In this fourth article about using SCCM to talk about SAM (Software Asset Management) Let’s talk about Asset Software Metering (software metrics).
To remind you of our agenda and the agenda of the items, use the link started: http://www.marcelosincic.com.br/post/Software-Asset-Management (SAM)-com-System-Center-Configuration-Manager.aspx
Introduction of the Software Metering
When you need to manage use of software is important to control who needs and actually uses a given software asset. Often we are faced with the situation of users requesting and installing various software, or even put it in pictures, and the company is paying the Bill for something that was never used.
Previously up to version 2007 R3 was possible indicate how many concurrent executions could be carried out in a software, but this type of licensing no longer exists. In the current licensing rules include the installation of a software and not the execution. Companies that still use the method of simultaneous execution using logs on the server or key locks .
A good example of the necessity of Metering are products such as Access, Visio and Project. Many installations of Visio and Project were made for a single occasion that the user needed and there was consuming license and therefore money.
The case of Access is the difference between Office Standard and Office Professional, which in very different values (Professional enough to be more than twice the price of the Standard) but in functionality the main difference is Access and Skype For Business full. Few users actually use the Access, most could only use the Runtime engine. In the case of the SfB can use the Basic version that just does not work for VoIP or multi-point Conference, which are little resources used in everyday life of most users.
Enabling the function
It’s not a Software Metering Server role and a feature that is controlled by the Management Point. The basic operation of the Metering can be described as:
- You enable the Software Metering rule in settings of agents
- We created or enabled what inventoried software will be measured
- The agent receives metering rules to control the use of the software indicated
- These data are periodically sent to the Management Point that will consolidate
To enable the rule, just go in Administration-> Client Settings and change the default rule or create a specifies:
In the example above I enabled the Metering and pointed out that the agents will report every 7 days. This time is important within its asset management schedule, if you manage assets on a monthly basis can increase the biweekly period, but it is important to remember that if the collection period is high may have delayed data.
For example, if the collection period is 20 days and a given agent made the report of data on day 14, it will only report again on day 4 of the following month. If your reports are generated on the first day of the month, he will be with incomplete data for this example. Therefore, in general choose the period of 7 or 5 days.
After you have enabled the agent rule can indicate on the server which the retention period of the data, and if we want the list of software is copulada automatically:
Note that it is possible to indicate that a software only to appear automatically in the list if it is more than 10% of computers, to avoid that the list be so great with any executable that exists on the machines. Also note that we can set a limit and after this (in the example 100 softwares) will no longer be created the rule for new software.
Defining the software that will be measured
The Metering takes advantage of software inventory to generate a list, bringing all disabled:
The easiest way to work the Metering is enabling for the desired software, but that’s how inconvenient the file version (File Version) because the inventory generates version rules.
This can be useful for companies that have multiple software licenses in different editions, for example the Visio 2010, 2013 and 2016. In these cases it is possible to know who uses Visio on version specifies.
However, in most cases it is irrelevant. Do not control who uses each version, because almost all of the software do not allow different editions on the same machine.
Therefore, you can change the data or create new rules using wildcards such as "*" to indicate that any version, language or name goes for the rule. For example, we can change the rule above VMConnect.exe version for "*" or "6.*" and thus increase the range of measurement rather than create a rule for each version.
In addition, you can create your own rules like the example below:
In this case we’re measuring the use of the Word in any language version of Office.
Software Metering reports
There are currently 13 reports to the Metering:
Some are very interesting and worth mentioning.
The first one is the "Total Usage for all metered software programs" that provides summary data of all software with rule enabled, sorting by local usage or by Remote Desktop:
As the TS/RDS licensing is different from local licensing, these data are very important to generate an optimized licensing for the enterprise.
Another report that seems to have a lot of added value but serves administrative purposes is "Time of day usage summary for a specific metered software program" as it provides a view of demand:
For example, this information may be useful to measure network performance on client server applications such as SAP, TOTVS or others who suffer spikes in use during the day.
Other reports also provide interesting data:
- Computers that have a metered program installed but not run in time – allows you to view the computers that have, for example Project and don’t use it during the whole month
- Computers that run a specified metered software program – is the reverse of the previous one, showing who used the program during the month
- Total usage trend analysis for a specific metered software program-this report details the previous one, because it shows how many times a particular software was used and for how long. This report will make it possible to identify someone who used a software and kept it open for 10 seconds, indicating that actually opened by mistake.
The Software Metering is not a part of the SAM, do not represent licensing data as does the Asset Intelligence.
However, the Software Metering is essential to reduce and optimize the licensing that companies pay, for allowing to know who actually uses a specific software to work.
In this third article about using SCCM to talk about SAM (Software Asset Management) Let’s talk about Asset Intelligence (AI) or Intelligent Assets.
The difference between inventory and control/asset management is intelligence about the collected data, which is made by Asset Intelligence in System Center Configuration Manager.
To remind you of our agenda and the agenda of the items, use the link started: https://msincic.wordpress.com/2016/05/03/software-asset-management-sam-with-system-center-configuration-manager/
Activating the Role (Feature)
To activate the AI is necessary to activate the role on a Site System Server, in this case I use my primary server:
Setting the role THERE is very simple, only enables and defines the schedule:
Configuring the Feature
Setting the scroll is as simple as it was in practice activation simply use the button "Enable or Disable Asset Intelligence Point Groove folder Syncronization".
This synchronization is required to assemble the table of products, categories and product requirements. As can be seen in the menu above, the AI works with this information to mount Smart inventories data indicating the computers with appropriate software and even to assemble the list of licensing of Microsoft products.
The result of the synchronization is shown in the table below:
See that 31 of the software installed on my environment inventoried have been identified, other 51 are not on the register from Microsoft, and can be viewed by clicking the number 51:
It may be noted that in this case most software are Microsoft, but are not identified because, as can be seen on the first screen of AI, he’s not synchronized in the last 6 months
We can manually identify items by clicking on properties and entering the data as categories and families of software. This data is not essential for licensing or inventory, but essential for asset management since categorize and divide into families is part of synthetic reports presented.
Note also that we have the possibility to use Label 1-3 to customize desired reports with products or other information that is important in your organization.
Finally we have the menu option Hardware Requirements which obviously identifies the requirements that a software needs. It is also useful when we wish to run reports for hardware asset management, prioritizing computers whose software need it installed:
Finally, in the Catalog menu can include classes, families, and custom labels. It is important to keep this table aligned with your needs, but it is not essential to the operation or the asset management practice:
The importation of licenses is done to create the management reports and licensing. To do this click on the button Import Software Licenses:
Where this file can be found or created?
For corporate customers can use the VLSC site that lists all software purchases made, and have the option of importing to XML. Just grab the generated file and import into the SCCM.
If mount this file manually, you can use the template available in https://technet.microsoft.com/en-us/library/hh427341.aspx. Basically we created a spreadsheet in Excel and export to CSV.
The difficulty in this case is to create the file with the exact names, software manufacturers and version and Edition information. But once created the file, maintenance is very simple.
THERE are reports in the category itself and can be viewed by the Filter as shown in the list of reports below:
The first reports are the Hardware where the AI uses data collected to generate reports with significant differences from the normal inventory reports.
Featured for some reports:
- 03a Primary computer users – AI identifies what the main computer of each user, this is based on who uses the computer for more than 66% of the time
- 04a Computers with multiple users – where there are no computers a user who is logged in for more than 66%, that is indicative of a shared computer for multiple users
- 10A Computers in … have changed memory – list of computers had changes of memory, which is the comparison between different hardware inventory and identifies the change
- 10B Changes on a specified computer. – List what was changed in a given period of time in a selected computer, which is useful for identifying changes in a reference computer or strategic
Important: to operate the reports 03A and 04A it is important that the Windows Security Log is enabled: https://technet.microsoft.com/en-us/library/gg712322.aspx # BKMK_EnableSuccessLogonEvents
The second part of reports are the software:
Some reports are more important, although all are especially needed:
- 04a/B/C Autorun-Are reports that allow the administrator to view the software that are in auto on computers, which is important in a great environment
- 07A/B/C executable Recently used by Computers – Are interesting reports for the management of assets, but normally use Software Metering reports, which is a requirement to work
- 08a/B/C executable Recently used by Users – Are reports like the 07 series, but based on the number of users
- 09a/B Infrequently used software-This report is the most important of this category, because it is decided where to uninstall a software with insufficient licenses or decide to purchase software. For example Viso, Project and mainly Visual Studio has high cost and know where are not used is a significant savings
Important: For the AI software reports work is needed that is enabled the Software Metering https://technet.microsoft.com/en-us/library/gg712306.aspx
These are the reports that matter in this series.
We can highlight the most important:
- 01a/B/C/D Microsoft VL ledger – Are reporting that allows us to view the summary of licensing that was imported, mainly when the file was imported from VLSC these report give us the vision of total licensing
- 02a/B/C Nearing expiration – Are useful reports when the software has expiration date, what can happen with Office 365 and other products bought at EAS contract that must be renewed annually
- 06A/B Per licensed Processes-these reports are essential for the licensing of SQL Server and Windows Server that have per-processor licensing (Windows) or Core (SQL Server). In the case of SQL licensing can also be Server + CAL model and it can only be controlled manually
- 14B-List of MS SW … not found – Useful to validate products that are not in use and can be other substitutes that are blown, for example licensing change the version of Office Professional by Standard
- 14A and 15A Reconciliation – are the most important, that summarize the licensing
Below are the most important. The first identifying the purchases and the canal (the caption is on the last page), list of inventoried products that require license that is useful to create the manual license file along with the third where we see the products that have not been found in the license file:
Finally, the most important of these is the conciliation report. As can be seen, a good deal of manual work is already done by CONFIGURATION MANAGER:
In this second article about using SCCM to talk about SAM (Software Asset Management) Let’s talk about how to go beyond the standard (default) in SCCM Software inventories.
To remind you of our agenda and the agenda of the items, use the link started: https://msincic.wordpress.com/2016/05/03/software-asset-management-sam-with-system-center-configuration-manager/
Rules of agents
In the CONFIGURATION MANAGER 2012 and later versions you can create rules to different computer groups. These differentiated rules are created with only the items that you want to change the default and then applies (Deploy) to the desired computer group:
Creating a rule to expand the inventory to the SAM
The rule to expand the inventory beyond the default is include in custom rule the piece of Software and Hardware Inventory.
In the SW Inventory is important to include the extensions that should be part of the inventory. In general we choose only what is "*.exe", but it is important for a SAM in addition to Microsoft products include whatever "*.com". The reason is that some software still rely on command and applications with the details of these executables can go beyond Windows applications.
Besides the inclusion of extensions for accuracy it is important to include details (Inventory reporting detail: Full details) that will allow to know the date of installation of software and some other data. For example, software not MSI (Microsoft Installer) the details need to be captured directly in binary, since it generates data in the add and remove programs control panel.
Now let’s talk about Hardware inventory, the main additional settings that involve the add and remove programs present in the control panel.
In the Hardware inventory we have settings that are not included in the pattern that can be accessed by the button Set Classes. To access them filter by word or category Software. It is important to not help noticing that are information handled by Asset Intelligence that we will treat in another article.
The first category is that of software installed that returns very important data involving the type of installation, the date, location and source. This information can help define the date when product needs to be paid in the event of a settlement which included reverse billing. In addition, software running on a particular source may have some type of licensing, for example software that are signed and executed from a dedicated server.
The second group of settings helps identify evaluation software and mainly OEM. In many customers find machines bought in OEM but using images and thus invalidate the keys. Collecting this data it is possible to raise more clearly what is OEM:
The third group of settings serves to identify volume key enabled software, called VL. In general we use the server KMS (Key Management System) to automatically activate Windows and Office automatically without the need for internet. As software licensing by contract need VL, it is important to identify this information.
Useful reports based on Inventories
Based on the inventory of files. EXE and. COM is possible using a series of reports listed in the screen below. However, always highlight the diff report of software between computers. For example, you can use a machine of a user to compare if it conforms to other people’s machines. This helps in cases where companies allow users to install software, but still want to control or have a template by Department or another variation:
In the list below we see the reports that are generated based on the Hardware inventory. Are simple reports and a list of software with details such as version and instances totaled. In general we use these reports to have the details of a particular product. For example, the non-server licensing product more expensive is the Visual Studio in any of its versions and know where it is installed is very important.
All reports can be signed, which allows you to receive them in your mailbox or in a shared folder on the network. It is interesting to follow certain software that need to be controlled, for example Visio, Project and Visual Studio that has high cost.
In this article we’re talking about reports for Microsoft SAM, but the signing of reports is available for all of them and is a resource that needs to be used for effective control of licenses.
In the Dell third-party software whenever we deal with the need of active management, technically called SAM, Software Asset Management.
Before we talk about how to use the SAM it is important to understand the difference between a SAM and inventory, most common and simple functionality of System Center Configuration Manager.
While the inventory is only a inventory of the software installed on the machines (desktops and servers), SAM involves an intensive work with the inventory data. In simple terms, SAM is the analysis of data collected by someone who knows to indicate licensing best practices aimed at reducing costs.
As an example of efficient consolidation include a SAM database server, processing and virtualization on-push to cloud.
Details of tools, examples of SAM-based advisory Use Case can be seen in the main Microsoft link https://www.microsoft.com/sam
In most cases we use the MAP (Microsoft Assessment and Planning Toolkit) to inventory, but when the client has System Center Configuration Manager (SCCM) installed the process is much simpler, because the data are ready.
The biggest advantage of SCCM on the MAP is the fact that the MAP be a passive tool based on on-shoot, as well as doing search using network protocols. SCCM has the active agent and generates data more complete as the Software Metering and Asset Intelligence with critical reports on use of software.
During the next few weeks I will put together a series of articles with usage tips and rules of SAM with SCCM, with topics:
- Enabling features of inventories in SCCM, besides the default
- Enabling and configuring the Asset Intelligence
- Enabling and configuring the Software Metering
- Interpreting licensing data for desktops
- Interpreting licensing data for servers
- Converting licenses to Office 365
- Converting licenses for Azure
Let’s talk about licensing and SAM!
In the new versions of System Center, updates are intelligent. For example in SCCM all product and feature updates are automated (https://msincic.wordpress.com/2016/03/24/new-feature-of-system-center-configuration-manager-1511-updates-and-updates/).
In the case of System Center Operations Manager one of the problems was that updates to Management Packs have to be manual through monitoring of product blogs.
The new feature of Updates and Recommendations lists Management Packs that had update and allows with the button Get All MPs download the updates automatically:
A good news to the Administrators group of SCOM!!!
What is the SCCM 1511 and when they will leave SCCM 2016?
Before I talk about this new feature, it’s good to remember that now the SCCM year as version (2007, 2012, etc.) and will be like Windows 10 using a build and we are currently in 1512 in RTM (not test version).
This is good news, because the concepts of version that hinder the licensing and maintenance. Even better with the new feature that we can talk now.
What is the Update and Servicing?
One of the news involving the System Center Configuration Manager’s console update 1511 "Update and Servicing".
This new functionality could be complemented with this feature (https://msincic.wordpress.com/2014/07/16/configuration-manager-servicing-extension-for-sccm-2012-sp1-and-r2/), but now has moved on.
From that new item in the console it is possible to know which version is the Build in production and to download and install as if it were Windows Update to SCCM.
In the example below you can see that downloaded the update from 1511 to 1512 without any intervention during the download and installation, coupled with the fact that he automatically do the rollback on failure:
It is interesting to note that it is now possible to download only updates features in the Update and Servicing, which was not possible until 2012 SCCM R2.
With this news coupled with the fact that we don’t have more complex versioning, it will be much easier to maintain in SCCM.
It is common to install SCCM in its various versions leave to put the key after the evaluation.
However, in 1511 version released in late November the common option being used doesn’t work anymore, i.e. use the Setup option in "Perform maintenance site or reset this site":
However, note that it appears the option to include the installation key:
This "problem" is most likely a bug or some intention not yet defined after 60 days the SCCM 1511 passes to no longer give the option of using the key.
To rehabilitate, it’s important to know that the problem is a change in the key HKLM\Local Computer\Software\SMS\Setup where the Product ID is changed to "NONEVAL", which prevents the insertion of the key after installation:
To resolve this problem, simply change "NONEVAL" to "EVAL", close Regedit and rerun the Setup:
Voila!!!! We can now include the key!