RSS

Upgrading to Configuration Manager CB, going all the way…

Well, it’s been a while since I wrote something about Configuration Manager. I worked a lot with this technology but I was never able to really move away from it. I guess it has something to do with experience. If you’re experienced with something and you’ve proven to be good at it, then people will request it…

The good side of this experience is that customers I worked with in the past ask me again to assist them with this technology…

Based on what I’ve seen so far with Windows 10, adopting it is going steadily. With the release of the Fall Creators Update (1709), it is possible to both join Active Directory and Azure Active Directory. This allows coexistence between and introduces two management platforms for devices:

  • Configuration Manager
  • Intune

While it is possible to create a hybrid environment by using Intune as a stepping stone for mobile devices while managing them from Configuration Manager, I wouldn’t recommend doing so since I consider it no longer necessary and has become obsolete. I wasn’t a big fan of the Intune integration within Configuration Manager. But that is something for a different post.

Managing Windows 10 devices with Configuration Manager is strongly recommended with the Current Branch releases because of its native support for Windows 10. Microsoft supports a number of in-place upgrade paths which is documented at https://docs.microsoft.com/en-us/sccm/core/servers/deploy/install/upgrade-to-configuration-manager

So recently I was asked to do an in-place upgrade of an existing System Center 2012 Configuration Manager SP1 site (a stand alone Primary Site) running on a server with the following components:

  • Operating System: Windows Server 2012
  • SQL Version: 2012 Standard Edition SP1
  • ADK for Windows 8
  • Integrated MDT 2012 SP1

All components needed to be upgraded with the latest version, at that time the following components needed to be there:

  • Operating System: Windows Server 2016
  • SQL Version: 2016 Standard Edition
  • ADK for Windows 10 1709
  • Integrated MDT version 8443

Doing an in-place upgrade was technically and politically the best way to go

So I got started by making a full backup of the Site Database and moved to a different location (a file share). the next step was stopping all Configuration Manager services. I was then able to get started using the following sequence with a few challenges:

  • In-place upgrade to Windows Server 2016: I was forced to uninstall Endpoint Protection before upgrading
  • In-place upgrade to SQL 2016 Standard Edition: Needed to install SQL 2012 SP2 prior to upgrading to SQL 2016
  • ADK for Windows 8 had to be uninstalled prior to installing ADK for Windows 10 1709
  • In-place upgrade to Configuration Manager 1702 itself: After the upgrade IIS services were disabled so they had to be enabled and started again. Some components failed to update but they did once IIS services were started again
  • For MDT I removed the ConfigMgr Integration before uninstalling the old version and installing the latest one. For the new version I configured the ConfigMgr Integration again

After upgrading a small to-do list occurred that needed to be done:

  • WSUS post install had to be run once more. Apparently, WSUS configuration was gone after upgrading
  • New MDT Boot Images had to be created
  • MDT Packages (Toolkit, Settings and USMT) needed to be created with the new version
  • Existing Task Sequences needed to be modified

To summarize it, all went pretty smooth and new Configuration Manager features can be used.

After that, the site was upgraded to Configuration Manager 1706 using the Console…

Advertisements
 
Leave a comment

Posted by on 01/11/2017 in Uncategorized

 

Enrolling lots of Windows 10 devices to Microsoft Intune, why bother?

Recently I’ve been involved in a few Microsoft Intune deployments.

These are standalone environments, so no hybrid scenario with System Center Configuration Manager. As we all know, Microsoft Intune can be purchased separately but that’s something I wouldn’t recommend. The pricing models of Enterprise Mobility + Security (EM+S) or Microsoft 365 Enterprise (a.k.a. Secure Productive Enterprise) would give you a lot more benefits making it a true bang for your buck. Organizations who fail to see that will basically defeat themselves because their competition does embrace this strategy. These subscriptions will replace a lot of on-premises management tools which liberates administrators with their daily tasks of extinguishing fires…

Microsoft Intune is available for EM+S E3 or 365 Enterprise E3 (also in both E5 subscriptions). Both subscriptions also include Azure Active Directory Premium P1. Azure Active Directory Premium P1 is a requirement to achieve a goal this post is talking about making Windows 10 device enrollment really simple.

Following guidelines on https://docs.microsoft.com/en-us/intune/windows-enroll allows organizations to deliver automatic enrollment for Windows 10 devices when Azure Active Directory Premium is enabled for a user who is assigned a EM+S or 365 Enterprise license. All features are enabled by default so we know it’s there if we don’t fiddle around with them…

So what does this actually mean?

Well, it means that each user who receives a Windows 10 device, preferably Enterprise, will do the device enrollment for you during the OOBE phase of Windows 10. It doesn’t matter if your organization has 5, 50, 500, 5000 or more devices. How cool is that?

As long as all required licenses are in place, admins don’t need to bother about this at all…

 

 

My first Azure Stack TP2 POC deployment ending in disaster…

Today I had the opportunity to have an attempt to deploy my first Azure Stack TP2 POC. Having this DataON CiB-9224 available allowed to have a go on deploying an Azure Stack TP2 POC environment. I was able to achieve this after finishing some testing with Windows Server 2016 with the platform. The results of those tests are available at https://mwesterink.wordpress.com/2017/01/19/case-study-running-windows-server-2016-on-a-dataon-cib/

Before I started testing I reviewed the hardware requirements which are available at https://docs.microsoft.com/nl-nl/azure/azure-stack/azure-stack-deploy

Unfortunately, a small part made me wonder if I would actually succeed in deploying Azure Stack. Here’s a quote of the worrying part:

Data disk drive configuration: All data drives must be of the same type (all SAS or all SATA) and capacity. If SAS disk drives are used, the disk drives must be attached via a single path (no MPIO, multi-path support is provided).

Damn, again a challenge with MPIO. Such a shame since I meet all other hardware requirements.

So decided to have a go and figure out why MPIO is not supported by deploying Azure Stack TP2 anyway. I followed the instructions at https://docs.microsoft.com/nl-nl/azure/azure-stack/azure-stack-run-powershell-script and see what happens…

I used a single node of the CiB-9224 and used 4 400 GB SSD disks only. I turned the other node off and I disabled all unused NICs.

After a while I decided to check its progress and I noticed that nothing was happening at a specific step (there was a hour between the latest log and the time I went to check). Here’s a screenshot where the deployment was ‘stuck’:

stuck_at_s2d

Seems like the script is trying to enable Storage Spaces Direct (S2D). Knowing that S2D is not supported with MPIO I terminated the deployment and wiped all data because I knew I was going to be unsuccessfull. At least I know why.

I didn’t meet all hardware requirements after all. Fortunately it gave me some insights in how to deploy Azure Stack so when I do have hardware that meets my requirements, then at least I know what to do…

Looking at the requirements again, it’s obvious that the recommended way to go is with single channel JBOD.

 

 

 

Case study: Running Windows Server 2016 on a DataON CiB…

Recently I was asked to investigate if Windows Server 2016 would be a suitable OS on a DataON CiB platform. Some new features of Windows Server 2016 are very exciting. The one that excites me the most is Storage Spaces Direct. I set a goal by asking myself the following question:

Can I deploy a hyper-converged cluster using Hyper-V and Storage Spaces Direct with a CiB-9224 running Windows Server 2016?

The case study involves a CiB-9224V12 platform and I had the liberty to start from scratch on one of these babies.

cib-9224_v12_fsv

To figure out if this is possible, I took the following steps:

  1. I deployed Windows Server 2016 Datacenter on each node;
  2. I verified if no device drivers were missing. A lot of Intel chipset related devices had no driver (this may be different at a different model). I installed the Intel Chipset software. The Avago SAS adapter didn’t need a new driver. NOTE: Microsoft Update can be used as well to download and install the missing drivers
  3. I installed the required Roles & Features on both nodes: Hyper-V, Data Deduplication, Failover Clustering and Multi-path I/O
  4. I enabled Multi-Path I/O for SAS. This is a requirement for the SAS adapter to make sure the available disks are presented properly
  5. I created a failover cluster, I used a Share Witness available at a different server
  6. I attempted to enable Storage Spaces Direct but I got stuck at the ‘Waiting for SBL disks are surfaced, 27%’ step. Nothing happens after that.

 

I started troubleshooting to determine a possible issue why this step can’t be finished. I checked the requirements again for S2D and I found the following website:

https://technet.microsoft.com/en-us/windows-server-docs/storage/storage-spaces/storage-spaces-direct-hardware-requirements

At the Drives section I noticed that an unsupported scenario for S2D exists that matches the configuration of the CiB-9224: MPIO or physically connecting drives via multiple paths. After reading the requirements I stopped troubleshooting. Having an unsupported scenario means S2D is simply not possible.

 

The result was I created a Storage Pool without using S2D and I presented the Virtual Disk a Cluster Shared Volume to the cluster. I was not able to choose ReFS (not available when creating a Volume) as a file system so I had to stick with NTFS with Data Deduplication enabled.

So basically I used the ‘Windows Server 2012 R2’ solution to deploy the CSV using Storage Spaces.

With the CiB-9224 I’m not able to achieve my goal of deploying a hyper-converged cluster based on Microsoft’s definition of hyper-converged.

One question still remains: Would I recommend using Windows Server 2016 at a CiB-9224?

The answer is Yes because some new features of Windows Server 2016, for example Shielded VMs, are fully supported on this hardware.

 

DataON does have a hyper-converged S2D platform available, more information can be gathered here: http://dataonstorage.com/storage-spaces-direct/s2d-3110-1u-10-bay-all-flash-nvme-storage-spaces-direct-cluster-appliance.html

s2d-3110_frontsideview

 

 
1 Comment

Posted by on 19/01/2017 in Uncategorized

 

Looking back at 2016…

2016 is at its end so it’s time to look at it before 2017 kicks in.

Due to personal reasons, I’ve been blogging far less than before but I expect to pick it up once more and be more actively blogging.

This year I experienced quite a dramatic change in the way I do my job. System Center related projects have become somewhat nonexisting and my focus has changed to Microsoft Azure completely. I must admit that I like it quite a lot. Gone are the days that I do a project of a couple of months designing and deploying a product from the System Center Suite, except a single Operations Manager deployment. The most visited posts are related to Configuration Manager but I don’t work with it anymore. So don’t expect any new posts about Configuration Manager.

Technical deployments have also become a thing of the past. I’ve been working with customers adopting Microsoft Azure and I’ve become more and more an advisor helping to adopt Microsoft Azure as smoothly as possible. However, adopting Microsoft Azure has become more a financial discussion instead of a technical one. Customers (at least in NL) are more interested in managing costs and are looking for ways to keep costs as low as possible.

The second half of 2016 introduced a change at the company I work at: SCCT BV. When Sander Berkouwer (https://dirteam.com/), an MVP and a true authority on Identity Management, joined SCCT BV it changed the dynamics of my work as well. I received a lot more Identity Management related questions from customers, as if SCCT BV became the go-to company for Identity Management. This was pretty funny since I don’t have that in-depth knowledge regarding Identity Management. Fortunately I have co-workers that do so I was actually delegating quite some work to them.

I was also able to speak on a WMUG_NL event about managing Azure costs. I hope that I will be able to speak on more events on 2017.

Oh, and I was also able to pass two Amazon Web Services (AWS) exams as well. I guess I’m one of the few in NL that has passed both Azure and AWS architecture exams. Hopefully I will work a bit more with AWS as well since they have a great set of services as well and provide new challenges…

While on a personal level 2016 was very challenging, it was quite a year professionally…

See you in 2017!!!

 
1 Comment

Posted by on 31/12/2016 in Opinion

 

Manage your Azure Bill part 2: the operating phase…

Customers who already use Microsoft Azure by one or more subscriptions may face some challenges to get some insights in their Azure spending. Quite often customers ask me how to get some insights in their Azure spending and they are looking for ways to get more details where the money goes in a presentable way. Fortunately, it’s pretty easy to answer this question but it depends on the contract they have. It can be sorted in two categories:

  1. Enterprise Agreement (EA) contracts
  2. All other ones (Pay-as-you-go, CSP etc.)

Customers having EA contracts can use PowerBI (Pro) to generate their reporting quite easily. PowerBI Pro is available for all users with an Office365 E5 license. The Azure Enterprise is available from the PowerBI portal (picture is in Dutch but you can do the math).

azure-ea-appsource

All other contract types can build their own environment using the Azure Usage and Billing Portal. Instructions on how to build it can be found at https://azure.microsoft.com/en-us/blog/announcing-the-release-of-the-azure-usage-and-billing-portal/. There are some catches but it’s pretty easy to build, I got it running in my MSDN subscription easily. Once the environment is up and running the billing data is in the database it can be queried and processed in any way the customers chooses to do so.

Alternatively, 3rd party vendors offer services to present the Azure spending but that’s for another day…

 
Leave a comment

Posted by on 31/12/2016 in Azure, Cloud, Public Cloud, Revenue

 

Manage your Azure Bill part 1: the planning phase…

2016 was the year that cloud adoption finally got going.

More and more organizations are reconsidering their IT strategy by embracing Microsoft Azure to run their workloads at. The most common reason to move workloads to Microsoft Azure is they no longer need to make the hardware investments themselves and make that Microsoft’s problem.

The biggest challenge customers are facing is how much will it cost to use Azure resources. I ranted about it before at https://mwesterink.wordpress.com/2016/10/26/microsoft-azure-one-feature-i-really-need/. The Azure Pricing Calculator can help quite a bit but it just doesn’t cut it. It provides an estimate of Azure Services but it doesn’t provide a bigger picture.

Fortunately, Microsoft has released the Azure TCO Calculator which allows organizations to make a much more comprehensive calculation of their Azure spending. It will also compares the costs to having it run on-premises, although it is quite biased by stating running the workloads on Azure tends to be cheaper. As my co-worker Sander Berkouwer (https://www.dirteam.com) states with many things: Trust, but verify! I can’t agree more on this one since organizations need to analyze and picture their workloads.

The Azure TCO Calculator is available at https://www.tco.microsoft.com/

This should get organizations really going embracing Microsoft Azure in 2017!!!

 
Leave a comment

Posted by on 31/12/2016 in Azure, Cloud, Revenue

 
 
Steve Thompson [MVP]

The automation specialist

Boudewijn Plomp

Cloud and related stuff...

Anything about IT

by Alex Verboon

MDTGuy.WordPress.com

Deployment Made Simple

Modern Workplace

Azure, Hybrid Identity & Enterprise Mobility + Security

Daan Weda

This WordPress.com site is all about System Center and PowerShell

IT And Management by Abheek

Microsoft certified Trainer -Abheek

Heading To The Clouds

by Marthijn van Rheenen