CCMEXEC.COM – System Center blog

CCMEXEC.COM – by Jörgen Nilsson

I thought I would share how I demo Microsoft Intune and management of devices as it hard to display some devices in a Lync call or in a conference room, and it is heavy to carry all that hardware with you ;-)

Android, for testing Android I use Genymotion which is a Android Emulator that is free for personal use. It uses VirtualBox seamless in the background and runs Andorid virtual on top of Virtualbox. You can download Android images for Samsung Galaxy S4 with Andorid 4.4, Nexus and a lot more.
Genymotion1 To be able to enroll it Google Play must be working on the virtual Android device, here is a blog post on how to enable it http://www.techrepublic.com/article/pro-tip-install-google-play-services-on-android-emulator-genymotion/

After that you can just fire up you Android device and enroll it in Intune.

iOS, For iOS I have used iTools before but it doesn’t work that well with iOS 8.2 anymore so I reverted back to using the Reflector application instead which makes you PC a Airplay device so you can simply use Airplay on you iOS device and select to mirror the screen of your PC. Works really well.
One note though, if you are using guest wireless network it is not always that they allow peer-to-peer connections so I use a small 4G wifi pocket router so I know it works.

Windows Phone, Windows Phone is somewhat easier as in Visual Studio Express 2013 with Update or later you can choose to install the Windows Phone 8.1 emulator as well. https://dev.windows.com/en-us/develop/download-phone-sdk . The Windows Phone 8.1 emulators uses Client-Hyper-V in the background so it cannot run on the same machine as Virtual box and Genymotion, here is one solution that can be used from Scott Hanselman to add a boot option to your Windows 8.1 and choose Hyper-V or VirtualBox.

Happy Intune testing!!

In the January 2015 Patch Tuesday update the .Net Framework 4.5.2 is included as an update to all supported platforms. Category: Feature Packs.

NeT452

If you haven’t tested .NET Framework 4.5.2 with your applications already and you are building your images and pulling the updates for those images from Windows Update Directly you need to exclude the .NET Framework 4.5.2.

I wrote a post on this a while ago so just replace the KB article with the one for .NET framework 4.5.2 in this post. http://ccmexec.com/2014/06/exclude-net-framework-4-5-1-building-images-using-windows-update/

Some more information about .NET Framework 4.5.2:

What’s new in .NET Framework 4.5.2 http://msdn.microsoft.com/en-us/library/ms171868%28v=vs.110%29.aspx#v452
K
nown issues with .NET Framework 4.5.2 http://support2.microsoft.com/kb/2962547/en-us

In Configuration Manager 2012 R2 a new variable was introduced to help us solve an issue with installing applications in a task sequence on new computer with SSD drives where all the networking components are not loaded when the Task Sequence tries to access the MP which results in the fact that the Task Sequence fails.

After doing a lot of testing with a lot of help from a new colleague of mine Johan which did a lot of testing (not the Johan you think of;-) ) the value should be entered in Milliseconds instead of Seconds! Combining this value with the following two solved all our issues with applications not installing during the Task Sequence:

SMSTSMPListRequestTimeout=120000

SMSTSDownloadRetryCount=5

SMSTSDowloadRetryDelay=15

Today a hotfix was released as well, KB3007095, Applications may not be downloaded in System Center 2012 R2 Configuration Manager

To answer the question can you use Applications in a Task Sequence? Yes you can, works great when you have solved the above issue. Technet will be updated with this information as well and hopefully the hotfix will make it more stable as well.

I hope this can save time for someone.

Microsoft System Center 2012 Configuration Manager Servicing Extension is now released!

This add-on to the Configuration Manager Admin Console makes it easier to manage Cumulative updates in your environment. When installed it adds a new node to the Administration pane in the Admin Console.

Make sure to check it out!

Servicing

Download it here: http://www.microsoft.com/en-us/download/details.aspx?id=45033

When I logged in my Microsoft Intune account today it was already updated with the new UI which looks great and all the new cool features are there as well, just in time for my session at Microsoft Techdays 2014 in Stockholm tomorrow. It even looks cool in Swedish ;-)

Intune_2014_swedish

The November update 2014 of Microsoft Intune adds a lot of new features and brings the standalone version of Intune or Cloud only if you like up to parity with the Hybrid solution where you integrate Intune with Configuration Manager. There are actually settings/features that can be used only in the standalone version.
Looking at the TechED session of what will come next with a secure way of managing corporate applications, an app wrapper to manage your LOB apps and Office for Android as well I would say that this brings Intune up as a really strong enterprise device management solution with unique features and end user experience!

So what is new in the November release? It is listed here as as well on the Intune blog which you really should follow: http://blogs.technet.com/b/microsoftintune/archive/2014/11/17/new-microsoft-intune-capabilities-coming-this-week.aspx

  • Enhanced user interface for Intune administration console
  • Ability to restrict access to Exchange on-premises email based upon device enrollment
  • Bulk enrollment of devices using a single service account
  • Lockdown of Supervised iOS devices and devices using Samsung KNOX with Kiosk mode
  • Targeting of policies and apps by device groups
  • Ability to report on and allow or block a specific set of applications
  • Enforcement of application install or uninstall
  • Deployment of certificates, email, VPN and WiFi profiles
  • Ability to push free store apps to iOS devices
  • More convenient access to internal corporate resources using per-app VPN configurations for iOS devices
  • Remote pin reset for Windows Phone 8.1 devices
  • Multi-factor authentication at enrollment for Windows 8.1 and Windows Phone 8.1 devices
  • Ability to restrict administrator access to a specific set of user and device groups
  • Updated Company Portal apps to support customizable terms and conditions

There is a recorded webinar here that shows the new features of Conditional Access: https://azureinfo.microsoft.com/US-Azure-WBNR-FY15-11Nov-EMSWebinarSeries4-Registration-Page.html?ls=Social&WT.mc_id=Blog_Intune_Announce_PCIT

And as I wrote above you will be able to use control access and manage you LOB applications as well in the future and it is demoed here at TechED if you want to have a look: http://channel9.msdn.com/Events/TechEd/Europe/2014/EM-B312

If you haven’t looked at Intune before you really should and if you have look again! If you are attending Techdays 2012 in Stockholm 19-20 November I hope to see you there!

Mine and Stefan Schörling’s (www.cmtrace.com) session, System Center Configuration Manager Community Jewels from TechED Europe 2014 is now live on Channel 9. If you think you saw it already in Houston you are mistaking, we have switched some Demos and added new tools in the presentation like Cireson Remote Manage App, 2Pint Software – BranchCache for OSD. Thanks to all who contribute to the community and thanks to all who attended our session!

http://channel9.msdn.com/Events/TechEd/Europe/2014/EM-B308

Teched_Community

Note: And my name is not Stefan…… ;-) ;-) ;-)

Stefan(www.cmtrace.com)  and I had the great honor of presenting Configuration Manager Community Jewels at TechED Europe 2014, it was great fun!
There are so many cool tools out there that can save a lot of time, increase the quality in what we do and improve the implementations out there as well. Thanks to all who contribute to the community and thanks to all who attended our session!

We have collected all the links to the tools we showed and many many more on a TechNet Wiki page so that everyone can edit and add their own favorite tools you use or create on your own. http://social.technet.microsoft.com/wiki/contents/articles/22802.system-center-2012-configuration-manager-tools.aspx

I also do feel a need to apologize to all who have created tools that we haven’t found or didn’t have the time do mention or show. :-(

When preparing for our session a TechED 2014 in Barcelona on Community Tools, we found this nice little tool that adds BranchCache support in WinPE, which means that during OS deployment the client can download the content from a client on the local network instead of pulling it from a DP, this is great for small branch offices for instance without a DP. It can be found here: http://2pintsoftware.com/portfolio-items/branchcache-for-osd-toolkit/ At TechED 2014 Europe it was also announced that BranchCache support will be added in WinPE in ConfigMgr vNext as well, so this is a technology that is coming.

I created an OSD Task sequence,updated the boot image, enabled BranchCache and added the tools and steps from the toolkit to my Task Sequence. To prestage the data on another client in the network I created a check in the start of the Task Sequence to see if the “Prestage” variable was set to TRUE, if so the Task Sequence will not install anything on the client but it will download all the content and add it to the BranchCache on the client.

2pint1

Then I deployed the task sequence with the option “download all content locally before starting the Task Sequence” remember to make sure that the content will fit in the CCMCache.

After that I deployed a client and it used the BranchCache from the client on the same network, really cool! We like free stuff

2pint2

The reporting is awesome as well be sure to check it out!

2pint3

Here is a short video from 2Pint Software as well: https://www.youtube.com/watch?v=4HcRRb-ayW4