Vol. 37, #8 - July 8, 2013 - Issue #937

Image

Managing PCs, Tablets and Phones

  1. Editor's Corner
    • PCs, Tablets and Phones: Managing IT in an Age of Consumerization with System Center 2012 SP1 and Windows Intune
    • Tip of the Week
    • Recommended for Learning
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Events Calendar
    • Americas
    • Australia
  4. Webcast Calendar
    • WindowsNetworking.com Webinar: Is it Time to Graduate from WNLB?
    • Register for Webcasts
  5. Tech Briefing
    • Microsoft Deployment Toolkit 2013 Preview Now Available
    • Microsoft Server Virtualization Calculator
    • IPv6 for the Windows Administrator: Why you need to care about IPv6
    • IPv6 for the Windows Administrator: IPv6 Fundamentals
    • Managing VMware Workstation VMS Remotely with WSX
    • BOOK EXCERPT: Troubleshooting Storage Using Event Logs
    • Windows Server 2012 R2 Preview Inbox Driver Support on Dell PowerEdge Servers
    • Guide To The New Unified Smart Search Feature In Windows 8.1
    • The Journey to ISO 27001 (Part 1)
    • Planning and migrating a small organization from Exchange 2007 to 2013 (Part 3)
    • GFI MailEssentials - Voted WindowSecurity.com Readers' Choice Award Winner - Email Anti Virus
  6. Windows Server News
    • Negating network latency's effects without bending law of physics
    • How inline deduplication is changing the VDI storage landscape
    • Virtualizing legacy servers without pulling out your hair
    • VMware vSphere basics: ESXi host cluster, vCenter and shared storage
  7. WServerNews FAVE Links
    • This Week's Links We Like. Fun Stuff.
  8. WServerNews - Product of the Week
    • Instantly See WHO Has Permission to Do WHAT With a Free Tool

 

Instantly See WHO Has Permission to Do WHAT With a Free Tool

SolarWinds free NTFS Permissions Analyzer for Active Directory gives you a complete hierarchical view of effective permissions access rights for a specific file folder (NTFS) or share drive! This free tool allows you to quickly see who has permissions to do what and answers the questions that suck up your time and patience, all from a nifty desktop dashboard! Free Permissions Analyzer is even more powerful than some of the tools you have to pay for; download it now and see for yourself!

Download your free tool here >

 

Editor's Corner

This week's newsletter is all about managing PCs, tablets and phones with a guest editorial from Keith Mayer, a Senior Technical Evangelist at Microsoft focused on Windows infrastructure, data center virtualization, systems management and private cloud.

Interestingly, when I searched Dilbert.com for a comic strip on the topic of "tablets" the only result that came back was this:
http://www.wservernews.com/go/1372930337833

Hmmm.

Then I tried another search for "BYOD" on Dilbert.com and it came up with null results.

Could it be that Dilbert is behind the times when it comes to enterprise computing?

Send me your thoughts at [email protected] LOL.

And now on to our guest editorial from Keith Mayer...

PCs, Tablets and Phones: Managing IT in an Age of Consumerization with System Center 2012 SP1 and Windows Intune

Today, end-users have more device choices than ever before … and, this could bring some great news for us: IT consumerization trends have the potential to dramatically lower our hardware acquisition and maintenance costs, and they also provide end-users with broader flexibility in matching devices to their unique work styles. But … how do we manage platform security, stability and consistent application experiences in a world where users are accustomed to "Bring Your Own Device" (BYOD)?

In this article, we'll step through enabling the new capabilities provided by System Center 2012 SP1 and Windows Intune to provide a comprehensive management solution for traditional corporate devices side-by-side with BYOD scenarios. By leveraging these features, we'll see how we can balance cost, security, and user experience to capitalize on the value of IT consumerization for our organizations and our end-users.

What is "Consumerization of IT"?

"Consumerization of IT" refers to the broad availability of IT hardware, software and services that end-users increasingly enjoy today -- making it possible for them to select their own technology solutions, potentially without the consent of the IT team within their organization. As younger and more technically-capable professionals enter the workforce, the demands to support a wider array of technology choices is growing -- and, with good reason: by providing flexible technology offerings, many organizations have seen a shift towards improved worker productivity by allowing each worker to more closely tailor device choices to their unique work styles and preferences. By offering a technology stipend to these workers for procurement of devices, organizations have also experienced a reduction in costs and effort associated with hardware procurement and break/fix support. As IT professionals, this means that we're finding our roles to be evolving to encompass extending management, security and application policies to a much wider variety of platforms than we've traditionally been accustomed.

It's all about achieving balance …

Of course, the needs of each organization and set of end-users can be very different. Part of your role within your organization may be helping to arrive at the best balance of end-user flexibility with organizational governance -- after all, in most organizations IT is still expected to provide management and oversight of data security, application availability and end-user support. In many organizations, this means that IT teams may find themselves defining different levels of support as a sort of consumerization "service level agreement" or SLA, such as:

Of course, the correct mix of support levels, application access, security and manageability is something that will likely be a unique blend on an organization-by-organization basis. However, by taking a scaled approach towards consumerization, as defined in the example above, you'll be able to offer flexibility that will likely satisfy the majority of your users while still being able to provide consistent levels of IT support that are prudent for your organization.

Challenges in Managing BYOD Devices

Once you've defined the consumerization "service level agreement" within your organization, you'll probably find that you'll need to extend a certain amount of centralized IT management capabilities to a new set of BYOD mobile devices in order to meet your SLA commitments. Specifically, many organizations find that they need to be able to manage application deployments, ensure compliance with IT security policies and perform basic remote administrative tasks, such as remote block and wipe, across a new range of mobile devices.  Implementing centralized management for these requirements on managed corporate devices is no problem -- tools such as System Center Configuration Manager have traditionally provided deep management capabilities for devices that are integrated into an organization's internal network and Active Directory infrastructure. However, extending centralized management to previously unmanaged BYOD devices is an altogether new set of challenges -- after all, BYOD devices are usually not connected to an internal network infrastructure, let alone have any support for centralized identity stores such as Active Directory.

Managing Enterprise Devices and BYOD Mobile Devices from a Single Management Console

In System Center 2012 Service Pack 1, the Configuration Manager team set its sights on addressing the challenge of managing BYOD mobile devices side-by-side with managed corporate devices. In the SP1 release, Configuration Manager can be tightly integrated with the cloud-based Windows Intune management service to extend centralized management to common mobile device platforms, such as:

By integrating both System Center 2012 SP1 and Windows Intune together, Windows Intune effectively becomes a cloud-based "management point" for delivering application, compliance and inventory policies to mobile device platforms from the System Center management console.

Go here for more info about System Center 2012 SP1:
http://www.wservernews.com/go/1372930348240

Go here for more info about Windows Intune:
http://www.wservernews.com/go/1372930353443

What management tasks can I perform against BYOD Mobile Devices?

The management capabilities of each mobile device platform can vary -- and this is definitely something to consider when defining the SLA policies for your organization. In the table shown below, you'll find details on support for specific management tasks with each mobile device platform when using System Center 2012 Service Pack 1 and Windows Intune together:

Management tasks

Windows RT

Windows Phone 8

iOS

Android

Retire, wipe, remove, and block devices

Yes

Yes

Yes

No

Compliance settings for password settings, email management,

 

 

 

 

security, roaming, encryption, and wireless communication.

Yes

Yes

Yes

No

Line-of-business app management for internal enterprise apps

Yes

Yes

Yes

Yes

App installation from a public app store

Yes

Yes

Yes

Yes

Hardware inventory

Yes

Yes

Yes

No

How do I get started with integrating System Center 2012 SP1 and Windows Intune?

To get started with integrating System Center 2012 Service Pack 1 and Windows Intune, you'll need these prerequisite items:

A free evaluation kit for System Center 2012 SP1 is available at:
http://www.wservernews.com/go/1372930360146

A free trial subscription for Windows Intune for evaluation purposes is available at:
http://www.wservernews.com/go/1372930364412

Once you've taken care of the above prerequisites, you'll perform the following three general tasks to integrate your on-premises System Center 2012 SP1 Configuration Manager installation with Windows Intune for unified mobile device management.

1. Deploy and configuration directory synchronization

Directory synchronization provides the ability to securely integrate your list of internal AD user accounts and security groups with Windows Azure Active Directory, which is the directory service that supports Windows Intune in the cloud. Once completed, this allows a consistent set of users and groups to be leveraged by both System Center 2012 SP1 and Windows Intune for management of both corporate and mobile devices that are operated by end-users.

Image

 Figure 1: Installing Windows Azure Active Directory Sync Setup

2. Create a Windows Intune subscription in System Center 2012 SP1 Configuration Manager

Defining Windows Intune subscription information in System Center 2012 SP1 Configuration Manager allows Configuration Manager to manage the Windows Intune subscription centrally. Along the way, you'll also identify the mobile device platforms that you wish to manage via Windows Intune and the certificates for securely authenticating to each platform.

Image

Figure 2: Create Windows Intune Subscription Wizard

3. Add the Windows Intune Connector site system role in System Center 2012 SP1 Configuration Manager

The Windows Intune Connector maintains bi-directional network communications between System Center 2012 SP1 Configuration Manager and Windows Intune. Via this connector, System Center 2012 SP1 will be able to deploy applications, policies and remote management commands to Windows Intune for passing on to the appropriate mobile devices. This connector also receives hardware inventory and mobile device status information from Windows Intune for representation in the central System Center 2012 SP1 Configuration Manager console.

Image

Figure 3: Add the Windows Intune Connector site system role

How can I use System Center 2012 SP1 to manage BYOD Mobile Devices?

After System Center 2012 SP1 Configuration Manager and Windows Intune are integrated into a unified management solution, you'll be able to manage BYOD mobile devices in a manner that's consistent with how enterprise corporate devices are managed within System Center 2012 SP1.

Image 

Figure 4: Create Application Wizard in System Center 2012 SP1 Configuration Manager

Image

Figure 5: Create Configuration Item Wizard in System Center 2012 SP1 Configuration Manager

 Image

Figure 6: Managing Mobile Devices in System Center 2012 SP1 Configuration Manager

How do I learn more about BYOD Mobile Device Management in System Center 2012 SP1?

Ready to set this up in your own lab? To learn more about the new mobile device management capabilities in System Center 2012 SP1 with Windows Intune, be sure to check out the following additional resources below:

WATCH: Managing Mobile Devices with System Center 2012 SP1 and Windows Intune
http://www.wservernews.com/go/1372930379302

DO IT: Step-by-Step -- BYOD Mobile Device Management with System Center 2012 SP1 and Windows Intune
http://www.wservernews.com/go/1372930383709

GET CERTIFIED: Free Exam Study Guide for Exam 70-243, Administering and Deploying System Center 2012 Configuration Manager
http://www.wservernews.com/go/1372930391599

About Keith Mayer

Keith Mayer is a Senior Technical Evangelist at Microsoft focused on Windows Infrastructure, Data Center Virtualization, Systems Management and Private Cloud. Keith has over 20 years of experience as a technical leader of complex IT projects, in diverse roles, such as Network Engineer, IT Manager, Technical Instructor and Consultant. He has consulted and trained thousands of IT professionals worldwide on the design and implementation of enterprise technology solutions.

You can find Keith online at:
http://www.wservernews.com/go/1372930397162

Send us feedback

Got feedback about anything in this issue? Let us know at [email protected]

Tip of the Week

Beginning with Windows Server 2012 the default installation option is the Server Core option, not the GUI option.

Use it!

Then install the RSAT management tools on another box and manage your servers remotely.

This way you can reap the benefits of Server Core (less patching, fewer reboots, smaller disk footprint, reduced attack surface) while enjoying all the ease of being able to manage your servers using the GUI tools Microsoft provides.

Just my two cents!

For more on Server Core, see here:
http://www.wservernews.com/go/1372930402427

Recommended for Learning

This week we have a few titles from O'Reilly that we've had a chance to look at:

Cloud Architecture Patterns
http://www.wservernews.com/go/1372930406303

Walks you through the fundamentals of cloud computing by building an application running on Windows Azure.

Building Web, Cloud, & Mobile Solutions with F#
http://www.wservernews.com/go/1372930411053

Another walkthrough of developing an application that runs on Windows Azure, this time with lots of code.

Enterprise Search
http://www.wservernews.com/go/1372930414912

High-level overview of planning an enterprise search solution for your business. Platform-agnostic so not a walkthrough, but still worth a read.

Quote of the Week

"Sometimes it is not enough to do our best; we must do what is required." - Winston Churchill

Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at [email protected] and we’ll try to troubleshoot things from our end.

 

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Track virtualization health at-a-glance with SolarWinds free VM Monitor. This free tool allows you to continuously monitor a VMware or Hyper-V host and associated virtual machines. Download now.
http://www.wservernews.com/go/1372932779208

Free Tool: Idera Server Backup Free – fast, disk-based continuous data protection for Windows and Linux servers – backs up and restore files in minutes
http://www.wservernews.com/go/1372932782067

New. Altaro Hyper-V Backup v4. Powerful new features, faster and easier to use than ever. Still free (forever) for 2 VMs, still competitively priced. Download now.
http://www.wservernews.com/go/1372932784614

Find out where all the free space has gone on your hard drive:
http://www.wservernews.com/go/1372932786927

Convert VMware-based virtual machines and disks to Hyper-V-based virtual machines and disks:
http://www.wservernews.com/go/1372932791974

 

Events Calendar

Americas

Microsoft Worldwide Partner Conference on July 7-11, 2013 in Houston, USA
http://www.wservernews.com/go/1372930423068

Australia

Microsoft TechEd Australia on September 3-6, 2013 in Gold Coast, Australia
http://www.wservernews.com/go/1372930427006

Microsoft TechEd New Zealand on September 10-13, 2013 in Auckland, New Zealand
http://www.wservernews.com/go/1372930431100

Add your event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 100,000 subscribers about? Contact [email protected]

 

Webcast Calendar

WindowsNetworking.com Webinar: Is it Time to Graduate from WNLB?

Are you avoiding deployment of an advanced Load Balancer due to concerns about the complexity involved? Do you rely on MS WNLB because of its ease of implementation? What additional features are available with an intelligent load balancer, are they worth the cost and are they really all that complicated? These are some of the important questions that Network administrators need to answer when deciding if the time is right to make the change from using MS WNLB to another Load Balancing solution.

Join J. Peter Bruzzese, Microsoft Certified Trainer (MCT), and Cofounder/CIO of ClipTraining on Thursday, July 18th, 2013 at 11am ET / 10am CT / 8am PT to learn tips and secrets about load balancing, when it’s time to move up from using MS NLB, and which types of load balancers to consider.

Register Today:
http://www.wservernews.com/go/1372932222361

Register for Webcasts

 Add your Webcast

PLANNING A WEBCAST you'd like to tell our 100,000 subscribers about? Contact [email protected]

 

Tech Briefing

Microsoft Deployment Toolkit 2013 Preview Now Available (Microsoft Deployment Toolkit Team Blog)

The Client Management team is happy to announce the availability of the Microsoft Deployment Toolkit (MDT) 2013 Preview. Be sure to read which platforms are supported for deployment using MDT 2013 and which are not!
http://www.wservernews.com/go/1372930455725

Microsoft Server Virtualization Calculator (Hosted by MindTree on behalf of Microsoft)

The Microsoft Server Virtualization Calculator compares the cost of virtualizing applications on Microsoft Windows Server 2012 Hyper-V to VMware vSphere 5.1.
http://www.wservernews.com/go/1372930460475

IPv6 for the Windows Administrator: Why you need to care about IPv6 (Ask PFE Blog)

Should you care about IPv6? Read this and find out!
http://www.wservernews.com/go/1372930465553

IPv6 for the Windows Administrator: IPv6 Fundamentals (Ask PFE Blog)

The Premier Field Engineers demystify IPv6 addressing!
http://www.wservernews.com/go/1372930470287

Managing VMware Workstation VMS Remotely with WSX (VirtualizationAdmin.com)

David Davis looks at how to manage VMware's recently released WSX - a HTML5 browser-based GUI for Workstation 9 virtual machines and ESXi hosts.
http://www.wservernews.com/go/1372930475037

BOOK EXCERPT: Troubleshooting Storage Using Event Logs (WindowsNetworking.com)

Thomas Roettinger, a Program Manager with the Partner and Customer Ecosystem Team at Microsoft, provides two examples of how to use the Windows Event Logs to troubleshoot storage issues in a Hyper-V environment.
http://www.wservernews.com/go/1372930480959

Windows Server 2012 R2 Preview Inbox Driver Support on Dell PowerEdge Servers (Dell TechCenter Blogs)

A blog post about the current state of driver support for Dell servers.
http://www.wservernews.com/go/1372930486256

Guide To The New Unified Smart Search Feature In Windows 8.1 (Addictive Tips)

Smart Search, the search feature in Windows 8.1 integrates with Bing to let you quickly find local apps, files, SkyDrive content, and web content from the Start Screen.
http://www.wservernews.com/go/1372930492553

The Journey to ISO 27001 (Part 1) (WindowsSecurity.com)

Ricky M. Magalhaes begins a two part article that will take you through an introduction to ISO 27001.
http://www.wservernews.com/go/1372930496881

Planning and migrating a small organization from Exchange 2007 to 2013 (Part 3) (MSExchange.org)

Steve Goodman concludes his series of articles by continuing discovery collecting more information about Exchange, before beginning to collect relevant Client information.
http://www.wservernews.com/go/1372930501287

GFI MailEssentials - Voted WindowSecurity.com Readers' Choice Award Winner - Email Anti Virus (WindowsSecurity.com)

GFI MailEssentials was selected the winner in the Email Anti Virus category of the WindowSecurity.com Readers' Choice Awards. Symantec Norton AntiVirus and BitDefender Antivirus were runner-up and second runner-up respectively.
http://www.wservernews.com/go/1372930505756

 

Windows Server News

Negating network latency's effects without bending law of physics

While moving your applications to the cloud can deliver key scalability benefits, this transition can also introduce a number of networking issues that can end up hindering performance and user experience. Luckily, there are ways to avoid network latency pain points in the cloud -- find out more inside.
http://www.wservernews.com/go/1372930512178

How inline deduplication is changing the VDI storage landscape

Many IT pros claim that managing storage in their virtual desktop infrastructure is a significant challenge. As a result, a new technology has been developed to address this issue -- inline deduplication. Find out more about this innovative approach to VDI storage inside this essential tip.
http://www.wservernews.com/go/1372930516928

Virtualizing legacy servers without pulling out your hair

Many businesses adopt server virtualization to take advantage of its cost-saving and high availability benefits, but what most IT pros don't realize is that it can also breathe new life into legacy servers. Inside, discover the top reasons to virtualize legacy servers and learn what this approach can offer.
http://www.wservernews.com/go/1372930520678

VMware vSphere basics: ESXi host cluster, vCenter and shared storage

When it comes to VMware vSphere virtualization, you must first create a solid foundation -- and the same best practices can be applied to any data center or number of servers. Inside, learn more about the three vSphere basics -- multiple identical ESXi hosts, shared storage for VMs and vCenter Server.
http://www.wservernews.com/go/1372930524506

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]

Image

Water Car Panther is the fastest amphibious car in the World - capable of 80 mph (127 km/h) on the road and 44 mph (70 km/h) on water.
http://www.wservernews.com/go/1372930529256

Martha Stewart shares her trick for peeling a whole head of garlic in just a few seconds.
http://www.wservernews.com/go/1372930533975

Love apparently knows no boundaries in the animal kingdom. Check out these animal odd couples:
http://www.wservernews.com/go/1372930537944

France Has An Incredible Talent: 11 year old Raffi wows the audience with an incredible Rock 'n' Roll performance:
http://www.wservernews.com/go/1372930542085

Bride and groom Gary and Tracy Richardson asked Reverend Kate Bottley to put a twist on their traditional wedding.
http://www.wservernews.com/go/1372930546475

Supercats - a compilation of cats doing all sorts of funny and amazing things to the music of 'Jump' by Van Halen.
http://www.wservernews.com/go/1372930550585

 

WServerNews - Product of the Week

Instantly See WHO Has Permission to Do WHAT With a Free Tool

SolarWinds free NTFS Permissions Analyzer for Active Directory gives you a complete hierarchical view of effective permissions access rights for a specific file folder (NTFS) or share drive! This free tool allows you to quickly see who has permissions to do what and answers the questions that suck up your time and patience, all from a nifty desktop dashboard! Free Permissions Analyzer is even more powerful than some of the tools you have to pay for; download it now and see for yourself!

Download your free tool here >

 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit from Microsoft Press and has published hundreds of articles for IT pros. Mitch is also a seven-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com

Ingrid Tullochis Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also Head of Research for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.