anyweb

hi Ben, why did they setup a CAS as a matter of interest, I do point out many reasons not to set one up, the primary site that died, was that a CM07 site ?

the instructions above, in particular this bit... have you imported the task sequence ? have you copied the files where they are supposed to go ? this task sequence is not for the faint hearted, it's advanced and requires a lot of work (and understanding) to get working.

first question, why did you go for a cas and pri in the first place ?

In Part 1 of this series we created our new LAB, we got the System Center 2012 Configuration Manager ISO and extracted it, then copied it to our Active Directory server. We then created the System Management container in AD, delegated permissions to the container, extended the Schema for Configuration Manager. We then opened TCP ports 1433 and 4022 for SQL replication between sites, installed some prerequisites like .NET Framework 4.0, added some features and then downloaded and installed SQL Server 2008 R2 SP1 CU6. We then configured SQL Server using SQL Server Management Studio for security and memory configurations prior to running the Configuration Manager 2012 setup to assess server readiness. Finally we installed a central administration site (CAS). In Part 2 we setup our Primary server with SQL Server 2008 R2 SP1 CU6. We then installed Configuration Manager 2012 on our primary server (P01) and verified that it was replicating to our central administration site (CAS) server. Then we configured Discovery methods for our Hierarchy and then configure Boundaries and Boundary Groups. In Part 3 we configured Discovery methods and configured boundaries and created a boundary group, we then configured them for Automatic Site Assignment and Content Location. In Part 4 we added the Application Catalog roles to our Hierarchy. We then configured Custom Client Device Settings and then deployed those settings to the All Systems collection on site P01. After that we created Custom Client User Settings and deployed them to the All Users collection in order to allow users to define their own User and Device affinity settings. In Part 5 we installed the WSUS server role (it is required for the Software Update Point role). We then installed the Software Update Point role on our CAS and Primary servers and we configured the SUP to support ConfigMgr Client Agent deployment which is a recommended Best Practice method of deploying the Configuration Manager Client Agent. In Part 6 we prepared our server for the Endpoint Protection Point role, and installed that role before configuring custom client device settings and custom antimalware policies. We then deployed those custom client device settings and custom antimalware policies to our newly created Endpoint Protection collections. In Part 7 we added operating system deployment ability to our hierarchy by adding Windows 7 X64. We used the Build and Capture process to capture a WIM image which we can later deploy to targeted computers using network boot (PXE). PXE boot requires specific settings on our distribution points and the boot images used to deliver the operating system WIM images were therefore also enabled for PXE support. In Part 8 we added Applications to our Software Library and configured the requirements in the Deployment Type to add new abilities to the application delivery process. We monitored the approval process of our applications and saw how requirements can influence whether an application is installed or not and we noted the difference between deploying to Users versus Devices. Now we will take a look at how Automatic Deployment Rules can be used to automate the deployment of windows updates on Patch Tuesday using a recurring schedule to patch your infrastructure using Software Updates. In Part 9 we created some folders and collections using a PowerShell script to make targeting of Windows Updates easier, we then performed a full synchronization of our Software Update Point before creating an Automatic Deployment Rule (ADR) for Windows 7 monthly updates for Patch Tuesday. In Part 10 we monitored our previously created ADR and monitored the downloading and deployment of those updates both to the distribution points and finally to our Windows 7 client computers. We reviewed the process in fine detail in order to understand the sequence of events when an ADR is run on a schedule. In Part 11 we upgraded our Hierarchy to System Center 2012 Configuration Manager Service Pack 1. In Part 12 we used the new Build and Capture process in Configuration Manager 2012 Service Pack 1, to capture a master image of Windows 8 Enterprise with the .NET 3.5 feature pre-installed, in addition we did most of it using Powershell cmdlet's which are now part of Configuration Manager. In Part 13 we customized the Windows 8 start screen to suit our needs on our previously captured image, we learned the steps required to successfully deploy that customized image and we did most of the work using PowerShell Cmdlets (where available). Now we will use Compliance Settings to take control of certain settings on our clients and to make sure that they are compliant with our baselines by remediating when necessary. Introduction Many organizations today use some form of compliance to enforce standards (via Group Policy or other methods), and that's a good thing as having standards means that you can keep things the same across many computers which in turn means they are easier to manage and support. If the computers you manage are compliant with your organizations policies then all is good, if the computers are not compliant then we can report on this non-compliance and/or enforce compliance via remeditation (fix the problem by enforcing the standard). In this guide I'll show you how to do most of the actions using Powershell (where possible, not all actions have been converted 100% to powershell, it's still in development) but also via the configuration manager console. The reason that I'm showing you how to do it in both ways is to make your job easier in terms of automating certain tasks. Once you see how the cmdlets work you'll be more inclined to include them in a script. Configuration Manager 2012 Service Pack 1 has Compliance Settings built in (however there are no included configuration baselines or configuration items, you can of course create your own or import ready made baselines) and has the ability to not only monitor but to remediate. Compliance Settings was referred to as Desired Configuration Management (DCM) in Configuration Manager 2007. The Compliance Settings feature is found in the Assets and Compliance node and is comprised of the following three components: Configuration Items Configuration Baselines User data and Profiles Configuration Items are rules that govern what should be done. Configuration Baselines are groups of one or more Configuration Items and these baselines are deployed to Collections, clients (users or devices) in collections evaluate their compliance state and submit that data to the site server. You can create your own Configuration Baselines or Import them from elsewhere. Imported baselines always include their associated Configuration Items. Step 1. Verify compliance settings and schedule in Client Settings Perform the following on the CAS server as SMSadmin Before we can use Compliance Settings we need to enable the ability via client settings. You can configure this site wide (it's enabled by default) or on a collection by collection basis using custom client device settings. In Part 4 of this series we created Custom Client Device Settings, so let's go ahead and open up those client settings. Method #1 - Verify the Custom Client Device Settings in Powershell In a Configuration Manager PowerShell console issue the following command Get-CMClientSetting -Name "Custom Client Device Settings" -Setting 3 It should output something like the below if any valid Client setting is found Tip: You can change the -Setting value to an array of values between 0-18 to match the relative Agent type. For example the 3rd agent type is Compliance Settings and the 4th agent type is Computer Agent. You can specify them in any order you want them outputted in, from 0 to 18, like 0,3,2,4,5,7,10,18 Get-CMClientSetting -Name "Custom Client Device Settings" -Setting 3,4 Method #2 - Verify the Custom Client Device Settings in the Configuration Manager console In the Administration workspace, select our Custom Client Device Settings, right click and choose Properties. From the list that appears place a checkmark in Compliance Settings and set both options to Yes as per the screenshot below. Note: Enabling the Compliance Settings client settings makes it possible for Configuration Manager clients that are assigned to this site to evaluate compliance with assigned configuration baselines. This client setting is enabled by default via the Default Client Settings, but the client will not evaluate its compliance until it downloads one or more configuration baselines and evaluates them at the configured schedule. Disabling the Compliance Settings client settings prevents Configuration Manager clients that are assigned to this site from evaluating compliance with deployed configuration baselines. Note: The option Enable User Data and Profiles is for Configuration Manager 2012 SP1 only and applies to Windows 8 computers in your hierarchy. If you want to change the schedule of when compliance is evaluated then you'll need to edit the Default Client Settings, and open the corresponding compliance settings option listed below, for the purpose of this guide let's change it to every 1 day (by default it's every 7 days). Tip: you can always manually check for compliance on a client computer by reviewing the actions available in the Configurations tab of the Configuration Manager client agent. Step 2. Create a baseline to set the homepage for All Users using Windows 8 Perform the following on the CAS server as SMSadmin Now we will create our first baseline called Set Home Page. I'll show you how to do it in two ways, you can decide which way to do it. One method will be with powershell cmdlets built into Configuration Manager and the other method is with screenshots of the steps required in the Configuration Manager console. Method #1 - Create the Baseline in Powershell To create the Configuration Baseline in PowerShell we will use the New-CMBaseline cmdlet. In the Configuration Manager console (or using a console that has the configuration manager module imported), open a Powershell console and use the following command to create the new Configuration Baseline:- New-CMBaseline -Name "Set Home Page" -Description "Sets the homepage in Internet Explorer to http://www.windows-noob.com for All Users using Windows 8" -Category -- Client Method #2 - Create the Baseline in the Configuration Manager console To create the Configuration Baseline using the Configuration Manager console, in Assets and Compliance right click on Configuration Baselines in Compliance Settings, and choose Create Baseline. enter the following info, give it a name, description and select the Client category (or create a new one if you wish), at this point we won't select any configuration item. save your settings and your baseline appears in the console. Step 3. Create a Configuration Item to set a registry key Perform the following on the CAS server as SMSadmin A baseline is pretty useless without one or more configuration items to 'tell' it what to do or what to check for, so let's go ahead and create a new configuration item which checks the value of a registry key and set's it to the value that we desire (by remediating the value). The registry key we are checking for is a current user registry key so this can only be checked when a user is logged on. Once again i'll show you two methods of doing this, one using powershell, one using the Configuration Manager console. Method #1 - Create the Configuration Item in Powershell To create the Configuration Item in PowerShell we will use the New-CMConfigurationItem cmdlet. Use the following command to create the new Configuration Item:- New-CMConfigurationItem -Name "Set home page via a registry key" -Description "Sets the homepage to http://www.windows-noob.com" -CreationType "WindowsOS" -Category "Client" Note: The New-CMConfigurationItem cmdlet is not fully fledged yet so you'll have to go and edit the Configuration Item (CI) in the console manually to add the remaining bits, see below for what to add. Method #2 - Create the Configuration Item in the Configuration Manager console To create the Configuration Item using the Configuration Manager console, in Assets and Compliance right click on Configuration Item in Compliance Settings, and choose Create Configuration Item. fill in the name, and a good description, select Windows as the OS and Client as the category next for supported platforms deselect All and place a checkmark in Windows 8 (this will mean that the CI is only supported on Windows 8 systems) and on the Settings page click on New to create a new setting on the Create Setting page, fill in details about the setting you are creating, when creating settings you can select the following types of setting type Active Directory Query Assembly File System IIS metabase Registry key Registry Value Script SQL query WQL query XPath query we are going to set a registry key in the Current User Hive, so select the following:- Hive Name: HKEY_CURRENT_USER\ Key Name: Software\Microsoft\Internet Explorer\Main Value Name: Start Page Next, click on the Compliance Rules Tab and click on New On the Create Rule page, fill in the following details:- Name=Verify and Remediate start page Description=Verify the Internet Explorer start Page value and set to http://www.windows-noob.com if not compliant Selected Setting=Set home page via a registry key \ set home... Rule Type=Value Remediate noncompliant rules when supported=True Report noncompliance if this setting instance is not found=True Apply your settings and click next to continue at the compliance rules page continue through the wizard until the Create Configuration Item wizard is complete Step 4. Add the Configuration Item to the Configuration Baseline Perform the following on the CAS server as SMSadmin Now that our Configuration Item is created we need to add it to our baseline the baseline won't have anything to do. Method #1 - Add the Configuration Item to the Configuration Baseline in Powershell This functionality is not available yet. Method #2 - Add the Configuration Item to the Configuration Baseline in the Configuration Manager console Select the Set Home Page baseline in Configuration Baselines and right click, choose Properties. click on the Evaluation Conditions tab and in the drop down Add menu select Configuration Items select our newly created Configuration Item, click Add then click OK Once done click on Apply then OK. Step 5. Deploy the Baseline Perform the following on the CAS server as SMSadmin Now that our Configuration Item is created and added to our Configuration Baseline, we want to Deploy the baseline to a collection. As we are targeting to the Windows 8 computers collection (I've created that device collection in advance using a query to check for Windows 8 as the operating system), all computers in this collection will get this Baseline when they next poll for policy and they'll be checked for compliance. Carefully targeting your collections will mean that the compliance data returned will be more meaningful. Method #1 - Deploy the Configuration Baseline in Powershell We will use the powershell cmdlet Start-CmBaselineDeployment to deploy our configuration baseline. Start-CmBaselineDeployment -Name "Set Home Page" -CollectionName "Windows 8 Computers" -EnableEnforcement $True -OverrideServiceWindow $True -GenerateAlert $True -ParameterValue 90 Method #2 - Deploy the Configuration Baseline in the Configuration Manager console Right click on our Configuration Baseline and choose Deploy, fill in the values as you see in the screenshot below. Step 6. Verify compliance on a client computer Perform the following on a Windows 8 computer as a testuser Logon to a Windows 8 client and start up Internet Explorer, set the homepage to a value such as http://www.niallbrady.com Apply the settings and open the Configuration Manager Client. Browse to the Actions tab and initiate a Machine policy retrieval. Once done, select the Configurations Tab and click on refresh, our Baseline should appear and if it has not run yet the compliance level will be unknown. select our baseline and click on Evaluate to check our compliance After it has run (it is quick) you'll see that we are compliant. go ahead and click on View Report to see a report of what it has just done and scroll down to see more details of what the previous value was and what it was remediated to and of course you can browse to the homepage in Internet Explorer to see that our Configuration Baseline is working, it is ! Job Done !. Troubleshooting You can review the following log files on the client to troubleshoot configuration baseline application and remediation issues. CIAgent.log Records details about the process of remediation and compliance for compliance settings, software updates, and application management. CITaskManager.log Records information about configuration item task scheduling DCMAgent.log Records high-level information about the evaluation, conflict reporting, and remediation of configuration items and applications DCMReporting.log Records information about reporting policy platform results into state messages for configuration items DcmWmiProvider.log Records information about reading configuration item synclets from Windows Management Instrumentation (WMI). You can also review built in Compliance and Settings Management reports to get details of compliance levels in your organization You can drill down into those reports once the state messages have been processed Or you can check the compliance level from the Deployments node in Monitoring, or via the Configuration Baseline itself by selecting the Deployments tab, you will see the compliance level, you can run a summarization to get up to date results or click on View status to get more information about the deployment and check the Error, Non-Compliant or Unknown tabs for details of why they are not compliant that's all for now folks so until next time, cheers niall. Summary Compliance Settings in Configuration Manager 2012 SP1 gives you power to enforce standards across your organization, all via the configuration manager client. In addition you can report on that compliance on the client computer itself, on your Configuration Manager reporting services servers or in the Configuration Manager console. With Configuration Manager 2012 SP1 you now have additional powershell cmdlets to do most of the actions required to successfully create, manage and deploy your baselines, so what are you waiting for, get compliant ! Recommended reading Compliance Settings in Configuration Manager - http://technet.microsoft.com/en-us/library/gg681958.aspx Introduction to Compliance Settings in Configuration Manager Planning for Compliance Settings in Configuration Manager Configuring Compliance Settings in Configuration Manager Operations and Maintenance for Compliance Settings in Configuration Manager Security and Privacy for Compliance Settings in Configuration Manager Technical Reference for Compliance Settings in Configuration Manager Log files for Compliance Settings List of PowerShell CMDlets for System Center 2012 Configuration Manager SP1 Security Compliance Manager 3.0 - http://www.microsoft.com/en-us/download/details.aspx?id=16776

not currently it's not, if you want to start another task sequence from within one you are running you'd have to add the computer to a collection that is targetted with another task sequence.

you can use MDT integration to add the roles and features OR or use DISM commands (or powershell), in the example below I'm building a Windows 8 task sequence with the .NET 3.5 feature added via DISM, you can use this method to add roles and features for Server 2008R2 also. http://www.windows-noob.com/forums/index.php?/topic/7945-using-system-center-2012-configuration-manager-part-12-connecting-powershell-and-building-a-reference-image-of-windows-8-with-net-35/

i don't recommend that you configure WSUS in any way on the Configmgr server, configuration manager's SUP role will take control of WSUS and that's all that needs to be done. Does that make sense ?

what does your c:\windows\debug\netsetup.log file tell you ?

make sure that those esx boxes don't share the same storage otherwise it's a waste of time...

i would definetly use a new SQL server, I would also host that SQL server on the same server as Configuration Manager 2012, during setup you can specify an instance or use the default

no one going ?

just follow the instructions, import the task sequence by pointing to the zip.

I've just watched a video from Jens Harris (part of the windows team) showing some of the new features in Windows 8.1, rather than explain what those features are, have a look at the video yourself, i'm looking forward to downloading this preview edition of Windows 8.1 at the end of June. Jensen Harris from the Windows Team shows some highlights of what to expect in Windows 8.1 coming later this year as a free update for Windows 8 customers. http://bit.ly/10OM2Th via >

locate the smspxe.log on your server hosting the pxe role on the dp, and search for the MAC address of the computer that you are pxe booting, does it reveal anything for yo

are you using a previously captured image or installing a new image of windows 7 in this case ?

you can continue using the old wsus server by until Configuration Managers new WSUS server is set up and running, once done remove any gpo's pointing to the old WSUS infrastructure and retire it. Configuration Manager will set local gpo's pointing to the SUP (which is the software update point role hosting wsus...)

i agree, i think windows 8 works great as it is i see no need for adding anything 'back' to it, I saw a HP laptop today running windows 8 with a 'classic start menu' app to simulate the old windows 7 start menu, i mean, why bother !!!

Today at TechEd North America in New Orleans, Microsoft announced several new features available in Windows 8.1 that deliver benefits for business customers. B.Y.O.D (Bring Your Own Device) Enhancements Workplace Join – A Windows 8 PC was either domain joined or not. If it was a member of the domain, the user could access corporate resources (if permissioned) and IT could control the PC through group policy and other mechanisms. This feature allows a middle ground between all or nothing access, allowing a user to work on the device of their choice and still have access to corporate resources. With Workplace Join, IT administrators now have the ability to offer finer-grained control to corporate resources. If a user registers their device, IT can grant some access while still enforcing some governance parameters on the device to ensure the security of corporate assets. Work Folders - Work Folders allows a user to sync data to their device from their user folder located in the corporation’s data center. Files created locally will sync back to the file server in the corporate environment. This syncing is natively integrated into the file system. Note, this all happens outside the firewall client sync support. Previously, Windows 8 devices needed to be domain joined (or required domain credentials) for access to file shares. Syncing could be done with 3rd party folder replication apps. With Work Folders, Users can keep local copies of their work files on their devices, with automatic synchronization to your data center, and for access from other devices. IT can enforce Dynamic Access Control policies on the Work Folder Sync Share (including automated Rights Management) and require Workplace Join to be in place. Open MDM- While many organizations have investments with System Center and will continue to leverage these investments we also know that many organizations want to manage certain classes of devices, like tablets and BYOD devices, as mobile devices. With Windows 8.1, you can use an OMA-DM API agent to allow management of Windows 8.1 devices with mobile device management products, like Mobile Iron or Air Watch . NFC tap-to-pair printing – Tap your Windows 8.1 device against an NFC-enabled printer and you’re all set to print without hunting on your network for the correct printer. You also don’t need to buy new printers to take advantage of this; you can simply put an NFC tag on your existing printers to enable this functionality. Wi-Fi Direct printing – Connect to Wi-Fi Direct printers without adding additional drivers or software on your Windows 8.1 device, forming a peer-to-peer network between your device and any Wi-Fi enabled printer. Native Miracast wireless display – Present your work wirelessly with no connection cords or dongles needed; just pair with project to a Miracast-enabled projector through Bluetooth or NFC and Miracast will use Wi-Fi to let you project wire-free. Mobile Device Management - When a user enrolls their device, they are joining the device to the Windows Intune management service. They get access to the Company Portal which provides a consistent experience for access to their applications, data and to manage their own devices. This allows a deeper management experience with existing tools like Windows Intune. IT administrators now have more comprehensive policy management for Windows RT devices, and can manage Windows 8.1 PCs as mobile devices without having to deploy a full management client. Web Application Proxy - The Web Application Proxy is a new role service in the Windows Server Remote Access role. It provides the ability to publish access to corporate resources, and enforce multi-factor authentication as well as apply conditional access policies to verify both the user’s identity and the device they are using resources, and enforce multi-factor authentication as well as verify the device being used before access is granted. RDS Enhancements - Enhanced VDI in Server 2012 R2 which delivers improvements in Management, Value, and User Experience. Session Shadowing allows Admins to view and remotely control active user sessions in an RDSH server. Disk dedupe and storage tiering allow for lower cost storage options. User experience for RemoteApps, network connectivity and multiple display support has been improved. Administrators can now easily support users with session desktops to provide helpdesk style support. Administrators now have even more flexible storage options to support a VDI environment without expensive SAN investments. End users will find RemoteApp behavior is more like local apps, and the experience in low-bandwidth is better, with faster reconnects and improved compression, and support for multiple monitors. Mobility Enhancements VPN - We have added support for a wider range of VPN clients in both Windows and Windows RT devices. We have also added the ability to have an app automatically trigger VPN connections. Mobile Broadband - At Windows 8 launch, the devices had embedded radios that were separate components within the devices. Windows 8.1 supports embedded wireless radio, which gives you increased power savings, longer battery life, also enables thinner form factors and lower cost devices. Broadband tethering – Turn your Windows 8.1 mobile broadband-enabled PC or tablet into a personal Wi-Fi hotspot, allowing other devices to connect and access the internet. Auto-triggered VPN –When you select an app or resource that needs access through the inbox VPN – like a company’s intranet site – Windows 8.1 will automatically prompt you to sign in with one click. This feature will be available with Microsoft and third-party inbox VPN clients. Security Enhancements Remote Business Data Removal - Corporations now have more control over corporate content which can be marked as corporate, encrypted, and then be wiped when the relationship between the corporation and user has ended. Corporate data can now be identified as corporate vs. user, encrypted, and wiped on command using EAS or EAS + OMA-DM protocol. This capability is requires implementation in the client application and in the server application (Mail + Exchange Server). The client application determines if the wipe simply makes the data inaccessible or actually deletes it. Improved Biometrics - All SKU’s will include end to end biometric capabilities that enable authenticating with your biometric identity anywhere in Windows (Windows sign-in, remote access, UAC, etc.). Windows 8.1 will be optimized for fingerprint based biometrics and will include a common fingerprint enrollment experience that will work with a variety of readers (touch, swipe). Modern readers are capacitive touch based rather than swipe and include liveliness detection that prevents spoofing (e.g.: silicon emulated fingerprints). Access to Windows Store Apps, functions within them, and certificate release can be gated based on verification of a user’s biometric identity. Pervasive Device Encryption - Device encryption previously found on Windows RT and Windows Phone 8 is now available in all editions of Windows. It is enabled out of the box and can be configured with additional BitLocker protection and management capability on Pro and Enterprise SKU. Consumer devices are automatically encrypted and protected when using a Microsoft account. Data on any Windows connected standby device is automatically protected (encrypted) with device encryption. Organizations that need to manage encryption can easily take add additional BitLocker protection options and manageability to these devices. Improved Internet Explorer - Internet Explorer 11 improvements include faster page load times, side-by-side browsing of your sites, enhanced pinned site notifications, and app settings like favorites, tabs and settings sync across all your Windows 8.1 PCs. Internet Explorer 11 also now includes capability that enables an antimalware solution to scan the input for a binary extension before it’s passed onto the extension for execution. Malware Resistance –Windows Defender, Microsoft’s free antivirus solution in Windows 8, will include network behavior monitoring to help detect and stop the execution of known and unknown malware. Internet Explorer will scan binary extensions (e.g. ActiveX) using the antimalware solution before potentially harmful code is executed. Assigned Access- With Assigned Access, a new feature offered in Windows 8.1 RT, Windows 8.1 Pro and Windows 8.1 Enterprise, you can enable a single Windows Store application experience on the device. This can be things like a learning application for kids in an educational setting or a Customer Service application at a boutique, Assigned Access can ensure the device is delivering the intended experience. In our Windows Embedded 8.1 Industry product, we deliver additional lockdown capabilities to meet the needs of Industry devices like Point of Sale Systems, ATMs, and Digital Signs. Modern UI experience Variable, continuous size of snap views - You have more ways to see multiple apps on the screen at once. You can resize apps to nearly infinite sized windows, share the screen between two apps, or have up to three apps on each monitor depending on resolution. Boot to Desktop - we have made configuration options available which will allow you to boot directly to the desktop in Windows 8.1. Desktop and Start screen – Improvements have been made to better support users who prefer a mouse and keyboard experience to access applications. For more of the UI features, check out Antoine’s post, “ Continuing the Windows 8 vision with 8.1”. These are just some of the key features available in Windows 8.1 for business customers and IT Pros. We encourage you to test out and try these features when you evaluate Windows 8.1 for use both in your work environment as well as at home in your personal life. Please note that Server 2012 R2 may be required in order for some of these features to be available. We will continue to update this list when the Windows 8.1 Preview is released, and again when Windows 8.1 becomes available to the general public. For the latest list of new and updated features for enterprises and IT professionals, please bookmark the permanent location of this article, “What’s New in Windows 8.1,” on the Windows 8 TechCenter. via > http://blogs.windows.com/windows/b/springboard/archive/2013/06/03/what-s-new-for-the-enterprise-in-windows-8-1.aspx

why are you separating SQL in the first place ? I would use SQL locally for the WSUS database for performance and scalability reasons.

hi guys, if any of you are going I hope we can meet at the event, I'll be present at the ATE center for System Center 2012 Configuration Manager so are you going to this event in Madrid, Spain or not ? cheers niall

are you sure the smspxe.log is the correct one ? if you restart the windows deployment services service does the log update ?

part 5 covers installing the configuration manager client in an easy, supported, best practice method and it's fully automated, unlike Right Click tools which not every customer will be willing to install on their Configuration Manager servers

if you are not building a reference image (that is what this post is about) then please raise a NEW topic explaining your issue, what you've tried and how you are trying it, thanks. this post is all about building a reference image of Windows 8 .... reference images should be built on virtual machines to keep them clean of drivers.

Paul Thurrot can now confirm that most of the rumored coming changes to the Start experience in Windows 8.1 “Blue” are correct. And he's got a few screenshots to help demonstrate how these changes are implemented. First up, please be sure to read Coming in Blue: Boot to Desktop, Start Button, and More. In that post, he describes a set of very credible rumors about some of the changes that Microsoft is making to the Windows 8.1 update. Since posting that, he has been able to confirm a number of the details that Mary Jo Foley initially revealed. Start buttonIt’s back, baby. And if you are familiar with how Start 8 looks and works, this will look awfully familiar. Here, confirmed for the first time, is the Windows 8.1 Start button. Note: Because you will ask: No, this wallpaper is not part of Windows 8.1. And here’s a new detail that was hinted at in Mary Jo’s post: When you hover over Start button, the button changes color, with a black background and the accent color used on the flag logo. Yes, it looks exactly like the Start Charm, with similar animations. And when you activate the Switcher app switching utility, the Start button will appear at the bottom as the Start tip does today, and has Start text in the box, as it does now. Finally, in the Milestone Preview (MP) build of Windows 8.1, at least, there is no way to turn off the Start button. That could change. Desktop wallpaper on the Start screenAs Mary Jo reported, you’ll be able to use your desktop wallpaper as the Start background too. It looks like so: However, this is off by default and needs to be enabled. More as it comes in, though Boot to desktopYep, it’s in there. And it’s off by default. Enjoy! via > http://m.winsupersite.com/windows-8/blue-start-experience-changes

pretty much, you could create folders for the Groups above and then have collections for those corresponding groups contained within.