Mastering The Move To Modern Management Using
Mastering the Move to ModernManagement using ConfigMgrJosué NegrónBrooks PeppinSr. Solutions ArchitectVMwareEUS Systems EngineerVMware#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
AgendaChallenges with PCLM SolutionsWhat are your Options?Co-Management with ConfigMgr using IntuneScripting Options to Move WorkloadsCo-Management with Workspace ONEOn-boardingCollection MappingApp MigrationTracking and Dashboard#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
2017Evolution of MicrosoftClient Management20122011201220142016CoManagementSCCM asa ServiceEnterpriseMobility Suite2007200319991994SMS 2.0SMS 1.0Client ManagementInfancy (NT Domain)Windows 3 Windows 9519951992Groups ModelWindows XP2001Laptops, Servers,Enterprise ScaleWindows Vista2006ComprehensiveManagementWindows 72009Managementfrom the CloudConsumerization of ITWindows 82012#ITDEVCONNECTIONS ITDEVCONNECTIONS.COMWindows 102015Transitioning to ModernManagement
With Windows 10, Microsoft Enables“Modern Management” of PCsIntegrated MDMFrameworkSimplified DeviceOnboardingCloud-basedManagementMicrosoft’s own IT is moving away from traditional PC managementto modern management for Windows 10.** Source: Microsoft IT Showcase; Aug 21, 2017; crosoft-IT#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM4
Journey to Modern Management Not a flip of a switch to get to Windows 10 / Modern Management Will take time, potentially years May have servers and legacy Windows OS under SCCM management Need to change 25 years of management practices Domain Centric to Device/User Centric Many plug-ins for SCCM Asset management, Auditing Similar to move from Exchange, Active Directory Hybrid Mode Exchange with O365 / AD Federation with Azure Customers may not be able to move all devices to modern management Will happen with device replacement (3-5 years)#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Legacy PC ManagementUnified Endpoint ManagementDeployHigh IT touch – build and constantly maintain imagesspecific to OEMs, OS version, use cases, rolesSimpler out-of-the-box and IT runtime provisioning without theneed for imaging; upgrade to new version from cloudPatchPoor patch compliance – patch management of domainjoined PCs on company networkUpdates PCs on or off the domain from the cloud in minutes;not monthsConfigureOn-network and domain joined PCs only, leveraging grouppolicy objects (GPOs)Configures PCs over-the-air and across any network; supportsmodern MDM GPOsAppsResource intensive packaging and deployment (heavydistribution infrastructure); supports Win32 apps onlyScalable and reliable app distribution with cloud CDN P2P;supports any app - Win32, store/UWP, SaaSSecurePerimeter defense and no visibility across off-networkendpoints; manual remediation for compromised PCsSmarter conditional access polices and real-time visibility,compliance, and auto remediation across all endpointsSelf-serviceLacks self-service capabilities or requires third party addons (e.g. store front, recovery keys, etc.)Self-service features for app access, domain password reset,BitLocker recovery, remote wipe and lock and othersUse CasesLimited to corporate owned desktop management usecases with locked down machinesEasily scales to modern use cases (e.g. BYOD) and otherWindows, mobile, rugged and IoT endpoints (UEM)RetireManual process: wipe and replace image for new userWipe and reset remotely; ready for the new user#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Bridging to Modern ManagementAdopt & ConnectTransition to ModernConfigMgr Content Delivery to Cloud Content DeliveryWin32 to Modern AppsKerberos to Modern AuthGPO to MDM PolicyImaging to Signature ImageWSUS to WUfBAdopt Windows 10Modernizing with a co-management bridgeAdopt Office 365/ProPlusAD/AADconnectEnd of Support for Windows 7Today#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Why Co-Manage with SCCM SCCM is a religion People have built their careers on SCCM As they move to Modern Management, SCCM becomes irrelevant Unless a customer is already 100% at Windows 10 WinXP, Win7, Win8 and Server OS’s Most companies have had SCCM in place for over 20 years Not easy to just “rip off the Band-Aid” We may need SCCM to get to Windows 10 Upgrade Win7 to Win 10 Typical hardware refresh cycle is 3-5 years#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Co-Management with IntuneYou must have the following prerequisites in place before you canenable co-management with Intune or EMS: Requires Windows 10 version 1709 or later Requires Configuration Manager version 1710 or later Must be Intune Standalone Cannot be Hybrid MDM (Intune joined to SCCM) EMS or Intune license for all users Devices must be Hybrid Azure AD-joined (SCCM Managed) Azure AD Joined (Intune Managed) Azure AD automatic enrollment enabled#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Supported Workloads Device Compliance Policies Resource Access Policies Configure VPN, Wi-Fi, email, andcertificate settings on devices. Windows Update Policies Endpoint Protection (starting in ConfigurationManager version 1802) Device Configuration (starting inConfiguration Manager version 1806) Office 365 Click-to-Run apps (starting inConfiguration Manager version 1806) Mobile apps (starting in ConfigurationManager version 1806 as a pre-releasefeature) Ability to Execute Remote Commands#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Co-Management Dashboard#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Major Limitations Today Many Prerequisites: SCCM 1710 , Windows 10 1709 , AD AADJoined, CMG for Intune-Only Managed Devices, etc. No clear path to fully migrate apps to a modern approach Does not migrate workloads over from SCCM to Intune, CoManagement only chooses who the primary source ofmanagement should be Only supports some use-cases, thus might not work for all ofyour devices in your organization No clear path for customers who want to rip-and-replacequickly; but great for a longer term migration plan#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Open-Source SCCM Migration Tools Available on GitHub & VMware {code}: SCCM to AirWatch App MigrationMigrate existing Win32 applications fromSCCM to AirWatch SCCM to AirWatch Tag CreationAutomatically create tags in AirWatch forSCCM collections and tag devices to maintaina link between SCCM and AirWatch SCCM to AirWatch Auto RegistrationAutomatically pre-register SCCM devices intoAirWatch using serial number and primaryuser. Allows silent AirWatch enrollment viastaging M AppMigrationAirLift to get to ModernManagement#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
SCCM TermsWorkspace ONE TranslationsIntune TranslationsWMI/MOFClosest would be CSPs/APIsCSPs/APIsApps & PackagesSoftware Distribution (Win32 Apps)Client Apps (Windows MSI Line-of-Business)Distribution Points (DPs) BranchCacheCDN P2PCloud DPsMDT/OSDNext Evolution is OOBE/AutoPilot/Dell FactoryProvisioningOOBE AutoPilotSoftware Center/App CatalogWorkspace ONE CatalogCompany PortalMBAM for EncryptionBitLocker Lifecycle ManagementBitLocker Configuration via CSPCollectionsSmart Groups / TagsAssignments/GroupsSoftware Updates/ADRs/WSUSWindows Update Profile (WUfB or WSUS)Software Updates (WUfB)Task SequencesNo Mapping – similar to Product ProvisioningNo Mapping – PowerShell ScriptsSite Code (3 Characters) & AssignedSiteGroup ID & Enrollment GroupTenantEnrollment PointDevice Services (Mobile and Mac Devices Only)--Management PointDevice Services (Windows Devices)Cloud Management GatewayPrimary Site/Secondary SiteParent/Child Organization Group--#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Did you know .VMware has supported co-existence(“co-management”) with SCCM sincelate 2015!So where are we today with speeding your transition to Windows10 modern management, let’s take a look!#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Workspace ONE AirLiftConfigMgrWorkspace ONE UEMWindows 10 Clients6 Server-side Connector Web-based AdminExperience Passive Orientation toSimplify Co-Management Fully Productized andSupported Available with ALLWorkspace ONE Editions#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Communication ProtocolsConfiguration ManagerWorkspace ONETRADITIONALMODERNAirLiftAirLift Web UIWindows RemoteManagement (WinRM) &Configuration ManagerCmdletsAirLift ServiceWorkspace ONE UEMRESTful APIs#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
AirLift Prerequisites Workspace ONE UEM 9.5 Admin with API Access & REST API Key Device Services, Console, API URLs SCCM 2012 R2 SCCM Account with at Least Read-Only Permissions Additional access needed to create Enrollment App from AirLift (Optional) SCCM Account must be Remote Management Group (Win RM) SCCM Site Code SCCM Device Collections with Active Windows 10 Devices AirLift VM (Recommend Small Dedicated VM with Good SCCM Connectivity) AirLift Installer will Download & Install SQL Express and MongoDB Installer will Securely Configure for Use Only by AirLift AirLift will Create Two Services that Run under ‘Network Service’#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Live Demo: GettingStarted with AirLift#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Mapping Device Collections#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
SCCM Device Collection MappingEmpower the admin to accelerate their adoption and visibility of ourCo-Management capabilities Leverage existing ConfigMgr Device Collections Complex Query Based Rules Based on Device Type (e.g. Dell XPS) One to Many Mapping between Collections and Workspace ONE Map ConfigMgr Collections to Workspace ONE Smart Groups Backend Task keeps Workspace ONE Synced with ConfigMgr Multiple Purposes for Collection Mapping Windows 10 Devices Systems that can be Upgraded to Windows 10 Dell Laptops, etc. One to One, Many to One or Specific Mapping#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Live Demo: Taking Flightwith AirLift; OnboardingDevices#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Enrollment#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Live Demo: MigratingApps#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Application MigrationTransition SCCM Applications to Workspace ONE UEM Enumerate SCCM Applications Supports MSI’s Supports Scripted Installs (MSI, EXE, ZIP) Supports Multiple Deployment Types Validations to Increase Predictability Rules Introspect SCCM App Metadata BEFORE Export Validate Info (e.g. Install Translated from ‘System’ to ‘Device’) Validation Error (e.g. Uninstall Command Line Missing) Application Export is NOT App Rationalization Offering Automated Packaging Does Not Work Against SCCM Packages#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Troubleshooting AirLift Install Directory: %ProgramFiles%\VMware\VMware AirLift Workspace ONE Enrollment Application – Contains the AirWatch Agent, SCCMIntegration Client, and icons. AppSettings.JSON – Change logging level and contains the connection strings toSQL Express and MongoDB %ProgramData%\VMware\VMware AirLift MongoData Log – Contains logs for Mongo DB Logs Contains AirLift logs, more detailed than the Activity Log Note before installing AirLift you should ensure your user account hasthe minimum required access to SCCM. You should also have adminrights to install all of the dependencies.#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Dashboard#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
FAQ's1. Does this install require access to the SCCM DB? No2. How does this communicate with SCCM? WinRM and SCCM Cmdlets3. What SCCM information does it query? Device Collections, Devices,Users, SCCM Apps4. What SCCM RBAC access is needed? Read-only Analyst5. What SCCM RBAC access is optional? Privilege to create SCCM App andDeploy6. How long will AirLift take to do the initial synchronization? 1-20 minsdepending on the size and number of both Workspace ONE and SCCMentities. Subsequent synchronization is incremental.7. Does AirLift support Direct and Rule-based Device Collections? Yes8. Does AirLift support anything other than SCCM Device Collections? No#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Learn Workspace ONE modernmanagement for Windows 10Test Drive Workspace ONE onyour Windows 10 devicesGet Started on Your POC orDeploymentDemosSign up to VMware TestDrive:POC: Workspace ONE Windows 10Reviewers Guide: https://youtu.be/3OOap0qQOMY ite/cms.do?view openlearningHands-on-Labs 8 Beginners: HOL-1857-01-UEM Getting Started Advanced: HOL-1857-02-UEM Unified Endpoint Managementfor Windows 10 https://portal.vmtestdrive.com/TestDrive Getting Started Guide: 1372254-GettingStarted-with-TestDriveWorkspace ONE for Windows 10Walkthrough Guide: 1152734-ExperienceWorkspace-ONE-on-Windows-10 ployment: Professional ServicesUse Case Add-on for Windows 10: NECTIONS ITDEVCONNECTIONS.COM
You’ve got questions,we got answers hopefully#ITDEVCONNECTIONS ITDEVCONNECTIONS.COM
Mastering the Move to Modern Management using ConfigMgr. . Windows 8 2012 Windows 7 2009 Windows Vista 2006 Windows XP 2001 Windows 95 1995 Windows 3 1992 2014 Enterprise . Client Apps (Windows MSI Line-of-Business) Distribution Points (DPs) BranchCache CDN P2P Cloud
May 02, 2018 · D. Program Evaluation ͟The organization has provided a description of the framework for how each program will be evaluated. The framework should include all the elements below: ͟The evaluation methods are cost-effective for the organization ͟Quantitative and qualitative data is being collected (at Basics tier, data collection must have begun)
Silat is a combative art of self-defense and survival rooted from Matay archipelago. It was traced at thé early of Langkasuka Kingdom (2nd century CE) till thé reign of Melaka (Malaysia) Sultanate era (13th century). Silat has now evolved to become part of social culture and tradition with thé appearance of a fine physical and spiritual .
On an exceptional basis, Member States may request UNESCO to provide thé candidates with access to thé platform so they can complète thé form by themselves. Thèse requests must be addressed to esd rize unesco. or by 15 A ril 2021 UNESCO will provide thé nomineewith accessto thé platform via their émail address.
̶The leading indicator of employee engagement is based on the quality of the relationship between employee and supervisor Empower your managers! ̶Help them understand the impact on the organization ̶Share important changes, plan options, tasks, and deadlines ̶Provide key messages and talking points ̶Prepare them to answer employee questions
Dr. Sunita Bharatwal** Dr. Pawan Garga*** Abstract Customer satisfaction is derived from thè functionalities and values, a product or Service can provide. The current study aims to segregate thè dimensions of ordine Service quality and gather insights on its impact on web shopping. The trends of purchases have
Chính Văn.- Còn đức Thế tôn thì tuệ giác cực kỳ trong sạch 8: hiện hành bất nhị 9, đạt đến vô tướng 10, đứng vào chỗ đứng của các đức Thế tôn 11, thể hiện tính bình đẳng của các Ngài, đến chỗ không còn chướng ngại 12, giáo pháp không thể khuynh đảo, tâm thức không bị cản trở, cái được
3. Mastering Tips 3.1 what is mastering? 3.2 typical mastering tools and effects 3.3 what can (and should) be fixed/adjusted 3.4 mastering EQ tips 3.5 mastering compressor tips 3.6 multi-band compressor / dynamic EQ 3.7 brickwall limiter 3.8 no problem, the mastering engineer will fix that!
Mastering Intellectual Property George W. Kuney, Donna C. Looper Mastering Labor Law Paul M. Secunda, Anne Marie Lofaso, Joseph E. Slater, Jeffrey M. Hirsch Mastering Legal Analysis and Communication David T. Ritchie Mastering Legal Analysis and Drafting George W. Kuney, Donna C. Looper Mastering Negotiable Instruments (UCC Articles 3 and 4)
