Category Archives: Uncategorized

Upgrading to Configuration Manager CB, going all the way…

Well, it’s been a while since I wrote something about Configuration Manager. I worked a lot with this technology but I was never able to really move away from it. I guess it has something to do with experience. If you’re experienced with something and you’ve proven to be good at it, then people will request it…

The good side of this experience is that customers I worked with in the past ask me again to assist them with this technology…

Based on what I’ve seen so far with Windows 10, adopting it is going steadily. With the release of the Fall Creators Update (1709), it is possible to both join Active Directory and Azure Active Directory. This allows coexistence between and introduces two management platforms for devices:

  • Configuration Manager
  • Intune

While it is possible to create a hybrid environment by using Intune as a stepping stone for mobile devices while managing them from Configuration Manager, I wouldn’t recommend doing so since I consider it no longer necessary and has become obsolete. I wasn’t a big fan of the Intune integration within Configuration Manager. But that is something for a different post.

Managing Windows 10 devices with Configuration Manager is strongly recommended with the Current Branch releases because of its native support for Windows 10. Microsoft supports a number of in-place upgrade paths which is documented at

So recently I was asked to do an in-place upgrade of an existing System Center 2012 Configuration Manager SP1 site (a stand alone Primary Site) running on a server with the following components:

  • Operating System: Windows Server 2012
  • SQL Version: 2012 Standard Edition SP1
  • ADK for Windows 8
  • Integrated MDT 2012 SP1

All components needed to be upgraded with the latest version, at that time the following components needed to be there:

  • Operating System: Windows Server 2016
  • SQL Version: 2016 Standard Edition
  • ADK for Windows 10 1709
  • Integrated MDT version 8443

Doing an in-place upgrade was technically and politically the best way to go

So I got started by making a full backup of the Site Database and moved to a different location (a file share). the next step was stopping all Configuration Manager services. I was then able to get started using the following sequence with a few challenges:

  • In-place upgrade to Windows Server 2016: I was forced to uninstall Endpoint Protection before upgrading
  • In-place upgrade to SQL 2016 Standard Edition: Needed to install SQL 2012 SP2 prior to upgrading to SQL 2016
  • ADK for Windows 8 had to be uninstalled prior to installing ADK for Windows 10 1709
  • In-place upgrade to Configuration Manager 1702 itself: After the upgrade IIS services were disabled so they had to be enabled and started again. Some components failed to update but they did once IIS services were started again
  • For MDT I removed the ConfigMgr Integration before uninstalling the old version and installing the latest one. For the new version I configured the ConfigMgr Integration again

After upgrading a small to-do list occurred that needed to be done:

  • WSUS post install had to be run once more. Apparently, WSUS configuration was gone after upgrading
  • New MDT Boot Images had to be created
  • MDT Packages (Toolkit, Settings and USMT) needed to be created with the new version
  • Existing Task Sequences needed to be modified

To summarize it, all went pretty smooth and new Configuration Manager features can be used.

After that, the site was upgraded to Configuration Manager 1706 using the Console…

Leave a comment

Posted by on 01/11/2017 in Uncategorized


Case study: Running Windows Server 2016 on a DataON CiB…

Recently I was asked to investigate if Windows Server 2016 would be a suitable OS on a DataON CiB platform. Some new features of Windows Server 2016 are very exciting. The one that excites me the most is Storage Spaces Direct. I set a goal by asking myself the following question:

Can I deploy a hyper-converged cluster using Hyper-V and Storage Spaces Direct with a CiB-9224 running Windows Server 2016?

The case study involves a CiB-9224V12 platform and I had the liberty to start from scratch on one of these babies.


To figure out if this is possible, I took the following steps:

  1. I deployed Windows Server 2016 Datacenter on each node;
  2. I verified if no device drivers were missing. A lot of Intel chipset related devices had no driver (this may be different at a different model). I installed the Intel Chipset software. The Avago SAS adapter didn’t need a new driver. NOTE: Microsoft Update can be used as well to download and install the missing drivers
  3. I installed the required Roles & Features on both nodes: Hyper-V, Data Deduplication, Failover Clustering and Multi-path I/O
  4. I enabled Multi-Path I/O for SAS. This is a requirement for the SAS adapter to make sure the available disks are presented properly
  5. I created a failover cluster, I used a Share Witness available at a different server
  6. I attempted to enable Storage Spaces Direct but I got stuck at the ‘Waiting for SBL disks are surfaced, 27%’ step. Nothing happens after that.


I started troubleshooting to determine a possible issue why this step can’t be finished. I checked the requirements again for S2D and I found the following website:

At the Drives section I noticed that an unsupported scenario for S2D exists that matches the configuration of the CiB-9224: MPIO or physically connecting drives via multiple paths. After reading the requirements I stopped troubleshooting. Having an unsupported scenario means S2D is simply not possible.


The result was I created a Storage Pool without using S2D and I presented the Virtual Disk a Cluster Shared Volume to the cluster. I was not able to choose ReFS (not available when creating a Volume) as a file system so I had to stick with NTFS with Data Deduplication enabled.

So basically I used the ‘Windows Server 2012 R2’ solution to deploy the CSV using Storage Spaces.

With the CiB-9224 I’m not able to achieve my goal of deploying a hyper-converged cluster based on Microsoft’s definition of hyper-converged.

One question still remains: Would I recommend using Windows Server 2016 at a CiB-9224?

The answer is Yes because some new features of Windows Server 2016, for example Shielded VMs, are fully supported on this hardware.


DataON does have a hyper-converged S2D platform available, more information can be gathered here:



1 Comment

Posted by on 19/01/2017 in Uncategorized


Live Maps Unity 7.5 with Operations Manager 2012: making dashboard views easier…

Recently Savision announced Live Maps Unity 7.5. Shortly after the announce I finally had some time left to have a look at it. One of my customers asked me to help the build a pristine OpsMgr 2012 R2 environment and they stated they already purchased Savision Live Maps as well. In this blog post I share my impressions regarding Live Maps Unity 7.5 from a technical perspective and beyond.

A commonly asked question regarding 3rd party dashboard tools is: Why do I need something like that?

To give a clear answer, certain aspects of the IT environment need to be considered:

  • OpsMgr itself is a very IT focused monitoring solution which has quite some distance to the ‘real world’. Although OpsMgr delivers a very high level of detail of the IT environment, it may become quite challenging to provide information non-IT people understand. The business requires information of the availability of IT services. The business would rather like to know if they can still use email instead of knowing which mailbox store is broken.
  • While OpsMgr has some native capabilities to build dashboards, I consider them quite inferior (even using the Visio Add-in). It takes a lot of administrative effort to build and maintain them and it just doesn’t work the right way. For this feature alone I had to give negative recommendations to previous customers to use OpsMgr solely on this challenge.

With these considerations taken in mind, the answer to the question regarding dashboards is yes convincingly.

Savision Live Maps delivers dashboards that the real world can understand and does all the work creating them for you. This significantly lowers the administrative effort to allow administrators to focus their daily task on managing their environment, not managing the tools that manage their environment.

So I decided to have a go and asked for a trial license. I’ve set up an environment in an Azure Resource Group, created a storage account and a virtual network and created the following two machines (both running on Windows Server 2012 R2:

  • 1 Domain Controller;
  • 1 Operations Manager 2012 R2 Management Server running a local SQL instance.

I imported Active Directory and SQL Server Managment Packs, importing these requires Windows Core Monitoring so that one is included as well.

The next step was installing Live Maps Unity 7.5. I used the documentation available at the Savision Training Center which is available at The documentation is very monkey proof is makes installing Live Maps Unity ridiculously easy.

The next step is creating the dashboards you need. After some playing around I was able to produce the following view:

service view

NOTE:I created an additional distributed application named mwesterink.lan which contains both servers only. I intentionally left some alerts to display the color differences.


After playing around a little bit I conclude that Savision Live Maps Unity makes dashboarding significantly easier, especially when Management Packs deliver their own distributed applications.

Something as trivial as Service Level Monitoring is enabled by just a simple check box.

Even for ITPros, the more business oriented view should be sufficient before drilling down to figure out if any new issues are occuring.

I would even consider not using any notifications anymore at all.


However, a major decision maker is if the license costs would meet any Return On Investment (ROI) targets. In general, decision makers are only interested in meeting ROI for projects. Any ROI not met is considered a failure. Knowing how much time it takes to have your dashboards created should allow some financial people to calculate how much time administering these dashboards cost. I am almost certain that the administrative effort will be reduced dramatically to have Live Maps Unity do all the work for you instead of building it all yourself. I didn’t need any support from Savision to build something like that, so a more experienced OpsMgr admins should certainly be able to use this. Savision have their engineers available when needed.

My final verdict: I’d definitely recommend using Live Maps Unity to present the IT infrastructure availability in OpsMgr.



A small test to determine if IIS is not affected by ‘Heartbleed’…

Last week the Internet was alerted by the Heartbleed vulnerability in OpenSSL (CVE-2014-0160). It was pretty relieving to see Microsoft provided a statement that Microsoft is not using OpenSSL but SChannel instead on their IIS. Microsoft’s statement is available here:

Fortunately, I’m helping a customer setting up a ConfigMgr site server for internet facing clients. The site server is already up and running, the machine accepts connections from clients residing on the Internet. It allowed us to do a quick test to verify IIS is not affected by the vulnerability.


We found the following website that allows us to do the quick test:

Enter the Internet FQDN of the internet facing site server, select the option to ignore certificates and allow the test to be run.

The test gives us this result:


Consulting the FAQ states the ‘broken pipe’ message states that the unaffected IIS is used, which we know we do. This site obviously doesn’t know we’re using IIS which works for me…

Leave a comment

Posted by on 14/04/2014 in Uncategorized


ConfigMgr 2012: making sure an SQL instance is not ‘occupied’

As a Consultant, I’m doing quite a lot of deployments of ConfigMgr 2012. Looking constantly for improvements and trying out different scenarios I need to deploy ConfigMgr a lot. Especially in lab environments, I destroy machines quickly and build new ones to allow myself to deploy ConfigMgr 2012 again.

Recently, I was testing a deployment using a dedicated SQL 2012 Server to host the site database. What I wanted to achieve is not relevant but I decided to start over.

So I destroyed the site server VM, I deleted the database file in SQL and started again by creating a new VM.

During the installation, the prerequisite checker was giving me an error. The error message stated that the SQL instance chosen already has a site database.

I decided to look into the ConfigMgrPrereq.log file and I found the line displayed below:

6-19-2013 14:47:33> SQL01.domain1.local;    Dedicated SQL Server instance;    Error;    Configuration Manager requires a dedicated SQL Server instance to host its site database.  You selected a SQL Server instance that hosts the site database for another Configuration Manager site.  Select a different SQL Server instance for this new site to use, or resolve the conflict by uninstalling the other site or moving its database to a different SQL Server instance.

That’s odd, I deleted the file itself so the error message doesn’t make any sense to me…

So I thought that information regarding a site database must be stored somewhere else.

I decided to have a look in the registry and I found the key which tells me that something with ConfigMgr was placed there.

The key that I was looking for is:


Deleting the key completely and restarting the SQL Server made the error message go away and I could install a new ConfigMgr site again.

Keep in mind though that this is certainly not the way to go to remove a ConfigMgr site, always try to use the setup to remove a site. Trying this with a production environment is something that should be avoided unless no other options are available anymore.

1 Comment

Posted by on 05/07/2013 in Uncategorized


Windows Intune: first impressions…

At MMS 2013 I had a very interesting evening (birds of a feather) session regarding Windows Intune. We were with only 3 guys (including the host Chris Nackers), after a while three representatives of Microsoft’s Windows Intune Product Team joined the session, which made me more and more curious about this technology. Even before MMS 2013, I already played around a bit with Windows Intune.

One of my customers is interested in using Windows Intune because he’s looking for a way to manage his mobile devices (Apple and Surface tablets). We agreed to start up a Proof of Concept using the free 30-day trial that Microsoft offers for Windows Intune. Windows Intune will be configured in a stand-alone mode, so no connection with a Configuration Manager 2012 SP1 Primary Site.

This blog describes my first impressions while preparing the Proof of Concept and documenting my findings and configurations before going to the customer and starting with the PoC.

NOTE: my colleague Robin Verbeek wrote some nice blog articles regarding Windows Intune and Configuration Manager 2012 SP1. You can find his blog on

Setting up a Windows Intune trial is a straightforward process and doesn’t require much administrative effort.

After opening the portal and checking out some settings it gave me a feeling that some things look quite similar to Configuration Manager 2012 SP1. This would flatten the learning curve and I expect something similar for you ConfigMgr guys and girls out there…

For now I configured some basic things as update management for just three Operating Systems: Windows 7, Windows 8 and Windows RT.

Part of the test was enrolling three machines, two desktops and one Surface tablet. This is pretty straightforward as well…

The portal has a feature that I really like: hyperlinks to the TechNet page which displays the instructions.

It saves me a lot of time and it allows me to redirect the administrator to use these pages.

I need to explore Windows Intune more intensively to use more features as well, expect a few blogs about these features as well.

Windows Intune makes sense if I can provide added value for customers to use this technology. Many organizations have started exploring to use cloud services, others are not really ready for that. Finally, you have organizations who are not allowed to use cloud services because the law forbids them (this is the case for some government organizations here in The Netherlands).

Here are some opinions why Windows Intune can be added value for customers:

  • One tool to manage multiple platforms (traditional Windows Operating Systems, Windows RT, Apple iOS and Android (a bit limited though))
  • New features are added every 3 months
  • No investment required to build an infrastructure in your environment, it’s all in the cloud…
  • Great for smaller organizations who are looking for an inexpensive way to manage their devices, even if you don’t have mobile devices in your environment
  • A good alternative for organizations where Configuration Manager 2012 SP1 is pure overkill

Calculations must be made to justify the monthly subscription compared to all the costs for managing the functionalities on-premise. Costs such as energy usage, daily administration and depreciation should be included in these calculations

To continue comparing Windows Intune with Configuration Manager 2012 SP1. They have similar functionalities but are not necessarily able to replace each other. One feature Windows Intune doesn’t have is Operating System Deployment (OSD). If your organization doesn’t require ZTI, then MDT 2012 U1 is a good tool to facilitatie OSD…

NOTE: experience tells me that since Windows 7 the frequency of redeploying client machines have been significantly reduced…

MDT 2012 U1 is free, which is really nice too…

Leave a comment

Posted by on 04/05/2013 in Uncategorized


Time to look back at 2012…

Just as everyone I look back at 2012 to reflect on everything that happened for me this year.

For me, 2012 is a crazy year. I’ve done quite a number of projects and I was able to develop myself more and more as a Consultant/Architect. This especially true for ConfigMgr 2012 and more or less for OpsMgr 2012, other technologies received less attention from me. I’m more focusing on writing and helping organizations taking the right decisions to use the technology rather than operating the technology itself.

The main drive for this busy year was of course the release of System Center 2012 in April. While I was not able to attend at MMS 2012 I learned that during this event, Microsoft would release the RTM version of the System Center 2012 Suite.

Since my main focus is limited on ConfigMgr and OpsMgr its release meant the following for me:

  • Introducing ConfigMgr 2012 and OpsMgr 2012 to organizations who do not use this technology at all
  • Migrating to 2012 versions from existing implementations of the 2007 versions
  • Replace other vendor solutions

The 3rd item of the list was really interesting. Products such as Altiris or RES Automation Manager were simply pushed aside with ConfigMgr 2012. To a certain degree it’s unbelievable to see how many implementations were destroyed after finishing projects which consisted of designing and implementing ConfigMgr 2012.

Keep in kind though that I’m not interested in what product is the best, I only focus on political decisions organizations took to have these products replaced by ConfgMgr 2012.


Fortunately, my fast development also woke up the folks at the Dutch branch of Microsoft Consulting Services. This resulted in the opportunity to do a project in their name as a Partner. I guess I don’t need to tell you how honored I am to do this project together with Microsoft. I expect this project to last Q1 2013 completely. Of course I couldn’t have done it without the support of my manager Giovanni Perini and my account manager Remco Smith of BPMi. For that I’d like to thank them and I’d like to thank Microsoft for the opportunity to work together with them.


The year is almost over, I took a few days off until the end of the year and I look forward to a very fruitful and productive 2013 with great opportunities and challenges…


Leave a comment

Posted by on 27/12/2012 in Uncategorized

Steve Thompson [MVP]

The automation specialist

Boudewijn Plomp

Cloud and related stuff...

Anything about IT

by Alex Verboon

Deployment Made Simple

Modern Workplace

Azure, Hybrid Identity & Enterprise Mobility + Security

Daan Weda

This site is all about System Center and PowerShell

IT And Management by Abheek

Microsoft certified Trainer -Abheek

Heading To The Clouds

by Marthijn van Rheenen