Dec 24, 2015
What´s New in Microsoft System Center Configuration Manager SP1 and R2
Jeff WettlauferSr. Technical Product ManagerSystem CenterMicrosoft CorporationMGT320
Agenda
Configuration Manager Capability overview
Service Pack 1Capability additions
Release 2Capability additions
Service Pack 2Upcoming release details
A Quick Assumption...
You have seen Configuration Manager 2007 in actionThis is a summary session of what has changed since RTM
Site Role Maximum # of Client SystemsHierarchy (Central Site Server) 200,000Primary Site Server 100,000System Health Validator 200,000Management Point 25,000Distribution Point (Non OSD) 4,000Distribution Point (OSD) Limited by Network & Disk I/OState Migration Point Limited by Network & Disk I/OSoftware Update Point (WSUS) 25,000Fallback Status Point 100,000Branch Distribution Point Limited by OS License, Network & Disk I/O
Supported Client Numbers
Platform/ Feature HW/SW
InventoryOS
DeploymentSoftware
DistributionSoftware
Update MgmtDesired Config Mgmt
Windows ‘7’
Windows Vista
Windows Vista SP1
Windows Vista SP2
Windows XP SP3
Windows 2000
Windows Server 2008
Windows Server 2008 R2
Windows Server 2003
Windows Server 2000
WFLOP
WePOS
XP Embedded
Windows Embedded Standard 2009*
Windows CE
Windows Mobile
Platform Support Supported
ConfigMgr SP2
Supported with SP1
Not Supported
* Sysprep now supported
Configuration Manager Site Systems
PXE Service Point
State Migration Point
Software Update Point
Fallback Status Point
Branch DP
Primary Site Server
Configuration Manager Role
SMS 2003 Equivalent Role
System Health Validator
SQL Server
SQL Server
New Role with Service Pack 1
• Multicast• AVM Streaming
New R2 Capability
Reporting Services
point
Management Point
Distribution Point
Reporting Point
Server Locator Point
Asset Intelligence sync point
Out of band service point
Service Pack 1
Intel AMT Integration
Intel® Q35 Express Chipset
with ICH9-DO
Intel Platform Software
Ecosystem Solutions
Intel Key Platform
Technologies
• Intel® Active Management Technology (AMT) is a function of the chipset & network controller
• Hardware-based management for clients• Desktop: Intel® vProTM Processor Technology
Intel® 82566DM
Gigabit Network
Connection
Intel vProComponents
Intel® Core ™ 2 Duo Processor
ConfigMgr 2007 Features for AMT out of Band Management
Secure Setup and Configure AMTZero Touch – Certificate HashZero Touch – In band via agentTies to OSD w/targeting
Provisioning
Remote Console
Helpdesk / Interactive sessionSerial over LANIDE RedirectionBIOS password bypassManual power control
Scheduled Power OnSWDist, SUM, OSD
On Demand Power ControlWake, restart, shutdown
Interactive via OOB Console
Discovery/Inventory
Power Control
Discover On Demand per machine / per collection
Scheduled DiscoveryIn band Discovery via agent
Intel vPro Integrationdemo
Asset IntelligenceConsole Improvements
Rich interface in Configuration Manager Admin ConsoleNew Catalog and License management toolsEnhanced UI for all Asset Intelligence WMI Classes
System Center Online ConnectionCertificate requirement removed in Service Pack 2Keep software asset categorization up-to-dateOn-demand or scheduled catalog synchronization w/On-line ServiceNew Configuration Manager site role: The Asset Intelligence Synchronization PointUpload requests for software categorization to On-line Service
Basic Replication to Distribute AI Content to Other Configuration Manager sitesAbility to Import Licensing Data and Compare to InventoryLocal Edit Support Allows Customers to Categorize Software Assets
Asset Intelligencedemo
Release 2
Operating System Deployment
Service Pack 1 Brought a Platform Support UpdateWindows Vista Service Pack 1
Upgrade Advisor report supportOS package supportAIK updates, WinPE etc.
Windows Server 2008 Managed Client OSHost for Site Roles
R2 Opened New FeaturesMulticastUnknown Computer Support‘Run As’ support added
Unknown Computer SupportAllows unmanaged systems to be recognized and receive an OS DeploymentAllows computers without a ConfigMgr ‘07 client to be provisioned with an OS by ConfigMgr ‘07 OSDExclusion list for unknown computer support availability
A list of computer MAC addresses to which the PXE server should not send task sequences to install an operating systemExclusion list members are ignored
Multicast Services OverviewSimultaneously send data to multiple clients rather than sending a copy of the data to each client over a separate connectionAllows multiple computers to download an OS image package as it is multicast by the DPClients can join a multicast session already in progressThe multicast feature must be enabled on the specific ConfigMgr ‘07 DPBranch DP cannot use multicastConfigMgr ‘07 Requirements
ConfigMgr SP1 and R2 installed to siteWDS extension installed on Windows Server 2008 site systems
Multicast Prerequisites Prerequisite Description
Windows Server 2008 - Must be running on DP enabled for multicast
Windows Deployment Services (WDS) -Must be installed before multicast is enabled on the distribution point server- WDS transport server role service is required for multicast operating system deployment support
Internet Information Services (IIS) with extensions -must be installed before multicast is enabled on the distribution point server- ISAPI extensions and IIS 6 management compatibility must be installed
Network firewall configuration -UDP ports used by multicast are accessible by ConfigMgr ‘07 clients- Port config link
Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS
- Operating system deployment package transfer using IIS requires that Allow clients to transfer content from this distribution point using BITS, HTTP, and HTTPS (required for device clients and Internet-based clients) be enable
'Run As' in the Task SequenceIn ConfigMgr ‘07, task sequences run only in the context of the local system accountNetwork Access account is used to access required packages located on DPsNetwork Access account needs to access DP or Task Sequence will failIn R2…
Now possible in task sequences to run with credentials other than the local system accountPowerful way to deliver elevation to special situations Run As feature cannot be imported by a Configuration Manager 2007 site server due to Task Sequence schema changesThis account is required if you add the step Run Command Line to a task sequence, but want to not use Local System
Operating System Deployment Updatesdemo
Application Virtualization Management
System Center builds on the full Application Virtualization InfrastructureIntegrates with existing Active Directory relationshipsProvides a scalable infrastructure to support a distributed networkBroad scenario support to support workers wherever and however they work; desktops, laptops, mobile across LAN/WAN/Branch and Internet connectionsCentralized management and reporting for physical and virtual applicationsReduce costs for deployment, and align to organizational requirements by targeting both user and computer systems for applicationsAsset Intelligence brings meaningful business terminology for software titles, categories and families, with full support for Virtual Applications
Integrate Virtual Application delivery with everyday management operations
OS deploymentPatch managementInventory
Application Virtualization Management
Based on Application Virtualization 4.5 feature setUses System Center Configuration Manager 2007 R2 Admin approachNew in ConfigMgr 2007 R2:
ConfigMgr can manage and deploy virtual applicationsClient roaming is supported so the client is always going to the “closest” server
Dynamic nature of Application virtualization preservedVersion checking, user-based targeting, streaming
Core Scenarios for Application Virtualization Management
•Create virtual application packages and copy them to distribution points
Packaging and distribution of virtual
applications•Advert
ise the packages to clients
Deployment of virtual applications to clients
(connected and offline)
•After the application is advertised and made available, end-users run the applications from their desktop computers
Launching and running virtual applications
(connected and offline)
•ConfigMgr inventory and reports enable administrators to report on packages, applications and their usage within the ConfigMgr hierarchy
Inventory and Reporting of virtual applications
System Center Requirements
Configuration Manager 2007 SP1 is a prerequisiteA customer must have purchased MDOP and be licensed to use App Virtualization 4.5
4.5 Sequencer to build virtual applications4.5 Client to interact with the ConfigMgr client on the desktop
A customer must be licensed to use ConfigMgr 2007 R2‘Software Assurance’
Additional Configuration Manager client requirements (min OS, etc)System Center Operations Manager is optional
Infrastructure Requirements
Some key areas to be aware of when deploying Virtual Applications in ConfigMgrDistribution Point
Virtual Applications Tab Enable Virtual Application Streaming
Client Agent ConfigAdvertised Programs Client Agent
Set to allow Virtual Application Package Advertisement
Application Virtualization Managementdemo
SQL Reporting Services Integration
New server role called the “Reporting Services Point”Ability to convert/copy classic SMS reports to Report Definition Language format and publish them to a Reporting Services Point (report server)New node under “Computer Management -> Reporting” for accessing the SRS ConfigMgr reportsAbility to manage, browse and run SRS ConfigMgr reports from the ConfigMgr Console
Client Status ReportingBuilt upon the scenarios in the SMS 2003 Client Health ToolExternal service which queries site systems and ConfigMgr clients for client status on agent activity and overall healthReports on key indicators of client activity to help administrators monitor and maintain the health of their ConfigMgr clientsClient Status Reporting can:
Identify clients that are online but are not requesting policyProvide a number of reports that detail the status of clients on your siteIdentify clients that are online but have nonfunctioning client componentsIdentify clients that are online but do not have up-to-date discovery or inventory recordsIdentifies clients that are offlineIs not dependent on ConfigMgr ‘07 site systems
CSR will not be affected by problems with backlogged site systems which could cause traditional reporting mechanisms to generate inaccurate results
Uses a number of data sources for its analysis, including:Data from ConfigMgr ‘07 site database - inventory, discovery, and heartbeat dataGather and analyze policy request log files from MPsCan also check the status and activity of ConfigMgr ‘07 client components
Forefront Client Security IntegrationForefront Client Security
Provides unified malware protection for business desktops, laptops and server systemsProvides critical visibility into threats and vulnerabilities
Lightweight Integration Between Forefront Client Security and ConfigMgr 2007 R2
An FCS Configuration Pack will assess the states of FCS agents on machines that are managed by ConfigMgr 2007 R2Admin gets the reports of overall states of FCS clients through the existing DCM reporting infrastructure
Import the Configuration Pack Included on the ConfigMgr ‘07 R2 CD
Configuration Manager SP2 Summary
•Windows 7
•Windows Server 2008 R2
•Windows Server 2008 SP2
•Windows Vista Sp2
Operating System Support updates
•Site role support for Windows Server 2008 R2
Site Role support for Windows Server 2008 R2
•OOB Wireless Management: Wireless Profile Management
•End Point Access Control: 802.1x support
•Persistent Data Storage: Non Volatile Memory or Third Party Data Store (3PDS)
•Access Monitor: Audit Log
•Remote Power Management: Power State Configuration from ConfigMgr Console
Intel AMT Integration Enhancements
•Requires Win7 client and W2K8 R2 backend
Branch Cache Support
•X64 support for Operations Manager 2007 Client Agent
Operations Manager 64bit support
Service Pack 2
Smaller, but Still Important StuffUpdate to Management Pack for 64-bit OS’s – SP2 will ship 64-bit perf countersRemote control added in for (x64 XP and Sever 2003)Multi-select and delete driver catalog drivers from the consoleBetter feedback on AD extension success / failure
Certificate Requirement Removal for Asset IntelligenceHotfix Data
36 QFE merges
iAMTSupports Intel vPro Chipset and iAMT Firmware Versions 4 & 5Feature Parity with SP1 and iAMT Firmware Versions 3.2.1, 4 & 5New Features
Wireless profilesWireless profiles associated with all Intel® vPro™ clients in the siteSet the wireless information on a per-collection basis during provisioning.
802.1x support - configuration of 802.1x settings on a per-collection basis during provisioning.Audit Logs - Retrieve, store and clear the security audit log on a periodic basisPower Package - Enable configuration of the power package settings with the core provisioning settings for the site.3rd party data storage - Enable SCCM to store specific information into the NVM data area for inventory or t-shooting.
SummaryConfiguration Manager R2 is Now AvailableService Pack 2 Public Beta June 2009In addition to Traditional Features Such as Software distribution, Inventory and OS Deployment R2 Brings:
Support for Vista SP1 and Windows Server 2008 (added at SP1)Asset Intelligence (added at SP1)Intel AMT integration (added at SP1)Application VirtualizationSQL ReportingClient Status ReportingOS Deployment enhancementsForefront Client Security Reporting
Download the Evaluation at http://technet.microsoft.com/en-us/configmgr/cc761485.aspx Download the Virtual Machine at
http://www.microsoft.com/downloads/details.aspx?FamilyID=e0fadab7-0620-481d-a8b6-070001727c56&displaylang=en
ResourcesSystem Center Website
http://www.microsoft.com/systemcenter/configmgr/default.mspx Application Virtualization Website
http://www.microsoft.com/systemcenter/softgrid/default.mspx Management Techcenter
http://www.microsoft.com/systemcenter/softgrid/default.mspx Windows Vista
http://www.microsoft.com/windows/products/windowsvista/default.mspx
Windows Server Resources
http://www.microsoft.com/servers/default.mspx System Center Team Blog
http://blogs.technet.com/systemcenter/ Website for Microsoft Desktop Optimization Pack for Software Assurance
http://www.windowsvista.com/optimizeddesktop Microsoft Virtualization 360
http://www.microsoft.com/virtualization MYITForum
http://www.myitforum.com/
question & answer
Configuration Manager RTM Feature Summary
•Richer knowledge presented, less mouse clicks, stronger wizard guidance, deeper pre-req checks and deployment assistance
Admin UI Improvements
•Attach meaningful business terminology to inventory
Asset Intelligence
•Advancements in upgrade reports, virtual support and more
HW/SW Inventory
•Significant update, server support, multicast and unknown system support
OS Deployment
•Broad integration across ConfigMgr features, built on WSUS, branch, internet based, OSD, DCM
Software Update Management
•Integration scenario support for Windows Server 2008
Network Access Protection
•Improvements to a core feature, new virtualization support
Software Distribution
•Model based, baseline definitions and regulatory support for system management
Desired Configuration Management
•Powerful support for CE, PPC, Windows Mobile devices
Device Management
•Now available, strong extension to core product
SDK
Configuration Manager Service Pack 1: Feature Summary
•Platform Support for planning, deployment and management of Windows Server 2008
•Support for Site Role infrastructure deployment to Windows Server
Windows Server 2008 Support
•Platform Support for planning, deployment and management of Windows Vista Service Pack 1
Vista SP1 Support
•Major capability update
•Significant Admin Console Upgrades
•New Catalog and License support
•System Center Online synchronization support
Asset Intelligence 1.5
•Feature Integration with Intel vPro Technology
Intel AMT Integration
•Small Collection of Customer Design Change Requests
Customer DCR
•Service Pack 1 download includes codebase for R2
Infrastructure to support R2 features
•Small Collection of hotfix and updates to rtm codebase
Hotfix Rollup
Configuration Manager R2: Feature Summary
•Seamless integration to Microsoft Application Virtualization
Application Virtualization Management
•Additions of Multicast and Unknown Computer Support
New OSD capability
•Client summary rollup of key performance indicators
Client Status Reporting
•Migration of ConfigMgr reports to robust reporting platform
SQL Reporting Services Integration
•Configuration Pack knowledge of the Forefront client status
Forefront Client security integration
www.microsoft.com/teched
Sessions On-Demand & Community
http://microsoft.com/technet
Resources for IT Professionals
http://microsoft.com/msdn
Resources for Developers
www.microsoft.com/learningMicrosoft Certification and Training Resources
www.microsoft.com/learning
Microsoft Certification & Training Resources
Resources
Track ResourcesKey Microsoft Sites
System Center on Microsoft.com: http://www.microsoft.com/systemcenterSystem Center on TechNet: http://technet.microsoft.com/systemcenter/Virtualization on Microsoft.com: http://www.microsoft.com/virtualization
Community ResourcesSystem Center Team Blog: http://blogs.technet.com/systemcenterSystem Center Central: http://www.systemcentercentral.comSystem Center Community: http://www.myITforum.com System Center on TechNet Edge: http://edge.technet.com/systemcenterSystem Center on Twitter: http://twitter.com/system_centerVirtualization Feed: http://www.virtualizationfeed.com System Center Influencers Program: Content, connections, and resources for influencers in the System Center Community. For information, contact [email protected]
Complete an evaluation on CommNet and enter to win!
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,
IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.