Post on 20-Dec-2015
Microsoft Desktop Optimization Pack
Technical Training
Nicola Ferriniinfo@nicolaferrini.it
Who Am I ?
Trainer Technical Writer Systems Engineer Server & Application Virtualization Technology Specialist More on:
http://www.nicolaferrini.it/curriculum.shtml http://www.windowserver.it/ChiSiamo/Staff/tabid/71/Default.aspx
Introduction
This course discusses topics around concepts, benefits, installing and configuring Microsoft Desktop Optimization Pack (MDOP) technologies
Focuses on Mid Market Customers
Prerequisites
Before Starting this Course participants should be familiar with: Desktop Support and Troubleshooting Application Support and Troubleshooting Group Policy concepts including creating, modifying,
supporting, and troubleshooting. Before starting this course it would be beneficial
to have experience or familiarity with: Licensing Compliance Change Management Process Basic SQL and Operations Manager knowledge Basic Active Directory administrative skills
Agenda – Day 1
Ore 9:00 - Benvenuto Ore 9:30 - Microsoft Desktop Optimization Pack (MDOP) Ore 11:00 - Coffee Break Ore 11:30 - Microsoft SoftGrid Application Virtualization
Concepts
Ore 13:00 – Lunch
Ore 14:00 - Microsoft SoftGrid Application Virtualization Configuration
Ore 15:00 – Coffee Break Ore 16:00 – LAB Ore 17:00 – Fine lavori
Agenda – Day 2
Ore 9:00 – RiassuntoOre 9:30 – Microsoft SoftGrid Application Virtualization
SequencingOre 11:00 – Coffee BreakOre 11:30 – LABOre 12:30 – Microsoft Application Virtualization 4.5 Preview
Ore 13:00 – Lunch
Ore 14:00 – Diagnostics and Recovery Toolset (DaRT)Ore 14:30 – LABOre 14:45 – Coffee BreakOre 15:00 – Advanced Group Policy Management (AGPM)Ore 16:00 – Desktop Error Monitoring (DEM)Ore 16:30 – Application Inventory Service (AIS)Ore 17:00 – Fine lavori
What is in this course?
Module 1:Microsoft Desktop Optimization Pack (MDOP) Module 2: Microsoft SoftGrid Application Virtualization
Concepts Module 3: Microsoft SoftGrid Application Virtualization
Configuration Module 4: Microsoft SoftGrid Application Virtualization
Sequencing Module 5:Microsoft Application Virtualization 4.5
Preview Module 6:Diagnostics and Recovery Toolset (DaRT) Module 7:Advanced Group Policy Management (AGPM) Module 8:Desktop Error Monitoring (DEM) Module 9:Asset Inventory Service (AIS)
Module 1:Microsoft Desktop Optimization Pack (MDOP)
What is MDOP? Mid Market Customer Needs How does MDOP Address Customer
Needs MDOP Technology How is MDOP Licensed? What is Software Assurance?
What is MDOP?
The Microsoft Desktop Optimization Pack for Software Assurance is an add-on subscription license available to Software Assurance customers
Mid Market Customer Needs
End User Productivity Mobile Users Risk Management
How does MDOP Address Customer Needs
Increase End User Productivity Support Mobile Users Improve Risk Management
MDOP Technology
Microsoft SoftGrid Application Virtualization
Diagnostics and Recovery Toolset Advanced Group Policy Management Desktop Error Monitoring Asset Inventory Service
How is MDOP Licensed?
Low Cost Subscription Based For Customers with Software Assurance for the
Windows Desktop Select, Open Value, EA, EAS, CASA
MDOP Benefits to Customers Increase End User Productivity Support Mobile Users Improve Risk Management
MDOP Benefits to Partners Recurring Revenue Services Revenue Customer Relationship
What is Software Assurance? A comprehensive maintenance offering that helps
you get the most out of your software investment Software Assurance Benefits to Customers
Windows Vista Enterprise Spread Payments New Version Rights Desktop Optimization Pack Training Vouchers Support Incidents
Software Assurance Benefits to Partners Recurring Revenue Customer Relationship
Module 2: Microsoft SoftGrid Application Virtualization Concepts
Describe problems organizations encounter when dealing with application management
Describe the benefits of SoftGrid computing in a technical nature
Define SoftGrid computing List and explain various SoftGrid
system components Understand the SoftGrid
environment
Application Management Life Cycle
Deployment Updates Support Termination
Application Virtualization
Benefits of Microsoft SoftGrid Application Virtualization
Conflict Free Pre-Configured Applications Multiple Versions Preservation of Source Code Centralization On Demand Delivery
Feature Block 1 and 2
Package .sft don’t have to be delivered at one time
Sequencer can mark certain blocks of the .sft as critical launch phase or Feature Block 1 (FB1) During initial stream after FB1 downloaded application
can launch All other blocks are stored in Feature Block 2
(FB2) When user accesses feature not in FB1 individual
blocks of data downloaded from FB2 Operation known as Out of Sequence Operation
User customized settings are stored in UsrVol_sftfs_v1.pkg and stored in user’s AppData
Considerations
Sequencing applications requires extensive knowledge of application Knowledge of how to install the application Knowledge of how to configure the application
Limitations of Virtualization Boot-time applications Background services DCOM and COM+ applications Drivers Internet Explorer (Add-ins can be virtualized)
Application Virtualization Environment Overview
Microsoft SoftGrid Application Virtualization Sequencer
SoftGrid Management Console Microsoft SoftGrid Application Virtualization
Virtual Application Server Microsoft SoftGrid Application Virtualization
Management Web Service Microsoft SoftGrid Application Virtualization Data
Store Microsoft SoftGrid Application Virtualization Client MSI Utility for Microsoft Application Virtualization
What Happens?
Microsoft SoftGrid Application Virtualization Platform Review Sequencing Backed Server Client Launch
Pre-Launch Deployment Microsoft SoftGrid Application
Virtualization Desktop Configuration Refresh
The Launch Process:
Module 3: Application Virtualization Configuration
Describe all minimum requirements needed to install the Microsoft SoftGrid Application Virtualization Components
Detail deployment scenarios available
Complete a full installation and configuration of the Microsoft SoftGrid Application Virtualization Components
Suggested Minimum System Requirements
System Center Virtual Application Server
SoftGrid Application Virtualization Data Store
SoftGrid Application Virtualization Management Web Service
SoftGrid Management Console SoftGrid Application Virtualization
Sequencer MSI Utility for Microsoft Application
Virtualization
Deployment Scenarios
Connected Mode
Standalone ModeDelivery thru ESD not shown
Stand Alone Mode
SoftGrid Client and SoftGrid Sequencer Only No Application Streaming Client in Stand Alone Mode Deployment Options
AD publishing through GPO Media Distribution Run from File Share Software Management Systems (SMS/SCCM)
When to use? Software Management System already in place Organizations where resources are limited Network bandwidth limitations Limited budgets
Connected Mode
Known as Classic Mode Uses built-in software distribution from
Virtual Application Server (VAS) When to Use SoftGrid Connected Mode
Application Streaming Group-based Application Publishing License Enforcement Built-in SoftGrid Reporting SoftGrid Classic Software Usage Reporting
Console
Network Protocols
ManagementWorkstation
(SoftGridManagement
Console)
ODBC:1433Initial Stream
ConnectRTSP:554
Active StreamRTSP Control
RTP Data49152-65535
(2 ports)
SoftGrid Virtual
ApplicationServer
SQL Server
Connection SoftGrid to
Management Web Service
HTTP: 80
SoftGridManagement
Database
Client PCInitial Remote Management
ConnectRPC: 153
Remote Management
Return49152-65535
(1 port)
SoftGrid Management
Server(SoftGrid
Management Web Service)
OSDs & ICOsDownload via
UNC path (SMB:445)
ODBC:1433
Server Installation
Pre-Installation Checklist Account authority domain SoftGrid Administrators and Users Group MDAC 2.7 and .NET Framework 2.0 SQL Database Information SoftGrid Browser Account IIS 5.0 or higher
Typical Server Installation Virtual Application Server Data Store Management Web Service Management Console
Custom Installation Allows administrators to select individual components to install on a
server In larger scenarios integrators can spread the components over multiple
servers for higher availability and divided administrative function
SoftGrid Client Installation
Current Versions of SoftGrid Clients Windows Desktop 4.1 SP1 HFRU1 version
4.1.2.21 Windows Desktop 4.2 HFRU1 version
4.2.1.21 (Vista support) Terminal Server 4.1 SP1 HFRU1
Suggested Minimum System Requirements
Microsoft SoftGrid Application Virtualization Client Installation
Identifying Installation Options
MSI Installer CD setup Command-line setup Disk Imaging
Microsoft SoftGrid Application Virtualization Client Configuration
Root Node General Tab Interface Tab File System Tab Network Tab Connectivity Tab Permissions Tab
Applications Node File Type Associations Node Desktop Configuration Servers Node System Tray
Root Node
General Tab
Interface Tab
File System Tab
Network Tab
Connectivity Tab
Permissions Tab
Applications Node
File Type Associations Node
Desktop Configuration Servers Node
System Tray
Automating Client Configuration with Commands
SFTMime.exe SFTTRAY.EXE
MSI Utility Installation
Installing the MSI Utility Installing the Client for Stand Alone
Mode Configuring the Client for Stand
Alone Mode Installing an Application with the
Virtual Application MSI File
Server Administration
Understand how to connect to any machine running the SoftGrid Management Web Service to configure the platform.
Create new objects from within the SoftGrid Management Console, using the supplied wizards.
Explain each of the containers, objects, and properties within the SoftGrid Management Console.
SoftGrid Management Console
Application Container
Packages Container
Active Upgrade
1. Administrator Adds new package version on the server
2. User either closes application and reopens or opens it after previously streaming the older version
3. Client sees new version available and streams FB1 for new package version
4. Application launches with user’s individual application settings intact
Lab
SoftGrid Application Virtualization Publishing
Server Administration
Manage provider Policies and utilize them for Licensing
Manage multiple SoftGrid Application Virtualization Servers by using Server Groups.
Utilize reporting to track usage and licensing information.
Configure advanced server settings.
Licensing
1. Provider Policies Create a Provider Policy the enables licensing for
auditing or enforcement2. Licensing
Create a license Group for Unlimited, concurrent or named license
3. Application Assign the license group to the application record
4. Customize .OSD Modify the application .osd file to include ?
Customer=Custom Provider Policy Name at the end of the HREF URL.
Server Groups Container
SoftGrid Administrators Container
Reporting
System Options
Module 4: Application Virtualization Sequencing
Describe the role of the sequencer Discuss Planning and Installation of
the Sequencer Learn the steps of sequencing
applications Understand OSD editing for
enhancing and troubleshooting
What Is the Sequencer?
The Sequencing Process
1. Standard application installations are used.2. The application being installed is “monitored” by
SystemGuard during installation for all application components.
3. The Sequencing Station then packages all the changes, to recreate them in a virtual environment on a client machine.
4. The Sequencing Station runs the application by using SystemGuard to optimize the package and then slice the package into smaller chunks to deliver it to the client on an as-needed basis.
5. The result of running the Sequencer will generate four files: an .osd file, an .sft file, an .sprj and an .ico file. These are the files needed to run an application in the SoftGrid platform.
Sequencer Files
.ico (~24 Kb) *One per published application
▪ Used to be delivered down to the users machine to provide a means to access the virtual application (a shortcut).
.osd (~2Kb) *One per published application
▪ Contains information on how to request and run the package. Can also be used to embed scripts into (similar to an .exe)
.sft (up to 4 GB) *One per Suite of applications
▪ Contains all the virtualized components of the application. If the component isn’t part of .sft, it is expected to be present on the local machine.
.sprj (~13 Kb) *One per Suite of applications
▪ Used to publish and open existing packages to update or repair.
Basic OSD file
OSD Values
ABSTRACT CODEBASE
FILENAME HREF SIZE GUID SYSGUARDFILE PARAMETER
ENVIRONMENT VARIABLE ENVLIST
CLIENTVERSION XML Version, standalone SIZE VM
SUBSYSTEM (WIN32 OR WIN16) REGKEY
HIVE KEY
SUITE
Installing the Sequencer
Planning the Sequencer Environment SoftGrid Virtual Drive (Q:\ Drive) Partitioning Clean Operating System Multiple Sequencing Workstations
Installing the Sequncer
Sequencer Configuration
Select Tools|Options Paths Parse Items Exclusion Items Wizard Settings
Paths tab
Parse Items tab
Exclusion Items
Wizard Settings
Sequencing Best Practices Local Install Document the Installation Application Pre-installation requirements Compression and block size Destination path Suites Application components Automatic Updates Manual/Post-Installation configuration Reboot Request Stop Monitoring
Naming Conventions
ICO Application_Version
OSD Application_Version
SUITE Name Suite_Vendor_Version_MNT or Suite_Vendor_Version_VFS
Package Save Directory
Suite_Vendor_Version_MNT or Suite_Vendor_Version_VFS
SFT Suite_Vendor_Version_MNT or Suite_Vendor_Version_VFS
SPRJ Suite_Vendor_Version_MNT or Suite_Vendor_Version_VFS
Package ROOT ApplicationVersion.Package Version (8.3 naming)
Package Configuration Wizard
Installation Wizard
Application Wizard
Sequencer – Post Sequence
Package Upgrade
Lab
SoftGrid Application Virtualizaton Introduction to Sequencing
Sequence a Hard-Coded Application
Apps the don’t have the option to select the installation directory
Called VFS or Virtual File System installs
Not Recommended Creates Virtualization Overhead Driver letter sequenced to must be
present on client
Sequencing a Web Based Application
Sequence Internet Explorer add-in Active X Codecs Flash Java
Can’t sequence Internet Explorer Allows running multiple versions of
add-ins on the same machine
Custom OSD Modifications
Passing Parameters Scripting Virtual Registry TERMINATECHILDREN Tag Environment Variable Customizations
Lab
SoftGrid Application Virtualization Advanced Sequencing
Module 5: Preview of Microsoft Application Virtualization 4.5
Dynamic Virtualization Extended Scalability Globalization Microsoft Security Standards
Dynamic Virtualization
Extended Scalability
Full Infrastructure
Lightweight Infrastructure
Stand-Alone Mode
Globalization
Support for foreign language applications with special characters Foreign language Active Directory and server support Runtime Locale Detection Localized in 11 Languages
Brazilian Portuguese Chinese – Simplified, Chinese – Traditional Dutch (Client Only) French German Italian Japanese Korean Russian Spanish
Microsoft Security Standards Adopt Microsoft Security Initiatives
Trustworthy Computing (TwC) Secure Windows Initiative (SWI) Security Development Lifecycle (SDL)
Enable Internet facing scenarios No VPN Required Client is on a non-trusted network Server is on a non-trusted network
Secure by Default configuration out of the box Client Privileges locked down TLS Support via Schannel (on by default) Kerberos support Server Authentication
Module 6:Diagnostics and Recovery Toolset (DaRT)
What is DaRT? When do I use DaRT? Advantages DaRT Technology Explained Demonstration
What is DaRT?
Microsoft® Diagnostics and Recovery Toolset provides powerful, intuitive tools that help administrators recover PCs that have become unusable and easily identify root causes of system and network issues
When do I use DaRT?
Microsoft Diagnostics and Recovery Toolset can save significant time and reduce the headaches associated with repairing and troubleshooting common system failures.
System administrators may now run powerful recovery tools on unbootable systems and can quickly restore failed systems with minimal manual effort—in much less time than is required when restoring PCs from backup or reinstalling operating systems
Advantages
Rapid recovery Flexible recovery options Unique tools Cost savings
DaRT Technology Explained
WinPE/WinRE Basics DaRT Requirements DaRT Interface DaRT Interface Tools DaRT Admin Tools DaRT Network Tools DaRT System Tools Online Tools
WinPE/WinRE Basics
Windows PE was designed to allow Windows® setup or a 32-bit imaging program to run on a PC even with no version of Windows installed.
Integrates the different components of setup into one solution so that a simple boot CD could provide a minimal environment that would let 32-bit setup run
WinPE/WinRE now support 64 bit environments
DaRT 6.0 Requirements
Windows Vista Windows Server 2008 Localized in 9 languages
Chinese-simplified Dutch English French German Italian Japanese Korean Spanish
1 GHz 32-bit (x86) or 64-bit (x64) processor 512 MB of system memory A CD drive BIOS support for booting from a CD drive
DaRT 5.0 Requirements
Windows 2000 Windows XP (x86 versions) Windows Server 2003 (x86 versions) A minimum of 64 MB (128 MB
recommended) of system RAM An Intel Pentium (or compatible) 166
MHz or faster processor A CD drive BIOS support for booting from a CD
drive
DaRT 6.0 Interface (ERD Commander)
DaRT provides an extension of the WinRE functionality with additional tools for diagnosing, troubleshooting, and repairing workstations
Can be connected to the local Windows installation
DaRT 5.0 Interface (ERD Commander)
DaRT provides a GUI extension of the WinPE functionality with additional tools for diagnosing, troubleshooting, and repairing workstations
Can be connected to the local Windows installation
Looks like Windows XP
DaRT 6.0 Interface tools
Startup Repair (WinRE tool) System Restore (WinRE tool) Bitlocker Unlock (WinRE tool) Windows Complete PC Restore (WinRE
tool) Windows Memory Diagnostic Tool
(WinRE tool) Command Prompt (WinRE tool) Microsoft Diagnostics and Recovery
Toolset (DaRT tools)
DaRT 5.0 Interface tools
Command Prompt Explorer Notepad Search Solution Wizard Help
DaRT Tools
ERD Registry Editor Locksmith Crash Analyzer Wizard Disk Commander File Restore Disk Wipe Search Explorer Computer Management TCP/IP Config Hotfix Uninstall SFC Scan Standalone System Sweeper (DaRT 6.0 only)
Online tools explained (Tools that can run in the online system)
Crash Analyzer ERD Commander Boot Media Wizard File Restore (Only available in Dart
5.0)
Demonstration
Creating the CD To start the ERD commander Boot Media
Wizard▪ Walk through the installation Wizard
Creating a Bootable CD that has a time Limit
Booting into the DaRT
Lab
Microsoft Diagnostic and Recovery Toolset 6.0
Module 7:Advanced Group Policy Management (AGPM)
What is AGPM? When do I use AGPM Advantages Concepts Change Management Using GPOs and AGPM for Change
Management AGPM Technology Demonstration
What is AGPM?
Microsoft® Advanced Group Policy Management is an add-on to Group Policy Management Console that provides change management control over Group Policy Objects
When do I use AGPM?
Provide change control system for group policies
Delegate and control group policy administrators access
Provide ability to revert to previous versions of group policies
Challenges in Managing Group Policy
Edits to live GPOs can affect many or all computers on network adversely
No way to quickly revert to previous group policy settings
GPO Editors can deploy GPOs into live environment without testing
Multiple GPO editors, without audit information on individual settings
Can’t provide review process to accept or reject new settings
Microsoft Advanced Group Policy Management: Advantages
Granular administrative control Robust delegation model Role-based administration Change request approval
Reduced risk of widespread failures Offline editing of GPOs Difference reporting and audit logging Recovery of a deleted GPO Repair of live GPOs
Enable effective Group Policy change management Creation of GPO template libraries Subscription to policy change e-mail notifications Version tracking, history capture, and quick rollback of
deployed changes
Microsoft Advanced Group Policy Management: Concepts
GPMC Integration Role-based Delegation Change Management Offline Editing Email notification Advanced Differencing Reports Templates Roll-back
GPMC Integration
Addition of Change Control Object in GPMC mmc
Role-based Delegation
Allows administration tasks to be delegated to regional or task-oriented administrators
Provide an optional workflow process that includes role-based delegation, review, and approval
Roles: Administrator, Approver, Editor, and Reviewer
Domain-level and GPO based delegation
Change Management
Store each GPO in a central Archive Administrators can view and edit
offline Stores versions for Roll-back
Using GPOs and AGPM for Change management
Create a new controlled GPO or control a previously uncontrolled GPO.
Check out the GPO, so you and only you can modify it.
Edit the GPO. Check in the edited GPO, so others can
modify it, or so it can be deployed. Review the changes. Deploy the GPO to the production
environment.
Offline Editing
Enables administrators to configure and test changes on live GPOs without effecting live environment
Requires controlled GPO that is checked out before editing
When checked out no other administrators can edit until GPO is checked in
After check in, the GPO can reviewed, approved, and deployed
Email Notification
Editor or Reviewer attempts to create, deploy, or delete GPOs an email is sent to configured Approver(s)
Approver(s) can accept or reject the request
Advanced Difference Reports
Generate HTML or XML based difference reports
Comparison of two controlled GPOs Comparison of controlled GPO and
default template All Roles of AGPM administrator can
run difference reports
Templates
Templates enable administrators to save all of the settings of a particular version of a GPO
Templates can be used as a starting point for new GPOs
Editors can select which GPO template is the default
Eliminates settings errors when configuring multiple GPOs that need to comply with company policies
Roll-back
Redeploys previous version from archive
Overwrites current version in production
AGPM Technology
Prerequisites for AGPM AGPM Server Requirements
▪ Windows Vista (32-bit version)▪ Microsoft Windows Server 2003 (32-bit version)▪ Group Policy Management Console (GPMC)▪ Membership to the Domain Admins group for install▪ Default Port for AGPM service is 4600
AGPM Client Requirements▪ Windows Vista (32-bit version)▪ Microsoft Windows Server 2003 (32-bit version)▪ Group Policy Management Console (GPMC)
Supported AGPM configurations
Windows VistaAGPM client
Windows VistaAGPM
service
All Setting
s
Windows VistaAGPM client
Windows ServerAGPM
service
Most Settings
*
Windows VistaAGPM client
Windows Longhor
nAGPM
service
All Settings
Now
availa
ble
Win
dow
s Serv
er
200
8
tim
efr
am
e
Demonstration
Installation of AGPM Server and Client
Delegation of Access to all GPOs in a domain
Configuring Email Notification Using AGPM to create and manage
GPOs Use a template to create a GPO Delete and restore a GPO
Module 8:Desktop Error Monitoring (DEM)
What is DEM? When do I use DEM? Benefits DEM Technology DEM Requirements Capacity Planning Security
What is DEM?
Built on Microsoft Operations Manager 2007
Provides a subset of the Operations Manager features
Enables collection of information about application and operating system failures
Delivers rich reporting of common errors in the environment
Can be configured to provide resolutions of common Microsoft errors
When do I use DEM?
Any organization that experiences application crashes and operating system errors
One of the most severe and difficult-to-resolve problems for users of desktop PCs is when an operating system or application stops responding
End users typically deal with this by rebooting their systems: in 90 percent of the cases, they don’t tell anyone in IT about the problem.
Benefits
Enhances IT helpdesk effectiveness, reducing cost of Windows® ownership Identifies the highest-occurring crashes Reduces resolution time by providing crash details and
responses Assists in triaging patch deployments and updates Provides metrics for monitoring post-deployment effects
Improves desktop stability, increasing enduser productivity and satisfaction Reduces downtime throughout an organization Reactive: provides real-time awareness of critical errors Proactive: helps address errors in applications before they go
into production Enables IT-controlled, custom error responses to end users
DEM Technology
Operations Manager (OM) 2007 Agentless crash monitoring Error Reporting to a central location Rich Data Analysis (utilizing OM
reporting) Direct Access to troubleshooting and
resolution knowledgebase (OM tie to Microsoft Knowledgebase)
Operations Manger 2007
System Center Operations Manager is a software solution to meet the need for end-to-end service monitoring in the enterprise IT environment
Monitors thousands of servers, applications, and clients
Provide a comprehensive view of the health of an organization’s IT environment
Agentless Exception Montioring
Monitor operating system applications failures that cause your client computers to hang or crash
Participate in the Customer Experience Improvement Program
No Agent installed on Client Configured through Group Policies
Error Reporting to a Central Location
DEM stores the error reports to a centralized shared location
Temporary location that stores information that could be analyzed by development teams
DEM will then take the data sent from the client and put it into the SQL database
Data in these directories can be forwarded to Microsoft
Rich Data Analysis (utilizing Operations Manager reporting)
Operations Manger includes SQL based reporting infrastructure
Reports available for Client Monitoring allow administrators to identify the most critical or most frequently occurring errors
Reports allow for administrators to engage Microsoft Support, a 3rd party application vendor, or have data to present to the internal development team to find resolutions to the most common or critical problems.
Direct Access to troubleshooting and resolution knowledgebase
DEM is capable of utilizing the Microsoft Knowledgebase to provide prescriptive resolutions to specific errors that are in the environment
Administrators can quickly respond to and resolve errors occurring without lengthy research
DEM needs to be configured to send information to Microsoft to receive response URLs
DEM Requirements
Windows Server 2003 Active Directory Group Policies SQL 2005 sp1 Powershell .NET 2.0
Security
Use of certificates provides capability of client to server and server to Microsoft SSL based security
Delegation of access to provide read-only access to most administrators
Demo
Installation of SCDEM Configuration of Agentless
monitoring Viewing Reports
Module 9: Asset Inventory Service (AIS)
What is AIS? When would I use AIS? Benefits of AIS AIS Client Properties Why is AIS a Hosted Solution AIS Process
What is AIS?
Advanced Inventory Scanning Comprehensive Inventory Reports Software License Management Easily administered service Security and Privacy
Advanced inventory scanning
AIS gathers data on all of your software assets
Identifies all installed software by name, ISV, family, and category
Scans systems for software through Add/Remove Programs, Start Menu, Auto start (Startup), and MSIs
Scanning is automatically randomized
Comprehensive inventory reports
Inventory data is reconciled against the Microsoft Asset Inventory Service Application Knowledgebase
Database of software contains titles representing the vast majority of commercially available software
For Microsoft and some Third Party applications AIS can interpret the type of software installed (MS: OEM, VL, Retail, 3rd Party: Purchased vs Freeware)
Software license management
Ensure that licenses you’ve paid for have been deployed and are being used
Verify software within your enterprise is compliant with your license agreements
Easily administered service
Designed for ease of use Can be enabled in just a few hours Inventory data is securely hosted by
Microsoft No servers to maintain
Security and privacy
Microsoft ensures that the data gathered in this hosted service is secure and remains confidential to your organization
Data center with a caged environment and redundant systems for reliability
Protect web sessions through a secure connection
Windows Live ID to authenticate users No identifiable Inventory data is shared
with anyone within or outside of Microsoft
When would I use AIS?
In any environment for collecting an accurate inventory on all the software installed on their desktops on an ongoing basis
Benefits of AIS
Effectively managing your software asset inventory to ensure compliance and optimize IT budgets.
Identifying applications and installations that are contrary to your corporate policies.
Analyzing usage to forecast organizational needs.
Enhancing productivity in your IT infrastructure and amongst your staff.
AIS Client Properties
Broad support 32-bit and 64-bit support Windows 2000 SP4 or greater Locale neutral
Low impact Small size: ~1.5MB Non-resident in memory when not in use Monitor its state and self heal (daily heartbeat)
Secure communication Mutual authentication with backend service Inventory upload is over SSL Agent per customer account
AIS and SMS 2003/SCCM 2007 Additional features of SMS 2003/SCCM 2007
On Premise inside of the firewall Enables both hardware and software inventory Enables real time usage metering of software application
use Why AIS if you already have SMS/SCCM
Through acquisitions organizations may choose to deploy AIS to the acquired company to assist with their due diligence in a lightweight fashion
If the customer has branch office scenarios where they do not have SMS fully deployed
Purchasing/procurement team wants to do a simple software asset review without dependencies on the IT department
Why is AIS a Hosted solution?
No expensive servers to maintain + Lower break-even point + Easy to setup + Anywhere access + Predictable cost + High reliability + Need Internet access - Perceived less secure -
AIS ProcessSign-in: sign in through passport
Download agent: MSI
package
Deploy agent: using
preferred deployment
method
Clients: set up schedule
and send inventory to the service
View reports: online reports
of software assets