GR8 Technology Conference Recap
June 19, 2012
Before I begin I’d like to give big thumbs up to Dave Johnson (GR8 Technology Conferences) who organized this event. I’ve been bored out of my skull at tech events before - this one kept things interesting with enough tracks for everyone to find something they want to know.
I’ll be recapping the tracks I attended, which is not a comprehensive review of the conference as a whole. It’s impossible to sit in all the tracks at once, so I focused on what I know as a SysAdmin - Windows Server and Client management.
What is Unified Communications? by Marty Parker / State of Communications & Lync Overview by Teo De Las Heras Gomez
A great way to start because I have to admit - I really had absolutely no idea what Microsoft Lync was going into this conference. I’m putting these two talks together in my recap as they were both at the beginning and paired nicely together. To me, Lync and “Unified communications” was some kind of instant-messaging-voicemail-collection-Facebook-clone kind of “thingy” in my mind, I really had no idea what it did or how one would use it.
Well, now I know.
As Marty described, Unified Communications is not simply “mashing services together.” This is exactly what I have to admit I thought it was before going into this. Unified Communications should be thought of as a collection of unique tailored use cases, using different technologies per use case to build communication into business processes.
In other words, it’s not one size fits all. You can’t just plop a Lync server down into your company, unleash the client on your end users, and say “figure it out.” As Teo would describe - that might work, in certain circumstances. Let’s not forget that you, Mr. IT Strategy guy, may not think of every possible way your employees or teams can use Lync to communicate.
But, tailoring Lync to work with your use cases will benefit all. Maybe your team doesn’t need real-time status, but just branch-to-branch communication voice calls, or maybe your sales guys just need to know where the heck everyone is. No organization will be the same, though I imagine there’s probably some models that a lot of folks would fall into.
Teo’s description on “The State of Communication Now” was a vivid example of how what we have now is such a horrible mash up of technologies, it’s a wonder we manage to talk to each other at all. Desk phone, cell phone, personal cell phone, voicemail (spread across all previously said phones), random chat clients.
When I need someone, I just want to reach them. I don’t care where they are. I want one single way I reach them, every time, and as a user of this technology I want people to be able to reach me wherever I am, on whatever device.
Sure, you can hack some of this functionality together with call forwarding on your companies PBX system, but it’s really not the same.
Statistic time - it is estimated that 43% of employees will be telecommuting in some fashion by 2016. If you’re a company that doesn’t allow telecommuting, I’d be worrying about now because you’re going to start losing your key talents as they find jobs elsewhere with more flexibility.
I was impressed with the desktop Lync client shown - Simple, easy to use, a global search that looks in your corporate and personal address books. Status (what I’m doing), and Presence (Where am I). Stateful, contextual instant messaging conversations allow you to pick right off where you were on Monday from Friday and remember what the heck you were talking about.
I might be drinking the Microsoft Kool-Aid, but I kind of want this where I work. Right now I’ve got to deal with my desk phone, iPhone, email, desk phone voicemail, iPhone voicemail, and I sometimes use the PBX forwarding to send my calls to home via an Obitalk adapter, which connects via Google voice/Chat, which makes it even more fun and complicated.
If I want to do a conference call/share a presentation I need to go to our WebEx site (never could get that Outlook plugin to work just right). For chat networks if I want to reach folks in one office they’re mostly on Skype, and the other office mostly on Yahoo. I don’t know everyone’s screen names, so I need to get someone to send me them, or email the person directly to ask for it. Some people refuse to even use IM.
Some folks are hard to pin down at their desks, some are always there. Some people like phone calls, some people never answer their phones.
WHEW! After listening to these guys talk, I can see the benefits of Unified Communication technologies!
Desktop Management in the Cloud with Windows InTune by Drew Slothower
Alright,so a disclaimer is in order here. I work for a leading Mobile Device Management company, so I’m a bit biased on this topic and cast a critical eye towards these products because I know them quite well.
With that said, Microsoft has some serious catching up to do in this arena. But, InTune does bring some interesting things to the table that I think makes it a good fit for some organizations. AV/Malware, Updates, Software Distribution, Remote Assistance, Monitoring/Alerting, inventory, Licensing, security policies, all in a cloud-based management model. Sounds good, Right?
How about Smartphones you ask? Just added in Wave 3 (releasing now). Well, kind of added. Smartphone/MDM (which Microsoft oddly refers to as “Modern” device management) support in Wave 3 is limited to what you can do through Microsoft ActiveSync protocol.
Ouch. So in other words, Microsoft isn’t offering up much here for MDM that you couldn’t have done say … 5 years ago with Exchange Server 2007 ActiveSync policies. ActiveSync offers basic MDM functionality at best. Though Microsoft will say “sure it works with your iPads and Android phones”, what they’re really saying here is: Yes, if your device talks ActiveSync we can sort of, kind of, manage it.
But surely, InTune must work with Windows Phone 7.5 nicely you say, right?
From the Windows Team Blog (http://windowsteamblog.com/windows/b/business/archive/2012/06/11/windows-intune-with-mobile-device-management-is-now-available.aspx)
· Automatically discover mobile devices that access corporate data through Microsoft Exchange Server. Mobile devices are automatically linked to users during the discovery process.
· Define mobile device access rules to govern which mobile devices can access Exchange Server.
· Let users access and install internal line-of-business software applications that you make available for their mobile devices.
· Deploy policies to users to help secure the corporate data that is stored on their mobile devices.
· Wipe data from lost or stolen mobile devices, or let users perform this task.
· Remove mobile devices from Windows InTune and Exchange Server, or let users perform this task.
I’m sorry guys, but this just doesn’t cut it. Need I remind you that Market Share as of Feb-12 for Windows Phone was 3.9%? Trust me, your customers and users aren’t all marching along happily with their Nokia Lumia’s. We’ve got iPhones, Androids and tablets, and we want to manage everything. For real.
Despite the beautiful looking Surface hardware recently announced, I’d place a small wager that the InTune guys are not in in tune with the Windows 8 team, and it may take a bit to get the full set of management features for Windows 8 Tablets in InTune.
But, fear not. I am told that InTune is really being pushed as “MDM Light”, and I got the impression that later down the road you’ll get the “full package” with InTune’s integration with System Center Configuration Manager (2012).
You do have SCCM, right? No? Better get on that, because it seems InTune is meant as the glue that brings the cloud together with your SCCM on premise solution.
Eventually, I think Microsoft will get there with this product, and integrate it nicely in a vertical fashion across their stack. But, the rest of you may want to look elsewhere for your cloud-based mobile device management needs at this time, especially if you don’t have SCCM setup or aren’t in love with it.
Managing your Applications and User State using Group Policy by Jeremy Moskowitz
Jeremy was a great speaker, fun to listen to, and I’ll definitely be checking out his site at GPAnswers.com. This session may of well have been titled “GPO kind of sucks some times, and PolicyPak can fix that.”
Specifically, Jeremy went into detail on the four “proper” locations in which your application must store data in the registry to be “Policy Aware” and fully function with Group Policy. Well, that must be pretty easy, you must think. All software must do that!
Adobe Acrobat? Fail. Sun Java? Fail. Mozilla Firefox? Fail. WinZip? Fail.
Yikes, how is the world getting this completely wrong? Also, why in the world is there an option in GPO to remove a setting when it no longer applies, but not revert it to default?! Open source developers take note as well: most of you are doing it wrong.
My GPO experience has been mostly limited to using it to manage servers, and I haven’t handled a large desktop management situation with it, but I know everything it can do. I also know that when the time comes, one of my first calls is going to be to these guys to get a license for PolicyPak. They’ve wrapped a number of these problematic third party applications around their product, allowing you to manage things that you should be able to manage in GPO, but normally can’t.
And additionally, you can manage some custom applications, including in-house developed software, by linking into and importing the DCOM model/interfaces from your apps directly into PolicyPak, enabling you to “GPO-enable” legacy apps that were never designed to be managed with GPO.
Pretty. Damn. Cool.
Windows Server 2012 Overview by Scott Stumpf
Ok, so I admit it. I’m an MCSA on Windows Server 2003. I’ve been neglecting upgrading my cert to 2008 for a long time now. Server 2008 just doesn’t really excite me.
Windows Server 2012 excites me.
And, it’s not just that Windows Server has been “metrofied” (hint: it has been). Microsoft seems to finally have taken a giant leap here to build a server solution that is going to scale well for the small business with 2 servers, the medium business with 20 servers, the large enterprise with 400, and the ability for all of these guys to leverage virtualized, or cloud infrastructures in one interface. Yes, please!
I’m also excited about the ability to use “commodity hardware” to build your own Hyper-V clusters. Finally, I can geek out and build a big giant Hyper-V lab at home, and get reasonably good performance with SMB 2.2 and Offloading Data Exchange, without being disappointed that I can’t afford $20k in SAN hardware. Hyper-V finally looks like it’s ready to take on VMware.
PowerShell is also featured in a huge way now in Windows Server 2012. An Integrated Shell Environment provides lots of useful contextual help, and will assist you in easing your way into generating PowerShell commands. The number of CmdLets in Server 2012 numbers around 2400 now, up from around 200 in Server 2008!
The interface for PowerShell ISE reminded me quite a bit of SciTE which was bundled with AutoIT that I used to make use of when automating software installations. I am looking forward to becoming more adept with PowerShell. But fear not, your old standby favorite MMC management consoles are still there if you don’t feel like tracking things down in the metrofied new Server Manager, or figuring out the PowerShell command for it.
I am definitely grabbing the Server 2012 preview ASAP off TechNet to learn it.
Best Practices - Windows 7 Virtualization by Tim Flite
The last time I had any exposure to Virtual Desktop Initiatives was a few years back when VMware was first introducing the whole idea to us. In the meantime, I’ve used Citrix as an end-user, briefly read about AppV, and read up on thin clients. VDI paired with Windows 7 (and 8) looks like a promising idea, but also seems to be intersecting in a weird way with the Bring your own Device (BYOD) movement.
When I think BYOD, I typically think of Smartphones and Tablets, as that’s where the movement has gotten started. But, soon it seems like we’re going to see BYOD starting to mean Bring Your Own Anything and just use it. Ultrabooks, Android Tablets, iPad, Smartphones, Windows Surface. VDI can, and does work with any of these technologies.
You can now, with the right backend infrastructure, seamlessly roam from Laptop, to Tablet, back to Laptop, all while your desktop infrastructure actually runs server-side somewhere in your companies data center.
Or maybe not in your companies data center. Can you imagine VDI consisting of Microsoft Cloud/Azure services running the desktops, managed by Windows InTune, delivered to devices that your company doesn’t even own? We’re not that far off from this, and I think it’s going to happen soon.
But, we’ve still got the MDM problem here. In some fashion, that device the user brings to your BYOD party is still going to need to managed and cleared for takeoff. Whether that is through Mobile NAC technologies, thin clients with stripped down operating systems of limited attack surface, will vary based on the devices chosen, and each company.
Microsoft’s future plans for Windows on the desktop, phone, tablets, and servers is starting to look very “cloud”-y.