Home » Posts tagged 'Windows InTune'

Tag Archives: Windows InTune

Surface Pro 2: Oh yeah!

It is not so hard to believe that it has been a year since I bought my Microsoft Surface Pro.  I liked it, but as I am not an average computer user, it did not take too long for me to realize that it was simply not powerful enough to be my primary laptop.  Don’t get me wrong, it was a great companion device, and I used it as such for the past year.  It was great for e-mail, web surfing, and e-book reading.  I watched a ton of movies and TV shows on it, but that was really the extent of what I used it for.  The long and the short of it is that once it was relegated to the secondary role, I could have settled for the less expensive (and even less powerful) Microsoft Surface with Windows RT.  What’s done is done though.

Following the launch of the Surface Pro 2 I noticed that the specs were identical in most (and superior in some) aspects as my primary laptop.  I decided to give it a try… the last week of January I stopped into the Microsoft Store in Yorkdale Mall (Toronto) and picked one up.  Of course money being a factor, I decided to settle for the 4/128 base model (4GB RAM, 128GB SSD).  For $999 it was not as powerful as I wanted, but to try it out…

surface-pro-2I spent precisely a week with it before I realized that if it was a little more powerful this could be my primary laptop.  I debated and debated… and then when I got a $50 gift card for the Microsoft Store I decided to bite the bullet… the store’s return policy is 14 days, so on Day 11 I went back… only to find out that they were completely out of stock.  However, they told me, the new Square One location had plenty in stock.  I hopped into my car and zoomed down there.  Yay, they had it!

One of the things I really appreciate about dealing with the Microsoft Store is that whether I have my receipt or not they can look up my past purchases by e-mail address.  They found my most recent transaction, and within a few minutes they exchange was done.

**FEATURE ALERT!**

Mitch-SurfaceWhen I started using the original Surface Pro last year I was worried that 128GB of storage would drain pretty quickly, so I also bought a 64GB Micro-SD card, and through the magic of Windows 8 I configured most of my profile (documents, pictures, videos, downloads, desktop) to redirect automatically onto that chip, which I left inserted permanently (See article).  While I never came close to my 128GB storage limit on the device, this strategy made migrating my data the simplest of operations… I took the Micro-SD card out of the old machine, inserted it into the new, and redirected the appropriate folders.  Done.  Between that and SkyDrive, I am loving Windows 8.1 more and more every day!

**How does it feel?**

With zero exceptions, the only thing that is slightly less comfortable on the Surface Pro 2 (in comparison to my Lenovo Carbon X1) is the keyboard.  I still like a full sized keyboard, and that is lacking when I am on the road.  However the Surface 2 Type Keyboard (now backlit!) is great in almost every respect… I am just not a fan of the mouse pad, but as I almost always use an external mouse (and touch screen and stylus) it is really mostly irrelevant.  I still would not have cared for the touch keyboard, but the tactile ‘I can feel the keys when I type’ keyboard is great – I am a fast if not great typist, and I do not find myself making any more or fewer typing mistakes on this keyboard than I do on the laptop.

**How long does it last?**

That, of course, is the $64 question.  The simple answer is that I don’t know yet… I have not run the battery down.  However the 128GB model that I replaced with this one charged overnight Friday, and I used it for demos all day Saturday at the Microsoft Store… it wasn’t until midday Sunday that I needed to plug it in.  As for this model, I charged it overnight Tuesday, and will not plug it in again until the battery dies.  I will report back the results.  However remember again, this is the only device I am using this week, and I already have a couple of virtual machines running so while results may vary, I assume I will be on the lower end of expectations.

One thing I was told with regard to the battery life is that the firmware update (available from Microsoft Updates) greatly improves the battery life… I applied the update yesterday, so it shouldn’t adversely affect me.

**How are you managing it?**

Because I am no longer ‘with’ Microsoft, I don’t really want to join the Surface Pro to a domain.  No problem, I have a subscription to Windows Intune, and I simply installed the agent and poof… I can manage it, and aside from that (and patch management) the Windows Intune Endpoint Protection (WIEP) began protecting the computer right away.  For my money there isn’t a better product on the market for what it does.

**But can I do…**

Mitch-SurfaceI got a call this week from an old friend asking if his customer would be able to install his own software on the Surface Pro.  In fact, the Surface Pro is a complete Windows 8.1 machine with no exceptions or limitations.  It runs Windows 8.1 Pro (although that can be replaced with Windows 8.1 Enterprise for corporate users).  It has a kick-ass Sandy Bridge CPU, and as I said… it does everything that my Lenovo does.  In fact, when I travel I can leave the Lenovo at home and just take its port replicator/docking station, because with the USB 3.0 port on the Surface Pro 2 that is all I need to transform it into a multi-screen workstation with all of the desktop peripherals in my hotel room.

Now with that being said, I just bought a Surface dock on ebay.com (they seem to be impossible to find otherwise) and am really looking forward to it… the device sits seamlessly in, and I can take it with me to my hotel whether that be in Japan or wherever… and just take the device when I go to the office or to a client (or a café or an airport).

**Summary – What do you think, Mitch?**

As I look at the Surface Pro 2 (and not how it compares to the Surface 2) I have to smile… it is a fully functional computer that weighs in at just under 2lbs.  The power supply uses the same connector as the stylus so you can either charge it or connect the pen, but that is a minor issue.  The fact that the power supply has a USB port to charge devices rocks by the way.

The ports – Mini-DV for whatever video I need, Micro-SD slot (discussed earlier), USB 3.0 port, and audio jack are fine for when I am on the go, and the ability to plug in any external USB  3 docking station or port replicator means that when I am at home (or semi-permanent space) I can plug in as many external devices as I want, especially my dual 21” monitors in my home office. 

The keyboard is great compared to everything else in its class, but when I am docked I will still have an external keyboard and mouse – I have an abundance of those anyways.  However I like having the options.

What do I think?  I think that what you spend versus what you get the Surface Pro is the best deal in town.  There are other great fully-functional tablets on the market, but this one has and does everything I need, and the price is right.

Oh by the way… there has been a lot of discussion about the addition of a second position of the kick-stand.  I cannot begin to tell you how much I do not care about that – Maybe at some point I will use it, but for now every time I have flipped it down I tried it for ten seconds and decided that no, I prefer the original.  However I am sure that some people will like it… it’s just not for me; it neither appeals to me nor bothers me.

Thanks Microsoft, for coming up with a device for me.

Now if you will excuse me, I have to go do something in Hyper-V.  What, you ask?  Anything I want… the Surface Pro 2 supports it!

The Benefits of Windows Intune

Last month I had the opportunity to sit down with Robert Crane, the host of the Need to Know Podcast, about Windows Intune.  These podcasts are great for keeping IT professionals up to date on technologies that they may not know a great deal about, and Windows Intune is certainly one of those.  Dubbed by some as System Center in the Cloud, it is a cloud-based management tool for client devices from desktops and laptops to tablets and phones. 

Listen in to hear all about Windows Intune, and how it can help you to make money for your business!

TUNE IN BY CLICKING HERE!

Exchange Issues with iOS 6.1

There has been a lot of chatter over the last few days about the most recent update to the iPhone’s iOS 6.1.

I have been saying for years that Patch Management is one of the most critical steps to protecting your infrastructure, both on the server-side and on the client-side.  However I have also stated that before implementing any patch the IT department should be testing it to make sure that it does not do more harm than good.  Of course, vendors do not release patches that they are not confident with, but they do not always test them in every scenario.

One of the common scenarios we see with the iPhone is with it being connected to an Exchange Server for its mail and such, whether that Exchange Server belongs to the organization or a public cloud solution such as Office 365.  While it works and it fully supported by Microsoft, it is not a scenario that Apple seems to test extensively for.  And so, with this most recent patch, there are issues (excessive logging causing enterprise-wide issues for all users).

It is the very reason that I have always advocated maintaining a lab environment that mirrors your production environment, and testing patches in that setting before approving them for your organization.  However with the iPhone being an unmanaged device end-users are prompted to apply their own patches without waiting for approval from the IT department.

And so this past weekend following this patch release mail server administrators around the world were scrambling to find a solution to the problem.  Unfortunately for many the immediate solution was to block iPhones from syncing to the mail servers until Apple releases a new patch.  I expect this will not make a lot of people happy, but in this case iPhones really are bringing down entire mail server farms.

With Windows Intune and System Center 2012 Configuration Manager there should be a solution to this, although I have not had the opportunity to test it yet.  The latest version of Intune (commonly known as Wave D) allows the management of iPhone and Android devices, and just may allow the IT department to regain control of patch management, preventing such issues going forward.

My friend and fellow Microsoft MVP from Israel.  He is a Microsoft Infrastructure Practice Manager at Ankor Computing Infrastructures, a leading Integration company in Israel.  Although his award category is the same as mine (Windows Expert-IT Pro) he is an expert in several technologies, including Exchange Server.  In 2011 he wrote an excellent paper on P2V Migration for Microsoft Exchange Servers that I published on this blog.  He has written a very interesting white paper about this recent issue, including solutions and workarounds.  You can download his paper by clicking here.

Getting Certified: Things have really changed!

This article was originally published to The Canadian IT Pro Connection.Boy has it been an exciting year… Microsoft’s busiest release year ever!  On the IT Pro side we have System Center 2012 (a single product now, but truly seven distinct products for managing your environment!), Windows Server 2012, Windows 8… we have Windows Azure (which for the first time is really beginning to show true relevance to the IT Pro and not just the devs), and of course the new Office (both on-prem with Office 2013, and in the cloud with Office 365).  There is of course Windows Phone 8, Windows Intune, and the list goes on.

With all of these new versions out many IT Pros will be looking to update their certifications to remain current, while many more will be looking for their first certs.  For the first time in six years Microsoft Learning has completely changed the way you will be looking at certifications going forward.  If you are like me (and so many others) and do want to get certified in the latest and greatest, then you will need to know what is out there, and how certifications have changed with the newest product cycles.

Solutions-based Certifications

In the last few years Microsoft Learning focused on what they referred to as task-based certifications (MCTS) and job-based certifications (MCITP).  However IT Pros started to see more and more components in learning and exams that were not actually in the product – so for example an exam on Windows Server might have included a question on the Security Compliance Manager (SCM) and System Center.  Although it made sense to the SMEs writing the questions, the unprepared found themselves facing questions that they couldn’t answer, and a resounding chorus of ‘we didn’t realize we would be tested on that!’ was to be heard across the blogosphere.

This year the new certifications have been revamped to be solutions-based.  That means you are not focusing on a role or a product, but rather on the solution as a whole, which will very often include technologies not included in the product, but that are complimentary to it.  Microsoft’s Solution Accelerators are a good example of this.  The Solution Accelerators are a series of free tools available from Microsoft and include the Security Compliance Manager, Microsoft Deployment Toolkit, the Microsoft Virtual Machine Conversion toolkit, and others that are free downloads and may not be required knowledge to everyone, but every IT Pro should know about them because they really do come in handy.

Additionally you are going to see a strong interdependence between Windows Server 2012, System Center 2012, and Windows 8.  After all very few companies have only one of these, and in fact in any organization of a certain size or larger it would be rare to not find all three.

Of course it is also likely you are going to see questions that ask about previous versions of all of these technologies. ‘Your company has 25 servers running Windows Server 2003 R2 Enterprise Edition and 5000 desktops running Windows Vista Business Edition…’ sorts of questions will not be uncommon.  This will make some of us scour our archived memory banks for the differences between editions, and may seem unfair to IT Pros who are new to the industry.  Remember that every certification exam and course lists recommended prerequisites for candidates, and 2-3 years of experience is not an uncommon one.  To that I remind you that you do not need a perfect score to pass the exams… do your best!

What was old is new again

In 2005 Microsoft announced the retirement of the MCSE and MCSA certifications, to be replaced by the MCTS/MCITP certs.  During a recent keynote delivered by a guest speaker from Redmond I heard him say that this was actually Canada’s fault, and unfortunately he is partly right.  The Quebec Order of Engineers won their lawsuit regarding the usage of the word engineer in the cert.  While it may have made their lives better, it complicated the certification landscape for a lot of IT Pros and hiring managers who never quite got used to the new model.

SolAssoc_WinServ2012_Blk SolExp_PvtCloud_Blk

In April, 2012 Microsoft Learning announced that things were changing again… we would again be able to earn our MCSA and MCSE certs, but they would now stand for Microsoft Certified Solutions Associate and Microsoft Certified Solutions Expert.  In fact they thought it was a good enough idea that although they were intended as next-generation certs, they would be ported backward one generation… if you were/are an MCITP: Server Administrator or MCITP: Enterprise Administrator on Windows Server 2008 you immediately became an MCSA: Windows Server 2008.  You were also immediately only two exams away from earning your MCSE: Private Cloud certification.

associate-blueMicrosoft Learning bills the MCSA certification as ‘the foundation for your professional career.’  I agree with this because it is the basic cert on the operating system, and from there you can jump into the next stage (there are several MCSE programs available, all of which require the base MCSA to achieve).

Of course now that Windows Server 2012 has been released, so too has the new certifications.  If you want to earn your MCSA: Windows Server 2012 credentials then you are only three exams away:

Exam # Title Aligned course
70-410 Installing and Configuring Windows Server 2012 20410
70-411 Administering Windows Server 2012 20411
70-412 Configuring Advanced Windows Server 2012 Services 20412

Instead of taking all three of these exams, you could choose to upgrade any of the following certifications with a single upgrade exam:

MCSA: Windows Server 2008

MCITP: Virtualization Administrator on Windows Server 2008 R2

MCITP: Enterprise Messaging Administrator 2010

MCITP: Lync Server Administrator 2010

MCITP: SharePoint Administrator 2010

MCITP: Enterprise Desktop Administrator on Windows 7

The upgrade exam is called Upgrading Your Skills to MCSA Windows Server 2012, and is exam number 70-417.

expert-blueMicrosoft Learning calls the MCSE certification ‘the globally recognized standard for IT professionals.’  It demonstrates that you know more than just the basics, but that you are an expert in the technologies required to provide a complete solution for your environment.

The first IT Pro MCSE cert announced focused on virtualization and the System Center 2012 product.  Microsoft Certified Solutions Expert: Private Cloud launched first because System Center 2012 was released earlier in the year, and the Private Cloud cert could use either Server 2012 or Server 2008 certs as its baseline.  If you already have a qualifying MCSA certification (such as the one outlined above, or the MCSA: Windows Server 2008) then you would only require two more exams to complete your MCSE:

Exam # Title Aligned course
70-246 Monitoring and Operating a Private Cloud with System Center 2012 10750
70-247 Configuring and Deploying a Private Cloud with System Center 2012 10751
70-6591 TS Windows Server 2008: Server Virtualization 10215A

1This exam can be taken instead of exam 70-247 until January 31, 2013 to count towards the Private Cloud certification.

The next new-generation MCSE cert for the IT Pro is theMCSE: Server Infrastructure.  Like the first one the basis for this cert is the MCSA.  Unlike the Private Cloud cert, the MCSA must be in Windows Server 2012.  The required additional exams are:

Exam # Title Aligned course
70-413 Designing and Implementing a Server Infrastructure 20413
70-414 Implementing an Advanced Server Infrastructure 20414

Are you starting to worry that your current Server 2008 certs aren’t helping you toward your goal?  Never fear… the following certifications are upgradeable by taking three exams:

MCITP: Virtualization Administrator on Windows Server 2008 R2

MCITP: Enterprise Messaging Administrator 2010

MCITP: Lync Server Administrator 2010

MCITP: SharePoint Administrator 2010

MCITP: Enterprise Desktop Administrator on Windows 7

Which exams?  I’m glad you asked.  The upgrading IT Pro needs to take:

Exam # Title Aligned course
70-413 Designing and Implementing a Server Infrastructure 20413
70-414 Implementing an Advanced Server Infrastructure 20414
70-417 Upgrading Your Skills to MCSA Windows Server 2012 20417

In other words, you will be upgrading your pre-existing cert to MCSA: Windows Server 2012, and then taking the remaining exams required for the MCSE.

The third MCSE that will be of interest to IT Pros is the MCSE: Desktop Infrastructurecert.  As with the others it requires the candidate to earn the MCSA: Windows Server 2012, and then take the following exams:

Exam # Title Aligned course
70-415 Implementing a Desktop Infrastructure 20415
70-416 Implementing Desktop Application Environments 20416

If you previously held the MCITP: Enterprise Desktop Administrator 7 then you can upgrade by taking the following exams:

Exam # Title Aligned course
70-415 Implementing a Desktop Infrastructure 20415
70-416 Implementing Desktop Application Environments 20416
70-417 Upgrading Your Skills to MCSA Windows Server 2012 20417

There are actually five other MCSE paths, which are:

MCSE: Messaging

MCSE: Data Platform

MCSE: Business Intelligence

MCSE: Communication

MCSE: SharePoint

That I do not discuss these is not a judgment, simply they are outside of my wheelhouse as it were… If you would like more information about any of these, visit Microsoft Learning’s MCSE landing page.

The Unfinished Pyramid

You will notice that the MCSA and MCSE pyramids that we use are progressive… the MCSA has one level finished, the MCSE has two levels finished.  That is because there is another level of certifications above these, which is now called the Microsoft Certified Solutions Master.  This is the highest certification that Microsoft Learning offers, and only a few individuals will qualify.  It is a real commitment but if you think you are ready for it, I would love to point you in the right direction.  Personally I am happy with my MCSE: PC and don’t expect I will ever be a Master.

At present there are four MCSM tracks:

MCSM: SharePoint

MCSM: Data Platform

MCSM: Communication

MCSM: Messaging

It should be noted that of these only the MCSM: Data Platform is currently available; the others will be made available in 2013.

Also at the very top of the pyramid there is one more level – the Microsoft Certified Architect (MCA).  There are currently four MCA certifications:

MCA: Microsoft Exchange Server

MCA: Microsoft SharePoint Server

MCA: Microsoft SQL Server

MCA: Windows Server: Directory

Achieving the MCA requires a lot more than just exams.  It is a long and grueling process which in the end will likely leave you drained, but with the highest certification that Microsoft offers.

I should tell you that these last two senior certs are not for most people.  They are only for the very top professionals with in-depth experience designing and delivering IT solutions for enterprise customers, and even then only for those who possess the technical and leadership skills that truly differentiate them from their peers.

Keep it up!

Several years ago Microsoft Learning tried to retire older MCSEs – Windows NT and such.  They were unsuccessful because had they done so they would have breached the terms of the original certification.  In other words, because they never told candidates in advance that they would retire them, they couldn’t retire them.  It is not uncommon for me to hear from someone who is an MCSE, but they haven’t taken an exam since the 1990s.  In fact the logo for MCSE on Windows NT is the same logo as for MCSE on Windows Server 2003, and those MCSEs will be allowed to use that logo forever.

In 2006 they made it a little easier to differentiate.  Not only would certifications be by technology (MCITP: Enterprise Administrator on Windows Server 2008) but they would, in theory, be retired with support for that technology.  So an MCITP on Windows Vista would not be able to use the cert past a certain date.  Unfortunately I found that people did not refer to their entire cert, they would simply say that ‘I am an MCITP!’  In other words, without some clarifying it was pretty difficult to determine what technology they really knew.  Additionally it is not uncommon for some pros to have several MCITP certs, making it quite difficult to list on a business card or e-mail signature.

Now Microsoft Learning has really made an improvement to this issue.  The new MCSE certifications will require that you show continued understanding of the latest versions of the technology area by taking a recertification exam every three years.  While there was some talk of this with the MCITP program it did not come to fruition.  Today however this recertification requirement is clearly outlined on the MCSE pages.

While recertifying may seem like a bother for some, as we discussed earlier it is something we choose to do every three years to remain current anyways.  For those of us who do want to always remain current it is nice to know that we don’t have to start from scratch with every new product cycle.  For those for whom remaining current is not as important they will always be able to say ‘I was an MCSE, but I let my certs lapse.’  It shows that they do know the technology, just not necessarily the most current version,  This should be sufficient for a lot of people who often tell me ‘my clients don’t need the latest, and are not going to upgrade every three years!’

What About Small Biz?

I spent several years specializing in SMBs.  The first time I took a certification exam I remember coming out of it upset about questions that started ‘You are the administrator for a company with 500 server…’  No I am not!  At the time I couldn’t even fathom what that would be like.  So when Microsoft Learning started writing exams for SBS I was glad not because I wanted to limit myself (I didn’t, and am glad of that today) but because I knew that there are lots of IT Pros out there who do work exclusively on smaller networks.

I do not know what will become of SMB-focused certifications now that Windows Small Business Server 2011 is to be the last SBS release.  I do not have any insight into whether there will be exams around Windows Server Essentials, but could envision a cert around the tying of that product with Windows 8 and Office 365.  I have not been asked, but it would make sense.  However I have heard from a lot of SMB IT Pros that certifications are not as important to them and their clients as we feel they are in the enterprise, and I accept that; the needs of the larger do not necessarily align with the needs of the smaller.  However only time will tell if Microsoft Learning will address this market.

So in the end, should I get certified?

I have long been of the opinion that certifications are key for any IT Professional who is serious about his or her profession.  It shows that they have the respect for their profession to be willing to prove not that they know how to do it, but to do IT right.  Certifications are not for IT hobbyists, or people who dabble.  They are for the professionals who earn their living in IT, and who wish to differentiate themselves from other candidates for jobs, contracts, or promotions.

Whether you have been working in IT for years, or are fresh out of school and looking to embark on a career in IT, there are likely scores if not hundreds of candidates who will be competing with you for every job.  Why not take this opportunity to distinguish yourself?  No matter how much some people will denigrate their relevance, I have spoken to many hiring managers who have confirmed for me time and again that they are a key indicator of a candidate’s suitability to technical positions.

What Does Being an MVP Mean to ME?

This month I will be speaking at the SMB Nation Fall Conference.  My main presentation will be on what IT will look like for small- and mid-sized businesses in what I call the ‘Post-SBS Era.’  I will be discussing Private Cloud, System Center, Virtualization, Office 365, Azure, and Windows Intune.

I have also been asked to lead a panel of Microsoft MVPs.  Topic: Open.  I can pick a topic, or I can simply open the floor to questions.  I briefly considered calling the panel ‘Whaddya mean you do it for FREE?!’ but thought better of it… however it would be fitting because MVPs do not get paid for what they do… at least not for what they do in order to be an MVP.

I have invited four other MVPs to join me on stage; until I get confirmation from all of them I will not reveal who they are.  However I tried to select people with different experiences as MVPs.  It should be an interesting time.

Over the past few days that I have been thinking about this panel I have given some thought to what it means to me.  Last week I was recognized for the seventh time (Microsoft MVPs are awarded for a period of one year, and my award date is October 1st).  I guess by now I can be considered a ‘veteran MVP,’ but I know that there are so many MVPs who have been around much longer than I have been.

In 2005 or 2006 there was an MVP Roadshow that came to Montreal; Jeff Middleton and the gang came up and after their day-long event, they agreed to do a user group event for us in the evening.  Somebody in the audience asked Jeff ‘What is expected of you as MVPs?’  I expected Jeff to start talking about speaking to user groups, answering questions in the forums and newsgroups, and whatever else.  He surprised me when he answered (not a direct quote) ‘Nothing.  The MVP Award is strictly for past contributions.  It is not a contract, and you are not actually expected to do anything further.’

It was an interesting answer, and on the surface an honest and accurate one.  It does not, however, account for the fact that if MVPs want to continue being MVPs then there are certain expectations of us.  Depending on several factors I think those expectations are not the same for all of us, but that is another topic altogether.

In November 2004 I had a conversation with a young Harp Girn who was at the time a vendor with Microsoft Canada.  He had, earlier in the evening, gotten me to volunteer to start a user group in Montreal for IT Professionals.  He made it clear to me that although he and his team would help, there wouldn’t be any direct, tangible benefits.  ‘I can’t make any promises, but a lot of user group leaders get recognized as Microsoft MVPs.’  I am not sure, but it may have been the first time I had ever heard the term.  He was right – 23 months later I did get the award.

It has been an incredible six years… My life, my career, my outlook have changed so much in that time, and who knew – a lot of that change can be traced back to the MVP Award.  Most of that indirectly of course, but a lot of the opportunities that I have been afforded over the past several years have been because I was an MVP.  Microsoft Canada has done a lot for me, and oftentimes it was because of a conversation started with the phrase ‘…do you know of any MVPs who could do this for us?’  Many of the certifications I hold (especially the Charter certs) are because Microsoft Learning sent out invites to write beta exams to… you guessed it – MVPs.

Shortly after I received the award for the first time a consulting firm asked me to do some work with them – it started as training roadshows but eventually evolved into courseware creation.  When they asked me what I knew about server virtualization I replied honestly that I knew nothing about it.  They had me learn, and that would eventually evolve into several career-changing moments, not the least of which was the opportunity to write Microsoft’s original courseware (e-learning) for Hyper-V.  That led to roadshows of course, and a company that heard about me because of the roadshow asked if I would be interested in learning VMware and then consulting and teaching it for them in Canada (and eventually internationally).  The original consulting firm that got the ball rolling on this told me point-blank that they would not have considered me had I not been a Microsoft MVP.

When the Partner team at Microsoft Canada decided to create a program called the Virtual Partner Technology Advisors, they looked for MVPs who were strong on virtualization.  That led to dozens of contracts over the course of several years, as well as the opportunity to present myself as one of the foremost VMware-compete guys in the country.

And of course, when the DPE Team at Microsoft Canada started discussing a new position called ‘Virtual Technical Evangelist’ they again looked for MVPs.

Someone asked me earlier today what I would do if I wasn’t doing what I do.  It’s a tough question and frankly I cannot fathom an answer.  I guess I need more time, but I’ll come up with something, I promise.  The question got me thinking (and not for the first time) where I would be today if I had not put my hand up to volunteer to create a local user group in Montreal, which in turn led to my eventual nomination as a Microsoft MVP.  The consequences of that single action are impossible to quantify, but let’s start with a quick list:

  • I would probably still be living in Montreal
  • I would likely have a couple of certifications… but nowhere near what I have today.
  • I would not have the vast majority of the friends I have made over the past eight years.
  • I would never have met my wife and her (now OUR) son, and we would not have had our baby.
  • It is unlikely that I would be a Black Belt
  • It is unfathomable that I would have several positions within Microsoft
  • It is highly doubtful I would have started a blog that today is read by ten thousand readers per month
  • I would never have had the opportunity to travel to 8 provinces (several times), 35 states (with many repeats), and twelve countries on behalf of companies like Microsoft and HP
  • I would never have been asked to consult on deployment projects for companies on the Fortune 15 list, nor for such organizations as the New York Police Department.

Wow… that is a simple list that took me all of five minutes to compile, but each point is easy to make the case for.  I honestly believe that had I not been awarded the Microsoft MVP way back then my life would have gone in a very different direction.  I cannot fathom what it would look like today… but it isn’t a stretch to guess that broader minds bring broader opportunities, and I would not be doing as well were I still living in Montreal servicing small business IT shops.

So while Microsoft uses the MVP Program as a thank-you for its community leaders, I expect a lot of us owe Microsoft a big thank-you back for the opportunities that have come about from our award.

Managing Your SMB-IT Without Server

A set of clouds

You have a small business.  You have been running Windows Small Business Server 2003 for six years, and you know that it is time to retire it.  The question is, what should replace it?

Before you make any definitive decisions, why not review what you need your server to do:

  • File Server
  • Mail Server
  • Internet Portal
  • Centralized Management

For the past several years you have paid a consultant to manage the server and your client PCs, and have primarily called him in for break-fix issues.  Maybe you were industrious and decided to learn the basics of IT so you could do a lot of the maintenance yourself.  You might even be a small-business IT consultant who has been managing and maintaining SBS environments for your clients.

You have heard so much about the cloud that you are in a bit of a fog… you know that people are talking about cloud-services, but haven’t quite figured out how they can work for you… to save you money, to earn you money.

Replacing the Server

For most small businesses I still recommend a centralized server; Active Directory is still the best mechanism you will find for centralized user management, and Group Policy allows you to lock down your environment.

With that being said, many of the functionalities offered in Microsoft Small Business Server are now available as part of two cloud-services offerings from Microsoft.  Microsoft Office 365 offers all of the functionality listed above (File Server, Mail Server, Internet Portal) and much more.  It is actually all of the following products in the cloud:

Office 365 allows you to have the functionality of all of these tools… without having to purchase or maintain them.  It also means that you will always have the latest versions of all of these… without having to upgrade.  ‘Your servers’ will be maintained by the Microsoft IT team, without your having to pay them hundreds of dollars per hour.  If any of your services go down (and admittedly they do occasionally) you can rest assured that before you even discover the outage the people who know the products best will already be well on their way to fixing the issues.

Managing the Desktop

Between the operating system and the applications, there is a lot of work that goes into the proper maintenance of your PCs.  That includes anti-malware, patch management, policies, and more.  Additionally being able to generate and view reports is a huge benefit – as I always say If you cannot measure it, you cannot manage it!

So Before we get into application side of things,  let’s discuss the benefits of the second cloud-services offering, Windows InTune.  InTune installs as a simple agent on your Windows PC, and the list of benefits is amazing:

  • Upgrade rights to Windows 7 Enterprise
  • Windows InTune Endpoint Protection (centralized anti-malware solution)
  • Centralized Patch Management
  • Policy Deployment
  • Application Deployment
  • Device Reporting
  • Alerts
  • License Management

When you subscribe to Windows InTune (per-PC subscription) you get the right to upgrade your legacy Windows client (Professional/Business/Enterprise SKUs) to Windows 7 Enterprise.  Right there you have the basis for the common operating system required to simplify management.

Windows 7 Enterprise Edition includes two features that Business Edition does not:

  1. Multiple language support; and
  2. BitLocker drive encryption technology

With the preponderance of mobile computing these days, as well as organizations doing business around the world, there is no question that Windows 7 Enterprise is an easier feature-by-feature sell than the lower-priced options, but that lower price seems to be a deciding factor so often.  With the Use Rights in Windows InTune you don’t have to settle.

Once the Windows InTune agent is deployed on a PC it will start populating the individual computer’s information to the InTune system, and you will be able to get a better idea of what you have.  On the Devices screen you will be able to see:

Computer Name Total Disk Space CPU Speed
Chassis Type Used Disk Space Last User to Log On
Manufacturer & Model Free Disk Space Serial Number
Operating System Physical Memory Last Hardware Status

imageIncluded in the Windows InTune installation is the Windows Intune Endpoint Protection engine, which will protect your PCs from malware.  It uses the built-in patch management system to keep the definitions up to date, and offers real-time protection, as well as centralized reporting and e-mail alerts to the Help Desk / Support Team / IT Guy when a computer is infected.

InTune 2.0 added the ability to centrally deploy applications to client PCs.  InTune 3.0 adds an extra to this – the ability for end-users to install published applications on-demand.  The new Company Portal allows users to help themselves on-line, before eventually ‘escalating the call’ to you.

Users can also deploy their own client from the portal, assuming they have the proper credentials.  This allows them to download a client using their corporate credentials, rather than you having to send them the file (along with the ACCOUNTCERT file) which would allow anyone (in theory) to install on any device that would automatically be managed by… you.

By far the most common application suite found on desktops in the workplace is Microsoft Office.  The most common complaint I hear about Office is the cost (followed by the difficult to understand SKUs).  Of course, with Office in the name it is no wonder that it is part of Office 365.

Of course there are several different SKUs to Office 365, and each one has different offerings.  The small business SKU (P1) costs $6/month, and does not include the installable suite.  However it does include Office Web Apps, which means you can create and edit Word documents, Excel spreadsheets, PowerPoint presentations, and of course use OneNote… all within your web browser.  This is great if you work on multiple systems, or if you are ever remote and need to work on a document.  The convenience loses its thrill when you realize you cannot work if you don’t have an Internet connection.

The E1, E2, and E3 SKUs do come with the client software, so if that is a requirement then those SKUs (which cost quite a bit more) are probably better for you.

Why you should consider maintaining a server on-site

Our mail server is gone… so are our SharePoint and File Servers.  Why then would I still recommend a small server in a small business environment? There are several reasons.

  1. Active Directory.  As I mentioned earlier in the article, AD is a great way to centralize security and credentials.  Additionally there are plenty of hooks from Active Directory into Office 365 (which can be covered in a later article).
  2. Deployment Server.  Microsoft Deployment Toolkit 2012 is the perfect companion to your new Windows 7 Enterprise licenses.  In under an hour you can create a deployment point that will deploy Windows and all of your applications (including the Lync Client and the Windows InTune agent) in fifteen minutes (or less).  It is by far the easiest way to deploy Windows to your desktops, laptops, and even tablets!
  3. Hyper-V.  Although many of our applications will be installed directly onto the laptop, many companies still have server-based applications that require an application server.  Hyper-V is the best way to create those servers on-site, for a plethora of reasons that have been outlined ad nauseum previously at www.garvis.ca, and countless other sites.  Of course, your virtualized application servers can run any version of the Windows Server operating system, but they can also run any supported client OS, as well as several iterations of Linux (supported and enlightened) and any other x86-based OS (neither supported nor enlightened).
  4. Group Policy.  Although Windows InTune v3 has much better policy support than its predecessors, there is no denying that Group Policy is the best way to granularly control, configure, and secure your client and server environments.  Whether you want to enforce secure passwords, BitLocker, or simply set a centralized screen saver and desktop wallpaper, the best way to do it is by creating a GPO in Active Directory.

As you see the combination of cloud-based services from Microsoft and an on-line Windows Server are the best way to manage your entire SMB IT infrastructure, but even if you are not going to maintain an on-premise server the cloud-based services can manage most of the needs of most SMBs.

By the way, there is one more advantage to these solutions… you will always have the latest and greatest.  Right now the Windows InTune subscription comes with use rights for Windows 7 Enterprise.  When Windows 8 is released, you will automatically have access to that platform.  Office 365 comes with Office 2010… but when the next version is released you will have that version right away too!

Interested in hearing more?  Drop me a line and we’ll talk… or you can check out www.windowsintune.com and www.office365.com to download 30-day trials of each!

%d bloggers like this: