Posted by Mikael Nystrom on June 29, 2012
Johan Arwidmark and I decided to do yet another Geek Week, but since Microsoft is stepping it all up and shifting into System Center 2012 and Windows Server 2012/Windows 8 we also need to shift. So the next geek week will be based on System Center 2012 with client deployment and management in focus. So, we will do Config Manager, MDT, OpsManager, VMM, Service Manager, Orchestrator, Windows 7/8, Server 2008R2/2012, Hyper-V, Active Directory and much, much more. Watch the recording we did at TechEd Europa to learn a bit more…
Posted in Geek Week | Leave a Comment »
Posted by Mikael Nystrom on June 11, 2012
There are some new properties in MDT 2012 that can be useful.
In MDT 2012 there is a new function that will apply a local GPO during the deployment. In MDT 2012 there are four templates that will be applied automatically. If you open the templates folder in the deployment share you will see the following folders
If you don’t want them for some reason (not tested and verified) you can disable them using ApplyGPOPack=NO. I do however recommend you to download Security Compliance Manger 2.5 and import them and then verify that all security settings are correct according to your environment
HideShell means that the desktop (explorer) does not show up until the deployment process is done, this will make it bit more complicated to interfere with the computer while it is being deployment. If you are deploying Windows 8 you should set this to YES otherwise the Metro UI will cover the deployment process UI and it will very hard to see if a deployment process is running
This one works in conjunction with HideShell, since HideShell does not prohibit the user to press ctrl-del and start the task manager, but this one does. My recommendation is to use this after you have verified that your deployment process works since it will also make it a bit harder to troubleshot some scenarios
This one is very nice to use, the new version of the gather process will now expose if we are running on battery and as you understand it is not a good idea to deploy a new OS on a machine that runs on battery, so modifying your customsettings.ini file like the example below will block any attempt to deploy a OS on a machine that runs on battery.
SubSection = ByIsOnBattery-%ByIsOnBattery%
Posted in Uncategorized | 1 Comment »
Posted by Mikael Nystrom on June 6, 2012
Mr Adian Finn has done a very nice blog post on ACL’s in Hyper-V. Not so many know about this, trust me.
Here is an abstract….
There are many reasons why you might want to isolate virtual machines at the NIC level in Hyper-V. Maybe you have different tenants on a cloud. Maybe you have some stuff that has high security requirements. If so, then there’s a new feature in Windows Server 2012 Hyper-V that you’ll like: Port ACLs (access control lists).
Port ACLs allow you to set rules as follows:
- Local MAC/IP address: what local address does this apply to?
- Remote IP/MAC address: what remote address does this apply to? Can be a specific IP address or network address or a wildcard.
- Action: Do you want to block, allow, or measure traffic that this rule applies to?
- Direction: Are you apply this rule to inbound traffic, outbound traffic, or traffic in both directions?
It’s important to note that Port ACLs works at the address level and not at the port or protocol level. If you need that level of granularity, then check out one of the certified Hyper-V Switch extensions that MSFT partners such as Cisco and 5Nine are producing
the rest you can read here….
Posted in Uncategorized | Leave a Comment »
Posted by Mikael Nystrom on June 2, 2012
Yes, it is true. The Windows Server 2012 Community Roadshow is touching down in Sweden and guess who is running the show, well as you might have guessed it is me (of course)
So, if you would like to know more about Windows Server 2012 this could be something for you. The cost is none since it is sponsored by HP, Dell and for some reason Microsoft. I will be in Stockholm, Gothenburg and Malmoe “soon”
What will we cover?, well first of all we will run the demos on Windows Server 2012 RC (or later) and we will focus on Hyper-V, Storage, Network and Powershell (still working on trying to create as much script as can so I have some real useful scripts to show you)
I know the seats are limited so I’ll guess you should reserve a spot for your self as soon as possible.
You might like to now when, well. That is easy:
So, just go ahead, sign up here
Posted in RoadShow, Windows Server 2012 | Leave a Comment »