Datacenter Configuration Management using System Center Krishnamoorthy V IT Infrastructure Architect | Tata Consultancy Services Ltd Connect with life www.connectwithlife.co.in Session Objective and Agenda Asset Intelligence Software Update Management Desired Configuration Management Software Distribution Operating System Deployment Connect with life www.connectwithlife.co.in Asset Intelligence Why Asset Intelligence? Extend Inventory Capabilities Identify and Categorize – Software in use Ensure business continuity Drive compliance integration Determine upgrade readiness Benefits of Asset Intelligence Asset Intelligence Console – Dashboard Asset Intelligence reporting class settings dialog Asset Intelligence catalog updates Compatibility with virtualized applications Role-based security Software license management improvements Asset Intelligence Reporting Hardware Reporting Identification of Computers that have changed since last Inventory Cycle USB Device Discovery Processor Age Computer Upgrade Readiness Software Reporting Software metering capabilities Recently-used executables reporting Computers where recently-used executables ran Categorization of Software License Management Reports Client Access License tracking (CALs) Per-Processor tracking Asset Intelligence Software Update Management Key Improvements - SUM SUM - Architecture Compliance Assessment Using Update Metadata Download, Deploy, & Install Using CI Policy and Update Binaries Configuration Manager Site Software Update Point Reports Site Server WSUS Control Mgr WSUS Sync Mgr WSUS Admin APIs ConfigMgr WSUS Config Mgr WSUS Server WSUS Database SUM Admin UI Management Point Distribution Point Configuration Manager Client WMI Repository Client Content Cache Windows Update Agent ConfigMgr Agent Client UI Software Update Process Software Updates are Composed of two main parts Metadata Information about each software update Stored in the site server database Software Update Files Download and run to install the software update Three Operational Phases Synchronization Software update metadata is synchronized Compliance assessment phase Client computers scan and report their compliance state Deployment phase Admin Selects updates for deployment Policy is sent to clients Update files are downloaded and installed. Software Update Objects Update Lists Contains set of software updates Updates are added to an update list Deployment Templates Provide Consistency Drag and drop an Update List or Update Deployment Packages Used to download and update the DP Shared folder for the deployment package source files Update Deployments Updates are delivered to client computers by creating software update deployments SUM – End to End Software Update Management Desired Configuration Management Overview of DCM DCM will enable customers to: Define corporate configuration standards Report on configuration compliance across managed Windows systems Combine DCM compliance data with other feature areas of Configuration Manager to remediate clients Regulatory compliance reporting Define and report against tangible configuration policies for regulatory compliance Pre- and post- change verification Ensure system readiness Verify accuracy and efficacy of planned changes DCM Terms and Concepts Configuration Item (CI) Units of configuration Application CI Operating System CI General CI Software Updates CI Configuration Baseline A complex type of CI composed of other CIs which are: Required Optional Prohibited Can be assigned to collections for compliance monitoring Overview – Data Flow Compliance Compliance is evaluated on a number of different levels. The levels are The compliance of a configuration item The compliance of a configuration baseline rule The compliance of each configuration baseline The compliance of a client computer Evaluation happens in the following order Applicability Detection Compliance of objects and settings Results Not Applicable Not Detected Compliant or Non-Compliant Failed Desired Configuration Management Software Distribution Overview of S/W Distribution Controlled deployments Use administrator-created collections to target systems Collections based on inventory data to identify systems with similar hardware or operating system attributes Use different program options to different collections Provides better deployment success Scheduled deployments (including assignments) ConfigMgr S/W Distribution Identifies an SCCM package (source files and programs) Moves program source files around the enterprise To staging locations (distribution points) To remote locations (child sites) To target computers (clients) Launches a command line program Potentially providing administrative rights Reporting status of the application deployment How the Client Handles S/W Distribution DP and Branch DP Distribution Points Store files Function as distribution centers Download Access point BITS-level Resume Branch Distribution Point Efficient package distribution Assigned packages XP workstation / Vista can be a Brach DP Depends on a standard distribution point Cannot be placed on server shares Branch DP Communications SMS Standard DP Branch DP (Client) ` Client ` ` Client ` Client SMS Primary Site Server Branch Office Location Maintenance Window A collection-based method to enforce scheduled changes to managed systems Manages changes to systems Operating System Task Sequences Software Update Deployments Software Distribution Advertisements Safety Net Doesn’t impact activities Scheduled inventory, baseline evaluation, policy polling Configuration Defined per collection Over-rides available Best practices around management Software Distribution Operating System Deployment Servers Have unique Challenges Hardware Configurations Bios Management Remote Management Diagnostics Utilities and Drivers OEM utilities Advanced Network Configuration Static IP Addresses Multiple network adapters NIC Load Balance, speed/duplex configuration Clustering Complex disk configuration Driver Management Multiple physical disks Partition model, design RAID array Server Role definition post deployment Longhorn Server Manager SMO Roles File and Print Location specific What’s new in ConfigMgr OSD Scenario SMS 2003 OSD FP ConfigMgr OSD Feature delivery Feature Pack Core product End-to-end deployment Yes Yes Fully automated Yes Yes Wipe-and-load upgrade Yes Yes Bare metal deployment w/PXE Loose integration w/RIS Built-in integration w/WDS Side-by-side BDD scripts Yes, w/built-in SMP Fully offline deployment No Yes Integrated Vista upgrade planning No Yes Full server deployment No Yes Security Good Much stronger Flexibility/customizability Good Excellent Vista/LH compatibility Good Excellent Device driver management No Yes Deployment Scenarios New Machine Clean install - Wipe and Load. No migration considerations Wipe-and-load Target and install OS to existing H/W. with apps Side-by-side Machine to machine, user and app data migration are possible In-place migration Scripted, targeted OS upgrade (not wipe and load), sent as software distribution package Offline with removable media Removable media (CD/DVD, USB flash drive) PXE boot WDS integration, network boot delivered OEM Partial OS Deployment, support for H/W reseller OSD Architecture Admin creates Task Admin creates OS Sequence and advertises to collection containing client image and boot image and replicates to DP. Site Server Client sends status as Task Sequence executes MP DP Client retrieves Client retrieves Task Sequence from MP and executes it boot image and OS image referenced in Task sequence WDS and ConfigMgr Admin advertises ConfigMgr Site Server task sequence to collection containing new computer Site DB ConfigMgr provider in WDS looks for computer in ConfigMgr database WDS Server If computer is found, WDS proceeds. If not found, WDS tries next provider ConfigMgr MP WDS Server downloads WinPE to new computer ConfigMgr code in WinPE contacts MP to get task sequence that was advertised New computer PXE boots Operating System Deployment References System Center Product Family Homepage http://www.microsoft.com/systemcenter System Center Configuration Manager Homepage http://www.microsoft.com/systemcenter/configmgr/default.mspx Configuration Manager Documentation Library http://technet.microsoft.com/en-us/library/bb680651.aspx Learn more from Configuration Manager Webcasts https://www.microsoft.com/events/series/technetmms.aspx?tab=webcasts &id=42364 Feedback / QnA Your Feedback is Important! Please take a few moments to fill out our online feedback form at: << Feedback URL – Ask your organizer for this in advance>> For detailed feedback, use the form at http://www.connectwithlife.co.in/vtd/helpdesk.aspx Or email us at email@example.com Use the Question Manager on LiveMeeting to ask your questions now! © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.