wednesday, january 12th, 2011 automating inventory, deployment and configuration of your windows...
TRANSCRIPT
Automating Inventory, Deployment and Configuration of Your Windows InfrastructureTips and Tools for Managing Your Windows Infrastructure
Dan StoltsChief Technology StrategistMicrosoft Corporationhttp://itproguru.comTwitter: @ITProGuru
Dan Stolts• Presence
− Blog: http://ITProGuru.com − http://blogs.technet.com/DanStolts − Twitter: @ITProGuru
• 3nd year at Microsoft− Chief Technology Strategist based in MA− Online Content Development− Live Event Delivery− User Group / Community Lead
• Prior 20+ Years…− Bay State Integrated Technology, Inc
− Hosting and Consulting− Community Volunteer
• Skill Profile MCT, MCITP, MCSE, TS…− Windows infrastructure− Systems Management and Security − Virtualization & Cloud
• Community Service− President: Boston User Groups− President: North East IT Pro Leaders− Founder: Virtualization Group – Boston− Board: Boston Area Windows Server
Free Deployment eBook
• Deploying Windows 7 – Essential Guidance from the Windows 7 Resource Kit and TechNet Magazine.
http://bit.ly/Win7DeployEBook
It is 412 pages of very detailed content for those that really want to learn as much as they can about all aspects of Deployment.
4
Infrastructure and Networking• Significant Cost Savings Can be
Achieved by Using a Management Tool, and by Deploying into a Managed Environment
• Benefits Can be Achieved by Utilizing Capabilities such as :− System Center − Active Directory− Group Policy− Branch Cache− Direct Access
Hardware Compatibilit
y Application Managemen
t
Infrastructure and
Networking
Security and Data
Protection
Imaging Migration and
Installation
Management
Virtualization
The Focus Areas of a Deployment
Overview: System Center Configuration Manager
• Automated solution for assessing, migrating and deploying windows server and client operating systems
• Broad support for advanced delivery:− Operating systems− Applications− Software and hardware updates
• Support for both physical and virtual environments
• Increased scenario support:− Corporate Network− Branch locations− Mobile Workforce− Home workers (Internet based)
• Desired Configuration Management
10
Customized / Specialized Operating System Deployment• System Center Configuration Mgr
has the flexibility to customize the OS deployment process
• Rather than a generic “template”, actually get a customized guest session WITH apps installed
• Highly automated solution for assessing, migrating and deploying Windows server, Apps, and Data
• Dynamic deployment of drivers at runtime
• Utilize Windows PnP detection for bare metal deployments
Configuration Manager 2007 Feature Summary: R2
• Seamless integration to Microsoft Application Virtualization
Application Virtualization Management
• Additions of Multicast and Unknown Computer SupportOSD Enhancements
• Client summary rollup of key performance indicators
Client Status Reporting
• Migration of ConfigMgr reports to robust reporting platform
SQL Reporting Services Integration
• Configuration Pack knowledge of the Forefront client status
Forefront Client security integration
MigrationDelivery
Windows 7 Deployment
Imaging
Deployment Image Servicing and Management
Add/Remove Drivers and Packages
WIM and VHD Image Management
Windows Deployment Services
Multiple Stream Transfer
Dynamic Driver Provisioning
VHD and WIM Support
User State Migration Tool
Hardlink Migration
Offline File Gather
Improved User File Detection
Microsoft Assessment and
Planning
Application Compatibility
Toolkit
Microsoft Deployment
Toolkit
Integrated Solutions
Planning for OS Deployment• Setup Firewall
Rules (Group Policy) see notes
• Inventory…MAP: Download the free Microsoft Assessment and Planning Toolkit (“Solution Accelerator”)− Or skip this step and start
off with SCCM 14
Application Compatibility • Windows 7 Upgrade Advisor which will
scan an individual computer and give information on the applications and the hardware that are running on that computer
• The Microsoft Application Compatibility Toolkit is the must have tool for application compatibility.
• Compatibility Problems?− Shim the applications− Remote Desktop Services− Application Virtualization – App to App … NOT OS Compatibility− XP-Mode – XP on Windows 7− Microsoft Enterprise Desktop Virtualization (MED-V) (even web
applications)
15
User State – User Data User State Migration Tool• Easy Transfer Wizard – One machine at a time…
think grandma’s computer
• Lite-Touch, High-Volume Deployment (20-500 machines… [or everything except grandma’s machine] {MDT 2010 – User State Migration Tool}− Migrate Windows XP to Windows 7 Using USMT (User State
Migration Tool) [Upgrade XP or Vista] Step By Step or Vista] Step By Step
− Upgrading Windows XP to Windows 7 and Migrate Microsoft Office and Other Applications Using The User State Migration Tool (USMT)
• System Center Configuration – Zero Touch Deployment of OS and Applications as well as post deployment management, updates and configuration changes – Integrates with the same tools … More on that later
16
User Migration• An OS image can be the smallest part of a deployment
payload when compared to user data• USMT v4 - User State Migration Toolkit will completely
eliminate any data move with a new feature called ‘Hardlinking’
• ‘Hardlinking’ allows you to simply scan the system for what you want to migrate, make a record of its location on the disk, and leave it there
• At the end of your deployment, you reconnect to this location in the new user profile
• Scan and copy times from hours to minutes• Remove network storage completely• Preserve bandwidth• Integrated with System Center for total automation and
reporting An example:1. 5000 machines migration2. Avg. 4Gb of user data per machine3. Equates to 20,000Gb of data:4. Transferred up the network to a
share5. Stored6. Transferred back down
MDT 2010 What’s New• Windows Automated Installation Kit (Windows
AIK) version 2.0
o User State Migration Toolkit (USMT) version 4.0
o Deployment Image Servicing and Management (DISM) tool
• Upgrading from Previous Versions of MDT and Microsoft Business Desktop Deployment (BDD)
• System Center Configuration Manager 2007 SP2
• Boot Configuration Data (BCD) Management Tool
• Windows 7 Default Disk Partition Configuration
• Automation of Management Tasks Using Windows Powershell™ Cmdlets
New!
Operating System Support in MDT 2010 Update 1
Operating system LTI ZTI
Windows 7
Window Server 2008 R2
Windows PE version 3.0
Windows Vista (with Service Pack 1 [SP1] and later)
Windows Server 2008 (all service pack levels)
Windows XP (with SP3)
Windows Server 2003 R2
Windows PE version 2.1
Deploying Windows 7 with System Center
Hardware Compatibility
• System Center Can Help Provide Hardware Readiness Reports of Existing Inventory
• Simple Report Glance of what Systems are Windows 7 Capable Today
Application Management
• One of the Most Complicated Areas of any Deployment
• Application Compatibility Toolkit Connector, in 1 view Compare your own Testing Results to:− Vendors− Other organizations− Microsoft
• Compatibility Knowledge helps to Understand Priority Focus
• Virtualization may be a Solution− MDOP App-V− MDOP MED-V
Security and Data Protection
Fundamentally Secure Platform
Protect Users & Infrastructure
Windows Vista FoundationUser Account ControlEnhanced Auditing
Securing Anywhere Access
Network SecurityNetwork Access ProtectionDirectAccessTM
AppLockerTM
Internet Explorer 8Data Recovery
RMSEFSBitLockerTM
Protect Data from
Unauthorized Viewing
Building upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable
Deployed and Configured centrally with System Center
Imaging, Migration and Installation • OS deployments are Complex• Multiple Locations and Security
Models are Touched• The Task Sequencer Allows you
to Easily Automate this from 1 view.
• System Center can Accelerate OS Deployment
• Automate and Combine:− User Migration− OS Customization− Partition modeling− Application Installation (physical
and virtual− Updates− BitLocker− Reporting
Deploy Windows 7 with System Center
Delivery•Explicit targeting, scheduling based on business needs•Flexible control with end user focus•Optional ‘opt-in’ style approach•Wake on LAN, Intel vPro integration
Reporting•Detailed reporting for deployment project by: user, computer, collection, location •Granular detail to Task Sequence Steps•Rich troubleshooting support for root cause•SQL Reporting Services integration
Accounting Week 1
FinanceWeek 2
SalesWeek 3
HRWeek 4
System Center Configuration Management for OS and Application Deployment
Windows 7, Office 2010, Adobe Reader, Drivers and More
Demo
29
Configuration Management Support System Center Configuration Manager 2007 SP2 – R3
• Platform support will be Windows 7 • Operating System Support added by Configuration Manager Service Pack 2*
− Windows 7, Windows Vista Sp2− Fully managed clients, across all configuration features and scenarios
• Operating System Deployment – Support for ‘in-place’, PXE and offline scenarios
• Traditional and Virtual Application Distribution• Software Update Management – full patch support to network and remote
connected systems• Intel vPro Integration for broad range of scenarios• Desired Configuration Management – Model based configuration and
regulatory support• Asset Intelligence – Business terminology, software and hardware reporting,
license reconciliation• Network Access Protection integration – Policy based access control• Branch Cache Support
− Requires Win7 client and W2K8 R2 backend
• Remote control including x64 XP Clients• System Center Configuration Manager 2007 R3
− Centralized Power Management ** − Enhanced Scalability & Performance− Operating System deployment enhancements
*client only, Configuration Manager Service Pack 2 also brings datacenter support
Client ManagementStreamlined
Application and Desktop Delivery
Optimized Client Health and
Performance
Ease User Access Without
Compromise
Adaptive Application
DeliveryManaged Client Application Delivery via Traditional and Virtual Methods
Simplified Windows
DeploymentAutomated OS Deployment via Image Standardization
Client Infrastructure
MonitoringClient Health Monitoring and Proactive Issue Identification
Remote PC Diagnostics &
RepairZero-touch Remote Diagnosis and Remediation with Intel®
Vprotm
End-Point Security
ManagementEnforced Compliance with System Health Policy Definitions via Remediation
Configuration Compliance
Assess Systems Compliance Against Established Configuration Baselines
Performance Management SupportSystem Center Operations Manager• Collective Monitoring
− Operating System Availability and Reliability Reports− Operating System Performance reports − Hardware and configuration service level management − Client specific console and report views − Client focused tasks (system, network, power transitions)
• Diagnostic Monitoring− Hardware Monitoring (Disk status and utilization) − Trend based performance monitoring (OS and Application
levels)− Memory monitoring
• Client Management Pack support:− Enable upgrade decisions based on hardware performance− Determine which machines to upgrade− Set hardware standards− OEM specific diagnostics
Summary
• System Center includes a robust toolset for Windows 7 to:− Plan− Customize− Automate− Deploy− Manage− Secure− Support
Client Management Suite
Enhancing the
value of ECAL
Assess inventory
and compatibility
deploy os and
applicationsManage
user access backup, repair,
and restore
Self service portal
MONITOR PERFORMANCE
AND CONFIGURATIO
N
Still Able to Leverage Familiar Tools• Visio for Administrators• Powershell & WMI• Excel and SQL Server
37
Forefront Endpoint Protection 2010Forefront Endpoint Protection 2010 provides enhanced endpoint protection and simplified management while greatly reducing infrastructure costs
• Advanced and comprehensive malware protection for clients and servers
• Lower costs of endpoint protection deployment and ownership
• Deployment of endpoint security with a proven scalable Config Manager infrastructure
• Extends Windows OS security
• Simplified management through unified operational experience for endpoint security and management
• Increased visibility of potentially vulnerable endpoints that allow you to take operational remediation actions
HELP PROTECT everywhere
INTEGRATE and EXTEND security
SIMPLIFY security MANAGEMENT experience
Resources• Deployment Resources - http://www.microsoft.com/events/series/deploymentessentials.aspx
• System Center Configuration Manager− http://www.microsoft.com/systemcenter/configmgr/default.mspx
• Management Techcenter− http://www.microsoft.com/systemcenter/softgrid/default.mspx
• System Center Team Blog− http://blogs.technet.com/systemcenter/
• Windows 7− http://www.microsoft.com/windows7
• Website for Microsoft Desktop Optimization Pack for Software Assurance− http://www.windowsvista.com/optimizeddesktop
• Application Virtualization Website− http://www.microsoft.com/systemcenter/softgrid/default.mspx
• Microsoft Virtualization 360− http://www.microsoft.com/virtualization
© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, It should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided
after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.