Introduction 1 1 Overview of the System Center Suite 5 What Is System Center? 6 Understanding System Center Configuration Manager 9 Understanding System Center Operations Manager 18 Understanding System Center Data Protection Manager 26 Understanding System Center Virtual Machine Manager 34 Understanding System Center Service Manager 40 Understanding System Center 2012 Orchestrator 45 Understanding System Center Licensing 50 Summary 51 Best Practices 52 2 Configuration Manager 2012 Design and Planning 55 What's New in ConfigMgr 2012 56 Explaining How Configuration Manager Works 60 Understanding Content Distribution 66 Understanding Asset Management 70 Reporting from Configuration Manager 74 Configuration Manager Architecture Components 75 Securing Configuration Manager 88 Understanding Component Requirements 92 Configuration Manager Design Considerations 94 Understanding Client Schedules 105 Planning for Internet-Based Client Management 106 Putting It All Together in a Design 110 Summary 112 Best Practices 112 3 Configuration Manager 2012 Implementation and Administration 115 Sample Organization 115 Configuring Installation Prerequisites 118 Implementing the Central Administration Site 124 Deploying the Primary Sites 129 Deploying the Secondary Sites 134 Configuring the Hierarchy 138 Configuring Sites 148 Configuring Client Settings 156 Implementing Internet-Based Client Management 163 Summary 177 Best Practices 178 4 Using Configuration Manager 2012 to Distribute Applications, Updates, and Operating Systems 181 Understanding Content Distribution 181 Defining Collections 185 Understanding Application Management 189 Managing Deployments 203 Understanding Software Updates 215 Deploying Software Updates 219 Understanding Operating System Deployment 225 Deploying Operating Systems 234 Extending with Microsoft Deployment Toolkit 238 Summary 243 Best Practices 243 5 Using Configuration Manager 2012 for Asset Management and Reporting 245 Understanding Asset Data 246 Configuring Client Settings for Inventory Collection 248 Understanding Reporting 249 Customizing Hardware Inventory 261 Understanding Asset Intelligence 269 Understanding Software Metering 277 Understanding Compliance Settings 278 Monitoring the Baselines and Compliance 283 Summary 285 Best Practices 285 6 Operations Manager 2012 Design and Planning 289 What's New With Operations Manager 2012 290 Understanding How OpsMgr Works 291 OpsMgr Architecture Components 296 Securing OpsMgr 311 Fault Tolerance and Disaster Recovery 317 Understanding OpsMgr Component Requirements 323 OpsMgr Design Considerations 328 Putting It All Together in a Design 335 Planning an Operations Manager Deployment 345 Summary 353 Best Practices 354 7 Operations Manager 2012 Implementation and Administration 355 Installing Operations Manager 2012 356 Deploying OpsMgr Agents 373 Monitoring DMZ Servers with Certificates 385 Configuring Operations Manager 2012 393 Administering Operations Manager 2012 403 Backing Up OpsMgr 2012 411 Summary 418 Best Practices 418 8 Using Operations Manager 2012 for Monitoring and Alerting 421 Using OpsMgr Consoles 422 Working with Management Packs 425 Exploring the Operations Manager Management Pack 432 Exploring the Windows Management Pack 440 Exploring the Active Directory Management Pack 451 Exploring the Exchange 2010 Management Pack 466 Exploring the SQL Server Management Pack 478 Exploring the Cross Platform Management Packs 487 Management Pack Templates 491 Custom Management Packs 503 Summary 508 Best Practices 508 9 Using Operations Manager 2012 for Operations and Security Reporting 511 Reporting from OpsMgr 512 Generating and Scheduling Reports 514 OpsMgr 2012 Maintenance Reports 532 Audit Collection Services Reporting 541 Service Level Tracking 548 OpsMgr 2012 Dashboards 554 Publishing Dashboards into SharePoint 2010 561 Summary 565 Best Practices 566 10 Data Protection Manager 2012 Design, Planning, Implementation, and Administration 567 What Is System Center Data Protection Manager? 568 Data Protection Manager Background 572 Data Protection Manager Prerequisites 578 Planning a Data Protection Manager Deployment 580 Deploying Data Protection Manager 587 Completing Required Configuration Tasks 591 Creating Protection Groups 601 Administrating Data Protection Manager 606 Summary 616 Best Practices 617 11 Using Data Protection Manager 2012 to Protect File Systems, Exchange, SQL, and SharePoint 619 Protecting File Servers 620 Protecting System State 622 Protecting Exchange Servers 624 Protecting SQL Servers 635 Protecting SharePoint Farms 643 Protecting Virtualized Environments 654 Summary 660 Best Practices 661 12 Virtual Machine Manager 2012 Design, Planning, and Implementation 663 Understanding Virtual Machine Manager 663 Virtual Machine Manager Background 673 What's New in System Center Virtual Machine Manager 2012 677 Virtual Machine Manager Prerequisites 678 Planning a Virtual Machine Manager Deployment 682 Deploying Virtual Machine Manager 687 Summary 700 Best Practices 701 13 Managing a Hyper-V Environment with Virtual Machine Manager 2012 703 Understanding the VMM Private Cloud 704 Using the VMM Management Interfaces 707 Understanding Virtual Machine Conversions 716 Managing VMM User Roles 729 Deploying Virtual Machines 740 Migrating Virtual Machines 747 Understanding and Implementing Server App-V 753 Summary 758 Best Practices 759 14 Service Manager 2012 Design, Planning, and Implementation 761 What's New in Service Manager 2012 762 Explaining How Service Manager Works 763 Service Manager Design Parameters 769 Putting It All Together in a Service Manager Design 775 Planning a Service Manager Deployment 783 Deploying Service Manager 791 Deploying Service Manager Connectors 805 Backing Up Service Manager 2012 814 Summary 817 Best Practices 817 15 Using Service Manager 2012 for Incident Tracking and Help Desk Support 819 Incidents and Problems 819 Configuring Incident Settings 821 Service Manager Notifications 830 Creating New Incidents 836 Working with Incidents 846 Configuring Problem Settings 856 Working with Problems 859 Incident and Problem Reports 863 Summary 869 Best Practices 870 16 Using Service Manager 2012 for Service Offerings and Change Control Management 871 Service Manager 2012 and the Infrastructure Optimization Model 871 Service Offerings and Request Offerings in SM 2012 872 Release Management in SM 2012 882 Change Requests and Activities 885 Configuring Change Settings 887 Change Management Templates and Workflows 889 Initiating Change Requests 892 Working with and Approving Change Requests 896 Implementing Change Requests 903 Managing Configuration Items 910 Working with Change, Activity, and Configuration Management Reports 914 Summary 919 Best Practices 920 17 System Center Orchestrator 2012 Design, Planning, and Implementation 921 Overview of System Center Orchestrator 921 History of System Center Orchestrator 924 System Center Orchestrator 2012 Installation Prerequisites 924 Orchestrator Security Planning 926 Installing System Center Orchestrator 2012 on a Single Server 928 Installing System Center Orchestrator 2012 on Separate Systems 933 Additional Tasks Following Orchestrator Installation 939 Getting Familiar with the Orchestrator 2012 Management Consoles 942 Installing Integration Packs 949 Designing and Using Runbooks 952 Runbook Permissions 967 Summary 967 Best Practices 968 Index 969
Chris Amaris, MCITP, MCTS, CISSP/ISSAP, CHS III, is the chief technology officer and cofounder of Convergent Computing. He has more than 20 years experience consulting for Fortune 500 companies, leading companies in the technology selection, design, planning, and implementation of complex information technology projects. Chris has worked with Microsoft System Center products, such as Operations Manager and Configuration Manager, since their original releases in 2000 and 1994. He specializes in messaging, security, performance tuning, systems management, and migration. Receiving his first Microsoft technologies certification in 1993, Chris is a current Microsoft Certified IT Professional (MCITP) with multiple Microsoft Certified Technology Specialist designations (MCTS) in System Center technologies, a Certified Information Systems Security Professional (CISSP) with an Information System Security Architecture Professional (ISSAP) concentration, Certified Homeland Security (CHS III), a Novell CNE, a Banyan CBE, and a Certified Project Manager. Chris is also an author, writer, and technical editor for a number of IT books, including Network Security for Government and Corporate Executives, Exchange 2010 Unleashed, and Microsoft Windows Server 2008 R2 Unleashed. Rand Morimoto, Ph.D., MVP, MCITP, CISSP, has been in the computer industry for over 30 years and has authored, coauthored, or been a contributing writer for dozens of books on Windows, Security, Exchange, BizTalk, and Remote and Mobile Computing. Rand is the president of Convergent Computing, an IT-consulting firm in the San Francisco Bay area that has been one of the key early adopter program partners with Microsoft, implementing the latest Microsoft technologies, including Microsoft Windows Server 2008 R2, System Center 2012, Windows 7, Exchange Server 2010, Windows Server 2012, and SharePoint 2010 in production environments over 18 months before the initial product releases. Pete Handley, MCITP, CISSP, has more than 15 years of experience in IT, including extensive knowledge of Active Directory, Microsoft Exchange, Windows Server 2008, and the System Center suite of products. He has been a contributing author for the Sams books Microsoft Exchange 2003 Unleashed and Windows PowerShell Unleashed. Pete specializes in Visual Basic and PowerShell scripting and is a subject matter expert on the integration and migration of Novell technologies to Microsoft technologies. Pete holds the Microsoft Certified Systems Engineer 2003 (MCSE) certification, the Microsoft Certified Information Technology Professional (MCITP) certification, the Novell Certified Directory Engineer (CDE) certification, and the Certified Information Systems Security Professional (CISSP) certification. David E. Ross, MCITP, VCP, CCEA, CCSP, has over 13 years of experience in IT consulting, the majority of which have been spent playing the lead architect role on network design and implementation projects throughout the San Francisco Bay area. David is currently acting as a principal engineer for Convergent Computing, and is frequently involved in creating hybrid solutions involving multiple vendor technologies for organizations of all sizes. Specialties for David include Active Directory, Exchange, System Center, Lync, Citrix XenApp and XenDesktop design, virtualization solutions using VMware vSphere and Microsoft Hyper-V, and Cisco routing, switching, and security technologies.