Sunday, December 19, 2010

ConfigMgr 2007 with App-V integration

With ConfigMgr 2007 Release 2 (R2) it is possible to add App-V packages to the ConfigMgr console, and advertise them to ConfigMgr clients. With that functionality, no additional App-V Management or Streaming server is needed anymore. Now there is one solution for managing and publishing MSI-based & Virtual-based applications! I will explain in this blog what to configure in the ConfigMgr console, and how the App-V packages will be published to the ConfigMgr clients.

How it works?

ConfigMgr 2007 supports running sequenced applications created using the App-V Platform. App-V packages are running on ConfigMgr 2007 clients without having to install applications on the computer. Target computers must be running Windows XP (or above) to run virtual application packages. After you create a sequenced application using the App-V Sequencer, you must import the package into ConfigMgr 2007 and deploy the App-V package to ConfigMgr 2007 clients.

First you must make sure you are running ConfigMgr SP2 and R2 or R3 for having fast App-V package delivery. While Release 2 (R2) is needed for App-V functionality, Service Pack 2 (SP2) is needed for fast App-V package delivery. Because with ConfigMgr SP1 it could take up to 10 - 15 minutes for having the App-V packages available, while with SP2 there is almost no delivery delay! With ConfigMgr SP2, delivery can be as fast as with App-V streaming server, which is a great feature!

Client setup

On the computer there is a ConfigMgr client and a App-V client needed. There is no additional configuration on the App-V client needed. You need to enable Virtual Application Deployment in ConfigMgr, and ConfigMgr configures the App-V client for you. Any existing policies will be overruled. Best practice is to put the ConfigMgr client and App-V client in the Task sequence, which is used at deployment. Otherwise App-V delivery is not possible.

ConfigMgr 2007 setup

I will describe here which configuration is needed in the ConfigMgr console. These are all needed for having App-V functionality in ConfigMgr 2007.

Warning: this approach will affect every App-V client with the ConfigMgr client connected to the site. This because App-V management in ConfigMgr will overrule the existing App-V configuration.

In the ConfigMgr Distribution point properties (General) choose for "Allow clients to transfer content from this Distribution point using BITS, HTTP, and HTTPS"

In the ConfigMgr Distribution point properties (Virtuall Applications) choose for "Enable virtual application streaming"

At last, in the Advertised Programs Client Agent properties (General) enable "Allow virtual application package advertisement"

Because ConfigMgr supports two types of App-V delivery (streaming and local delivery), you need the above setting. Streaming delivery is simular to App-V streaming server and uses HTTP(S). Local delivery does "download and execute" the App-V package using BITS (same as MSI-based applications). With local delivery the App-V package will be saved on the computer, and is alltimes available (same as MSI-based (installed) applications)! Streaming is recommended on (VDI) desktops or fat clients.

App-V packages

In the ConfigMgr console you can add MSI-based & Virtual-based applications. I will describe the steps for adding App-V packages here.

Right-click on Software Distribution - Packages and choose for New > Virtual Application Package. Find the XML file, and add the App-V package.

Create an (sub)Collection for every application you want to advertise. Create a Active Directory group for every application, and add it to the collection.

Create an advertisement for every application you want to distribute, and add it to the collection with the same name. Choose for the following settings:
  • Schedule: Mandatory assignments (occurs on current date/time)
  • Distributing points: Stream virtual applications from Distribution point
  • Interaction: Allow users to run the program independently of assignments
While sequencing choose for leaving icons in the Start menu and/or on the Desktop. This because no App-V Publishing server will be available, and users will see no icons to start the application.

Results on the computer

When all of the above steps has been set, App-V delivery will be available. On the ConfigMgr client there will be a policy refresh everytime you logon. At that point the App-V package will be available after 5 - 30 seconds. This will depends on sizing and configuration of the ConfigMgr server.

Again more functionality becomes available in the ConfigMgr console!

Saturday, December 11, 2010

MDT integration in ConfigMgr 2007

Last month I read at Twitter that someone didn't know that MDT could be integrated with ConfigMgr 2007. For me that was the reason for writing this blog about MDT and ConfigMgr. Yes, it's true that the intregation exists, and I will explain all the possibilities and benefits of it! When you are new with MDT or ConfigMgr, you can combine them for having the best of both worlds. Also with the knowledge you have (MDT and/or ConfigMgr) it will be a lot easier for using it.
When you using Microsoft products for deployment, you can choose between:
- Windows Deployment Services (WDS)
- Microsoft Deployment Toolkit (MDT)
  formely known as Business Desktop Deployment (BDD)

- System Center Configuration Manager (ConfigMgr)
While WDS and MDT are free of use; with ConfigMgr you must pay for every system you want to manage (client and/or server). In the projects I do, the choice is most of times made for ConfigMgr. This because ConfigMgr can do a lot more then MDT; and MDT will most of times be implemented for deployment only. Because MDT is customizable with build-in scripts, you want the same functionality in ConfigMgr actually! For this reason Microsoft created the integration for both products.
For having this functionality, install ConfigMgr and MDT (2010) on the same system. After that look in the Start Menu for Microsoft Deployment Toolkit, and start "Configure ConfigMgr Integration". Click Next, Finish, and start the ConfigMgr console again! Now you will have the following added features.
New Task sequences added:
The new Task sequences offers very useful deployment templates that are constructed using a new MDT wizard.
  • Client Task Sequence: Creates a complete task sequence complete with additional task sequence elements.
  • Client Replace Task Sequence: Creates a task sequence specifically for use when replacing hardware (capture user state).
  • OEM Task Sequences (Pre- and Post-OEM): Creates task sequences  specifically designed for use with the hardware OEM.
  • Microsoft Deployment Custom Task Sequence: Creates a task sequence that is essentially empty.
  • Server Task Sequence: The server version of the Client Task Sequence with additional task sequence elements.
  • User Driven Installation Task Sequence: UDI means that there is now an easy way to get users “involved” in an OS Deployment.
New options in existing Task sequences:
The new options offers additional environmental checks and data. This provides for prerequisite and safety checks before applying the image, and additional environment variables for use in customization.
  • Use Toolkit Package: Takes care of getting the needed files to the computer (needed to use any other actions)
  • Install Language Packs Online: Specify that package should be installed online (after the OS is running)
  • Gather: Sets variables that can be used elsewhere in the task sequence (needed for dynamic deployments)
  • Validate: Perform hardware checks to make sure the machine is capable, and prevent accidental deployment of client operating systems to server hardware
  • Install Roles and Features: Install any available Windows Server 2008 (R2) role, role service, or feature
  • Configure ADDS: Automates the DCPROMO process, and supports creating new forests, new domains, and new domain controllers
  • Configure DNS: Define the zones that need to be created (Primary, secondary, stub, Integrated or standard)
  • Configure DHCP: Define the scopes that need to be created (Address ranges, scope settings)
  • Install Updates Offline: Apply patches to Windows before the OS boots for the first time (uses an existing software update package)
  • Install Language Packs Offline: Specify that package should be installed offline (before the OS boots for the first time, similar to patching)
Create new Boot images:
This provides the ability to build customized Windows PE boot images, through a wizard added to the boot images menu item.
  • Add extra folders and files to the boot image (example: Trace32 utility)
  • Add support for additional databases in the boot image

At last you can use the build-in scripts that's included with MDT, for using in ConfigMgr 2007 Task sequences. With MDT integration in ConfigMgr 2007 you have the best of both worlds. And with new functionality in MDT 2010 Update 1 there is even more available! (User Driven Installation)
MDT 2010 can be used for Lite Touch Installation (LTI):
- Aligns with ConfigMgr
- Evolutionary refinements
- Adds server support
- Upgrade from BDD 2007 and MDT 2008
ConfigMgr 2007 (with MDT) is needed for Zero Touch Installation (ZTI):
- Fully integrated experience
- Single console
- Adds server support
- Extends and enhances ConfigMgr 2007

You can even have a dynamic computername filled-in, and place it in Active Directory in the right OU. In the customsettings.ini file (MDT) or Task sequence (set Task sequence variable) there must be an entry that looks like this:
- OSDComputerName=%SERIALNUMBER% to use SERIALNUMBER as computername
- OSDComputerName=%ASSETTAG% to use ASSETTAG as computername

It is also possible to use a script for it. With all of this you can have a dynamic deployment, without the need for manually actions!