Corey Hynes President Technical Lead HynesITe Inc Music by DreamensionN wwwdreamensionnet Windows Eventing Task Scheduler WSMAN Network Diagnostics Memory Diagnostics Reliability Monitor ID: 548723
Download Presentation The PPT/PDF document "Windows® 7 Manageability" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Windows® 7 Manageability
Corey HynesPresident, Technical LeadHynesITe, Inc
Music by
DreamensionN
www.dreamension.netSlide2
Windows Eventing
Task Scheduler
WS/MAN
Network Diagnostics
Memory DiagnosticsReliability MonitorStartup Repair Tool
Removable Storage ControlPower ManagementWindows FirewallMultiple Local GPOsADMX
Windows Vista® Manageability
Increased Automation
to Reduce Costs
Reduce Help Desk Calls and Keep Users Productive
Flexible Administrative ControlSlide3
Enterprise-scale
Scripting Engine
Scripting
Group Policy
Richer Support Tools
Customized TroubleshootingEnhanced Group Policy ScenariosGroup Policy
PreferencesWindows 7 Manageability
Increased Automation
to Reduce Costs
Reduce Help Desk Calls and Keep Users Productive
Flexible
Administrative ControlSlide4
Before Windows 7
Easier to Use
Built-in graphical editor/debugger
Easier to Extend
Develop CMDLETs via PowerShell
Able To Manage Across The EnterpriseRemotable 1:1 (interactive) and 1:manyPowerShell can respond when specific system events occur
Windows 7 Enhancements
Automate tasks easily with PowerShell
Learn scripting easier with graphical interface
Quickly configure settings or run tasks in real-time
Customer Value
Increase Automation
PowerShell In-Box
Windows Eventing integrated with Task Scheduler to provide automation based on events
No built-in scripted automation
Administrators needed to deploy PowerShell or use other complex scripting languages to automate common tasksSlide5
Windows PowerShell
Make windows the easiest platform for IT pros to implement unpredicted scenarios with the right level of qualitySlide6
State Of The Software
Phenomenal rate of adoptionOver 2.6 million downloads
Windows XP, Windows Vista, Windows Server® 2003,
and Windows Server 2008Adopted by Exchange, SQL Server®, SCOM, SCVMM, and SCDPMCEC 2009 requirementDozens of 3rd party tools, ISVs, and partnersStrong community engagement, 27 PowerShell MVPs
Shipped withWindows Server 2008Slide7
Mailbox Statistics
Database Management
Recipient Management
An Example of Increased IT Productivity
Set
listExchange_Mailboxs = GetObject("winmgmts:{
impersonationLevel
=impersonate}!\\COMPUTERNAME\ROOT\MicrosoftExchangeV2").InstancesOf
("Exchange_Mailbox")
For Each objExchange_Mailbox in listExchange_Mailboxs
WScript.echo "AssocContentCount =” +
objExchange_Mailbox.AssocContentCount
WScript.echo
"
DateDiscoveredAbsentInDS
=” +
objExchange_Mailbox.DateDiscoveredAbsentInDS
WScript.echo
"
DeletedMessageSizeExtended
=” +
objExchange_Mailbox
.
DeletedMessageSizeExtended
WScript.echo
"
LastLoggedOnUserAccount
=” +
objExchange_Mailbox
.
LastLoggedOnUserAccount
WScript.echo
"
LastLogoffTime
=” +
objExchange_Mailbox
.
LastLogoffTime
WScript.echo
"
LastLogonTime
=” +
objExchange_Mailbox
.
LastLogonTime
WScript.echo
"
LegacyDN
=” +
objExchange_Mailbox
.
LegacyDN
WScript.echo
"
MailboxDisplayName
=” +
objExchange_Mailbox
.
MailboxDisplayName
WScript.echo
"
MailboxGUID
=” + objExchange_Mailbox. MailboxGUID WScript.echo " ServerName =” + objExchange_Mailbox. ServerName WScript.echo " Size =” + objExchange_Mailbox. SizeWScript.echo " StorageGroupName =” + objExchange_Mailbox. StorageGroupName WScript.echo " StorageLimitInfo =” + objExchange_Mailbox. StorageLimitInfo WScript.echo " StoreName =” + objExchange_Mailbox. StoreName WScript.echo " TotalItems =” + objExchange_Mailbox. TotalItems Next
Dim objMailbox As CDOEXM.IMailboxStoreSet objMailbox = GetObject("LDAP://" + DCServer + "CN=FOO,CN=users," + DomainName)objMailbox.CreateMailbox "LDAP://" + DCServer + "/CN=Private MDB,CN=First Storage Group,CN=InformationStore,CN=" + Server + ",CN=Servers,CN=First Administrative Group, CN=Administrative Groups,CN=First Organization, CN=Microsoft Exchange,CN=Services, CN=Configuration," + DomainName
Dim StorGroup as New CDOEXM.StorageGroupStorGroup.DataSource.Open "LDAP://" + DCServer + "/ CN=First Storage Group,CN=InformationStore,CN=" + Server + ",CN=Servers,CN=First Administrative Group, CN=Administrative Groups,CN=First Organization, CN=Microsoft Exchange,CN=Services, CN=Configuration," + DomainName StorGroup.MoveLogFiles("C:\newlogPath", 0)
Get-MailboxStatistics –Server $servername
Move-StorageGroupPath -Identity “First Storage Group“ –Log "C:\newlogPath”
Enable-Mailbox -Identity domain\FOO –Database “First Storage Group\Private MDB”
Exchange 2003 (VBScript)
Exchange 2007 (PowerShell)
7Slide8
PowerShell V2 Themes
GUI over PowerShell
Command Line and GUI
GUI teaches command line
Standardizes access to managed elements
Production Scripting
Easy to use
Safe to operate
Easy to share and support
Universal Code Execution Model
In the foreground or background On one or more machinesIn restricted or unrestricted environments, using impersonation or supplied credentialsInitiated by user input or by events
Community Feedback
Enhance the language
Tweak the engine
Add and enhance CmdletsSlide9
Before Windows 7
Automate Group Policy Object Management
Execute Logon, Logoff, Startup, Shutdown scripts
Configuration of registry-based Group Policy settings
PowerShell Scripting of Group Policy
Frequent request for richer GP management
Reduces time and risk of error
Enables quicker and more efficient logon/startup scripting
Customer Value
Increase Automation
Scripting Group Policy GPMC had API to automate management of Group Policy Objects, but difficult for non-developers to useSlide10
Windows 7 Builds On Windows Vista Tools To Resolve Issues Quicker
Keep Users Productive
Richer support tools
Reliability Monitor
Reliability data is exposed via APIs for remote collection
Integration of Reliability Monitor and Problem Reports and Solutions to better correlate system changes and eventsResource MonitorSysInternals Process Explorer features integrated into Resource Monitor for clearer identification of process issuesWindows Recovery EnvironmentWindows Recovery Environment (WinRE) easily
deployed via normal setup on all PCs
Restore to OEM or IT image without data loss or reimage with recent system backupSystem Restore
Users will now be able to view the list of software changes before rolling their PC back Restore points will be available from system backups allowing users to roll-back to a point further back in timeProblem Steps RecorderUsers can record steps taken when an issue occurs, giving help desk screen shots and comments to help resolve issuesSlide11
Windows Vista Introduced Troubleshooting To Address Common Issues
In-box diagnostics based on PowerShell scripts for low-overhead,
flexible development
Authoring tools to create and package troubleshooting packages
Additional troubleshooting packages available on-demand from MS for users to browse and search, managed by Group Policy, delivered via web services
Run troubleshooting remotely Windows 7 Delivers a Comprehensive and Extensible Troubleshooting Platform
Automatically run maintenance tasks
Enable end-user to execute common troubleshooting tasks before calling Help Desk
Provide Help Desk with tools to quickly resolve issuesDiagnostics can grow in complexity as IT requires
Customer Value
Keep Users Productive Customized troubleshooting
Network Connectivity
Proactive Disk Protection
Memory AnalysisSlide12
How Troubleshooting Works
Set computer and software configuration to the user desired state
Determine what the user wants through the description
(e.g., cannot hear sound)
Compare each current configuration with a list of known good configurations
for sound (e.g., not muted, audible volume settings, …)
If there is a mismatch, set the current configuration to the good configuration
Verify existing state has been set to good state
User Or Application InitiatedUsers or application determines that a problem existsUser or application initiates troubleshooting
Troubleshooting verifies that components and component versions
support user desired stateDetermine the components of interest through the description(e.g., cannot see glass)Detect hardware is present (e.g., right video card for desired visual effects)
Detect drivers are present
If a component is missing troubleshooting can Inform the user to get the
right component
Proceed to configuration if right components are presentSlide13
Windows 7 Troubleshooting Implementation
Windows Troubleshooting is done via Troubleshooting Packs
Troubleshooting Packs are programs that
Determine if the right components are available
to get to the user desired state Set configuration to the user desired stateVerify the configuration is in the desired stateSlide14
Built-in Windows Troubleshooting Packs are discoverable
User detects a problem and initiates troubleshooting to fix the problem
Scheduled Troubleshooting detects a problem and informs the user to initiate troubleshooting
An application detects a problem and prompts the user to
initiate troubleshooting
User browsing Help sees a troubleshooter link relevant to his problem and clicks on itWindows Troubleshooting is user or application initiated
Windows 7 TroubleshootingUser Features
From Action Center – Categories, Sorted list view, Search
From Help – Help topics link to troubleshooting packsA standard and consistent GUI wizard with pre-defined set of interactionsSlide15
Manageable
Run interactively through command line
Execute silently, through an answer file
Local or Remote
Multiple Execution Methods
Can be published on a web site and downloaded to run
Can be stored on a share and run
Easily Deployed
Windows 7 TroubleshootingAdmin Features
Signed by certificate that chains up to trusted root
GP can limit which packs to run based on publisherSlide16
Windows Troubleshooting Platform
demoSlide17
Data Protection Scenarios
Configure OS, application options not “GP-enabled”
Provides flexibility for IT and end-users
Reduces costs of logon scripts
New scenarios
Power ManagementScheduled tasks
Group Policy PreferencesSimplify Configuration Management
Group Policy Enhancements
Application ManagementAuditingEncryption of Removable Storage DevicesSlide18
Desktop Auditing
Simplified configuration results in lower TCO
Demonstrate why a person has access to specific information
Understand why a person has been denied access to specific information
Track all changes made by specific people or groups
Enhanced AuditingGranular auditing complex to configure
Auditing access and privilege use for a group of users
Challenges
New XML based events
Fine grained support for audit of administrative privilegeSimplified filtering of “noise” to find the event you’re looking for
Tasks tied to events
Windows Vista
Windows 7Slide19
Windows 7 Solution
Application Control
Situation Today
Eliminate unwanted/unknown applications in your network
Enforce application standardization within your organization
Easily create and manage flexible rules using Group Policy
AppLocker
TM
Users can install and run non-standard applications
Even standard users can install some types of software
Unauthorized applications may:Introduce malware
Increase helpdesk calls
Reduce user productivity
Undermine compliance effortsSlide20
AppLocker
TM
Technical Details
Simple Rule Structure: Allow, Exception & Deny
Publisher Rules
Product Publisher, Name, Filename & Version
Multiple Policies
Executables, installers, scripts & DLLsRule creation tools & wizardAudit only modeAppLockerTM – EnterpriseLegacy SRP – Business & EnterpriseSlide21
Policy Versus Preference
POLICIES
Restrict users
from changing
Highest precedence
Specific registry locations
PREFERENCES
User may change
No need to be policy-aware
No tattooing!Slide22
Remote Access for Mobile Workers
Access Information Anywhere
Situation Today
Same experience
accessingcorporate resources inside and outside the officeSeamless connection increases productivity of mobile users
Easy to service mobile PCs and distribute updates and polices
DirectAccess
TM
Difficult for users to access corporate resources from outside the officeChallenging for IT to manage, update,
patch mobile PCs while disconnected from company network
Windows 7 SolutionSlide23
Enterprise-scale
Scripting Engine
Scripting
Group Policy
Richer Support Tools
Customized TroubleshootingEnhanced Group Policy ScenariosGroup Policy
PreferencesWindows 7 Manageability
Increased Automation
to Reduce Costs
Reduce Help Desk Calls and Keep Users Productive
Flexible
Administrative ControlSlide24
DirectAccess and Troubleshooting
demoSlide25
©
2008 Microsoft
Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.