This document discusses ways to empower users, simplify administration, and unify infrastructure using System Center 2012 Configuration Manager. It focuses on enabling mobile device management, deploying applications to new platforms like Windows 8, and reducing infrastructure requirements through a centralized administration site. It also covers cross-platform management capabilities for Linux, UNIX, and Mac systems.
Empower Users and Simplify Administration with Unified Infrastructure
1.
2. Empower Users
Empower people to be
more productive from
anywhere on any device.
Simplify
Administration
Improve IT effectiveness
and efficiency.
Unify Infrastructure
Reduce costs by unifying
IT management
infrastructure.
3. Empower Users
Empower people to be
more productive from
anywhere on any device.
Windows 8 devices
Windows 8 deployment
Unify Infrastructure
Reduce costs by unifying
IT management
infrastructure.
Simplify
Administration
Improve IT effectiveness
and efficiency.
Windows 8 apps
Windows Embedded and WTG
Heterogeneous devices
4. USE LITE TOUCH - LTI
(MDT)
USE ZERO TOUCH - ZTI
(SCCM & MDT)
DO YOU REQUIRE USER
INPUT?
NO
USE ConfigMgr AND MDT
WITH UDI
YES
DO YOU HAVE ConfigMgr
2007?
USE LITE TOUCH - LTI
(MDT)
DO YOU HAVE
ConfigMgr? YES
NO
YES
NO
9. Feature iOS Windows RT Windows
Phone 8
Android
Inventory Y Y Y Y
Settings
Management
Y Y Y Y
Software
Distribution
Y Y Y Y
Remote Wipe Y y Y y
10. • Hardware properties for mobile devices are collected through the Device Management Authority as
well as Exchange ActiveSync (for Android)
• No software inventory for mobile devices to respect the Information Worker’s privacy on their own
device
Wipe option depends on the platform and management type (EAS or native)
• Complete wipe and reset to factory defaults – iOS and WP8
• EAS mailbox removal only - Android
• Only EAS mailbox removal if managed through EAS - Windows RT or Pro (x86)
• No wipe - Windows 7 and below (no change from wave C)
11. Distribute applications to new platforms
• Support for Windows 8 , Windows RT and Windows Phone 8
• iOS devices managed through iOS MDM and can install LOB,
Apple app store or web apps
• Android and WP7 devices are still managed by EAS, but can
install LOB, Google play or web apps
12. Side Load from Your Infrastructure
Windows 8
Download from Windows Store
Public Apps
Management
Infrastructure Cloud
Custom LOB Apps
App Delivery
Windows RT
13. • Is side-loading enabled?
Make sure registry is enabled to allow trusted application installation
HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsAppxAllowAllTrustedApps = 1
Right SKU, domain joined, or is it “activated”?
• Make sure code signing root certificate is installed on client
“Trusted Root Certification Authorities” store
• Manually install signed application
add-appxpackage fileserverContoso_Expense.appx [-DependencyPath <string[]>]
• Application management client side log files
14. •
AllowAllTrustedApps = 1
• To enable sideloading on a Windows 8
Enterprise device that is not domain-joined,
you must use a sideloading product
activation key
17. Block (default)
• Treat a metered network as
disconnected
Limit
• Allow policy polling
• Uploads client state
• User initiated installations
permitted (with warning)
• Deadline content
downloads if deployment
was set to allow
Allow
• A metered network is
treated as if it were a non-
metered network
• Still blocked while roaming
18.
19.
Contractors
Bring Your Own Device
Travel Light
Shared PCs
Build a WTG image using Configuration
Manager
Admin can push deploy WTG to a
removable device
End User can pull provision WTG
Updated and managed same as a physical
laptop/desktop
Admin can determine if device is WTG or
not
20. Natively extend to better support write filters
Embedded specific DCM extensions
OSD optimized for embedded devices
In short, WEDM 2012 is no more
23. Unify Infrastructure
Reduce costs by unifying
IT management
infrastructure.
Reduced Infrastructure Requirements
Flexible hierarchy management
Content distribution changes
Real-time administrative actions
Endpoint Protection enhancements
24. Primary Site
Current Corp
Primary Site
10,000 Clients
Central Administration Site
Must be a new
installation
Primary Site
New Corp Primary Site
5,000 Clients
25. Primary Site
Current Corp
Primary Site
10,000 Clients
Central Administration Site
Primary Site
New Corp
Primary Site
5,000 Clients
Primary Site
New Server
http://technet.microsoft.com/en-us/video/configuration-manager-2012-plan-deploy-
and-migrate-from-configuration-manager-2007.aspx
26. • Provision from the admin console
• Most capabilities as on-prem. Except:
• OSD and task sequences
• Custom updates
• App-V streaming
• Full BranchCache support
• In console content monitoring
• Ability to monitor storage and traffic out usage
• Content is fully encrypted
http://blog.coretech.dk/kea/configmgr-cloud-distribution-points/
PR1
MP
MP DP
Windows Azure
Policy
Content
FIREWALL
29. http://blogs.technet.com/b/configmgrteam/archive/2012/09/27/fast-channel-for-system-management.aspx
• The communication channel is push-based
instead of dependent on the client policy polling
interval. By using client notification, clients can
establish a persistent connection with a
management point.
• In SP1, all System Center Endpoint Protection
operations and the “Download Computer Policy”
client action are implemented by using this
channel.
• If the connection is dropped (e.g. because of a
network issue), notification agent will attempt to
reconnect.
33. App-V 4.6 SP2 support:
Needed for Windows 8
Same feature functionality
App-V 5.0:
New Deployment Type for App-V 5.0 applications
Integrated with App-V Connection
•
•
36. • All configuration management from ConfigMgr console and workflows
• Focus on Linux and UNIX server configuration management scenarios
• Manage company owned Macs and allow for personal Macs
• Stay current - support most recent and relevant platforms
• Prioritize machine centric scenarios
• Do not require domain join for management
37. Mac Client Linux Server UNIX Server
OS X Red Hat SUSE AIX HP-UX Solaris
Configuration Manager
2012 SP1
Endpoint Protection
2012 No Plans
39. Features :
• Discovery – Find Mac’s in Active Directory and the Network
• Hardware Inventory – Inventory and audit Mac OS X machines
• Software Inventory – Determine list of installed software
• Settings Mgmt - Ensure Mac OS X machines comply with company
policies
• Application Deployment- required/push software distribution via app
model
• Software Updates Mgmt – via Software Distribution and Settings mgmt.
Out of scope:
• Self Service Software Portal – Ability for user to select what software to
install
• Operating System Deployment
• Remote Control -> achieved through Lync (desktop sharing), or other 3rd
party solutions
40. Solaris
Version 9 (SPARC)
Version 10 (SPARC/x86)
Version 11 (SPARC/x86)
Red Hat Enterprise
Linux
Version 4 (x86/x64)
Version 5 (x86/x64)
Version 6 (x86/x64)
HP-UX
Version 11iv2
(PA-RISC/IA64)
Version 11iv3
(PA-RISC/IA64)
AIX
Version 5.3 (Power)
Version 6.1 (Power)
Version 7.1 (Power)
SUSE Linux
Enterprise Server
Version 9 (x86)
Version 10 SP1
(x86/x64)
Version 11 (x86/x64)
41. • Newer versions of OS will be supported within 180 days of release
• Old versions supported as long as vendor provides support
• Broader Linux support being evaluated for future releases
• Hardware Inventory
• Software Deployment
• Using the Package and Program model
• Deploy/patch software, deploy OS patches and run maintenance
scripts that target a collection
• No Settings Management (yet)
• Consolidated reports