|
Hey guys, so we're finally moving from Zenworks 11 to System Center Config Mgr 2012 SP1. Currently in a 5 day admin class. Good times or great times?  Can't wait though.
|
#
¿
Apr 3, 2013 01:48
|
|
|
|
| # ¿ Apr 28, 2024 23:29 |
|
|
You must have had a terrible class. This one is a beast. We start at 8:30am and we don't get done until 4:30. The book is something like 15 or 16 chapters and we're doing all of them, and every single lab. I'm not complaining by any means but my brain is fried. I've taken a ton of MS classes and this is one of the busiest. Today we spent a couple hours writing loving SQL queries and getting the reporting server stuff working.
|
|
#
¿
Apr 3, 2013 02:13
|
|
|
All we used Zenworks for is imaging, so this is all new. We never had system management software before and I've worked at this place for 10 years. Yeah. Luckily we have an outside resource coming in to install and configure it. I just have to learn how to admin it. *Just* Quick question though - do you recommend putting the agent on servers or only clients?
|
|
#
¿
Apr 3, 2013 02:38
|
|
|
Then you need a terminal server with cals, so your rep is correct. You won't all be able to log in under the same user name though.
|
|
#
¿
Apr 9, 2013 12:57
|
|
|
Someone can correct me if I'm wrong, but I don't think so. If someone tries to login under the same account, the other person would be kicked off.
|
|
#
¿
Apr 9, 2013 13:14
|
|
|
Is this custom software? Sounds like trying to get around licensing restrictions.
|
|
#
¿
Apr 9, 2013 14:57
|
|
|
Have you used 2012 before? The metro interface is so great. Sarcasm. The only problem you might run into is that Exchange 2003 does not support Windows Server 2012 DCs. http://clintboessen.blogspot.com/2013/01/exchange-2003-and-windows-server-2012.html
|
|
#
¿
Apr 16, 2013 16:47
|
|
|
I don't envy you upgrading Exchange 2003 to 2013.
|
|
#
¿
Apr 16, 2013 16:52
|
|
|
I need some Group Policy help. Ok so I have a GPO where the settings are here: But when I edit the GPO, I don't see that drill down:  What the hell?
|
|
#
¿
Apr 24, 2013 19:18
|
|
|
I'm running GPMC from a 2008 R2 domain controller.
|
|
#
¿
Apr 24, 2013 19:33
|
|
|
incoherent posted:Are you admining from a workstation with IE10 installed? To expand on dotalchemy you won't see it if you're on a Windows 8 machine or windows 7 with IE 10. Uninstall IE 10 and you'll be ok. gently caress, removing IE10 worked perfectly. Thank you so much.
|
|
#
¿
Apr 25, 2013 13:29
|
|
|
incoherent posted:And the mind reels WHY they didn't they communicate the depreciation earlier. Its probably in some blurb deep within technet. The worst part is, is that this is by far the easiest way to auto put sites into trusted sites. The recommended MS way locks out trusted sites from user editing.
|
|
#
¿
Apr 26, 2013 17:14
|
|
|
I wish wish wish we could rollout company IM here. The president is all "what the gently caress do we need IM for? Use email, phones or face to face". This is the same dude, as the story goes, that when this place first got computers "what the gently caress do we need email for?"
|
|
#
¿
May 1, 2013 13:33
|
|
|
We're currently using Sophos and moving to Forefront due to it being included in our CAL. Sophos is pretty great, the central admin works very well, and the client footprint is small. Was very easy to push down the AV to all my clients when we first moved from McAfee 5 years ago. Also Sophos AV let's you block and log apps which is a nice bonus feature.
|
|
#
¿
May 21, 2013 04:05
|
|
|
CapMoron posted:Sophos is sounding pretty good. We only have about 250 users as well, all Windows machines. Sophos worked quite well. We also use their email and web appliances. While spendy, they are pretty awesome too.
|
|
#
¿
May 21, 2013 12:42
|
|
|
SQL Standard or Enterprise is required for the primary site. Secondary sites can use SQL Express.
|
|
#
¿
May 21, 2013 14:55
|
|
|
Sacred Cow posted:Adobe updates are pretty easy on SCCM with System Center Update Publisher. Just subscribe to the Adobe update feeds and publish to SCCM. Java on the other hand is still a huge pain in the rear end. Trying to get 32-bit v7 Java to deploy on a x64 OS was a nightmare. Have you ever configured the System Center Update Published on a Windows 2012 server? I have WSUS and SCUP on the same box but SCUP won't connect to WSUS.
|
|
#
¿
May 22, 2013 20:07
|
|
|
Sacred Cow posted:I haven't done it on a 2012 box (running on 2008R2) but you have to install a self-signed certificate for SCUP to work with WSUS/SCCM. When going through the setup options on SCUP you have to "Enable publishing to an update server". On that same option screen there is a "Signing Certificate" section. You have the option to create one that you deploy to your environment either through a CA or GPO under the computers "Trusted Publishers". Yeah, I got it working. I didn't realize that I'd have to integrate WSUS with SCCM to be able to use SCUP. Currently WSUS runs on it's own.
|
|
#
¿
May 23, 2013 15:08
|
|
|
We're not doing updates via SCCM at all, that's part of it. It seemed more of administrative headache. I would love to do 3rd party updates via SCCM and zero MS updates.
|
|
#
¿
May 23, 2013 17:52
|
|
|
Who the gently caress backs up workstations? Sounds like a terrible idea beyond automating the usual folders to their home directory on the network and backing that up.
|
|
#
¿
Jun 18, 2013 00:50
|
|
|
We use Syncplicity which is expensive as poo poo but simple for our mobile users. It's basically corporate Dropbox. The rest? We aren't responsible for what you save to your C drive. We make people sign a piece of paper saying so. Gotta have upper management buy in for that though which can be difficult.
|
|
#
¿
Jun 18, 2013 02:47
|
|
|
peak debt posted:Ever since Vista came out you should have been using GPPs for network drives Yeah I love this. Mapping drives based on security groups is awesome.
|
|
#
¿
Jun 20, 2013 23:15
|
|
|
Because I have 1 GPO that maps 10 or so drives and some drives all users get while other drives only a group needs to get. It's nice to have all your drive maps in 1 place than have 10 GPOs.
|
|
#
¿
Jun 21, 2013 02:44
|
|
|
Does anyone backup all their enterprise data to the cloud? The boss and I are sick to death of tapes, tape libraries, a poo poo ton of b2d storage and so forth and are looking at the feasibility of just backing everything up to a cloud provider such as Rackspace.
|
|
#
¿
Jun 26, 2013 20:55
|
|
|
I had to spin up a 2012 server just for Group Policy because of IE10.
|
|
#
¿
Aug 16, 2013 16:14
|
|
|
We put in SCCM a few months ago to replace our aging Zenworks server. All I've gotten so far is imaging and some reporting, but that's miles ahead of what we used to have.
|
|
#
¿
Aug 21, 2013 13:35
|
|
|
SCCM 2012 question. I'm trying to push down SCEP to a workstation, but it's not applying. Where are the logs that I can check to see what's going on? I know where the CCM logs are just not SCEP.
|
|
#
¿
Aug 22, 2013 17:14
|
|
|
Wicaeed posted:Are there any Microsoft official documents on the best way to go from a Windows 2003 domain level (running std ADDS roles + DHCP server) all the way to a Server 2012 domain? How quickly do you have to do this? You could wait until early next year and just go to 2012 R2 (I know it comes out in Oct, but I like waiting a few months in case of crazy bugs).
|
|
#
¿
Aug 30, 2013 01:27
|
|
|
Bob Morales posted:Does Microsoft put Exchange pricing out there anywhere? I'm trying to get an estimate on how much it would cost to implement Exchange but all the information online seems to be comparing internal to hosted Exchange. Not really. Would be easier and quicker to call someone like CDW to quote you.
|
|
#
¿
Sep 9, 2013 17:40
|
|
|
Backup Exec supports 2013. We use it for 2010 and it's kinda awesome how you can drill down into individual mailboxes and restore single emails.
|
|
#
¿
Sep 11, 2013 03:50
|
|
|
Bob Morales posted:Three tries with three reps no quote. Other suggestions? Have you tried this? http://mla.microsoft.com/ And then find a reseller using this: http://pinpoint.microsoft.com/en-US/SelectCulture GreenNight fucked around with this message at 02:47 on Sep 12, 2013 |
|
#
¿
Sep 12, 2013 02:44
|
|
|
IT Guy posted:We're currently in the process of doing this. Our Exchange server is 2003 as well so we can't just drop Windows Server 2012 boxes into the environment. We used downgrade rights and put in two new Windows Server 2008 R2 boxes, promoted them to DCs and demoted the 2003 boxes without issue. I recommend putting 2012 R2 as your domain controllers. By next year it will be out for a few months, and it's already pretty solid. That's what we're doing.
|
|
#
¿
Sep 12, 2013 14:28
|
|
|
IT Guy posted:Unfortunately we already bought the licenses. No SA? Too bad.
|
|
#
¿
Sep 12, 2013 18:15
|
|
|
Don't upgrade any Windows 8 users to 8.1 then. 8.1 basically requires 2012 R2 for Group Policy changes.
|
|
#
¿
Sep 12, 2013 18:20
|
|
|
IT Guy posted:Could also scope the GPO to only those two users. That would probably be the way I did it. This is the correct answer. It would be better to create an AD group though so if you need to add a different user, you can just add them to the group instead of editing the GPO.
|
|
#
¿
Oct 3, 2013 03:11
|
|
|
Here is a quick and easy guide to upgrading SCCM 2012 to 2012 R2. I haven't tried it yet though: http://myitforum.com/myitforumwp/2013/10/18/upgrading-configmgr-2012-to-r2/
|
|
#
¿
Oct 18, 2013 15:41
|
|
|
We use Sophos which is great for blocking users from sites, but if you want to see web traffic, it's not that robust. You can definitely drill down to see what pages users were going to but it doesn't distinguish between legit sites and ads. For instance, while researching an issue via Google, many of the sites I went to had Facebook ads. Now it looks like I've been browsing Facebook for hours on end and so forth.
|
|
#
¿
Nov 6, 2013 16:48
|
|
|
We used RemoteApp for some of our remote users because they hated having to do more than like 2 steps. So the two steps would be - 1. Connect to VPN, and 2. Launch RemoteApp. That eliminated the need to RDP to the terminal server.
|
|
#
¿
Nov 11, 2013 00:27
|
|
|
We have Sophos AV, the email appliance and web appliance. All work very well. We recently switched from Sophos to Microsoft AV since it comes free with System Center, but I have no complaints about Sophos. Very easy to admin and push out. Removing Sophos can't be done via admin console. There is a bitch of a batch file you need to setup to remove the software. I had to do it for ~250 machines.
|
|
#
¿
Dec 3, 2013 17:42
|
|
|
|
| # ¿ Apr 28, 2024 23:29 |
|
|
kiwid posted:I asked this a while ago, not sure if it was this thread or not. The way it was answered was only "real" accounts need a CAL. A real user. Everything that is used for administration, automation, etc., does not require a CAL. This is true. We ran it by our Microsoft licensing rep when he was in a few weeks ago. He specifically said if we had 10 users but 5000 service accounts, we only need 10 CALs.
|
|
#
¿
Dec 10, 2013 05:40
|
|