Wednesday, August 15, 2018

This is it…

When it all started
Back then in November 2008 when I started this blog I never ever expected it to bring me so much. After all, that wasn’t the reason why I started to blog. All I wanted to do was to share my experiences with SCOM. Not to write about me, myself and I. No way!

I am honored
But as stated before, this blog brought me so much more. First the readers started coming in by numbers. The blog grew from one reader/visitor per month to 1.000+ per day! On top of it all Microsoft awarded me many times with the MVP award. On July the 1st 2018 I received the award for the 9th time! And last but not least, I got to know a bunch of special people, from all over the planet!

Back to the title of this posting
Sure, the title says it all. However, as I see it, it’s not the end but the start of a new challenge and journey. Since May 2018 I accepted a new role/position, as program manager for a full service IT training company in the Netherlands, Vijfhart IT-Opleidingen.

In that role I am responsible – with other colleagues – for the IT training offering of Vijfhart. My portfolio contains data center, infrastructure and (of course) Microsoft trainings. I must keep it up to date and – when required – aid in designing new trainings, material and the lot. Also I am partially responsible for the sales, acquisition and marketing.

In that role I learn tons of new stuff every day. Thankfully I work with highly experienced colleagues who learn me the tricks of this trade. Totally awesome. A big thanks for their time and patience with me .

Blogging? Yes! But for a NEW blog…
Sure, I’ll keep on blogging. However, the focus has shifted from IT technologies (Azure, OMS, SCOM & SCCM) to IT and education instead.

These topics don’t mix quite well with this blog. As such I’ve decided to stop this blog and start a new one, focused on IT, the cloud and how it influences how IT ‘is done’ and as such, changes the training and knowledge requirements for todays IT persona’s and those of tomorrow.

Result?
Yes this blog will be stopped. No more postings, nor will it be possible to leave a comment. After almost ten years it’s time to move on, to reinvent and challenge myself.

The new blog will be in Dutch, where sometimes the postings will refer to external blogs/publications written in English.

The name of the new blog is ITducatie. Translated in English, the combination of IT and education (educatie in Dutch).

THANK YOU!!!
I’ll refrain myself from mentioning names since I will most certainly forget quite a few of them. Since I don’t want to hurt anyone's feelings, I say to EVERYBODY: THANKS A LOT FOR EVERYTHING. MUCH OBLIGED!

Thank you for your time spent on this blog, for your comments, feedback, friendship and sharing of knowledge and experience.

I wish you all the best and most certainly, we’ll meet again!

Monday, April 23, 2018

SCOM 1801: Key Facts Webinar

As stated before, SCOM 1801 is really a new improved version of SCOM 2012R2/2016. Much has changed. So in order to know what exactly, one can read some (boring?) online documentation, OR one could join a webinar.

This webinar is titled Migrating to SCOM 1801, hosted by Savision and presented by Aditya Goda, Program Manager at Microsoft, and MVP Bob Cornelissen (“SCOM-Bob”). Topics covered:

  • HTML5 Dashboards
  • Linux Monitoring Improvements
  • Migration Planning and the new “Semi-Annual Channel Release” Model
  • New Service Map Integration
  • Updates and recommendations for third-party Management Packs
  • Live Maps Integration

And besides these topics, YOU can ask your SCOM 1801 related questions as well! So join this free(!) webinar in order to learn what’s new in SCOM 1801 and how to migrate to it.

Friday, April 13, 2018

Goodbye Project Honolulu, Hello Windows Admin Center

Yes, it was about to happen, sooner or later. The highly famous Project Honolulu would stop someday and be replaced by something more official, and yet a bit boring. Meaning, Project Honolulu does have a nice ring to it, or not?

Just imagine yourself there, right on the beach. Enjoying the sun, water and drinks with your loved ones, and in the mean time, managing your company’s servers, using Project Honolulu. Nice!

But back to reality. Project Honolulu is over and replaced by Windows Admin Center. Somehow it has a different ring to it, compared to the previous name…
Image result for sysadmin

But still, it’s what it is. Nicest thing is, Windows Admin Center is available at NO EXTRA COSTS! It can be used with valid licenses of Windows Server or Windows 10, since it’s licensed under the Windows Supplemental EULA.

Which is quite awesome!

Want to know more? Go here, read, download & install it.

Tuesday, April 10, 2018

Migrating To Azure? Avoid ‘Lift & Shift’. ‘Lift & Transform’ Is The Way To Go.

Azure is like a huge collection of Lego building blocks. You can do almost anything and everything with it. As such it’s very tempting for companies to move their current on-premise workloads as-is to the Azure cloud. Many times because it’s the way they always did their IT, so why change a winning team? Just rebuild your on-premise IT in the cloud and migrate. This is also called Lift & Shift migrations. Just do it and you’re in the cloud.

Sure, you can do it. And yes, it will work. But you know, even though you’re in the cloud now, you’re missing out on tons of advantages which the cloud has(had) to offer.

Why? Simply because you’re skipping the biggest parts of the cloud, titled PaaS and SaaS. Instead you’re using Azure as a pure and simple IaaS provider: Microsoft delivers the compute, networking, storage and virtualization layer and you’ll do the rest (from the Azure VMs and further).

However, multiple things happen in such a scenario:

  • Azure VMs don’t come cheap, especially when you require Azure VMs with lots of CPU, RAM and good IOPS;
  • Azure services, like MFA are easily integrated into other Azure services, especially when those services are SaaS based;
  • You’re Azure environment becomes a mere copy from your current on-premise data center. So why even bother going to the cloud?

Think SERVICES!!!
Now it’s time to retrace your steps. Think about WHY your company thought about going to the cloud. When it’s about lower IT costs, think again. When it’s because your company wants IT to become more agile, more capable and flexible, Azure is a valid solution.

But as stated before, Azure delivers way much more besides IaaS. Even better, many offerings are on PaaS or even SaaS level. And the integration between them is much better, compared to ‘good old’ IaaS.

In order to get the most out of Azure without paying too much, it’s much better to rethink your IT. Like:

  • Why does my company run those servers?
    • Not because I love the server OS…
    • Not because I love to maintain it…
  • Why does my company run those SQL/web/etc. servers?
    • Not because I love to install SQL/web/etc…
    • Not because I love to maintain SQL/web/etc…

Sooner (or later) you’ll start realizing that at the end of the day, your company runs all those servers in order to facilitate certain applications, or services even.

So why not splitting to those services (web, database and so on) and use them in Azure instead? Now you’re getting there, since the webservers, database servers and so on are hosted and maintained by Microsoft.

You’re only responsible for the workloads running on top of it, like the websites and databases. So no more IaaS for those workloads, but PaaS instead. Wh00t!!!

Take it even a step further. Aren’t there other services your company consumes which are offered like a SaaS solution already? Like Azure AD (mark my words, on-premise AD is ending), VSTS, Exchange-Online (or O365), MFA and so on?

Sure, these services can be tied into the on-premise equivalents as well. It requires additional resources and efforts, but it can be done. But before going there, try to connect it first to the Azure workloads only, and go from there.

Say hello to ‘Lift & Transform’
Yes, I know. This is a process which requires time. It can’t be done in a few weeks. But still, simply BEGIN with small (baby) steps. Take care first of the ‘low hanging fruit’, in this case the easy on-premise parts which are easy to ‘lift & transform’.

Learn. Adapt. Transform. Microsoft knows and recognizes the hybrid world. Meaning IT, mixed of on-premise workloads combined with cloud based ones.

But PLEASE, in order to get the most out of it, TRANSFORM your IT when migrating to the cloud. And no, not everything can be transformed. But let those be exceptions and not the default migration path to the cloud. Now the value proposition of the Azure cloud grows significantly for your company, thus greatly enhancing the added value of your IT assets.

Real life experiences
No, I am NOT talking theoretically here. I see this happening at my company’s customer base with an almost weekly frequency. People and organizations require coaching, support and positive discussions about how IT is done.

As soon as the cloud is involved, many people tend to think about it in the old way. Cloud is nothing but a BIG data center. Period. In real life however, the cloud means DIGITAL TRANSFORMATION.

For us consultants, the first and foremost challenge is to start to change their mindset: Think services! First with small steps. The moment they embrace it however, it’s me and my colleagues who are learning many new things/approaches instead.

For instance a huge insurance company who started on a small scale with their migration to the cloud, opting for ‘lift & transform’. The moment they got the ‘hang of it’ (they noticed the many advantages of this approach), they decided to move as much on-premise IT to the cloud.

They projected almost two years for it. Instead they finished it a year(!) before schedule! Now they’re looking at their on-premise IT (better, what’s left of it) in order to get it to the cloud as well, as far as allowed by law and regulations.

To me this is a splendid showcase of the real cloud power and the digital transformation. We’re living in a very exciting world today, with many mind blowing changes ahead!

OMS: Data Volume Cap

Microsoft has released a new feature in OMS. It enables companies to set a daily volume cap and limit the daily ingestion for your workspace. It helps companies to manage unexpected increases in their data volume from managed resources and stay within the limit. Or the feature can simply help companies to limit unplanned charges for their workspace.

This new OMS feature is deployed and available in all Azure regions.

Want to know more? Go here.

My two cents: This is a much awaited for feature, allowing a better adoption of OMS. As far as I am concerned their is still one showstopper, which are the total costs of it. When Microsoft solves that as well, OMS is going to sell big time…

Friday, March 23, 2018

What’s In a Name? System Center 2019 aka SCOM 18/19xy

A few days ago Microsoft launched the public preview of Windows Server 2019 (in order to download the preview version one has to join the Windows Insider program). The Windows Server Team posted an article about this public preview release on their blog, to be found here.

Besides a high level overview of what’s new in this product (expected GA date second half of 2018), the same article makes this quite interesting statement: ‘…Finally, Window Server customers using System Center will be excited to know that System Center 2019 is coming and will support Windows Server 2019…’

SCOM 2019 or 18/19xy?
Since SCOM is an integrated component of the whole System Center stack, SCOM will be updated as well. Looking at the new naming convention however, I seriously doubt whether SCOM will be branded SCOM 2019.

Instead I expect a name like SCOM 18/19xy, EG 1806/1810/1901, depending on the exact GA date of Windows Server 2019.

What’s in a name?
More interesting is however, what kind of release of System Center will support Windows Server 2019, meaning SAC (Semi-Annual Channel) or LTSC (Long Term Servicing Channel)?

And this is where it gets a bit unclear. On the first sight one would expect that it will be a SAC release, simply because that’s the very nature of the SAC release cycle, in cadence with the SAC release cycle of Windows Server. And as stated by Microsoft, only the SAC releases will support the newest features. Support of Windows Server 2019 can be looked upon as a new feature.

SAC only or LTSC ‘extension’ included?
However, with the Windows Server 2019 release being a LTSC one (as stated in this posting, second item of the Q&A), changes are that the System Center 2019 release might be a LTSC one as well. So for this moment it can go two ways.

But no matter what kind of release System Center 2019 will be, I would be amazed when the current 1801 LTSC release of SCOM wouldn’t be extended in any kind of way in order to support Windows Server 2019 as well.

So also from a System Center support perspective the GA release date of Windows Server 2019 will be exciting as well…

Tuesday, February 27, 2018

SCOM Reporting Done Right – Join Savision’s ‘SCOM Reporting Essentials’ Webinar

The 1st of March 4 PM CET Savision organizes an online session, all about SCOM Reporting. This webinar is hosted by ‘SCOM Bob’, fellow MVP Bob Cornelissen and Savision’s Support Manager, Chris Malay.

Many tips & tricks will be shared during this webinar, so you can take your SCOM Reporting skills to the next level. Topics to be covered are:

  • Overview of the most useful types of reports for different stakeholders
  • Tips and tricks to test your reports and make sure they work all the time
  • How to avoid empty reports and other common SCOM reporting issues
  • How to automate reports and receive them via email every month

On top of it all, Savision’s FREE(!) SLA Reports Management Pack will be demonstrated.

This MP allows you to create a complete SLA overview report of all your Service Level Objectives and to analyze why SLA expectations were not met by showing a list of the most common alerts that triggered the health state change of the Service Level Objective.

In another posting I’ll write about this MP in more detail.

Friday, February 23, 2018

Free Azure Training Resources

For some time already (here and here for instance) Microsoft offers free Azure training resources. Since a few days Microsoft has updated the content of some of those offers, whereas existing  resources are extended.

Here are the related links:

  1. Azure Training and Certification
    Develop Azure skills you need for your job and career. Explore free online learning resources, hands-on labs, in-depth training, or get your expertise recognized with great deals on Azure certification.

  2. Azure Essentials
    Watch, Learn, and Try. Jump start your Azure learning. With Azure Essentials, you can: Learn Azure technologies in under an hour, access free Pluralsight courses and Hands-on Demos, track your learning progress and master the skills you need for cloud roles.

  3. Hands on labs
    Acquire the cloud skills you need, at your own pace. Enjoy hands-on learning on your schedule with our free, Self-paced Labs, and keep your cloud knowledge fresh.

Even though I am not sure whether ‘only’ these trainings will deliver enough knowledge and experience in order to pass for an Azure exam, it sure is a good starting point. Later on you can follow additional trainings, whether based on the classic model (classroom), or modern variants, offered by many Microsoft Learning Partners.

None the less, there is no excuse anymore for not understanding Azure .

Thursday, February 22, 2018

Cross Post: SCOM 1801 Upgrade Pitfall With SCOM Reporting Instance

Got this one from the blog of Robert Bird, senior Premier Field Engineer for Microsoft UK. So all credits go to him.

When updating SCOM 2012 R2/2016 to SCOM 1801 you MUST install the SCOM Console (the UI, not the Web Console!!!) on the SSRS instance (the SCOM Reporting server) FIRST.

Otherwise the upgrade of the SCOM Reporting instance will fail. And installing the SCOM Console AFTERWARDS (when the first upgrade has failed) and rerunning the upgrade won’t do.

Go here for the original webposting.

Myth Busting: Windows Defender Sucks. !!!NOT!!!

Too many times I hear from people that they don’t want to use Windows Defender. Why? ‘…Because it’s bad and/or because it sucks…’ Duh! Time to bust that myth since the reality is quite different.

Before I take a deeper dive into it, let me show you this:
image
Source: https://www.av-test.org/en/antivirus/home-windows/manufacturer/microsoft/

And:
image
Source: https://chart.av-comparatives.org/chart1.php

As you can see, Windows Defender (version 4.12 specifically) performs very well. Moreover when you consider it’s FREE! Microsoft offers it for NOTHING, zip, nada! And still it delivers and performs! Awesome! And now let me tell you the WHY behind it all.

01 – Darwin’s Law also applies to Windows…
As AV-Test states: There are over 600 million adversaries for Windows! Yes, that’s HUGE! This could work out two ways: Either Windows as a platform ceases to be because of the overwhelming odds against it, OR it adapts, evolves and because of it, becomes stronger.

Since Windows is still around, it seems that the latter has happened! Not without any bumps, quircks and glitches. But still, when looking at ‘the latest & greatest’, Windows 10 I mean, this is true.

By cutting out the weak code, rewriting whole parts of the Windows stack and rethinking about how ‘to do stuff’ Windows has evolved BIG time.

02 – Security is a hard requirement
Microsoft can’t afford it anymore to depend on other vendors for the security of their own ecosystem. This ecosystem begins with your Windows based device and expands into the cloud.

Microsoft has stated some years ago ‘…to be all in…’. And this isn’t marketing mumbo jumbo. Even more with the new mantra ‘mobile and cloud first’, security has become paramount. Whole Microsoft’s future is in the cloud, where your Windows device is just one of the many entrypoints to those cloud based services.

As such, Azure and the entrypoints running Windows have to be safe!

03 – Security Centers, big data and machine learning
So Microsoft not only invests big time in new Azure regions (MEGA datacenters), but also in world wide coverage of security by rolling out security centers, collecting tons of data all about the latest threats. That data is crunched by their own Azure services (Machine Learning, Power BI and so on) in order to detect patterns and to predict the next probable attack vector.

This allows Microsoft to roll out definition files which contain the signatures/hashes of the latests threads. Because of it, Windows Defender grows in strenghth and usability.

04 – The circle
Because Windows Defender is FREE and many people use it on a daily basis, it has a huge install base. As such Windows Defender is the first line of defense against many virusses, worms, trojans and the lot. Much of this information is anonymized and send back to Microsoft’s security centers, allowing them to crunch that data as well.

Because of this information, the next generation of the Windows Defender antimalware client and related definition files becomes even better.

And no, don’t be afraid. Windows Defender won’t send out any other information without your explicit consent:
image

05 – Security begins by yourself!
But please know that security is also your OWN responsibility.You’re the starting point of it all. A good start is to run an up-to-date operating system. When it’s Windows based, go for Windows 10. Forget about the previous versions.

Endpoint Protection
This product/service is the enterprise equivalent of Windows Defender. There are two choices available, on-premise (SCEP, System Center Endpoint Protection) or the cloud based service, Microsoft Intune Endpoint Protection.

Both run the same engine and use the same definition files, providing the same level of protection as Windows Defender. On top it all, it delivers centralized management of the configuration, like the type of scans, exclusions, the responses when something is found and so on.

Recap
Gone are the days that Microsoft’s antivirus solution didn’t work properly. Instead it has grown up to a level where it competes with well known antivirus solutions from other vendors. Of course, per situation a certain solution works out better, like more advanced central management, remidiation and so on.

But still, Windows Defender delivers on what’s meant to do: protect your system(s) against all kind of threads, or as AV-Test states ‘adversaries’.

Next time I bump into someone stating Windows Defender ‘…isn’t good enough…’ I’ll send him/her the link to this posting first Smile



Monday, February 19, 2018

Project Honolulu: No SCOM/OMS Replacement

For some time now there is a preview version of Microsoft Project Honolulu available. This is a new web based platform for locally or remotely managing Windows based systems. As such it also delivers a set of tools, providing a ‘one-stop-shop’ for the admins.

Best part of it all is that there is NO Azure connection required. Instead you only install it locally on a server (Windows Server version 1709 or Windows Server 2016) in ‘Gateway Mode’. It can also be installed on Windows 10 in ‘Desktop Mode’. Good to know as well: The web application created by Project Honolulu DOESN’T work with IE! Instead use Google Chrome or Edge.

Project Honolulu supports management of Windows Server version 1709, Windows Server 2016, Windows Server 2012 R2 and Windows Server 2012.
 image

Even though there is a lot more to tell about Project Honolulu, I won’t do that. Why? Fellow MVPs Charbel Nemnom and Thomas Maurer  already posted some very good articles about it, so there is no need to repeat it here. Just read their postings when you want to know more about it. Kudo’s to the both of them.

Is Project Honolulu the new on-premise SCOM/OMS?
Therefore I wrote this posting, in order to ask that question. Because I got some feedback out of the field, like: ‘Why use SCOM/OMS if there is Project Honolulu on the horizon?’.

A valid question which needs a good answer.

First let me start with the statement made by Microsoft itself: ‘…It is complementary to System Center and Operations Management Suite, and is not intended to replace these products and services…’.

On the same webpage is also stated what Honolulu is aimed at: ‘…Honolulu is a locally deployed, browser-based, management tool set that enables on-premises administration of Windows Servers with no Azure or cloud dependency. Honolulu gives IT Admins full control over all aspects of their Server infrastructure, and is particularly useful for management on private networks that are not connected to the Internet…’.

IMHO, the real strength of Honolulu is that it enables fast and remote management of Windows Server 2016 Core installations. Until now many organizations refrain from installing core because of the additional administrative burden it creates. However, when Project Honolulu play out as intended, those additional administrative burdens may be a thing of the past.

Honolulu + SCOM/OMS
As you can see, Honolulu isn’t meant at all as a SCOM/OMS replacement. SCOM delivers the monitoring, OMS the analytics with ‘some’ workload specific monitoring (minus Set & Forget alerting!) whereas Honolulu enables the one-stop-shop for the management of the servers running the monitored workloads.

My own Honolulu experiences
I’ve played a bit with it. Not really tested it yet. None the less, it’s impressive how easy and fast it’s installed (in the matter of minutes). In production it will take a bit more time because a real certificate is the way to go, and perhaps some high availability as well. Still, the installation can be done within a few hours, which is quite an achievement for Microsoft Smile.

The web application is pretty fast. Good responses and many possibilities. I can imagine with this tool that it becomes the general management point for on-premise Windows servers.

Also the possibility to manage specialized workloads (see screenshot below), makes the platform even more powerful:
image

None the less, there are some features I would like to see
Like:

  1. Central repository
    One (the Honolulu admin) could add servers as required and everyone (with the right permissions) would see them as well;
  2. RBAC
    Within Honolulu additional permissions can be set, like what servers to manage and to what level, or better what tools are to be used for a specific kind of role;
  3. Categories
    Now one can only add an ‘endless’ list of servers. Why not categorize them per application/workload and so on? Enables a smarter RBAC as well when those categories are RBAC ‘sensitive’;
  4. Auditing
    Today, auditing is a hard requirement. So every action should be enabled for logging, based on  the company’s requirements;
  5. SCOM widget, Management Pack with additional tasks
    Why not publish the Honolulu web app in the SCOM Console? And while they’re at it, add some smart SCOM tasks to launch as well when a certain issue arises.

Just test drive Project Honolulu yourself and feel free to share your own experiences.

Tuesday, February 13, 2018

Friday, February 9, 2018

My SCOM 2012 R2 UR#14 To SCOM 1801 Upgrade Experiences In Ten Steps

Since Microsoft allows customers to upgrade from SCOM 2012 R2 UR#14 to SCOM 1801, I decided to test drive it. Therefore I rolled out a single Windows Server 2012 R2 VM with SQL Server 2012 SP3 installed and SCOM 2012 R2 UR#14.

So this posting is all about upgrading that SCOM 2012 R2 UR#14 instance to SCOM 1801.

Before I start, please know:

  1. I am NOT responsible for the success/failure of your upgrades in any kind of way;
  2. This upgrade is based on a SINGLE VM only. In production environments your SCOM Management Group is spread among multiple servers. As such, the upgrade in real life might be a bit more challenging.
  3. Sure, the upgrade of your environment can be done, but like always: PREPARE and follow all Microsoft’s advice on this topic. There are pre-upgrade tasks to do and post upgrade tasks. Do them or loose your SCOM environment.
  4. When you want me to be responsible for the upgrade of your SCOM environments: HIRE ME! Smile

!!!RTFM & PREPARE!!!
Before you start ANY upgrade, always READ, READ and READ. Same goes for the upgrade from SCOM 2012 R2 to SCOM 1801.
Image result for rtfm

Gladly Microsoft has provided a lot of good and solid information about upgrading to SCOM 1801, to be found here.

Prepare yourself by:

  • Reading everything at least ONCE without touching anything of your current SCOM environments;
  • Ascertain that you understand every step of the upgrade process. When you don’t, find it out;
  • Know about the Pre-upgrade tasks and the Post-upgrade tasks. And FOLLOW them! There is no successful upgrade possible without following these tasks;
  • Also, ascertain that your current SCOM environment meets all the requirements of SCOM 1801. I am talking about the underlying OS, the SQL server edition AND the current Update Rollup (UR) level of your current SCOM environment (SCOM 2012 R2: Apply UR#14, SCOM 2016: Apply UR#4);
  • Make valid BACKUPS of your current SCOM Management Group, that way there is way back when the upgrade goes bad on you;
  • Take your time for it. Allocate enough time for the upgrade. Don’t do in the last hours of dull afternoon for instance;
  • Follow your company’s RFC procedures (cover your ass!).

When you adhere to all of the above, there is a change the upgrade will go well Smile.

My SCOM 2012 R2 UR#14 Management Group
As stated before, it’s a single VM, with an AD DC for forest OM1801.local. The FQDN of the VM is om1801.local. It runs SQL Server 2012 SP3 ENU, x64 Standard edition.

It runs SCOM 2012 R2 UR#14:
image

There are no SCOM Agents rolled-out and only the Windows Server OS MP is imported. No additional configuration has been done.

The VM itself runs Windows Server 2012 R2 with the latest (security) updates applied.

As stated by the SCOM 1801 requirements, this environment (SCOM, Server OS, SQL version) is one on one upgradable to SCOM 1801:
image

And:
image
As you can see, I must download and install Microsoft Report Viewer 2015 Runtime before I run the upgrade, otherwise the upgrade won’t be successful. And YES, the prereq for that component has to be installed before, Microsoft CLR Types for SQL Server 2014.
image

.NET Framework is okay as well (SCOM Console & SCOM Web Console):
image

And last but not least, SQL is okay as well:
image

01. The upgrade – Pre-upgrade Tasks
First I go through the list of pre-upgrade tasks and perform every required step. Also I install the SCOM 1801 Console prereqs (Microsoft Report Viewer 2015 Runtime and Microsoft CLR Types for SQL Server 2014)

When not sure, just perform the step as described. Better to be safe then sorry…

02. The upgrade – The upgrade itself
Since I run a single server SCOM environment, I use this procedure.

Normally in production and so on, you’ll run a SCOM environment built upon multiple SCOM servers, aka a distributed SCOM Management Group. In that case, you follow this procedure.

Before I start the upgrade, one final health check of the SCOM 2012 R2 UR#14 MG:
image
Yes, all is okay. Let’s start!

  1. I execute SCOM_1801_EN.exe. It unpacks all installation files to a folder of your choice;
  2. Then I execute (with elevated permissions) Setup.exe, located in previous chosen folder. Please run this with an account which has SQL SA, SCOM Admin and local admin permissions.
  3. Select the option Download the latest updates to the setup program when the server is connected to the internet. This will update the setup program. Click Install.
    image
    image
  4. After the setup program is updated it will be automatically restarted. Soon the installer will detect the presence of the SCOM MG, SCOM 2012 R2 UR#14 in this case. As a result it will automatically flip over to the upgrade screen:
    image
    > Next;
  5. Accept the EULA > Next > select the installation location > Next > configure the SCOM account (Data Access) > Next. Soon the Ready to Upgrade screen will be shown:
    image
    Check and double check! When all is okay, click Upgrade.
  6. The upgrade will run now for some time.
    image
    Don’t panic when the Management Server has a yellow triangle with a exclamation mark in it. It tells SCOM 1801 is in eval mode > Close.
  7. Now it’s time to run the post-upgrade tasks. When done, time to test it!
  8. Start the SCOM Console and check the properties:
    image
  9. A new feature is the GUI driven license activation. Click Activate and enter the Product Key > Continue:
    image
    Accept the EULA > Accept:
    image
    The product is successfully activated.
    image
    It’s better to restart the whole server though. Now SCOM 1801 is in retail mode:
    image
  10. Time to start the revamped SCOM FULLY(!) HTML 5 based Web Console:
    image

Recap
Back in the days before SCOM 1801 came to be, only N-1 upgrade scenarios were supported. Meaning, N being the ‘latest and greatest’, in this case SCOM 1801 and N-1 being the previous version, SCOM 2016. However, SCOM 1801 now also supports an upgrade from SCOM 2012 R2 UR#14, being N-2.

One could say Microsoft is really friendly and takes care of it’s customers. Being true as it may, IMHO there is something else at play here.

As I already stated before, SCOM 2016 RTM didn’t feel to me as a real upgrade, more like a service pack for SCOM 2012 R2 with boiler plate replacement included. As a result, SCOM 1801 supports the upgrade from SCOM 2012 R2.

Which is quite nice. Because many times I really didn’t see the reason to upgrade to SCOM 2016 besides the obvious support statement since SCOM 2012 R2 Mainstream Support End Date is set on the 11th of July 2017.

However, with SCOM 1801, the new release cadence (I strongly advise to go for SAC: Semi-Annual Channel Release), SCOM is (temporarily) revived. And the upgrade path is acceptable.

Also SCOM 1801 brings new stuff to bear, like better performance and (finally!!!) the so long awaited and anticipated HTML 5 Web Console. No more SilverLight!!!

Still, when looking at the future and SCOM, I still think these two don’t go well together anymore, as I already stated here (read the section at the end of the posting with the header Verdict of SCOM).

None the less, SCOM 1801 looks like a REAL upgrade to me, so when you’re running SCOM 2012 R2, it’s time to apply UR#14, update your licenses and upgrade to SCOM 1801 with SAC.



SCOM 1801 Is RTM!!!

Finally OM/SCOM 1801 is RTM!!!

Go here for the documentation, here for the download (eval) and here for Microsoft’s blog posting about this new release.

What’s new?

  • Improved HTML5 dashboard experience
  • Enhanced SDK performance
  • Service Map integration
  • Updates and recommendations for third-party Management Packs
  • Linux Logfile monitoring enhancements
  • Linux Kerberos support
  • GUI support for entering SCOM License key
  • System Center Visual Studio Authoring Extension (VSAE) support for Visual Studio 2017

Meet SAC & LTSC
System Center 1801 is Microsoft’s first Semi-Annual Channel release. This way Microsoft is capable of delivering new capabilities at a faster cadence.

As a result, the attached support policy required a refresh. This has resulted in two different approaches:

  1. SAC: Semi-Annual Channel Release
    A: 18 months support policy for each new build;
    B: Consistent new updates
    C: All new features will be put into the SAC builds


  2. LTSC: Long Term Servicing Channel
    A: 5 years of Mainstream Support, followed by 5 additional years of extended support
    B: Release cadence at a much lower cadency
    C: Updates will be pushed out as Update Rollups, BUT NO FEATURES ADDED(!), fixes mostly.

As you can see, this is a significant change which makes System Center more dynamic.

Can I upgrade from SCOM 2012 R2 to SCOM 1801?
Before System Center 1801 became GA, Microsoft only supported N-1 upgrade paths. Where N is the ‘latest & greatest’, which is SCOM 1801. N-1 in this case is SCOM 2016.

BUT things have changed here as well since this official Microsoft webpage states:
image

So YES you can upgrade from SCOM 2012 R2 (with the latest UR applied!) to SCOM 1801!

Monday, February 5, 2018

Free Visio Stencil & Icon Sets: Made by The Community & Microsoft

For anyone working with Visio/PowerPoint and with Microsoft related technologies, there are two awesome Visio stencil & icon sets out there which are a MUST have.

  1. Community, made by Sandro Pereira (Microsoft Azure MVP)
    Read here more about this awesome (Azure and MUCH MORE!!!!) stencils pack. The same posting contains the link to Microsoft TechNet Gallery where you can download this pack for FREE(!).


  2. Microsoft Azure, Cloud and Enterprise Symbol / Icon Set
    The one made by Microsoft itself. Also FREE(!) and a MUST have. Available from Microsoft’s Download Center.

New MVA Course: Hybrid Cloud Workload Protection with Azure Security Center

Microsoft Virtual Academy (MVA) has made a new course available, titled: Hybrid Cloud Workload Protection with Azure Security Center.

This course offers an overview of Azure Security Center, including requirements, planning, onboarding, and troubleshooting.

Course overview:

  1. Getting Started with Azure Security Center
    Learn about the current threat landscape and how Azure Security Center can enhance your security posture.
  2. Workload Protection
    Learn how to onboard Azure Security Center and how to implement security policies and recommendations.
  3. Detecting and Responding to Threats
    Join us as we explore the detection capabilities and security alerts available with Azure Security Center.
  4. Incident Response
    Learn more about incident response in the hybrid cloud.
  5. Final Considerations
    Review additional resources and next steps to take.

I strongly advise this course for anyone working with Azure.

Thursday, February 1, 2018

Where Is SCOM 1801 (or SCOM 1711 RTM)?

Okay. It’s just the 1st of February, so we still have some time ‘left’. None the less, I hoped that SCOM 1801 (or SCOM 1711 RTM), successor of SCOM 2016, would become General Available in January 2018.

Already in 2017 a preview of SCOM 1711 was released, with these HUGE improvements (taken directly from this website):

  • Improved HTML console experience
    The Web console has been redesigned and is now a fully HTML-based console and no longer has a dependency on Silverlight. The monitoring tree and dashboards support the HTLM5 markup language.

  • Enhanced SDK Client performance
    We have introduced performance improvements in the Operations console that typically prevent the console from responding while a new management pack is being imported or deleted, or a configuration change to an MP is saved.

  • Updates and recommendations for third-party Management Packs
    In System Center 2016 we released the MP Updates and Recommendations feature which has been expanded now to include discovery and downloads of third-party management pack updates, based on feedback from customers.

  • Linux Kerberos support
    Operations Manager can now support Kerberos authentication wherever the WS-Management protocol is used by the management server to communicate with UNIX and Linux computers, providing greater security by no longer needing to enable basic authentication for Windows Remote Management (WinRM).

  • Service Map integration
    Service Map automatically discovers application components on Windows and Linux systems and maps the communication between services. It automatically builds a common reference map of dependencies across your servers, processes, and third-party services. Integration between Service Map and System Center Operations Manager allows you to automatically create distributed application diagrams in Operations Manager that are based on the dynamic dependency maps in Service Map.

All in all, impressive improvements. And therefore I seriously hoped to see SCOM 1801 or 1711 RTM to be released in January 2018. I do hope now that February 2018 will be the month where we’ll meet the successor of SCOM 2016.

The ‘signs’ are positive, because Microsoft’s website, all about SCOM, already contains a menu option for SCOM 1801, even though (for now?) it links to the SCOM 1711 pages:
image

As soon as SCOM 1801 comes out, I’ll post it on my blog. Also I’ll explore the upgrade paths and so on.

To be continued (soon I hope)….

Friday, January 12, 2018

Microsoft Azure Essentials

Yes, there is no way around it: Azure is here to stay. Even Microsoft’s on-premise products are being tied more and more into Azure. By this companies are enabled to get the best out of both worlds, without (too many) headaches.

However, Azure is in overdrive. New services are added on almost weekly basis where already existing ones are upgraded, renewed or extended in capabilities.

And as we all know, KNOWLEDGE & EXPERIENCE are key factors for good adoption of new technologies and services. Without people and companies will be hesitant to embrace ‘the new world’.

Already Microsoft has launched efforts in order to address the ‘knowledge & experience’ gap related to Azure. Their latest effort is branded Microsoft Azure Essentials and gives the participants FREE access to Azure services and TRAINING!
image

As the website states: ‘…You've arrived at the best place to get started with Azure and learn new skills. Whatever your level of expertise, Azure Essentials can help you take it further. Choose a topic and use the curated set of demo videos, hands-on labs, and product trials to learn about and try Azure at your own pace. Azure Essentials also offers multiple learning paths, Azure certification, and support. Best of all, we'll guide you every step of the way…’
image

You can sign up with a Microsoft account or with your LinkedIn account. Less then a minute you’re in and ready to start your personal training.

There are three pillars/angles here:

  1. Azure Essentials: Aimed at different competences, or area’s of expertise. Select the one (or more!) most suited for your personal situation and start learning by the three steps approach: Watch, Learn & Try.
    image


  2. Career Essentials: Here you can choose a career path, related to the Azure cloud. What is your next level? Data Scientist? IT Architect? Or Cloud IT Architect? Much to choose from, and when selected there are one or more options available, depending to the career path you’ve chosen: Explore, Learn & Do.
    image 
    image


  3. Webinars: Watch until you drop Smile. This allows you for a more in-depth dive of the Azure services/technologies you’re interested in.
    image

This new website is a great effort by Microsoft, enabling you to start your own Azure training today. From here you can decide for yourself what to learn, how and when. Don’t be surprised though when additional training and certification, outside the boundaries of this new effort, is required.

Wednesday, January 3, 2018

New UNLEASHED Book: Microsoft Hybrid Cloud Unleashed with Azure Stack and Azure 1st Edition

For me the UNLEASHED books are the best. Why? Because these books are not only written by the experts themselves who work on a daily basis with the technologies the related books are about, but the content is reviewed by other real life experts as well, most of the times lined up from the vendor delivering the related technologies/products/services. Every time the result is the same:

A book without any marketing mumbo jumbo (except the foreword that is Smile), packed with tons of real life scenario’s, tips & tricks and deep insights about how a certain technology/product/service really works. Many times the work force of the vendor of the related technologies/products/services use the same book as well, because it’s the only book where everything comes together.

So I am more than happy to announce that a new book of the UNLEASHED series is available: Microsoft Hybrid Cloud Unleashed with Azure Stack and Azure 1st Edition:

This book is written by fellow MVPs: Steve Buchanan, Kerrie Meyler,‎ Mark Scholman,‎ Jakob Gottlieb Svendsen, and Janaka Rangama.

On top of this already impressive line-up, Daniel Savage (Principal PM from the Azure Stack team) wrote the foreword and Marc van Eijk (Senior PM from the Azure CAT team) served as technical reviewer.

What to find in this book? Taken directly from the Amazon website:

Detailed information on how to:

  • Run a private/hybrid cloud on your hardware in your data center, using APIs and code identical to public Azure
  • Apply ITIL and DevOps lifecycles to your hybrid cloud implementation
  • Gain a deep understanding of Azure Stack architecture, components, and internals
  • Install and configure Azure Stack and master the Azure Stack Portal
  • Integrate and utilize infrastructure, core, and custom resource providers
  • Effectively provision, secure, and manage tenants
  • Manage, monitor, troubleshoot, and back up Azure Stack with CloudOps
  • Automate resource provisioning with PowerShell, the Azure CLI, templates, and Azure Stack’s API
  • Write your own Azure Resource Manager templates
  • Centrally automate cloud management and complex tasks connected to external systems
  • Develop customized, production-ready Azure Stack marketplace items

As you can see, this book is a MUST HAVE for anyone technically involved with Azure and Azure Stack.

Where do I get this awesome book?

  • Go here to the Amazon webpage
  • Go here to the Bol.com webpage (Dutch readers only).