News Contact Company



August 20, 2012
Newsletter August 2012

Having trouble reading this email? View it in your browser.

TrueSec

News and Geek Stuff

August 2012

Welcome back, or if you are still on vacation, enjoy. We at TrueSec are ready to take on the fall, full of product releases from Microsoft. We have a busy period ahead….As usual we have our consultants share their wisdom below in their respective area of expertise, but I like to share with you what trainings we are planning for the products recently released and yet to come.

System Center 2012

Mastering ConfigMgr 2012” is becoming an epic class with Kent Agerlund at the helm. His experience and product knowledge, together with is ability to teach, is unmatched in the market. But if you can’t take the time, or just want to get a feel for what ConfigMgr 2012 is all about, I recommend Johan’s “ConfigMgr 2012 Essentials Video Training”.

We have added one more lab to our System Center components list with “Mastering System Center Data Protection Manager 2012 (DPM)”. A 4 day class, one of very few (if any) on the subject in the market developed and run by Robert Hedblom, Microsoft MVP (of course). Robert will run this class in Kirkland, WA in October.

With Roberts’s class, we now offer separate trainings on most of the System Center 2012 components, ConfigMgr, OpsMgr (SCOM), Orchestrator (SCORCH), Virtual Machine Manager (VMM) and the DPM. So if you want to go deep and learn from real life experience, and not settle for a five day overview, please join us in any of the above.

Operating Systems/OSD

I guess no one missed the upcoming release of Windows 8. Michael Anderberg will take you thru the what to consider in the enterprise prior to roll out in his “Mastering Windows 8 client in the Enterprise” in September. 

If you are already convinced on the beauty of Windows 8 and is ready to deploy, or if you are on XP and look to move to Windows 7, let Johan Arwidmark, the Worlds #1 deployment guru teach you how. In this updated class, “Mastering Windows deployment using MDT2012 and ConfigMgr2012” he teach you HOW TO WITH STYLE using the latest tools from Microsoft. Next stint is in Calgary, Alberta in October.
Mikael Nystrom is back in September with a new class covering Windows Server 2012. He is as always sharing his view in this month letter, with his piece on how to build a Windows Server 2012 environment Hyper-V and PowerShell.

 

And finally….Johan and Mike and Geek Week ll – System Center 2012 in mid-July. All things System Center, Windows 8, Windows Server 2012, MDT 2012……and more with a bunch of happy geeks..

We are now taking this class to Europe and run it in London and Berlin. Check it out!


johan-arwidmark-soft-mugshot.png

Johan Arwidmark:
 

 Troubleshooting CM2012 Task Sequence Actions using ServiceUI

mathilda mugshot.png

Mathilda Bertholdsson:
 

Windows 8 dual boot with VHD

kent-mugshot.jpg

Kent Agerlund

System Center 2012 Configuration Manager SQL recommendations

Kare Rude Andersen

News from Operations Manager 2012

micke-soft-mugshot.png

Mikael Nystrom

Fast and Easy: Build a more or less complete Windows Server 2012 environment using PowerShell and Hyper-V

 


Troubleshooting CM2012 Task Sequence Actions using ServiceUI

By Johan Arwidmark
- Microsoft MVP, ConfigMgr

When developing custom scripts for ConfigMgr 2012 you can save a lot of time by having a test-environment that allows you to interact with the Task Sequence in running Windows. The Task Sequence suppresses interaction by default, but by using ServiceUI.exe you can work around that...

Check the Video

Check this short video on how you simulate deployment settings and use the ServiceUI.exe for script testing...

ja120801.png

Download (MP4) Play (stream)

Troubleshooting CM2012 Task Sequence Actions Using ServiceUI (07:55)
 
 

News from Operations Manager 2012

UNIX / Linux monitoring

After Microsoft released the CU2 for SCOM 2012 your Linux monitoring is stable as a rock, the annoying stuff about running command and scripts against your linux build, but you didn’t get any results back - is gone – you are now getting answers, results, values, log information from your UNIX / Linux – So we are thankfully for this update – PLEASE remember to download the little 332 MB UNIX / Linux monitoring Pack as well.

http://www.microsoft.com/en-us/download/details.aspx?id=29696
http://www.microsoft.com/en-us/download/details.aspx?id=30421

ServicePack 1 for CTP (Community Technology Preview)

DO NOT – It’s not often I start a blog with these two words – but I have now had two questions about how to upgrade a management server to SP1 – YOU Cannot – Not until the final release of the SP1 release, so this is only to be installed in a test environment – and you will never be able to update this environment to the final release – so if you really want to test the comprehensive extension to Application Performance Monitoring – please create a new test environment with the SP1 STP build.

Network monitoring with the firewall on

To create the firewall rules on your Management Server - Run these 3 commands on each Management Server in the Resource pool you use for network monitoring.

netsh advfirewall firewall set rule name="Operations Manager Ping Response (Echo Response - ICMPv4 IN)" new enable=yes
netsh advfirewall firewall set rule name="Operations Manager SNMP Response" new enable=yes
netsh advfirewall firewall set rule name="Operations Manager SNMP Trap Listener" new enable=yes

More information about opening the local firewall: http://blog.coretech.dk/kra/firewall-rules-for-a-scom-management-server/

 

//Kare
 
 
System Center ConfigMgr 2012 SQL Recommendations
 

I have two SQL related question that comes up in all of my ConfigMgr 2012 projects. Those are:

· Where are we going to install the SQL server

· How are we going to configure SQL

Where are we going to install the SQL server

Answering the first question often ends in a political discussion between the ConfigMgr. administrators on one side and the SQL DBA’s on the other side. Most of the ConfigMgr. administrators that I know, strongly believe in having a local SQL installation. I’m also a true believer of that for several reasons.

· Remote SQL installations often do not perform much better.

· Security often becomes an issue and time factor in the project. We need SQL permissions to:

o Perform the installation,

o When installing Cumulative Updates and Service Packs

o Finally – we just need access to the database for all sorts of purposes.

· The ConfigMgr. database is not a regular database containing sensitive user information.

· With a remote database you are introducing an extra server and adding extra complexity into the project.

How are we going to configure SQL

Configuring SQL involves disk subsystems, database files, log files and memory. The configuration you choose is often based on the Economy in the project and performance SLA’s. I created an XL spreadsheet that I use to calculate the estimated size of the database, the size of each the database files and the number files that I recommend.

I start by entering the facts, like number of clients, server specs (# of CPU’s, Cores and Memory). The initial size of the database and the DB size pr. Client is based on my assumptions and experiences from previous projects.

 

Value

Initial size

5120

# Clients

15000

DB size pr. client

5

# processors

2

# cores

16

Memory

24576

 

Once I have the facts I use the numbers to calculate the estimated sizes and number of files. The estimates are based on my previous experiences, recommendations from the ConfigMgr. team along with general SQL recommendations.

 

ConfigMgr DB

ConfigMgr Log

TempDB DB

TempDB log

Size

80.120

26.440

24.036

12.018

Number of files

16

1

1

1

Size pr. file

5.008

26.440

24.036

12.018

Autogrowth

1.652

512

512

512

# RAID 10 volumes

2

1

1

1

 

ka120801a.png
I recommend creating the database files using the estimated size from the beginning. This prevents database from expanding too frequently, which can affect performance.

For my memory configuration I follow this simple calculation 2 GB reserved for the Operating System + 2 GB reserved for ConfigMgr. and the rest for SQL.

Min memory

8192

Max memory

20384

Conclusion

Above numbers are just recommendations and sometimes I’m not getting away with those due to political reasons and budget constraints. It is important to emphasize that ConfigMgr. will run with a remote SQL, a SQL server with less memory and another disk layout. Performance might just be degraded and the question is; can you live with that?

Download XL spreadsheet

//Kent

Windows 8 dual boot with VHD

Windows 8 RTM is here! If you don't want to upgrade but want to try it out, dualboot with VHD!

If you want to try out Windows 8 but don't feel like letting go of Windows 7 until you figured out where the Startmenu went, a local dualboot environment can ease your mind.

Before we start - you know when you were a kid and you wanted to be magician and do cool stuff to impress people but was too lazy to learn magic tricks?
Now as an adult, I think PowerShell can have that effect, and for us IT administrators who think that Windows 8 is too flashy, well... There are a lot of awesome cmdlets out there in Windows 8 (and Server 2012) and I mean this in a really good and comforting way.

So off we go!
Get your Windows 8 RTM 90 day trial
Scroll down on the page and sign in with your Windows Live ID

Download a Powershell install-windowsimage.ps1 script
To apply the installation files from the Windows 8 RTM ISO
And since you'll be doing this from a Windows 7 client you'll be needing an ISO application such as PowerIso or other (But hey, in Windows 8 there's already built-in support for that)

1. Run cmd as administrator and enter the following

· diskpart

· create vdisk file=c:\w8\w8.vhd maximum=20000 type=expandable

· select vdisk file=c:\w8\w8.vhd

· attach vdisk

· create partition primary

· active

· format fs=ntfs quick

· assign letter=M

· exit

2. Mount the Windows 8 RTM ISO and note the drive letter

3. Run PowerShell as Administrator and run the following command: Set-ExecutionPolicy Remotesigned (and answer Y)

4. In PowerShell navigate to the directory where your install-windowsimage.ps1 file is located by using cd or other commands and run the following command from PowerShell
.\Install-WindowsImage.ps1 –WIM F:\Sources\Install.wim –Apply –Index 1 –Destination B:\

(Where F is the drive letter of the mounted ISO and M:\ is the destination of my mounted VHD)

5. When the install.wim is applied and ready, you run the following command from an elevated cmd
bcdboot.exe B:\Windows

And done!

Now restart your machine, log on to your Windows 8 machine and... Why not run Hyper-V in Windows 8?

//Mathilda 

 
 

Fast and Easy: Build a more or less complete Windows Server 2012 environment using PowerShell and Hyper-V

I promised to post this long time ago, so here it is. The script I use to build more or less complete quick and dirty demo environments. I did have another script before that did create all the VMs’, but then I still needed to configure things like name, IP, domain join and all that so I decided to do pretty much like a normal deployment solution do, use a template unattend.xml file that I then modify on the fly. It is possible to add even more parameters if needed.

How does it work?

It works like this, it will create a VM in Hyper-V for Windows Server 2012 based on a differencing disk, add some more disks, mount the VHDx file, copy a unattend.xml to the virtual hard disk, edit the file by doing a simple search and replace on some keywords, save the file, close the disk, dismount everything and start the VM. The VM will go through mini setup and read the unattend.xml file and apply those settings. That way I can add things like IP, DNS, Name and so on. The script will accept a bunch of parameters which will be used both as parameters for the VM, but also for settings inside the VM. There for, the name on the VM will also be the name inside the VM. For me it takes less than 6 minutes to build 2-3 servers with the correct names and IPs and more.

What's next?

Well, easy. First you need to create a reference image the VHDx format and that should be created using Microsoft Deployment Toolkit 2012 Update 1. But if you are lazy you can use WIM2VHD.PS1. You might also need WIMINFO.PS1 to find out the index number of the WIM. So now you have a reference image for Windows Server 2012 in the VHDx format. Next is to download this script pack, unpack it and the run it.

Here is an example that will create a VM based on a difference disk:

.\MakeVM-DiffwUA.ps1 -VMBaseLocation D:\VMs -VMMemory 1024mb -VMRefDisk C:\Ref\WS2012.vhdx -VMNetwork External -UAtpl .\uafor2012wg.tpl -PW P@ssw0rd -GW 192.168.0.1 -DNS 192.168.0.10 -VMName DEMO -IP 192.168.0.100

There are two template files, one is called uafor2012wg.tpl and the wg stands for WorkGroup, the other one is called uafor2012dj.tpl and in that case dj stands for Domain Join. I did not specify the domain name to join as a parameter, so you need to modify that manually or extend the script with parameters for that to.

One more thing, I’m almost done with a more complete generic POC Hydration kit that will use this part for the VM creation and then complete the rest of the job using MDT, I’ll post it as soon as we are done with the next book, Deployment Fundamentals Vol 4:

/mike

 

 



 

Where to find us......

 

 

Mastering System Center Operations Manager 2012 with Kare Rude Andersen

Minneapolis

September 4-7

Deployment Geek Week with Johan Arwidmark and Mikael Nystrom

London, UK
Berlin, Germany

October 22-26
November 12-16

Mastering System Center Data Protection Manager 2012 (DPM)
with Robert Hedblom

Kirkland, WA

October 8-11

Mastering Windows Deployment usig MDT 2012 and ConfigMgr 2012 with Johan Arwidmark

Calgary

October 9-12

Windows 8 Client in the Enterprise with Michael Anderberg

Bellevue, WA

September 17-19

Mastering Windows Server 2012 with Mikael Nystrom

Minneapolis

September 24-26

Full schedule at http://www.truesec.com

 

This message was intended for '%%emailaddress%%'
Unsubscribe | To contact us please email info@truesec.com

TrueSec Inc.
8201 164th Ave NE, Redmond, WA 98052

 




TrueSec Inc    |     +1(425) 285-4477     |     info[at]truesec.com    |     Infrastructure    |     Security    |     Pentesting    |     TrueSec Inc. Website Privacy Statement