Pages

Thursday, 14 June 2012

Differences between Windows To Go and Typical Windows Installation


Windows To Go operates just like any other installation of Windows with a few exceptions. These exceptions are:
  • Hibernate and sleep are disabled by default. To help prevent Windows To Go from accidental data corruption during roaming hibernate and sleep are disabled. They can be re-enabled by using Group Policy settings.
  • Internal disks are offline. To ensure data isn’t accidentally disclosed, internal hard disks on the host computer are offline by default when booted into a Windows To Go. Similarly if a Windows To Go drive is inserted into a running system the Windows To Go drive will not be listed in Windows Explorer.
  • Trusted Platform Module (TPM) isn’t used. When using BitLocker Drive Encryption a pre-operating system boot password will be used for security rather than the TPM since the TPM is tied to a specific computer and Windows To Go drives will move between computers.
  • Windows Recovery Environment isn’t available. In the rare case that you need to recover your Windows To Go drive, you should re-image it with a fresh image of Windows.
  • Push Button Reset isn’t available. Resetting to the manufacturer’s standard for the computer doesn’t really apply when running Windows To Go, so the feature was disabled.
Posted by at No comments:
Labels:

Windows To Go


Windows To Go is a feature in Windows 8 Enterprise that allows Windows 8 Enterprise to boot and run from USB mass storage devices such as flash drives and external hard drives. It is a fully manageable corporate Windows 8 environment.
It is intended to allow enterprise administrators to provide users with an imaged version of Windows 8 that reflects the corporate desktop and as such is aimed at enterprises. 
Posted by at No comments:
Labels: , , ,

Saturday, 9 June 2012

Windows Firewall Settings for Configuration Manager Clients

The following sections list the features of Configuration Manager 2007 which require exceptions to be made on the Windows Firewall and provide a procedure for configuring these exceptions.
Modifying the Ports and Programs Permitted by Windows Firewall
To modify the ports and programs permitted by Windows Firewall:
  1. On the computer running Windows Firewall, open Control Panel.
  2. Right-click Windows Firewall and click Open.
  3. On the Exceptions tab of the Windows Firewall Settings dialog box, select enable any required exceptions in the list box, or Click Add Program or Add Port to create custom programs or ports
Programs and Ports Required by Configuration Manager 2007
The following Configuration Manager 2007 features require exceptions to be made on the Windows Firewall:
Queries
If you are running the Configuration Manager console on a computer running Windows Firewall, queries will fail the first time they are run.
After failing to run the first time, the operating system displays a dialog box asking if you want to unblock statview.exe. If you unblock statview.exe, future queries will run without errors. You can also manually add statview.exe to the list of programs and services on the Exceptions tab of the Windows Firewall prior to running a query.
Client Push Installation
In order to successfully use client push to install the Configuration Manager 2007 client, you must add the following as exceptions to the Windows Firewall:
·         File and Printer Sharing 
·         Windows Management Instrumentation (WMI) 
Client Installation using Group Policy
In order to successfully use Group Policy to install the Configuration Manager 2007 client, you must add File and Printer Sharing as an exception to the Windows Firewall.
Client Requests
In order for client computers to communicate with Configuration Manager 2007 site systems, you must add the following as exceptions to the Windows Firewall:
TCP Port 80 (for HTTP communication)
TCP Port 443 (for HTTPS communication)
Network Access Protection
In order for client computers to successfully communicate with the system health validator point, you need to allow the following ports:
·         UDP 67 and UDP 68 for DHCP
·         TCP 80/443 for IPsec
Remote Control
In order to use the remote tools features of Configuration Manager 2007, you need to allow the following ports:
·         TCP port 2701
·         TCP port 2702
·         TCP port 135
Remote Assistance and Remote Desktop
To enable Remote Assistance to be initiated from the SMS Administrator console, add both the custom program helpsvc.exe and the custom port TCP 135 to the list of permitted programs and services in Windows Firewall on the client computer. Also, Windows Firewall must be configured to permit Remote Assistance and Remote Desktop. If a user initiates a request for Remote Assistance from that computer, Windows Firewall will automatically be configured to permit Remote Assistance and Remote Desktop.
Windows Event Viewer, Windows Performance Monitor and Windows Diagnostics
To enable Windows event viewer, Windows performance monitor and Windows diagnostics to be accessed from the Configuration Manager console, you must enable File and Printer Sharing as an exception on the Windows Firewall.
Posted by at No comments:

Comparing SMS 2003 , SCCM 2007 and SCCM 2012


Features
SMS2003
SCCM2007
SCCM 2012
Hardware & Software Inventory
ü
ü
ü
Automatic Client Health Remediation
ü
Software Distribution
ü
ü
ü
Computer based targeting
ü
ü
ü
User based targeting

ü*P
ü
State-based Application Distribution


ü
Self-service portal


ü
App-V Package Deployment

ü
ü
Xen-App Package Deployment

ü
Uninstallation via Software Center

ü
User-Device Affinity

ü
Distribution Point Groups

ü
Boundary Groups

ü
Application Revision History

ü
Content Management

ü
Software Updates
ITMU
Via WSUS
Via WSUS
3rd party application

ü
ü
Automatic Software Updates Deployment Rules


ü
Automatic clean-up of Superseded and Expired Updates


ü
Software Metering
ü
ü
ü
Collection-based Policies

ü
Remote Administration
Remote Tools
Remote Tools & Remote Desktop
Remote Tools + Ctrl-Alt-Del
Reporting
Basic
Basic & SQL Reporting
SQL Reporting Services
Administrator Console
ü
ü
ü
User-friendly ribbon

ü
Status reporting

ü*P
ü
Agent Managed
ü
ü
ü
Integrate with Active Directory
ü
ü
ü
Automatic Boundary Discovery

ü
Forest Discovery

ü
Discovery of Computers
ü
ü
ü
Operating System Deployment

ü
ü
Offline Servicing of OS Image

ü
Task Sequence

ü
ü
Maintenance Windows

ü
ü
Desired Configuration Management

ü
ü
Automatic Remediation of Configuration Drift

ü
Internet Based Client Management

ü
ü
Integration with Windows Server 2008 Network Access Protection

ü
ü
Intel vPro Intergration

ü SP1
ü
Role-based Access Control

ü
Power Management

ü R3
ü
User Power Management Opt-out

ü
Windows Mobile Device Management

ü
ü
Non-Windows Mobile Device Management


ü


Note: *P = Partial

Posted by at No comments:
Subscribe to: Comments (Atom)