provides three standard security roles for ConfigMgr 2012:

FEP Full Administrator: All permissions for FEP in ConfigMgr
FEP Policy Author: Permissions to create, modify and delete FEP policies in ConfigMgr
FEP Policy Deployment Manager: Permissions to deploy FEP policies

I would say that there are still some obvious points to improve, like a newer client and a client deployment as a new ConfigMgr 2012 –Application.

May 08

How to Capture User Files and Settings Offline (WinPE) or Online (FullOS) using hard-links with ConfigMgr 2012 B2

Posted on May 8, 2011 by Peter van der Woude

This post will be another one about capturing user files and settings, but this time with ConfigMgr 2012 B2. I hope everyone still remembers my post about capturing user files and settings in ConfigMgr 2007 (and especially how much work it was). Usually I’m not really into writing ‘step-by-step guides’, but this time I will make an exception. The reason why I’m making this exception is that I want to show how easy it’s done now. It’s becoming really close to just next-next-finish. There are only four packages needed for/ by this step-by-step:

Boot image package
ConfigMgr client package
USMT 4.0 package
Image package

When these packages are present, right-click the Task Sequence node and select Create Task Sequence. After that follow the step-by-step below.

On the Create a New Task Sequence page, select Install an existing image package and click Next
On the Task Sequence Information page, fill in a Task sequence name, Browse for the Boot image and click Next.
On the Install Windows page, browse for the Image package, uncheck Partition and format the target computer before installing the operating system, (optional) fill in a Product key, (optional) select Always use the same administrator password and click Next. Note: It’s really important to uncheck Partition and format the target computer before installing the operating system, because otherwise it’s not possible to store the data locally.
On the Configure Network page, (optional) select Join a domain, Browse for the Domain and Domain OU, Set an Account and click Next.
On the Install ConfigMgr page, Browse for the ConfigMgr client Package, (optional) fill in the Installation Properties and click Next.
On the State Migration page, select Capture user settings, Browse for the USMT Package, select Save user settings locally and click Next.
On the Install Updates page, click Next. Note: As these settings are not part of the step-by-step, they are left to default.
On the Install Applications page, click Next. Note: As these settings are not part of the step-by-step, they are left to default.
On the Summary page, click Next.
On the Progress page, just wait…
On the Confirmation page, click Close.

Now the basic task sequence is ready and it only needs a little bit of ‘tweaking’. This can be done with the Task Sequence Editor. Also notice that the basic task sequence already sets the ‘extra’ task sequence variable OSDStateStorePath.

Select the Capture Files and Settings Group, go to the Options tab and Remove the Conditions (or remove the whole top Group).

Note: This is necessary to make it possible to also capture user files and settings in WinPE.

Select the Capture User Files and Settings Step (optional: change the name), select Copy by using file system access and check Continue if some files cannot be captured and Capture locally by using links instead of copying files. Now go to the Options tab and add the condition of _SMSTSInWinPE equals FALSE.

Note: This is necessary to make this step only run in FullOS.

Add an extra Capture User State Step (optional: change the name), select Copy by using file system access and check Continue if some files cannot be captured, Capture locally by using links instead of copying files and Capture in off-line mode (Windows PE only). Now go to the Options tab and add the condition of _SMSTSInWinPE equals TRUE.

Note: This is necessary to make this step only run in WinPE.

The task sequence is now done and ready to be deployed. The result is a task sequence that will do a hard-link migration in both, WinPE or FullOS.

Apr 25

A collection of changes to the Collections in ConfigMgr 2012 B2

Posted on April 25, 2011 by Peter van der Woude

In this post I will try to give an overview of the changes made to the Collections in ConfigMgr 2012. The first notable changes in the Assets and Compliance workspace are:

The Collections are now divided in User Collections and Device Collections. It’s now not possible anymore to have users and computers in one Collection. It will always be an User Collection OR a Device Collection.
The standard Collections are now limited till, All User Groups, All Users, All Users and User Groups, All Desktop and Server Clients, All Mobile Devices, All Systems and All Unknown Computers. Both, the All Users and User Groups –and the All Systems –Collections, are not editable. These Collections are used as the base for all of the other Collections.
There are NO Sub-Collections anymore. Instead there are some new feature to fill that ‘gap’. The main reasons for Sub-Collections where organization and phased deployments. To organize Collections there is now the option to create Folders and for phased deployments there is now the option to Include another Collection (more on that later in this post).

Another minor change can be found in the Home tab (same menu as a right-click) of a Collection. Most options are known from ConfigMgr 2007, except for the option Manage Affinity Requests. This is part of the new feature of ConfigMgr 2012, to set Primary Users to Devices and vice versa. It is also possible for user to set a Primary Device and that action will end-up as an Affinity Request.

Some more changes can be found in the Properties of a Collection. Before there where two places where the Properties could be found, Modify Collection Settings and Properties. Now it’s all together under the Properties of a Collection. The most notable changes here are:

In the General tab, except for the two Collections mentioned before, all Collections have to be limited to another Collection.
In the Membership Rules tab, are two extra Rule Types. There is now the option to Include and Exclude other Collections. This can be extremely helpful with phased software deployments.
The Power Management tab, the Maintenance Windows tab, the Out of Band Management tab and the Collection Variables tab are now part the Properties of a Collection, instead of the Modify Collection Settings. The possible settings here have not been changed.
In the Deployments tab, there is a detailed overview of all the assigned Deployments. With Software Updates even all the separate Software Updates, from every assigned Deployment, are shown. Deployments are previously known as Advertisements.
The Distribution Groups tab is new. In this tab a Distribution Group can be assigned to a Collection. This will make sure that every assigned content will be automatically sent to all Distribution Points from the Group.
In the Security tab it is possible to assign permission groups to the Collection. This is not new, but the Role Based Security behind it, is. It makes it really easy to give certain groups limited access to parts of ConfigMgr 2012.
The Alerts tab is new. This tab makes it possible to set thresholds for the Client Health and Activity in this Collection.

The last notable changes can be found with selecting a Collection. On the bottom of the screen there are three new tabs. The first tab, Summary gives a summary of the standard information of the Collection. The second tab, Deployments shows all the Deployments for the Collection and the third tab, Assignments shows all the Assignments for the Collection. This can be Custom Device Settings, Compliance Settings, etc.

Page 1 of 212

ConfigMgr and App-V

Peter blogs about Configuration Manager and App-V

Category Archives: ConfigMgr 2012