User Personality Management
Download
Report
Transcript User Personality Management
User Personality Management
How to Help Your Users Survive a Refresh or Migration
Phil Schwan
Technical Architect
PLA
John Marcum
Enterprise Client Management Architect
BABC
Phil Schwan
John Marcum
@philschwan
@SCCM_Marcum
MCSE: Enterprise Devices & Apps
18 years in desktop admin
Brew beer on a regular basis
Enterprise Mobility Microsoft MVP
13 years end user device mgmt
I enjoy a cold beer now and then
Migrations
Why They Hurt So Much
Reasons Migrations Make Users Angry
“Where are my files?”
• Users know where all their important files are
• Hunting for files = wasting time
“Where are my apps?”
• Most users have more than just core apps
• Users don’t want to have to request their apps again
“Why do I have to change all my settings again?”
• App settings are personal and geared toward user’s productivity
• Nobody wants to hunt through settings menus again
User Files
Ensuring their stuff is back
User Files
Option 1: USMT
• Integrated with ConfigMgr right out of the gate
• Direct tie-in with Task Sequence
• ConfigMgr has a special server role just for this
• Drawbacks
• USMT can be overkill (scripts often more efficient)
• Snapshot in time, no flexibility
• XML hell
User Files
Option 2: File Synchronization
User Files
Advantages
• All your eggs aren’t in one basket
• Kills two birds with one stone (migration AND availability)
• Disaster recovery
• Mobility (mobile/remote device access)
Drawbacks
• Planning for centralized storage
• Licensing (OneDrive for Business)
• Configuration (GPOs, hotfixes)
• Some options not quite mature yet
User Files
Folder Redirection
• Simple implementation, but at the
expense of flexibility
• Been around forever
• It just works*
User Files
Work Folders
OneDrive for Business
Storage Location
On-prem, Windows file server
SharePoint Online (O365 Cloud)
On-prem SharePoint 2013
View Sync Status
User view sync status from the file explore
status bar; or control panel Work Folders app
User view sync status from the file/folder icon
overlay, or go to the View sync problems link
from the file explorer menu
User Data Access
User can use SMB access to the share if
admin has configured
User can open web page for content access
Local Data
Encryption
Allow admin to enforce encryption policy on
client, using selective wipe encryption
BitLocker
File Type Support
Any file types*
Focus more on office documents, some file
types/characters in file/path name are not
supported
Administration
File Server management experience
SharePoint management experience
Data Backup
Admin managed, use any VSS backup
application, e.g. DPM
Managed by the O365 team, backup every 12
hours and is retained for 14 days.
User Files
How Do I Get Started?
• Decision: Do I want to move files before or during migration?
• Before = Work Folders/Folder Redirection, During = USMT
• Do I want my life to suck when I have to do this again??
• Work Folders
• Group Policies, Hotfixes, Server setup, Web proxy for external access*
• USMT
• Ensure latest ADK, check compatibility between source/destination
• Identify what you want to migrate and where it resides
• Determine the best location for captured data
• SMP vs Hardlink vs File Share vs USB
Demo
User Files
Settings
Self-service vs continuity
Settings
Option 1: USMT
• Out-of-box support for Office and many common apps
• Drawbacks
• Second verse, same as the first
• All apps should be installed before restore is run
• Settings specific to one app version
Settings
Option 2: UE-V
•
•
•
•
•
•
Lightweight, customizable settings
Manageability through the roof!
Gallery of settings storage templates
Disaster recovery
User roaming (multi-user systems)
Roaming Profiles…without corruption
• Drawbacks
• One more agent
• Trigger warning
• Some unexpected compatibility issues (Bginfo)
Settings
How Do I Get Started?
• UE-V
• Double check your licensing
• Identify where your settings will be centrally stored
• Determine how you want to manage templates
• Identify what app settings you want to virtualize
• Create/download templates as needed
Demo
User Settings
Applications
Automating the oddball stuff
Applications
Option 1: Application Mapping
• MDT Database
• Fully integrated with Task Sequence
• Works for both Packages and Applications
• Apps can be upgraded to current versions on the fly
• Drawbacks
• Auto-upgrade of apps can undermine app settings migration
• Maintaining CM relationships outside of CM
• All or nothing – no provision for being selective
• MAC based – shared USB NIC could be problematic
Applications
SQL for MDT database
/* Create ApplicationMapping table */
CREATE TABLE [dbo].[ApplicationMapping](
[ARPName] [nvarchar](255) NULL,
[Applications] [nvarchar](255) NULL
) ON [PRIMARY]
/* Create RetrieveApplications stored procedure (with wildcard) */
CREATE PROCEDURE [dbo].[RetrieveApplications] @MacAddress CHAR(17) AS
SET NOCOUNT ON
SELECT * FROM ApplicationMapping
WHERE EXISTS
(SELECT * FROM CM_DB.dbo.v_GS_ADD_REMOVE_PROGRAMS a
INNER JOIN CM_DB.dbo.v_GS_NETWORK_ADAPTER n ON a.ResourceID = n.ResourceID
INNER JOIN CM_DB.dbo.v_R_System s on a.ResourceID = s.ResourceID
WHERE MACAddress0 = @MacAddress AND DisplayName0 LIKE ARPName )
OR EXISTS
(SELECT * FROM CM_DB.dbo.v_GS_ADD_REMOVE_PROGRAMS_64 a
INNER JOIN CM_DB.dbo.v_GS_NETWORK_ADAPTER n ON a.ResourceID = n.ResourceID
INNER JOIN CM_DB.dbo.v_R_System s on a.ResourceID = s.ResourceID
WHERE MACAddress0 = @MacAddress AND DisplayName0 LIKE ARPName )
Applications
CustomSettings.ini
[Settings]
Priority= RetrieveApplications, DynamicApplications, Default
Properties=MyCustomProperty
[DynamicApplications]
SQLServer=<YOURSQLSERVER>
Database=MDT
StoredProcedure=RetrieveApplications
NetLib=DBNMPNTW
Parameters=MacAddress
SQLShare=DeploymentShare$
Applications
Option 2: User-Based Deployments
• Target app installs to users instead of machines
• Self-service to enable users
• UDA can be integrated into imaging
• Persistence across machines and migrations
• Drawbacks
• UDA requires establishing user-device relationship prior to imaging
• Only handles user-targeted apps
• Pre-deploy for primary users still happens post-TS, but…
Applications
UDA with Task Sequences
• Set SMSTSAssignUsersMode
variable to Auto
• Set SMSTSUdaUsers variable to
user ID(s)
• Enable UDA on Distribution
Point/TS media
• “Allow User Device Affinity with
Automatic Approval”
Applications
How Do I Get Started?
• MDT Database – Learn it, know it, love it
• Set up MDT database and create tables, stored procedures
• Integrate MDT into your ConfigMgr Task Sequence
• Modify your CustomSettings.ini to get the app mapping data
• Map your apps!
Applications
How Do I Get Started?
• User Based Deployments
• Target apps to users
• Update PXE and/or boot media to support user association
• Integrate scripts to assign primary user/gather apps
Demo
Applications
Links
John Marcum’s Blog – http://systemcenteradmin.com/
Phil Schwan’s Blog – http://lab-geek.com
Application Mapping
http://blog.configmgrftw.com/mdt-application-mapping-in-configmgr-2012/
http://www.chrisnackers.com/2012/06/21/microsoft-deployment-toolkit-dynamic-applications-using-a-wildcard-for-mappings/
https://johnquirk.wordpress.com/2009/09/30/package-mapping-v2/
https://www.petervanderwoude.nl/post/install-user-targeted-applications-during-os-deployment-via-powershell-and-configmgr-2012/
Work Folders/Offline Files
https://technet.microsoft.com/en-us/library/jj649078(v=ws.11).aspx
UE-V
https://technet.microsoft.com/en-us/library/dn554321(v=vs.85).aspx
https://gallery.technet.microsoft.com/site/search?f%5B0%5D.Type=RootCategory&f%5B0%5D.Value=UE-V
https://technet.microsoft.com/en-us/itpro/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates
USMT
https://technet.microsoft.com/en-us/itpro/windows/deploy/usmt-command-line-syntax
https://technet.microsoft.com/en-us/itpro/windows/deploy/usmt-best-practices
https://www.autoitconsulting.com/site/deployment/using-custom-xml-and-config-files-with-usmt-and-configmgr/
And Then …