With the launch of the media RTM (Release To Manufacturing or End) of the Windows System Center 2016 2016 and it comes time to do the upgrade of 2012 and 2016 R2 releases Technical Preview.
I will address each of them from 2016 Technical Preview releases since the migration of 2012 R2 versions is typically simpler and supported.
Update: After install or upgrade download Update Rollups of System Center 2016: https://msincic.wordpress.com/2016/10/25/system-center-2016-updates-rollup/
System Center Configuration Manager (SCCM)
SCCM is one of the products that were already in 2016 version since the beginning of the year, when it was released as SCCM 1511, following Windows nomenclature 10.
Follow the posts that I’ve written about this version:
For those who have the SCCM R2 upgrade 2012 is quiet and just run the Setup to work.
System Center Operations Manager (SCOM)
The SCOM upgrade can be done both of the 2012 version R2 as of 2016 Techincal Preview versions in the same way, it supports both paths.
The only recommendation that the setup is to back up the databases (and DW) before, because there’s no way back if errors occur in the middle of the process:
You will need to upgrade the Report Viewer, before we use the RV of SQL 2012 and should now be used RV of SQL 2016, which is found in the link of the actual Setup:
System Center Service Manager (SCSM)
Upgrade both the 2012 R2 as the Technical Preview is simple, requires no type of restriction, occurring very quiet:
It is important to remember at the end which will upgrade the Management Packs from the wizard to the SCOM 2016 has:
System Center Virtual Machine Manager (VMM)
This is a product that does not allow the automatic upgrade of the Techinical version Preview, but allows from the 2012 R2.
In the case of Tecnhinical Previwe, the Setup will indicate that already exists and will ask to uninstall:
However, the reinstallation is simple. Just when choosing to keep the database:
When you run Setup again using the same database and directory of libraries:
After that VMM will function normally, but it’s good to remember that you will need to uninstall and reinstall agents, if he doesn’t do the automatic upgrade of the agent.
Recalling that one of the most interesting features is integration with Azure: https://msincic.wordpress.com/2015/06/03/system-center-virtual-machine-manager-2016-tp2-integrated-with-azure/
System Center Orchestrator (SCORCH)
As well as the VMM, it requires reinstalling but it is possible to maintain the database and repointing on new installation:
After the process, the normally appear with the same runbooks Integrations Packs.
In the case of SCORCH Packs and Integrations of the SCOM 2007 is important to upgrade the packages, and in SCOM 2007 is a lot easier to have the menu, while not the Orchestrator.
Last night (10/12/2016) Microsoft released the Windows Media Server Standard and Enterprise 2016 for MSDN subscribers and customers of volume by the VLSC.
This new release brings several new features, such as distributed Storage (similar to VMWare VSAM), new features to the operating system.
On the page https://www.microsoft.com/pt-br/server-cloud/products/windows-server -2016/default.aspx # MenuItem3 is possible to see all the new features and documentation.
Important to note that other than Windows R2, Windows 2012 2016 back having feature differences between the Standard version and Enterprise!
Update Post Installation
It is important that together with the installation media also download the Cumulative Update 1:
That’s right, the media finals was available along with the first Cumulative Update. The reason is that the availability of media Technical Preview generated data for new fixes, and these were included in the CU1.
2012 R2 Version upgrade and Technical Preview
Is it possible to upgrade from the 2012 version R2 normally in any type of installation.
For those who had already installed some TP is possible to upgrade directly, but only for the version with Desktop Experience installed.
Other cases can be found at https://technet.microsoft.com/windows-server-docs/get-started/supported-upgrade paths
In the example below, the result of upgrading a clustered Hyper-V server that has Storage Spaces with SSD disks and RAID several VMs running:
As in previous versions, if an error occurs during the upgrade you can revert to the previous state without problems.
However, unlike a client operating systems (Windows 10) this revert is not possible after the upgrade to be finished.
As I had written some time ago, one of the most interesting new features of System Center 2016 is the ability of products if update automatically.
In System Center Operations Manager (SCOM) and Service Manager (SCSM) are OS Management Packs and in System Center Configuration Manager (SCCM) update includes the binaries on the server, agent, and console.
Automatic update of SCCM
By SCCM console go to Administration -> Cloud Services-> Updates and Servicing and will be possible to view the list of updates, which in the case of SCCM are the Builds, since he has no more versions.
Click on the version that is available, the SCCM will keep track of the updates already carried out.
When selecting the update it is possible to view the new features that the update will make the list of Knowledge Bases:
An interesting item to start update is that we can ignore the prerequisites as can be seen on the screen below the checkbox to ‘ force ‘ the update.
Of course it is important to allow the requirements to be tested, to install an update that is not with the complete environment can generate problems and permanent unavailability.
Another important item is the possibility to choose the features that will be included in the CONFIGURATION MANAGER with the update. For example, the Apple Purchase Volume is installed right now as if they were the features by the console in "Site Roles and Services".
If you do not choose to install the features at the time of installation of the update, you can run again later the same way:
How updates "carry" the new features we can choose what we will enable as in other configurations of roles:
Finally after the update the SCCM may ask to restart the console and finish the installation:
It really is an excellent resource to have updates to hand so simple and reliable.
This feature will make it easier to keep the SCCM and other System Center products healthy with the latest updates.
One of the resources released for customers who have Skype For Business is the Broadcast, that allows sessions and online events for up to 10000 people, with anonymous access, restricted, moderator and other resources in a web interface without plug-ins.
This feature works like the Webex, with questions and answers Panel, audio and video. However, as the presenter is the Skype For Business can share from a ppt to a whole desktop.
The best of it? Is a free resource for all Enterprise clients with Office 365 E1, E3, E5 or Skype For Business Plan 2!!!!
Important: you must enable the feature in your tenant, which can be done using PowerShellhttps://support.office.com/en-us/article/Enable-Skype-Meeting-Broadcast-5299cce0-850e-42dc-b6ae-2d0ee775c4a9
How to set up a session or Event
Go to the website https://broadcast.skype.com with your corporate account and you will have access to your calendar with upcoming events:
To create a new event, click "new meeting" and enter the required data:
- Members: Are users that will join with the Skype For Business and can both make simultaneous presentation as act as moderators
- Participants: Who can watch, if anonymous just repost the link generated. If it’s safe, it will be necessary to inform the list and can be external users. If you choose any company will be validated with the Azure AD
- Video Recording: when you select this option, the meeting is recorded and is available on the portal above. However, if you choose the option "Provide." users will be able to attend the event with the link of the inscription, as a Replay
After created the scheduling is possible to show details such as link and create an invitation to be distributed:
But is the screen "Participants page settings" where we have a few interesting items:
- Troubleshooting and support: The link appears at the meeting for users click if you have any problems. Is not interactive and a standard Microsoft page that can be replaced by a custom page
- Custom Link: As the default link has session codes, it is possible to both shorten with specific sites like http://aka.ms orhttp://bit.ly or enter the link please, remember that will always bear the name of the tenant
- Right or left panel application: We can choose which application will appear to users such as Yammer, Pulse or the most important of all, the questions and Answers pane.
Initiating and participating in the Session
By using the link provided, it is the custom or default, will be presented with the screen below:
When you click "Enter as a member of the team of the event" will open the Skype For Business as it is where we can use voice, video, and sharing, in addition to the chat frame which will be P & R seen by participants.
When you click to "participate in the event" the user will see the screen or content shared by the members of the team along with the response that is the most common configuration:
We have an excellent tool at hand, many today use paid services and don’t know the Office 365 plans today offer this feature free games!
As is expected for all MIcrosoft IT professionals, the Azure Stack release is awaited with great anticipation. The launch was expected along with Windows 2016, but has now been postponed to the middle of next year.
Basically, the Azure Stack is the same structure of Azure, but for on-premisse environments with the new portal.
Microsoft has had this product in the past as CPS by Dell (Cloud Platform System) which was a rack of servers with System Center and Windows Azure Pack configured to provide cloud solutions "in the House".
The evolution of the product was evident, the new portal of the Azure compared to previous portal with its new features and features was what made us wait so eagerly the Azure Stack.
What has changed now?
Just as in the CPS, the Azure Stack will integrate software and hardware updates and advanced capabilities of biling, monitoring and resource balancing.
Additionally, the potential users of this type of product are businesses who need cloud models and commercial Datacenters.
Therefore, it is not possible to turn the Azure Stack on any hardware and ensure environmental criticality with 99.95% SLA is the desire for this type of environment.
One advantage of the Azure Stack on the CPS is that CPS was a Microsoft product By Dell and the Azure Stack will allow any manufacturer homologue the hardware!
This is not a change of course
Despite the Azure Stack have been publicly released, always knew he would require more hardware "heavy" and that this type of solution requires the use of approved hardware.
Everyone who already work with Datacenter solutions knows that models like the Microsoft CPS and the VCE (VMWare + Citrix + EMC) are essential to ensure that all resources of servers, storages and networking work each other without falling performance, resource loss or incompatibilities.
Anyway, the Azure Stack will be a major release and a huge evolution in Microsoft’s private cloud model, but don’t expect to run it on that server you have at home;-)
Part of the new features of Windows 10 is the ability to drill down on security and integration with features of Microsoft DCU (Digital Crime Unit), which is the Microsoft unit that works with the Defense Department to generate and identify attacks around the world (https://blogs.windows.com/windowsexperience/2016/03/01/announcing-windows-defender-advanced-threat-protection/).
Types of protection Available
In general the virus are based on what are DAT files with virus signatures and can identify programs that have activities or part of these codes considered dangerous. In this category are all current antivirus, which includes Windows Defender.
Already advanced protection systems rely on internal and external behavioral analysis, that is, they identify potential threats by behaviors like some products from Symantec and McAfee, which identifies machines by sending packets to other machines, with brute force logins, etc.
Already the behavioral protection systems with external analysis are very different products. They analyze behavior of machines in the environment and external communications. With this it is possible to identify:
- A group of machines getting packages from a particular machine with suspicious content
- Packages from countries where the phishing attack and the like are common
- Packages from machines already identified as "zombie"
That is, based on the analysis of the own environment and behavior of hackers, it is possible to identify certain hacker is trying to break into a company to analyze that this hacker is sending packets to the target company’s network.
What is the ATA and the ATP
Microsoft products this product is the ATA (Advanced Thread Analysis) that works in Active Directory and user logins, and ATP (Advanced Thread Protection) that works with Machine Learning (data analysis) on the logs of the individual machines.
In practice the Windows Defender ATP works with the same log that Windows Defender, but online and on the basis of the analyses and data of the DCU. With this it is possible to identify threats that are not found in traditional DAT or based only on a single machine, which is how the traditional antivirus work.
The ATA is part of the EMS (Enterprise Mobility Suite), but can be purchased part: https://www.microsoft.com/pt-br/server-cloud/products/advanced-threat-analytics/overview.aspx
The ATP is still in preview with on-demand access: https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp
Overview of ATP
As I already have access to the ATP, let’s see how it works. To request such access, enter the page above and complete with your data. You can include machines for your environment, but the system generates some machines with viruses and problems to test automatically. Note on the screens below the user used is generated by Microsoft for testing.
To get access, the first step is to indicate retention time and company profile to produce threads by thread type:
In the sequel we generate the package or the script for distribution of the settings. Note that you can create the packages for distribution by GPO, SCCM, Intune or site which is what I use in my tests:
The next step is to download the package, in my case the Script Location:
The script contains a file CMD to be executed manually in machines that wish to Defend logging is sent to the ATP. This script creates a key in the registry to indicate my tenant and activate the ATP:
From now on its machines will send data to the ATP.
In the case of my test, I can use the data of the machine that Microsoft generates tests and view alerts and dashboard. The first screen is the Dashboard indicating the General behavior in the monitored environment:
In this case I have no alerts generated in the last 30 days, but I have the tenant creation to demonstrate how to use the alert management:
Each alert can be ignored, marked as resolved or deleted in any tenant or just for this particular machine:
This type of data analysis is essential for the security of the Corporation. Soon available as a service on Azure, the ATP is a new way to analyze and ensure your environment.
To use the Log Analytics, former Operational Insights, together with System Center Operations Manager you can do this by SCOM itself console.
This form of integration already in March 2014: https://msincic.wordpress.com/2014/03/27/integrating-scom-with-system-center-advisor/
Despite having changed the name of System Center Advisor, then for Operational Insights and Analytics Log now, the process of integration with SCOM remained the same.
But to a limitation in the SCOM integration process, because it only allows a who/Log Analytics account by organization. In many cases it is necessary to use more than one account, for example:
- Service providers and CSC in that each client has a different account in Azure
- When we use multiple signatures to monitor the same physical environment
- When one of the accounts is the benefit of Visual Studio with limited credits and wish to separate the servers in different accounts
In these cases we can use the two methods the same time, install the SCOM agent and do not link to a Log Analytics account and make the process only in the desired machines.
For this, the first step is to open the Log Analytics and copy the Workspace ID and the Primary Key. See in the example below I already have my SCOM Log integrated Analytics.
The next step is to go to the machine that you want to monitor and open the SCOM monitoring agent (Microsoft Monitoring Agent):
To open the agent settings note the aba Azure Operational Insights (previous name Log Analytics). See in this print that I already have the machine being reported to the SCOM:
Enter your account details in the Log Analytics and ready, now you can have multiple accounts or individual monitoring:
Now my Active Directory data that previously were not being populated are duly completed and monitored: