I promised to upload my session files, and here they are.

You’ll find a bunch of files in the downloaded ZIP file

I recommend that you start with the Slides, although there isn’t “me” talking over them they are still useful aids, and once you get to the Live Demo slide get busy opening and following the Word document

I snagged the two DLL’s from a ConfigMgr 2012 R2 Console installation folder, your usage of them will vary depending on whether you have that version installed, recommend you go get these two files yourself so they match up with your Site server version.

The source code for the project is in the ConfigMgrPackageList-SourceCode.zip, after you’ve followed the Doc that’s what you’d end up with, but it is there for your reference.

Oh and you may need this, Visual Studio 2015 Community

Myself and several others are working towards bringing many more Dev sessions to WMUG, stay tuned!

You can reach me easily on my Twitter handle @RobMVP if you want to chat about this and Dev for ConfigMgr

Enjoy,

I’ve been looking at Azure Services for hosting an ASP.NET Application, and wanted to get an understanding of how to set this stuff up. I’m relatively new to wiring things up in Azure, and thought it’d be a good idea to log what I needed to do while going about getting Visual Studio publishing into Azure. Here’s how I did it.

I originally set this up last night on my main development machine, my recollection of the steps is a bit hazy so I spun up a Windows 10 VM this morning and reproduced the install there.

Okay, to setup your Platform for Development of an ASP.NET Application hosted in Azure you’ll need the following … and once you’ve got this lot in place, I’ll briefly run through publishing a project to Azure:

• An Azure account, if you don’t already have one then register for a trial here:

• Visual Studio, Azure SDK and Azure Tools, you have two options here,

• Option 1– Do the individual installs of Visual Studio and the Azure SDK which includes the Azure Tools (2.7 as of writing):

• Download Visual Studio 2015 Community (or use Enterprise if you already have), install it:

Click Above to download Visual Studio Community

Choose these options when installing

This bit will take a long time, go get a Tea\Coffee and\or browse around here for a bit

• Install Azure SDK for .NET using Visual Studio 2015 by opening Visual Studio, proceed to Select File \ New \ Project, assuming you are using Visual C# expand Installed \ Templates \ Visual C# and Select Cloud, Select Get Microsoft Azure SDK for .Net (See below screenshot) and Select OK, work your way through the process:

  Another long install period stands before you, your options are limited to staring at progress bars or going off to do something else

if staring at a progress bar is your kind of thing, stick around, otherwise why not check out some stuff about MVC

• Option 2– Download Visual Studio 2015 Community, the Azure SDK with Azure Tools in one bundle:

Now that you have Visual Studio 2015 Community and the Azure SDK installed, and you’ve got yourself a brand new shiny Azure Trial account, let’s see how easily and quickly it can be integrated, and an Application published to the world.

• Open Visual Studio 2015

• Connect to Azure by clicking the Cog\Wheel icon

• Click the account box

• Click Add an account and enter the account you used to create the Azure trial

• Click Apply to associate the accounts Azure subscription with Visual Studio

• Select File \ New \ Project (or click New Project… on the Start Page)

• Select Installed \ Templates \ Visual C# \ Cloud and then Select ASP.NET Web Application

• Keep Application Insights ticked, and keep Send telemetry to set to New Application Insights resource

• You should see your Azure account listed on the right hand side as in the shot below

• Select OK

• Select Web Forms, these give you a rich blend of Client and Server functionality, and it comes with a Designer that lets you visually build out the page

• Select Change Authentication

• Select No Authentication and Select OK

• Select OK

• Now you’ll need to configure Azure to receive the Application, create a suitable Web App Name or use the default given, create a new App Service Plan, a new Resource Group and select the Region you want to be served from, select No database as we’re not going to use one in the following steps

• Select OK

• We’re almost there, the projects been built and we can upload it to Azure. Right click WebApplication1 in the Solution Explorer and Select Publish

• The Publish Web wizard will pop up with all the fields pre-populated for you, just need to Select Publish to get things going

(I’ve blanked User name, your dialog will show a unique user name)

• In the Output Window you’ll see the news that the Publish Succeeded

• Now you just need to visit the link at the bottom of the Output Window, and you’ll be staring at the Website running in the Azure Cloud. How cool is that.

• Once you’ve made changes to the project, save it then Publish it again using the same method described above, it is that simple and shows off the tight integration going on with the Studio and Azure

• Let’s change some code and republish the project, from the Visual Studio editor find the Solution Explorer, scroll down and find Default.aspx, right click it and Select View Designer

• Put your cursor over the end of the ASP.NET H1 tag and replace the text to something new

• Here’s mine changed

• Publish the Project again, and the Publish Web wizard just needs a single click on Publish to get underway

• Refreshing the web page in the browser shows the change instantly

There we are, Azure integrated with Visual Studio and a project for a Web Application published and made live globally, easily, quickly (aside from the installs!), quite a lot of moving parts involved, done very well.

Now you have a development lab linked to Azure from which you can do all kinds of things from, especially useful for learning how to write something webby while grasping at the tools for the first time :-)

There’s a few other features that show off integration with the Cloud and Visual Studio that you might find useful, or inclined to spend time checking out, Visual Studio Online and GIT extensions for Visual Studio

In the following series of blog posts I will introduce you to C#, Visual Studio and the ConfigMgr SDK, and show you how to produce your own custom tooling easily.

The motivation behind this series of postings is to enable you to create community tools or bespoke tooling to assist you in your day-to-day ConfigMgr role, and thus to enhance the Community overall, as hopefully you’ll produce the very next best tool and we’ll all benefit from it.

To underpin the guide I’ve written a tool called MonitorMP which will keep an eye on the health of your Management Points outside of the ConfigMgr Console, the source code for this tool will be built up and completed by the time we’ve finished with the series of posts, at which point we’ll make the tool made available in both compiled and source code form and everyone that read this guide will feel somehow connected to it :)

Previous postings for this guide

Guide to creating your own ConfigMgr tools – Part 1

Guide to creating your own ConfigMgr tools – Part 2

Guide to creating your own ConfigMgr tools – Part 2 – Extended

Guide to creating your own ConfigMgr tools – Part 3

In this post we’re finally going to build the MonitorMP tool!

Let’s first lay out our requirements:

• .Net 4.0 as we want this to be highly available, and not require the latest .Net (4.5.1 or 4.5.2) to be installed
• Check all Management Points associated with a Site Server, to see if they respond to HTTP requests, green light, red light visual indicator
• Repeat the test on an interval
• Test HTTP only, HTTPS requires extra handling and is a great idea for a V2 made by the Community

That’s about it, all we want to do is check the Management Points for a response, and maybe schedule a repeating check just to stretch the project out a bit, and to include threading examples for you.

To accomplish this, we’re going to need some tools from the .Net library:

• HttpWebResponse Class

HttpWebResponse allows us to easily open a TCP\IP session to  a destination device, issue some HTTP and retrieve the response

• Background Worker Thread Class

A Background Worker thread will allow us to set a schedule for repeating the test, and allows us to interact with the Form\UI thread to update our interface. The great thing about the Background Worker threads are their event support, such as DoWork, RunworkerCompleted, and the most important for us, ProgressChanged. These events can interact with the UI thread allowing us to update the UI with data

You now have two choices, if you are pretty sturdy with Visual Studio and C# already, then download the Source Code here and run the project to see the end result, skipping all the building up steps, or join me as I build the project step-by-step, so that you write it and gain from the experience.

Let’s get underway and step through building out our project together.

• Open Visual Studio and create a new Project
• Select Windows Forms Application
• Give the project the name ManageMP, and sort out the Location (accept the default or choose your development folder if you have one) then Select OK

We’ll begin designing the Form before we lay down a single line of code, so let’s get on with that now.

I’ll be asking you to drag some objects from the Toolbox onto the form, tweaking their properties and position\size attributes.

• Modify the Forms properties

• Set the Size to 667, 348
• Set the Maximum size to 667, 1000 (this sets the maximum form dimensions, 667 width meaning it cannot be adjusted widthways, with 1000 set for the height which lets the user resize lengthways)
• Set the Minimum size to 667,348 (this is the minimum form dimensions, 667 width and 348 height)
• Set the Text to MonitorMP
• You can set the Icon for the Form but this isn’t necessary to progress, you can download one I created earlier from here. Change the Forms Icon, and also change the Default Icon in the projects Properties. I suggest storing the ICO file in the Project folder:
• Select Icon to browse for your ICO file:

• Right click your Project and from the Application tab browse for an ICO file, you can also click Assembly Information to add metadata to the EXE that is shown when you right click it:

• Add a DataGridView

• Drag a DataGridView onto the form
• Set its Name to dgv_Mp
• Set its Location to 13, 12
• Set its Size to 626, 228
• Set the following properties to False

• TabStop
• AllowUserToAddRows
• AllowUserToDeleteRows
• AllowUserToResizeRows
• MultiSelect
• RowHeadersVisible
• ShowEditingIcon

• Set the following properties to True

• ReadOnly
• StandardTab

• Set AutoSizeRowsMode to AllCells
• Set Anchor to Top, Bottom, Left, Right (this allows the DataGridView to grow as you resize the form, we only need to do Top, Bottom as we are not allowing resizing of the form Widthways)
• Set AlternatingRowsDefaultCellStyle to DataGridViewCellStyle { BackColor=Color [A=255, R=224, G=224, B=224] } (Use the ellipses and select BackColor to pick a background colour, light grey, or a colour that you like)
• Right click this DataGridView control, select Edit Columns
• Select Add

• For Name enter c_mpName
• For HeaderText enter Name
• Select Add then Close
• For AutoSizeMode select AllCells

• Select Add

• For Name enter c_siteCode
• For HeaderText enter SiteCode
• Select Add then Close
• For AutoSizeMode select AllCells

• Select Add

• For Name enter c_State
• For ColumnType select DataGridViewImageColumn
• For HeaderText enter State
• Select Add then Close
• For AutoSizeMode select AllCells

• Select Add

• For Name enter c_mpStatus
• For HeaderText enter Status
• Select Add then Close_
• For AutoSizeMode select Fill

• Select OK

• Add a Label

• Drag a Label onto the form
• Set the Name to l_writtenBy
• Set the Text to “Written by X” and replace X with your name!
• Set the Location to 12, 254
• Set Anchor to Bottom
• Set TabIndex to 0

• Add a TextBox

• Drag a TextBox onto the form
• Set the Name to tb_Server
• Set the Location to 164, 254
• Set the Size to 169, 20
• Set Anchor to Bottom
• Set TabIndex to 1

• Add a Checkbox

• Drag a Checkbox onto the form
• Set the Name to cb_Timer
• Set the Location to 339, 254
• Set the Text to Enable Timer
• Set Anchor to Bottom
• Set TabIndex to 3

• Add a NumericUpDown

• Drag a NumericUpDown onto the form
• Set the Name to nud_timerMinutes
• Set the Location to 433, 252
• Set the Size to 47, 20
• Set Anchor to Bottom
• Set the Value to 5
• Set TabIndex to 4

• Add a Button

• Drag a Button onto the form
• Set the Name to b_Go
• Set the Text to Check Management Points
• Set the Location to 486, 250
• Set the Size to 153, 23
• Set Anchor to Bottom
• Set TabIndex to 2

• Add a Status Strip

• Drag a StatusStrip onto the Form
• Set the Name to ss_Messaging
• Right click the StatusStrip and Select Edit Items
• Select StatusLabel and Click Add
• Set the Name for toolStripStatusLabel1 to ssl_Entry
• Set the Text to blank (nothing) otherwise it will look like this:

• Now that is the form laid out, on your end it should look like this with <Name> replaced with your name

• In terms of position and sizing of the forms objects, not a little like this, but actually like this
• I simply compiled the completed project to get the Form showing for the above screenshot, but you should also be able to compile and run it right now to see the same.

Let’s write a line or two of code.

If you are new to coding in C# you’re about to see several cool techniques that help me code solid applications, for the more handy with C# there are no surprises here for you. I’m a mid-tier C# coder I guess, and could do things more efficiently in some places, make more use of .Net, but overall I get there.

Things we’ll cover:

• Methods used by the dompCheck BackgroundWorker thread, so as to populate the DataGridView
• Custom Class Collections to contain collections of custom classes that we’ll use to store multiple properties, and pass around between methods
• Threading, and thread management through global variables, as well as examples of passing our Custom Classes around using the ProgressChanged and RunWorkerCompleted BackgroundWorker thread events

Ok I was really just teasing you, no coding yet, first let’s cover off why I'm making references to the UI Thread, and mention creating a BackgroundWorker thread:

All Windows Form Applications start out life as Single-threaded applications. This means all the code you write for your application, and the User interface controls you add are all being processed by a single thread, called the Foreground thread.

So, if you burn out that thread the UI will lag out and become unresponsive, and if it does it for long enough the Operating System will sense this and offer to kill off the process for us.  We’ve all see this at one point in time. Not good. For Console based applications this isn’t much of an issue, unless you need concurrent activities taking place.

To go multi-threaded we hit an immediate wall, a custom thread cannot speak directly to the Foreground threads forms, such as the DataGridView and StatusStrip which we want to manipulate. We can code stuff into a normal Thread from the Thread Class, but it is a work of pain. To overcome this, we use a special kind of thread, and do away with coding our own way out of the situation. We use the BackgroundWorker thread, which is derived from the Thread Class itself, as a place to run our code, and hosts a bunch of methods and events we can fall back on to speak to the Foreground threads Form controls. The key event for reporting progress back up to the UI thread is the ProgressChanged event, which we can fire at will, the other of note is for when our BackgroundWorker thread is stopped, and is called the RunWorkerCompleted event. These two events can interact with the UI thread, allowing us to play with those form objects while still running the custom thread, or coming out of it.

There are a few good reasons for running code on the UI thread, but ideally if you can lob it off to a custom thread to get on with, is much better, things become more fluid in the UI, as in the user experiences a smoother ride. To read more on the BackgroundWorker thread, visit the MSDN library here.

The gap between single-threaded applications and multi-threaded is narrowed further for you, multi-threading your code is now within your reach!

Now let’s really begin coding. I’ll offer up code-blocks for you to copy\paste in, but please do watch out for the browser changing characters such as quotation marks.

Firstly, we need to add some references to the .Net 4.0 classes we want to use in the project

• Double click on the form to be taken to the Code view
• Replace all using clauses with the following:

using System;
using System.ComponentModel;
using System.Drawing;
using System.Windows.Forms;
using System.Net;
using System.IO;
using System.Management;
using System.Threading;

It should look like this:

• Return to the Form view

We’re going to need some triggers to control the BackgroundWorker threads we’ll create soon, we set these as public.

• Add the following code below the Form1_Load method:

public volatile bool mpcheckRunning = false;
public volatile bool mpcheckStop = false;

public volatile bool timerRunning = false;
public volatile bool timerStop = false;

It should look like this:

We set these to volatile as we’re going to access these from threads, volatile forces the compiler to not optimise them, which would result in possibly offering  us an indexed value rather than the actual value (think of lazy values). Since we’re checking them from inside a thread we need them to be reliable, and must not change them from multiple threads. Booleans are not such a problem but changing a global string value for example, from multiple threads, could lead to the string becoming corrupted.

Now let’s create two very special classes that we’ll use to pass information around between methods. We’re using an Object Orientated Language, so instead of passing a single property back and forth between methods, or an array of properties like old school style, we can pass an entire object containing several properties, or even a collection of these objects.

We’ll do this when we check the Management Points, we’ll pass the MP Name, MP Port and MP State around as an ‘object’, and we’ll put all of these objects into a Collection, and in turn pass that around. It may sound complicated to begin with, but over time you’ll have to grown into doing this, so as to overcome certain obstacles when it comes to how much information you want to push around between the methods, especially BackgroundWorker thread events.

We need several more variables so let’s create them now.

• Add the following below the previous variables:

public volatile bool mpcheckRunning = false;
public volatile bool mpcheckStop = false;

public volatile bool timerRunning = false;
public volatile bool timerStop = false;

public volatile int nudtimerMinutes = 5; // Set to 5 to reflect the nud_timerMinutes controls default setting

public volatile ManagementPointCollection globalmpList = new ManagementPointCollection();

private static string unhealthyIcon = "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAdxSURBVFhHrVdpbJRVFL0tQdpCqWzaQqldAdm3Ki2EtqKgqLhUAQVZKlsbBK0sResSBbcfRk1cEkMkGE1EUdyCqEkRSTEKLV1mpssMnW4zUIIKKAqYXs953zdlppQtepObmfm+984577777rsjl2sLRSIfEhmzQGQZvm9dLOLIEzmFzzb8Lpkn8vJskbvuFEnA8HBr1v9gAI+D5xf3iW54J2WQfjFhmJbmjFfHzAz13DXVfPI3n/M9xrXPFfl0lsgtQ0R62DBXblwxfN4LsX39O8YP1do7MrUhN0cb58/U5uWztfWxxepbv8J88jef8z3HcTzm6f0iX9wskg64K4vIIpH4NdFRWz4cmWwAvXOna8sjD6mvKP+SznEcz3mcv6pX5LEZIksBe3nRAHnqM/1i9n4zaYRZUXP+A10SXco5j/OJ81S/mDPTRZ4FfJTFcgHjykm+J2uceufc0iXwlTqj8WP2eIo4myNSDJoIi62Tcc8ZdiruTO7fgNCuW64ta5erP+h5V27GwYOfeR+81URiZa/IExNF5oOum8UaZEw47hnDFjzZv6FAWx9fohVPFmpV8Rr1rV3apQgjsvBhrXl+g3qfKVT/miUh74lLfBxTV2+RoTatZSCPY7YzcYL33CJ/WMtWL9XDB/br4aoKrXjiMSPIiOApwGr9RTwNeVq+4VE92tSkZyr2qw/POS6ARVzi83RMEnkbtD0tdhgE5PPocL86yOEEIHnLvlINWDOEVIDIhxX6IYDkLYV5ehDPDjuq7VGqf/68FwKBsXZZBybxyYMa4QXtqAB5JIsM1QWOGsm53+VYre/ALzbkOWs9WG5EHCE4RJYXrQ4hb29vN59/1zrU/zTEmpwoMPjkAZ9eL7IJ9FcJyysrWPDeU0AzwGufK9L2Np8B62z+ygo9sHallsHbamrsp5ZZ9KqnDvykvuJVtgALmzzkmyJSCgFxwtrOMspKFhgU8CPrl2nbaxv1dGODDRlqR+vr9ZjHbf+yLLD6P/Z8Z7YweAvo5CHfTJFGCEjnFmxlLW9afHfIQONMMmR22+ub9HSz1wBf1DrIvzc5wgRuxanxrT8XAZZt8qFMH4eAXOGtxgvFnT1SW1Yv7CDmZyuP0rplRsTRN17QMy2NhqBLs8lPluzU5oIHtXnFHOPcd4MTEIDTQD5s/RkIWCW8UnmrVceJ1mWkalMeIkEBXP2ji7Vpaa42opC4Zk1RV2G+nm6oN0Rd2Yndu9Rz+yQ9NGuyyXhGtbngAXNEiUfsuowUc4uCtx0CNjICbVTkGNzdiHANu1rd08ZA/VxEZJF10y24QxvuydKdCbHq2fmVTXe+NXz0vpYm9FPPjIkm2TiP8ynEc1u6wSaPHYGzEPASc6CEe+JMjTYCAu5M7aXurOHacG+WWU0F6nndB+/ZVBc2z+a39ODYZD10J/qFmTeYFTuTewbhRpscuE/kJAQUCTsZZmXN6NgQAXTHQNHKfqK7BvZR19Z3tf2fszbNRQy54IaIH2N7alX/UDw6ech3q4gPAhYI2yiey7rMtJCBTpJfLbp9QIw6d2y30UPtj30/6KmD5xcqmvvDLbp7QIRWDsBCgnDJQ74bkfwQkC3s4dhGuaaNU0dihBnECeVQ/1lavB4q3WtDhtrxr7djNddq3eQ0/XP/PvtpqHm/+kwrk7C111jkxCcPK2GSyPcQkAKXcPZwpu0aH9+htAKTdiX2V++ObTbcOfv9y23qGtFfq/pYUarPHm6qXmf79c0X1ZEQqVXXWpjEJ8/tSHzwPge3GhQ2kLylnDmjQxKmGlH4OTZSf9u2xYYE+Sdbkc19tKov3sfCAU4R7mmj9S/cggFre6XYPK+yV09c4pNntEgZaKcZchq7VzaQvK9ZCzoE2CKqB0friW8/x8o/BhBCyn2ND8eRCjNePShMq5Csh267QU973aZyVsaEhyQhcYmP/vAwmsNXQdvfYreN3SsbSHYutRMSQkXEhZlV1yDsjsQeWpPSXWvSwrU2LQzf4Ulh6kzsrs6UnlqbnqCuITEQ1Q0ebuYTj7gFvSL/wqbvAR3uovMtnN0rG8iSjE4iBoarMykCZzgKhN20dij2fYTldcNxtNJQwBIR5iSISItGlKIQIQgw5IO1JHOkFveN+WesSCV4UPsk0jB2YT3YvbKBpGKGLZATjniLhGQkdo8T9UzA97EQcT3eJcOvg1iM43jO43zikBy9oAv46+DXGKaLWBS7VzaQ3DMmDlfhSMERgoC6YSAdg/1Oh99oiagbCWGplgCOY7ZzHucz7PbKST7IMFyGRbB7ZQPJrOXRcaG+e5DpnqlD1JOJ+pARYwmY1FvdGYO0fnKyum8apa7pEzv+GTHh7D1n2C+58s7Wjd0rG0j2cPi/oJtHJOm32elaNnuGepbkaguuXU/evVqWe7N+M3WCbh6WqE9jHM85j5qd7Uy4C+755Ri711HD0cNloY26G50MlnN8Fe7zNbhSH8Gthq7qJKLly0R5tSsciwzPeehR+492FTwOzj+buXBowH3OK5W3Gi8W1narvF78L1iHifwL8wuwMVrk4vMAAAAASUVORK5CYII=";
private static string healthyIcon = "iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAgASURBVFhHpVcLUJXHFV65xJl4SaJYUBCIYFQe46PxkQykKCqWiw8UUKkQAQeDEASlithKqBpFJYqNEUrQyaTpVBAFxAcgaCgKBDDyEINOU2Oa1lESaAlGkNfXc/b/fy4iiXZymG/27r97znf27Nmzi3hWMV0u5hDiCVmEekIroVdtuc/feXyOqvLzhYzpCSGEfLsoqz7XfTPh/8kSrC8MwdbKaCTWxcmW+/ydx3meqY8oUPX0qqn/X0jZk5DluHUCfD9ehE2V6xFbHYFtVzdhd10CDt84gIxbqbLdXfcOfd8ox3kez2c90yXijOkysVA1+exCxOFj1o3+yivNAxsrw7GlJhoHG/fg2K20fhwl8mMEpVX6jIONSTR/g9RjfctQ8/umBhGrmn66EPlvHTba/rD6hJ9c0b6GHQOIFTLtt0Y++De3rMf6bMc+2qZLt1DsUSl+XHjlTB6cH4DNNVGqUQ0asRFHJZRx5ffjY7xFbIftSSfmiUSV6knhPeews8esNJBUMayQGL8N7Bud0MaNUJxguxZvmrfp3MQaldIoRM7ZnsV7xmE7eutIv7ICozGtPzQZIxUJF+Kw9i9BiDwZJr9lkD22y/YpCnUm44WNSq0IkYdw1nLiGPfcSKSQaWFORcbND/Ah4U9NhwnvI53aD28epu9HcKTqEGqbq9HZ04nb33+Jon+dlTp7yS7bZx7dbJFCtMMUdhJyIJ+PDme7ElotnMqKNSfSiSS1KUUevT/eSMahxn2U9XuRQu371D9Qk4Sm5ut4ROR9fX1g+ebBP/sXw6eDeXRzxR2itdPI53Dx4PN7gI6QsmrjalmZV5badIhI3sPB60nY37ATSfV/wLtUDzQk1SUi53o2EfdKYk3+/cM3/Q7wUWYe4oOJk0jQHIjnCqbsvUKobIHiAIf2yBcptMq9tD07satuOxKvbcXvrsYivmYj4mpisJXaTXkb0Nn9UKU1Su6d7H5b3DIP85n8UlQQ/Uh2IIvLKFcyjdy48g+I/KAsLrxiJo6v2YTYqkhEf7YOkRWhiCCElwbjVstNldIo5ffLpD7bUeymIZ54mE/3K/E1OeDCDtRzLd9Z+3s5gScyOTuRRmHnlSfVJ+Kdz+OwpXoDoirD8Fb5mwgpW4U1ZSsRcjEAuV9mq5RGae9qJ70dMj84bxS7aZKH+agwtZEDBnaglS8Uv0veklBzgkPPe74uNxg+xwxYkbkUYVeCEHJ5FX5Tugy+lwzwK/ZGZPZb6OntUWmNwkSJ1+LltrGddIpCGjnCPMxH90QXORDODvTyrWZ5fAS8i+fKhOIIsDNRmeFobKlHa0cLapor8PaFMASU+sCnZCEWX5gHv/xF+PbhtyqlIt293XJbOFKcI5wzB67vkdvnXUx3A/EwH/H2kQOJ/RGwPWEOi+PP49X8yVh7eTWSG3bJc/yotwt9tMIWIrr34C78znjD/9IiePz1dZz6e5ZKa5QEIgqgCPE2ca6wE+z0tNMTpX3mUSPQTQ4k9+eAS954OUHDjHwn1LZcVc1CnuuWh9/hq//+A4bjHog5G4E++hsohVR0PIvc5PYsv/hrLCh0xZQ8h8fsMo+aA+1aBOQpcC+Y8dhExqrSpbjTfls1rzhx/8E9FNw8h47uDvWrIs0d9yWZU44dXjllBausF56wx2AeeQrcxF0tB2Qd8C/1HlLBQHnR1tWm0gC99Pd9p7GviXvBzCH1B4N5ZB2YKm6QA/IUyEoYcSUYDicth1RaUOSK1ketKpUqFA1tC5Ibdw+pNxhsn3m4Eg4bJ0rIARcCVUN6w3GN9rzgNqQiY17h6/iu8/GMZ/niP40Ym6kfUmcw2L68C9xFM9EeJoxUHFBvw7CyQEzOsXlC0TJTgfv5mXTLGfeeIzDrrDOsM0fQOMM4d7ANtsv2mcdkkrhGtL6SnIUc0PMDku9r/1JDv5Ilg4yNIeNjskZg7Am9fJQ2tNRKbK/dDLucl2Bz6kWMO6mX42NpHs9lnYHOsF35HnAT98RwcYxoldtQE3698gOSXy5exe6KAyqxFRm2ztbDLtcM9nmj8MqZUXA8ZwHn8xaYTO0E6r+cO1KOW2ebyfnsjHSEYCiZi8Bsf1gEjuoYZivKiG4xwfge0IRfr/x2C8pbQUpzpANsyPqkGcbnvACHfHM4Een0ImvMLrHDaxdfxqyScdS3wuTzozEhfzTsaZ4tYRzpsDNLLs6Xb8IJMbY9dAU3EM0WgrkkHEr49cpOsMer/rYYU07bU4jNyPiLcC74BV4ttobbp/aYf8UJnlec4XF5IlypP42+u5Bzk86NxPjTL2HWeUcEl/tjbW4gJsXa99CxayLz7xEcJNFPiW6+SLQMHt22KH0BIstD4fepATMKJ8Kl0IJWbIO5ZZPgVTkF3pXT4FUxRfZnX7LD1KIxcC1xRlC5L+Lo5gz483LYhVt16KbLlTO5oyR4FtG9IdboPEXd1O2OCMpcgW2fxyC6JgyhVXQbfrYEvpUe8K6YLtvAKh+EVa9G7LUI7Kzbhoi8tXhj/2sYvlTcM3GWe85hf/rKB4uJg7AxdRMppl7ijsu2iVia7oWYc+uxr2oHMugh+sntDNnur34Xmws3YOVHyzBr11QMXymaTV3pqOlltnPC/fieP4NwttrpZogEesVUPLdcfP18sGjTvy26zGJEnz5KdI8IFe3P+Yu7pvPEDRMXWeG4yPA556P2ZLb/DOHKxeXTQAgn8H86yWrLff7O40qFe6oI8T/DdqaB4Tse/QAAAABJRU5ErkJggg==";

 

It should look like this (the icon strings are longer than this screenshot can show):

We’ve declared a variable representing how often a scheduled check of the Management Points should happen (in minutes) as nudtimerMinutes, we defined a Collection that is used to store the results of a scan for Management Points, and two strings that contain Base64 encoded representations of an Icon for Health and Unhealthy.

We’ll add in a Class called ManagementPoint, and we’ll define some internal properties that we can change such as Name, Port, State and SiteCode.

• Add the following code below the code variables you created previously:

public class ManagementPoint // ManagementPoint Class
{
    private string _Name;
    private int _Port;
    private string _State;
    private string _SiteCode;

    public string Name
    {
        get { return _Name; }
        set { _Name = value; }
    }

    public int Port
    {
        get { return _Port; }
        set { _Port = value; }
    }

    public string State
    {
        get { return _State; }
        set { _State = value; }
    }

    public string SiteCode
    {
        get { return _SiteCode; }
        set { _SiteCode = value; }
    }
}

It should look like this:

Now we’ve defined the ManagementPoint Class, let’s define a ManagementPoint Collection Class used as a container for multiple ManagementPoint Classes. This is a really neat way of storing a bunch of ManagementPoint objects and allows us to pass them around the project when needed.

• Add the following code below the ManagementPoint class that you created previously:

public class ManagementPointCollection : System.Collections.CollectionBase // ManagementPoint Collection Class
{
    public void Add(ManagementPoint amanagementPoint)
    {
        List.Add(amanagementPoint);
    }

    public void Remove(int index)
    {
        if (index > Count - 1 || index < 0)
        {

        }
        else
        {
            List.RemoveAt(index);
        }
    }

    public ManagementPoint Item(int Index)
    {
        return (ManagementPoint)List[Index];
    }
}

It should look like this:

This allows us to store MP classes in a Collection, pass them around and handle the Collection using a foreach statement. You’ll also notice that the Collection has three methods called Add, Remove and one called Item to return an object from the Collection based on its Index, this is how we handle the Collection when we put it to use.

Now that is in place, let’s create the basics just to get the thread started, and include the ability to stop it.

• Add a BackgroundWorker thread that will scan the Management Points

• Drag a BackgroundWorker onto the form
• Set the Name to dompCheck
• Set WorkerReportsProgress to True
• Set WorkerSupportsCancellation to True

• Add a BackgroundWorker thread that will schedule a scan if it is enabled

• Drag a BackgroundWorker onto the form
• Set the Name to doScheduling
• Set WorkerReportsProgress to True
• Set WorkerSupportsCancellation to True

• Select the dompCheck BackgroundWorker, you’ll find it has appeared here:

• Now select the Events tab on the Properties pane:

• The three events that the BackgroundWorker thread supports are shown here:

• DoWork handles the actual workload the thread is supposed to carry out
• ProgressChanged can be invoked by us, and it is executed on the UI thread so we get access to the forms controls
• RunWorkerCompleted is called when we exit the thread, it also executes on the UI thread and provides access to the forms controls

• Double click DoWork
• This will take you to the Code view, and will create a new method for DoWork
• Go back to the Form view and repeat this for ProgressChanged and RunWorkerCompleted. This is a very handy way to create the event methods

• Now go find the doScheduling BackgroundWorker using the form view, and repeat  the same way that you did with dompCheck and create the three event classes

All three events are now mapped to individual methods for both BackgroundWorker threads, all we need to do now is invoke the threads in our code when we want them.

Let’s create a basic method that I’m using to start the BackgroundWorker thread dompCheck.

• Add the following code below the ManagementPointCollection class that you created previously:

private void beginCheck()
{
    globalmpList = getmpList(); // Get the list of Management Points for this Site server

    if (!mpcheckRunning)
    {
        try
        {
            mpcheckStop = false;

            if (dompCheck.IsBusy != true)
            {
                dompCheck.RunWorkerAsync();
            }
        }
        catch (Exception ee)
        {

        }
    }
}

It should look like this:

Note: You may get warned that getmpList method doesn’t exist, we’re going to create it soon, and until we’ve laid out all the code the project won’t compile properly.

The beginCheck method is doing the following:

• Gets a list of Management Points from the target device
• Checks if the dompCheck thread is already running
• Resets mpcheckStop and mpcheckRunning triggers
• Starts the dompCheck BackgroundWorker thread

Since the thread we’re going to use to check the Management Points is configured, we can move onto coding the underlying methods that represent the events.

Key activities that we want to achieve for the Management Point checking thread are:

• Connect to WMI Namespace on a destination device
• Get the Name and Site Code of the first SMS Provider found
• Connect to the SMS Provider
• Retrieve a list of Management Points, their Site Code and their security type (HTTP\HTTPS)
• Test each Management Point and determine its health state
• Show the result in the DataGridView

So let’s begin designing some structure around that, while keeping an eye on modularity, dispersing tasks to different methods so that we can invoke them multiple times if needed. I prefer spinning things out into methods that I can invoke, it makes for more readable code and reduces having to multiply code in logic blocks, just call the method in multiple places instead.

We’ll create a new method now called checkMP, this will contain the HTTP code to test a Management Point, and is modularised so that we can invoke it from another method for each Management Point discovered.

• Add the following code below the beginCheck method that you created previously:

public string checkMP(string mpName, int mpPort)
{
    String httpresponseText = String.Empty;

    try
    {
        string connString = "HTTP://" + mpName + ":" + mpPort + "/sms_mp/.sms_aut?mplist";

        if (!mpcheckStop)
        {
            HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(connString);

            request.Timeout = 5 * 1000; // 2 Second time out

            request.Method = "GET";

            using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
            {
                Stream dataStream = response.GetResponseStream();
                StreamReader reader = new StreamReader(dataStream);
                httpresponseText = reader.ReadToEnd();
                reader.Close();
                dataStream.Close();
            }
        }
    }
    catch (Exception e)
    {
        return e.Message; // An error, return the lot!
    }

    if (httpresponseText.Contains("<MPList>"))
    {
        return "Healthy"; // Healthy
    }

    if (httpresponseText.Contains("The operation has timed out"))
    {
        return "Timed out"; // Timed out
    }

    return httpresponseText; // Most likely an error, return the lot!
}

It should look like this:

• This method is doing the following:

• Checks if the threads stop trigger is set and jumps out if it is
• Creates a HttpWebRequest object
• Forms up the URL to be used
• Sets the timeout to 5 seconds (5 * 1000 milliseconds)
• Handles the response, healthy, time out, or an error
• Notice that we break HTTPS checks because we hardcode HTTP to the front of the URL that we form up. If we wanted it to work with HTTPS Management Points we’d need to handle a few extra things anyway, this is definitely something someone else could do what with the source code for this project being publically available for modification.

Next up is the method handling the WMI communications. We’ll use it to get a list of Management Points from WMI on the Site server, and pass them back to whoever called the method as a ManagementPoint Collection class, so that we can loop through the Collection calling checkMP each time.

There are at least two ways of handling WMI queries for ConfigMgr, use the Microsoft Configuration Manager Class DLL’s, which you embed into your project, they contain a bunch of code for handling connection and querying of the SMS Provider, or use a .Net WMI ManagementScope class to connect to WMI on a Site server, and query for the SMS Provider so that we can obtain its server name along with the Site code to begin querying it.

• To use the ManagementScope class we need to add System.Management  in the Projects references

• Enter system.management or scroll through the list to find it, and Tick it so that its added to the project

Next we’ll create a method that we’ll use to update the StatusStrip, which will be used to report back errors during operation.

• Add the following code below the checkMP method that you created previously:

private void logMessage(string theMessage)
{
    ssl_Entry.Text = theMessage;
    ss_Messaging.Refresh();
}

It should look like this:

Note that we must never call this from a BackgroundWorker thread or we’ll create a wormhole (it’ll barf).

Next up is a method that converts a Base64 encoded string into a Bitmap image, quite handy for storing a Bitmap inside the project and not depending on an external file for it. We could add it to the project as a Reference but I prefer to encode and store them away like this.

• Add the following code below the logMessage method that you created previously:

private Bitmap loadimagefromString(string Image)
{
    try
    {
        byte[] imageBytes = Convert.FromBase64String(Image);

        MemoryStream ms = new MemoryStream(imageBytes);

        Bitmap streamImage = (Bitmap)Bitmap.FromStream(ms, true);

        return streamImage;
    }
    catch (Exception ee)
    {

    }

    return null;
}

It should look like this:

And now we create the getmpList method.

• Add the following code below the loadimagefromString method that you created previously:

private ManagementPointCollection getmpList()
{
    ManagementPointCollection mpCollection = new ManagementPointCollection();

    ManagementScope scope = new ManagementScope(@"\\" + tb_Server.Text + @"\root\SMS");

    SelectQuery query = new SelectQuery("select * from SMS_ProviderLocation");           

    try
    {
        string smsproviderserverName = String.Empty;
        string smsprovidersiteCode = String.Empty;

        using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query))
        {
            try
            {
                ManagementObjectCollection smsProviders = searcher.Get();

                foreach (ManagementObject smsProvider in smsProviders)
                {
                    smsproviderserverName = smsProvider["Machine"].ToString();
                    smsprovidersiteCode = smsProvider["SiteCode"].ToString();

                    break; // Get only the first SMS Provider listed, we could do better here
                }
            }
            catch (Exception e)
            {
                logMessage("Error connecting to Site server - " + e.Message);
            }
        }

        if (smsproviderserverName != String.Empty) // Do not proceed if we haven't got a server
        {
            scope = new ManagementScope(@"\\" + smsproviderserverName + @"\root\SMS\Site_" + smsprovidersiteCode);

            query = new SelectQuery("select * from SMS_SCI_SysResUse where RoleName like " + (char)34 + "%" + "SMS Management Point" + "%" + (char)34);

            using (ManagementObjectSearcher searcher2 = new ManagementObjectSearcher(scope, query))
            {
                try
                {
                    ManagementObjectCollection mpList = searcher2.Get();

                    foreach (ManagementObject mp in mpList)
                    {
                        ManagementBaseObject[] properties = null; // Handle the SMS_EmbeddedProperty array

                        properties = (ManagementBaseObject[])mp["Props"];

                        bool isHTTPS = false;

                        foreach (ManagementBaseObject property in properties)
                        {
                            if (property["PropertyName"].ToString() == "SslState")
                            {
                                isHTTPS = Convert.ToBoolean(property["Value"]);

                                break;
                            }
                        }

                        smsproviderserverName = mp["NetworkOSPath"].ToString().Remove(0, 2).ToLower();

                        ManagementPoint addMP = new ManagementPoint();

                        addMP.Name = smsproviderserverName;

                        if (isHTTPS) addMP.Port = 443; else addMP.Port = 80; // Set Port 443 for HTTPS if the MP is configured for SSL, or Port 80 for HTTP

                        addMP.SiteCode = mp["SiteCode"].ToString();
                        addMP.State = String.Empty;

                        mpCollection.Add(addMP); // Add our MP to the MP Collection
                    }
                }
                catch (Exception e)
                {
                    logMessage("Error handling WMI - " + e.Message);
                }                       
            }
        }
        else
        {
            logMessage("Could not find an SMS Provider");
        }
    }
    catch (ManagementException e)
    {
        logMessage("Fatal error - " + e.Message);
    }

    return mpCollection;
}

It should look like this:

Essentially all our WMI interrogation code is in there, we return back a ManagementPoint Collection containing all the Management Points that were discovered. Note that we store the resulting health state from checkMP back into the ManagementPoint object before the collection is returned to the calling method.

We’ll now create a method called checkMPS, from which we’ll iterate through our globalmpList ManagementPoint Collection, and run checkMP for each time.

• Add the following code below the getmpList method that you created previously:

public void checkMPS()
        {           
            foreach(ManagementPoint mp in globalmpList)
            {
                string returnedState = checkMP(mp.Name, mp.Port);

                mp.State = returnedState; // We have the result, store it back into this ManagementPoint class instance

                if (mpcheckStop) break;
            }           
        }

It should look like this:

Next up are the event classes for dompCheck and doScheduling.

• Add the following code to the dompCheck_DoWork method:

mpcheckRunning = true; // Notify that we are running

            BackgroundWorker worker = sender as BackgroundWorker;

            if ((worker.CancellationPending == true))
            {
                e.Cancel = true;
            }

            if (!mpcheckStop)
            {
                checkMPS();
            }

It should look like this:

In this method we notify that the thread is running, check if it needs to be stopped, then kick off the checkMPS method which results in the globalmpList being updated for us.

There is no need to modify the dompCheck_ProgressChanged method as we’re not sending status or state back to the foreground thread from dompCheck.

• Add the following code to the dompCheck_RunWorkerCompleted method:

dgv_Mp.Rows.Clear(); // Clear the dgv_Mp rows

            Bitmap stateIcon = loadimagefromString(unhealthyIcon); // Default to unhealthy state icon

            foreach (ManagementPoint MP in globalmpList) // Iterate our global MP list
            {
                if (MP.State.ToLower().Contains("healthy"))
                {
                    stateIcon = loadimagefromString(healthyIcon); // Change to healthy state icon
                }

                dgv_Mp.Rows.Add(MP.Name, MP.SiteCode, stateIcon, MP.State); // Add the MP to dgv_Mp
            }

            mpcheckRunning = false; // Notify that we are finished
            mpcheckStop = false; // If we were forced, reset the trigger
            b_Go.Text = "Check Management Point"; // Change the b_Go Button text back

It should look like this:

I’ve commented the above code well enough to explain what is happening, but a recap is that we’re clearing the dgv_Mp DataGridView and populating it with the information stored in the ManagementPoint objects hanging out in the globalmpList.

I can see we’re real close to wrapping up here, so let’s crack on.

• Add the following code to doScheduling_DoWork method:

BackgroundWorker worker = sender as BackgroundWorker;

            if ((worker.CancellationPending == true))
            {
                e.Cancel = true;
            }

            DateTime nextCycle = DateTime.UtcNow;

            nextCycle = nextCycle.AddMinutes(nudtimerMinutes);

            while (1 == 1) // Enter an eternal loop!
            {
                if (timerStop) break; // Quick! Come this way to get out of the loop!

                Thread.Sleep(1000); // Sleep for one second

                int compareResult = DateTime.Compare(nextCycle, DateTime.UtcNow);

                if (compareResult < 0) // Time to trigger a Management Point check
                {
                    worker.ReportProgress(0, ""); // We just want to fire the ProgressChanged event, we do not have anything to pass to it

                    DateTime newCycle = DateTime.UtcNow; // Get current Date and Time

                    newCycle = newCycle.AddMinutes(nudtimerMinutes); // Add nudtimerMinutes to newCycle

                    nextCycle = newCycle; // Set nextCycle so that we can fire again
                }
            }

It should look like this:

What we’re doing above is creating a infinite loop, and from within it we are sleeping for a second, and checking if we’re supposed to invoke a Management Point check. We use DateTime and juggle things around a bit, and could have slept for the entire period, but I wanted the thread to be responsive to requests to stop. We actually get the dompCheck thread started by using the BackgroundWorker ReportProgress event, telling the thread that we want to report some progress back, and from the  ProgressChanged method we invoke the beginCheck method.

• Add the following to the doScheduling_ProgressChanged method:

if (!mpcheckRunning)
{
    beginCheck(); // Start the Management Point health state check thread
}

It should look like this:

As you can see, we check to see if the dompCheck thread is running, if it isn’t we call beginCheck which will start it for us.

• Add the following to the doScheduling_RunWorkerCompleted method:

timerStop = false; // Reset the threads stop trigger
timerRunning = false; // Declare the thread finished

It should look like this:

Now return to the Form view, and double click the cb_Timer Checkbox control. It’ll return you to Code view and create the cb_Timer_CheckedChanged method for you:

• Add the following to the cb_Timer_CheckedChanged method:

if (cb_Timer.Checked) // User has enabled the scheduler
{
    if (!timerRunning)
    {
        timerStop = false; // Reset the threads stop trigger

        if (doScheduling.IsBusy != true) // Start the scheduling thread              
        {
            doScheduling.RunWorkerAsync();
        }
    }
}
else // User has disabled the scheduler
{
    timerStop = true; // Stop the scheduling thread
}

It should look like this:

From this method we kick off the doScheduling BackgroundWorker thread or stop it depending on if you tick\untick the Checkbox.

Return back to the form view, double click the nud_timerMinutes control.

• Add the following to nud_timerMinutes_ValueChanged method:

try
            {
                nudtimerMinutes = Convert.ToInt16(nud_timerMinutes.Value); // Keep the global nudtimerMinutes variable up to date
            }
            catch (Exception ee)
            {

            }

It should look like this:

When the user makes a change to the value for the nud_timerMinutes control, we’ll change the global nudtimerMinutes variable to reflect the change, keeping them in sync.

Here comes our last block of code, return to Form view and double click the b_Go control.

• Add the following code to the b_Go method:

if (!mpcheckRunning)
{
    b_Go.Text = "Stop";

    beginCheck(); // Start the thread
}
else // Stop the thread
{
    mpcheckStop = true;
}

It should look like this:

That’s it. Now press Ctrl+Alt+B to compile the code. If you fitted this together properly you'll get success. On receiving Success, press F5 to run the application, test it out.

Once you point it at a Site server It should look like this:

Well, that was an epic guide!

Not only did we cover a stack of techniques that you can reuse for most of your projects, but we ended up with a tool that’s available on the TechNet Gallery here.

This wraps up this guide, sorry for the lengthy gap between posts, I think this one stretched across a whole year! At least we got there, and as you can see this last post took a lot of time to put together, and is why I was lagging behind doing it hehe. I’ll put together another development related guide soon, focusing more on using the ConfigMgr SDK, suggestions for guides always welcome.

I hope you’ve got something useful from this guide, at worst a working development environment, and a full blown C# project to act as an example for you to plunder as you build out your own projects.

Enjoy.

Robert Marshall – Enterprise Mobility MVP – Director and Principle consultant of SMSMarshall Ltd

In the following series of blog posts I will introduce you to C#, Visual Studio and the ConfigMgr SDK, and show you how to produce your own custom tooling easily.

The motivation behind this series of postings is to enable you to create community tools or bespoke tooling to assist you in your day-to-day ConfigMgr role, and thus to enhance the Community overall, as hopefully you’ll produce the very next best tool and we’ll all benefit from it.

To underpin the guide I’ve written a tool called MonitorMP which will keep an eye on the health of your Management Points outside of the ConfigMgr Console, the source code for this tool will be built up and completed by the time we’ve finished with the series of posts, at which point we’ll make the tool made available in both compiled and source code form and everyone that read this guide will feel somehow connected to it :)

Previous postings for this guide

Guide to creating your own ConfigMgr tools – Part 1

Guide to creating your own ConfigMgr tools – Part 2

Guide to creating your own ConfigMgr tools – Part 2 - Extended

In this post we cover a sub-system of Windows Operating Systems that all ConfigMgr Administrators need to understand to a reasonable depth, Windows Management Instrumentation, a sub-set of the Web-Based Enterprise Management standard (read more here).

If I was cornered and someone said “describe WMI in the simplest way you can”, this is probably what I’d say, given a moment to compose it:

A scaled back relational database that predates man.

 

Okay, describe it in a little bit more detail please?

WMI is an information store used by applications as well as the Operating System, with a management layer sitting in-between you and that information which is used for performing transactions to easily retrieve or deposit said information in a variety of ways, as well as allowing for structuring of the data in a relational manner and relatively complex methods with event-based triggers, and the ability to access various data sources such as the Registry via WMI using Providers (a form of abstraction).

That’s better, more descriptive without harping on too much. There’s more too it than that overall, but the above statement captures the essence of what WMI is about, and touches on the key elements you should be aware of as a ConfigMgr administrator.

The simplest walk through I can give you is to show you the basic elements that allow you to represent and store data, let’s talk about Classes and Instances.

But first, if you’ve dabbled or are adept with SQL then you’ll understand the below concepts very quickly, a WMI Class is a SQL Table and a WMI Instance is a SQL Row, WMI returns Collections of Instances, SQL returns datasets consisting of Rows. WMI Instance Properties are SQL Columns. Simple.

WMI Class

A Class is a definition of what an Instance should look like, defining which attributes are included and their respective types. think of a schema, it defines the building blocks used to build the structure of something but is not the building block itself.

Without a definition, or structure, we cannot store data, so the Class simply defines what the data for an instance of a Class should look like, and as a result data in the form of instances of the Class can then be stored in the NTFS file system where the WBEM Repository exists (%WINDIR%\System32\wbem\Repository). To maintain the integrity of that repository it requires absolute structure, the data being stored must be rigidly defined, hence, a Class and the term ‘definition’!

Below is a simple class definition defining the example class ClassExample, which is fictional and introduced for illustrative purposes only:

class ClassExample

{
    [read] uint32 HelloWorld;

    [read] uint32 SomeProperty;

};

Each property is defined as a type, in this case uint32 representing a 32-bit integer.

When we create an instance of this Class we’re storing a binary blob representing that data into the WMI Repository, like every filing system that requires integrity there needs to be order, a schema.

The important take-away from this is that a Class is nothing more than a definition, it is not a storage object, it just defines what shape data must take for it to be stored as an Instance under that Class.

WMI Instance

Now that we understand that Classes define data, and are not data, that their simply a schema definition, we now need to understand that when we want to store information into WMI we need to store that information as an Instance of an already defined Class.

All Instances must obey the definition of the Class, each instance contains the defined properties and a value or null value assigned, no individual instance will differ from the others structurally, obviously the information stored will differ but that’s it.

In the below instance example we see a single instance of the ClassExample Class, including its attributes and attribute values, we know what type of values should be present since this is defined by the ClassExample Class definition above.

instance of ClassExample

{
    HelloWorld= "0";
    SomeValue = “0”;
};

Now think of a folder with the ClassExample name on it, open the folder and inside are sheets of paper representing Instances, on each page of paper is structured information, the information for all instances of that particular class are defined clearly and rigidly by the Class’s definition.

Retrieving or Storing Instances

So now that we have a Class definition we can tell WMI in a variety of ways to store or retrieve instances, we can retrieve instances using the WQL (Windows Query Language) query language which is a sub-set of the SQL query language, using the SQL like SELECT clause. Here’s a handy list of all of the WQL keywords and WQL Operators. We’re talking a limited SQL language here, a sub-set, but still very much a capable querying language is WQL, once you get to grips with it.

Great, we’ve got some basic concepts in place now, Classes and Instances, and we understand that we can store and retrieve instances using something or other, which I will cover off in the next part where I show you how I use WMI, the reasons I use it, and the tools I use to get things done, be it programmatically accessing WMI or browsing it by hand using a command line or graphical tool.

In the meantime you can explore more information on the technical aspects of WMI, which will give you a depth of knowledge a lot of administrators I meet just haven’t acquired yet. I really do meet a lot of folk who have never interacted with WMI, it isn’t a bad thing but it is a fundamental, and one you should, on discovering it’s there, master, or at least be able to describe and use.

Here’s a few great jumping off links for understanding WMI to a geeky level:

About WMI (MSDN)

WMI Architecture (TechNet)

Learn More About WMI (TechNet)

I find this is a great link to get a grounding on what Win32 Classes are available to us and managed by the Operating System:

Win32 Classes categorized (MSDN)

And this comes from the following MSDN page Querying and Viewing the WMI Repository which describes the methods for accessing WMI:

Table 1: Techniques for Querying WMI

Application language	Recommended technique
.NET Framework applications	Use classes in the System.Management namespace.
Scripts written in Microsoft ActiveX script hosting, including Visual Basic Scripting Edition (VBScript), Microsoft JScript, and Perl	Use a scripting API for WMI.
Visual Basic 6.0 applications	Use a scripting API for WMI.
Active Server Pages	Upgrade to ASP.NET and use the classes in the System.Management namespace.
C++ applications	Adapt the application to use the .NET Framework. Use C++/CLI along with the classes in the System.Management namespace, or use the COM API for WMI.

 

In the next post we’ll get to understanding the intimate relationship ConfigMgr has with WMI, and talk about this most awesome monster tool, WBEMTEST!

Being able to use this is almost a rite of passage for sturdy ConfigMgr administrators, that it is as ugly as sin and fiddly to use to boot matters not, WBEMTEST is one of the most powerful little tools around, and the most oft-used for doing anything with WMI, it’s on every device running Windows, no need for an installation and it can pretty much do almost absolutely everything I need for WMI tasks outside of application programming. When I need to look at WMI its the first thing to use, although there are UI’s out there, WMIX by GoverLAN for example, amongst others, but I don’t use them, I don’t intend carrying them around with me or downloading and installing each time I need a quick 1 minute check of a property for a instance of a class.

I’m sure a few searches on web search engines will turn up a plethora of WMI stuff, especially usage and guides on WBEMTEST if you want to understand and get use to this tool before my next post comes out. Key in Kim Oppalfens who is an ECM MVP also know as the WMI Guy, he’s done some really funky stuff with WMI, far beyond this entry level guide.

Feel free to tweet me about these guides if you have anything in particular you want to expand on @RobMVP

See you for the next part,

Next posting for this guide

Guide to creating your own ConfigMgr tools - Part 4

In the following series of blog posts I will introduce you to C#, Visual Studio and the ConfigMgr SDK, and show you how to produce your own custom tooling easily.

The motivation behind this series of postings is to enable you to create community tools or bespoke tooling to assist you in your day-to-day ConfigMgr role, and thus to enhance the Community overall, as hopefully you’ll produce the very next best tool and we’ll all benefit from it.

To underpin the guide I’ve written a tool called MonitorMP which will keep an eye on the health of your Management Points outside of the ConfigMgr Console, the source code for this tool will be built up and completed by the time we’ve finished with the series of posts, at which point we’ll make the tool made available in both compiled and source code form and everyone that read this guide will feel somehow connected to it :)

Previous postings for this guide

Guide to creating your own ConfigMgr tools – Part 1

Guide to creating your own ConfigMgr tools – Part 2

I’ve extended Part 2 because I wanted to throw in some info on setting up the Help system in Visual Studio 2013, it reduces round trips from the browser when trying to figure something out, but it still doesn’t entirely remove the need to go out to search engines so as to find good examples to learn from.

Go ahead and open Visual Studio Express 2013 for Windows Desktop, and from the menu bar click Help and select Add and Remove Help Content:

Once you launch into Add and Remove Help Content you’ll be presented with a tree representation of the available help modules:

The key ones for us to download and which are selected already in the shot above are:

1. .Net Framework 4.5
2. Visual Studio 2013: Fundamentals
3. Visual Studio 2013: Visual Basic and Visual C#
4. Help Viewer 2.1
5. Desktop Development
6. Windows Debugging

The first two are added automatically, the remaining 4 I chose, help for the C# language, an update for the help system and helpful information on Desktop Development and Windows Debugging, always handy.

Make a note that the help files are being stored on the C: drive, move them to another volume if desired, this can be done before or after downloading the modules

You’ll notice that by default several help modules have already been installed, these and all newly added modules can be managed over time by clicking Update so as to get the latest content.

Now go and click Update to begin downloading new and updating old documentation:

The .Net update is quite large, so this will take a bit of time, you can track the progress in the status bar at the bottom of the updater:

After the process has settled down, you’ll notice that the help system on the left hand side has new updated content showing:

You can search the help system for keywords around what you want to learn about or do, and you should find technical MSDN information and good usage examples immediately without leaving the IDE:

In the above shot I’ve searched for Console.WriteLine and have a bunch of results showing on the right hand side.

When you’re trying to piece something together I have the IDE and the Help system Windows setup like this:

This should really help you as you move forwards with your skills, I use to have to do this by hand with reference books, such as this one:

By Stefan Dittrich

Not that searchable, hehe, mostly remembered where things were to save time, I still have these books and they have been thumbed so much they started falling apart, kind of puts how useful Help Viewer is into perspective :-)

Next posting for this guide

Guide to creating your own ConfigMgr tools - Part 3

Dear Robert Marshall,

Congratulations! We are pleased to present you with the 2016 Microsoft® MVP Award! This award is given to exceptional technical community leaders who actively share their high quality, real world expertise with others. We appreciate your outstanding contributions in Enterprise Mobility technical communities during the past year.

Very pleased to be informed that I am an MVP for another year. This is going to be a year of frequent updates from the Product Group responsible for ConfigMgr, due to how they have changed their provisioning model. I cannot wait to see all the other features they bring us and explore them with you.

Thanks to everyone that takes their time to read my posts, tweets, I hope they are of some help. I especially enjoyed the development stuff, and have more to produce, but I will also be focusing on Windows 10 and the rapid changes that took place in ConfigMgr to support it, plenty of feature depth there.

Some time back I wrote a free content downloader (superb if I don’t say so myself!) that currently contains 141 of the finest tools, scripts and ‘things’ that make us engineers go “Cool”.

Key features that make me want to reuse this tool are:

• No need to have to remember all the web locations for various tooling and content when I visit a customer
• Takes the clicks and pain out of getting content and tooling, just select and the tool brings it all down for you
• Keep on top of the latest versions for content and tooling, no stumbling across an older version
• An organic, living library curated by specialists, new content and tooling introduced regularly
• Products of interest from well-known Vendors, stuff most System Center Administrators should be aware of
• Free tools from well-known Vendors
• A Book library containing the latest releases
• A communities listing, so that you can find and join lively communities
• A Resources listing containing some documentation and support locations that are regularly used by seasoned administrators
• And finally, the tool automatically updates itself if there is  newer version released, it performs this check each time the tool is loaded, this removes the need to revisit the TechNet Gallery to download a newer version.

Here is what it looks like:

It is a very light-weight tool, with no installation footprint, you simply download the tool from the TechNet Gallery and unpack the ZIP , unblock the EXE (I haven’t signed up to an expensive Certificate programme that lets me run without initially being blocked, one day I will sign up to this programme and remove the need to unblock my executables like most vendors do), run the EXE and it’ll download the latest up to date manifest from the internet

You’ve got the option to select the System Center product so that you can view all of content related to it, but be warned I’m yet to populate the other products with much content beyond documentation links, meaning this tool is weighted towards ConfigMgr, since I am an Enterprise Mobility (ConfigMgr!) MVP and that is my focus and where my passion is at. I am looking for curators to manage the content for the other System Center products.

Keep an eye on the home page for the tool, the page that shows when you start it up, as we announce industry news there, currently we list major industry events that you may be interested in attending:

I am proud to be an Enterprise Mobility MVP and my 8th year. I work for SMSMarshall Ltd, a growing System Center consultancy based in the UK, London, I am the principle consultant and I specialise in troubleshooting and custom solutions. I hope you get a lot of benefit from this tool, I enjoyed writing it and enjoy maintaining it.

I solved two problems affecting System Center Store this week.

System Center Store uses a specific URL to fetch the zipped and encrypted XML Manifest file from the web, this URL (a Microsoft owned domain, SharePoint farm) is rated as Script\Medium risk by BlueCoat, which causes it to be blocked by some companies Proxy servers, depending on how they have configured the categories for blocking. This caused the tool to fail and misbehave. I’ve changed the URL to SMSMarshall.com, which is (until only recently) rated as Business  category by BlueCoat,, should reduce any blocking taking place. But even this would have failed if I hadn’t of dealt with another problem …

I work for SMSMarshall Ltd, a UK consultancy, and we found out that our website SMSMarshall.com was black listed by BlueCoat, rated as High risk. We’re not sure when this came about as we never noticed. We carried out some checks, scans, and nothing suspect was found on the website. The High risk rating caused it to be blocked at any company that employs a Proxy using BlueCoat technology. Ouch. That was quite a few companies unable to even visit the company website. A quick web-form request submission to BlueCoat had that sorted within 12 hours and I was able to have it verified by William Cullen (thanks Will!). The reason for it being rated high risk seems to be due to linking from the company website to a popular community forum which was rated High risk for whatever reason, this was a known issue late 2015, affected other websites that linked back to it, causing them to be rated High risk, most likely related, but we will never know as BlueCoat didn’t address why they rated it such, just responded that after review its been rated again.

So now, System Center Store should have a higher success rate when being used behind a proxy. Let me know on twitter @RobMVP if you have any problems with the tool, or post on the tools Comments section on the TechNet Gallery. I am especially keen to hear if it works behind Proxies with or without proxy configuration within the tool.

Join WMUG for an informal evening of chat and code

Wednesday 24th February, 2016 - 6:30PM to 8:30PM.

Mozilla London,
Third Floor,
101 St Martin's Lane,
3rd Floor London
WC2N 4AZ UK

An evening of code and chat at Mozilla Space, London. WMUG plan to introduce a series of club meetings focused around development and ConfigMgr. A chance for beginners and experts to mingle and discuss coding solutions using C# or PowerShell. WMUG hopes that attendees will learn how to be able to code up their own tools and DEV solutions by identifying gaps in the product, with the intention of releasing any finished code and tools onto GitHub and the TechNet Gallery. 

With an informal agenda, the initial meetup will lay the groundwork for further club meetings, and give the group a chance to get to know each other. Enterprise Management MVP, Robert Marshall, will be re-visiting his 'SDK and Development with ConfigMgr 2012' presentation demoed at the 'Enterprise Client Management for the Modern World' WMUG event last August at Microsoft.

The event is completely FREE to you, teas and coffees will be provided by our event hosts Mozilla. Spaces are limited to 8 attendees, so if you have interest in embellishing your coding skills to work with ConfigMgr, or just coding in general, then register quickly, this relaxed, informal meet-up should be an ideal starting point.

Note: Please consider bringing a laptop with you, so that you can follow along. We'll help setup your DEV environment and get you underway.

Microsoft have just released a hotfix (KB3122637) to resolve an issue around support for the Exchange Connector, that impacts both the older and new version of ConfigMgr. I’ll use this hotfix to demo the Updates and Servicing feature, also known as the Easy Setup Channel, and it really does make an administrators life easier.

This is something I’ve wanted for a very long time, to integrate updates so that we don’t have to manage them manually, and Microsoft have nailed this as far as I can see, without using SUS, which wasn’t an appropriate channel for content delivery for ConfigMgr due to interactivity and such.

Here is the hotfix that drives this guide along:

FIX: Mobile devices aren't listed in System Center Configuration Manager

 

Symptoms

In a Microsoft System Center Configuration Manager environment in which the Microsoft Exchange Server connector is configured for use with Microsoft Exchange Server 2013, mobile devices aren't listed as expected in the All Mobile Devices node of the administrator console. Additionally, errors that resemble the following are recorded in the EasDisc.log file on the Configuration Manager site server:

ERROR: [MANAGED] Invoking cmdlet Get-Recipient failed. Exception: System.Management.Automation.RemoteException: Cannot bind parameter 'Filter' to the target. Exception setting "Filter": "The value "$true" could not be converted to type System.Boolean….
STATMSG: ID=8817 SEV=W LEV=M SOURCE="SMS Server" COMP="SMS_EXCHANGE_CONNECTOR" …
ERROR: [MANAGED] Exception: Cannot bind parameter 'Filter' to the target. Exception setting "Filter": "The value "$true" could not be converted to type System.Boolean."
ERROR: Failed to check status of discovery thread of managed COM. error = Unknown error 0x80131501

Note This log entry is truncated for readability.

This issue applies to the following versions of System Center Configuration Manager:

• Microsoft System Center Configuration Manager version 1511
• Microsoft System Center 2012 Configuration Manager Service Pack 2
• Microsoft System Center 2012 R2 Configuration Manager Service Pack 1

For the older versions of ConfigMgr, you’d go through the usual steps of downloading this hotfix by requesting it initially (or in some cases directly downloading from within the Bulletin):

You’d then check your emails, find the offered link and click through, waiting for the download to finish, moving it onto the Site server and performing an installation, but for the latest version of ConfigMgr “System Center Configuration Manager” this can all be done in-console using the Updates and Servicing feature, and we’re going to see it in action as it delivers and installs a hotfix to a System Center Configuration Manager Build 1511 Standalone Primary Site server.

The Updates and Servicing feature operates on a 24 hour cycle, checking in with Microsoft via the Service Connection Point to see if an updated version of Manifest.CAB (becomes ConfigMgr.Update.Manifest.CAB) exists. You can shorten this cycle on the day of a release by recycling the SMS_SITE_COMPONENT_MANAGER service, which will make the Site perform this check. Once the CAB has been processed it’ll then validate that any available content is applicable to the Site server, and in the case of KB3122637 the validation check is to see if the Exchange Server Connector is configured for use.

Note for the curious, the CAB file is transitive, once processed, it is gone, you can catch the CAB if you are timely, eagle eyed and crack it open for a look, if so inclined.

Below you can see that the Site server became aware of the hotfix after processing the updated ConfigMgr.Update.Manifest.CAB file, and began to download the content for us from Microsoft using BITS over HTTPS:

You can check out the DMPDownloader log for a transcript of what is going on:

Once its downloaded, unpacked and made ready, a refresh in the Console will reveal its state change from Downloading to Available:

We’re now ready to apply this hotfix to the Site server.

Backup your site servers Database and CD.Latest folder, there is some good guidance on doing this from Kent Agerlund here. You should really do this every single time you make significant change to the Site server, such as applying a hotfix .We know the risk is low for a hotfix, but the effort to recover without being prepared is magnified if you do not have current backups,  and is less awesome than being prepared. Remember, we’re supposed to be the most diligent and careful of administrators due to the nature of this product, we are carved out this way eventually because we’re holding the reigns to a product that can cripple or wipe out an entire organisation, so taking the role seriously by making sure you are able to revert to a recent backup shows good diligence, and makes you look as cool as a cat to other administrators and your boss.

We’re going to run the prerequisite checker ahead of installing the hotfix, although the checker is run whenever you attempt to install, so this step will cause process duplication, but will give us insight into any failure points before we’ve committed the content for installation.

Right click the entry for KB3122637 and select Run prerequisite check

It’ll update the State to become Checking prerequisites:

After a short while and one console refresh later, the prerequisite checker has completed, and sput out a result for us to observe:

We can take a look at what messages came back for the prerequisite check, especially if it didn’t pass, you can either click Show Status, or visit Site Servicing which resides in the Monitoring Node:

Right click the entry, and vigorously demand access to Show Status using the left mouse button:

Here are the results:

Now return back to Administration, Updates and Servicing, right click KB3122637 and Select Install Update Pack:

We’re welcomed by the Configuration Manager Updates Wizard, friendly, full of brevity, and eager to service the site at a few clicks:

We get a list of content and what type, in this case Configuration Manager site server updates, Select Next:

Usual EULA, tick off I Accept … and Select Next:

Our summary is short and details what we will be applying, Select Next:

Ok that is it, the process is underway, Select Close:

Checking back in the Console shows us that the process has begun by invoking the prerequisite checker again:

A few minutes later the prerequisite checker completes successfully (passed):

Right clicking the entry above will show the context menu, and all entries are now greyed out during the servicing process, another indicator that we are underway:

Now we wait a short while and things will kick off. At this point head on over to the CMUpdate log file to see the action at a log level:

Once the hotfix installation is fully underway we’ll see that reflected in the Console, but this takes a bit of time to show up since the Site is taken down for the hotfix to be installed (SMS_EXECUTIVE and other services are stopped), and the status update is only changed when servicing is completed.

One more reference to the CMUpdate log, to show that the show is over, the hotfix is now installed:

A quick refresh of the console and we see the status is updated, and in this case, the update package containing the KB3122637 hotfix has been installed successfully:

And that is it, we’re done here.

Key take-away points here are:

• We initiated the installation in-console and didn’t visit a web browser, or use email to initiate the activity
• We did not download anything and did not have to man-handle any content whatsoever
• We could observe activity in several logs such as DMPDownloader and CMUpdate, as well as from within the Console but observed that the log is a better way to monitor activity
• Servicing a Site server becomes a cinch with the Updates and Servicing feature

The Updates and Servicing feature is the cornerstone for applying new builds and hotfixes.

And there is more, such as poking around at this Updates and Servicing mechanism such as Offline servicing, and going under the hood, in WMI, SQL, and is something maybe I’ll do in another guide.

For now, you’ve just witnessed how easy it is to provision “content” from the new servicing model, which came from product group developers\engineers who put it together, all the way down the chain, through the testing group, mostly dog fooded in the TP releases, then to System Center Configuration Manager Current Branch, and most likely you, unless you are running the long term service branch.

With this servicing model Microsoft is better capable of responding\reacting to issues and providing fixes than ever before, and I like it.

I thought I’d cover On premise Mobile Device Management using ConfigMgr Build 1511. So let’s take a look.

The simplified list of the pro’s and con’s of mobile device management versus full client management, laid out on the Microsoft TechNet page tell us

Moving from zero using this

To a fully operational one of these

May seem like climbing this, in just your pants

But with a guide to hand, the problem is broken down and thus, we get all the climbing kit laid out in front of us, and have a personal Sherpa to help get up there!

Ahead of my climb to get On Premise MDM working, fellow MVP climbers Panu Saukko, Kent Agerlund and Gerry Hampson already summited and provide their own guides, one for TP3 and a more recent one by Gerry for B1511, this is my attempt to make it to the top using the documentation and B1511, while leaning on Gerry to figure out that I needed to do this, for the enrolment roles

This guide is of epic length, there are lots of screenshots, multiple step by step procedures, frequent summaries of activity and of specific steps, and requests for you to go further and set a few things up on your own, such as PKI. I did not run through this guide a second time to repro due to the vastness of the steps involved, but believe it should all hang together and result in Windows 10 devices enrolling correctly.

What we’re going to need is a lab environment consisting of the following:

1. An Intune Trial  (30 day evaluation is more than enough!)
2. A Certificate Authority serving your Forest  (Server 2012 R2)
3. An activated copy of  Windows 10 Enterprise (Virtual machine or Physical)
4. An additional Server 2012 R2 Site system for native mode (PKI) roles
5. A Stand-alone Primary  Hierarchy  with a single Site system is enough, running on Windows 2012 R2, Build 1511 minimum or higher with at least the following roles deployed

• Primary Site Service Connection Point
• Site system Remote Secure Management Point
• Site system Secure Distribution Point
• Site system Secure Enrollment Point
• Site system Secure Enrollment proxy point

The need for Intune is for licensing purposes only, devices will not talk to Intune, instead they will have a relationship with the Site server that the device is enrolled with. Setting up an Intune evaluation is well documented, I won’t include it in this guide, see Niall’s guide here that includes the steps for the sign up process, but do not proceed to integrate Intune with your Site server, return back here for that. If you’re using the browser on the site server you may need to turn off IESC to avoid prompts during sign up, and add login.microsoftonline.com to the safe\trusted zone if you get stuck.

You’re going to need Certificate Services in your lab, if you do not have one setup then go and roll your own Certificate Authority on your lab domain. Guidance on going through this procedure can be found here Install a Root Certification Authority, but please do have a look around for other guide to get a good overview of what is needed to get PKI up and running.

You’re also going to need to setup a few more roles to get Certificate Services fit for purpose. The Roles required and their installation order are:

1. Certificate AuthorityandCertificate Authority Web Enrollment
2. Certificate Enrollment Web Service after

There are a lot of guides on setting up your Certificates, the Certificate Templates and issuing Certificates for ConfigMgr, nothing has changed much at all with PKI and ConfigMgr guides from several years back, one of which from Microsoft I’m going to be lazy and point too here, and a community one here.

Once you’ve gone through that lot you’ll have certificates ready for use on the MP\DP web server and the clients.

Now that the Certificate Authority is up and running, you need to perform an additional step that we didn’t need too in the past when playing with PKI and ConfigMgr in the lab, and that is to setup a Certificate Revocation List held on a Distribution Point (CDP).

The tiniest of background on this is  that any certificates that have been revoked by the Certificate Authority will be listed in the Certificate Revocation List, and this list is made available via IIS over HTTP to any Operating System that wants to verify that a certificate is valid. Windows 10 during registration for Mobile Device Management, will check to see if the certificate being used for authentication is valid, if it is not then access is denied. Validity depends on the certificate duration having not yet expired, or from intentionally invalidating certificates by the Certificate Authority for security purposes (compromised, risk mitigation).

Setting up an Certificate Revocation List Distribution Point, and telling the Certificate Authority to use it is a pretty simple process, fully documented by Microsoft and others, but I describe the steps here so that you do not have to travel out of the guide to continue with this set of configuration steps.

Let’s get underway.

Later on, we’re going to modify Certificate Templates on the Certificate Authority so that they include a reference to the soon to be created CDP using an FQDN, so that this works, we need to create a DNS A record that resolves to the IP address of the Certificate Authority that will host the CDP.

I assume you have your DNS service running on your lab Domain Controller, so head on to it.

• Open the DNS management console 
• Expand the Forward Lookup Zones node and right click your domain entry
• Add in a HOST A record called crldp as shown in the example below
• Add the IP address of the server hosting the CDP

• Select Add Host to add it to your Forward Lookup zone.

You can test this by opening a CMD prompt and using NSLOOKUP or PING, so as to make sure it resolves by is name crldp, and the FQDN equivalent for your domain. All devices that you enrol should be able to resolve this FQDN and get a response.

Now that the DNS entry has been created and it points to the CDP, we next create a folder and an IIS Virtual Directory (website) to build the framework needed for the CDP to respond to requests for certificate validation.

For the lab I create a folder on the root of the C: volume called CRLD (I should have used CDP, if you change this be aware of it as several key steps ahead rely on this) on my Certificate Authority server hosting the CDP, this can be a different drive\path of your choosing, just make a note of it for later.

• Share the newly created folder out using a hidden share by right clicking the Folder, selecting Properties and selecting the Share tab. From there select Advanced Sharing, tick Share this folder, and add the $ (Dollar) suffix so that it looks like this:

• Select Permissions and for Everyone select Full Control.

• The folders Sharing tab should now look like this:

• Select Close
• Remaining on the Certificate Authority that is hosting the CDP (assuming you’ve set it up to use IIS, which it should in the lab), fire up the Internet Information Services console
• From within the Internet Information Services console, expand out the Sites node, right click Default Web Site then select Add Virtual Directory
• In the Alias type CRLD
• For Physical Path type C:\CRLD

• Select OK
• Remaining in the console, selecting the new Virtual Directory (CRLD) and switching to Content view will show that the Virtual Directory (our new CDP website) is empty, since the Certificate Authority has not yet published too it

Now, we need to allow double escaping and Directory Browsing for our new Virtual Directory

• Remaining on the CRLD Virtual Directory, Switch back to Features View, then scroll down to Management and double click Configuration Editor.
• Now that the editor has appeared, from the Section drop down navigate through System.WebServer to Security and onto Request Filtering. Now set allowDoubleEscaping to True and click Apply.

• Click back on your CRLD virtual directory, and navigate to the IIS section, double click Directory Browsing, select Enable

All of that came from this Microsoft guide.

Next up is to add the CDP to the CRL Distribution Point location list extension for the clients to use, when attempting to validate Certificates.

• Open the Certificate Authority Management Console
• Right click your Certificate Authority and select Properties

• From Properties Select Add

• Wipe the Location field as we’re about to reconstruct it, and type http://crldp.<domain>.com/
• Select CaName from the variable drop down and select Insert
• Select CRLNameSuffix and Insert it, then select DeltaCRLAllowed and insert it then add .crl
• It should look like this with your domain name

• This is the same dialog that shows the end of the Location field

• Select OK

• Back at the Extensions tab and while highlighting the newly created entry, tick the following check boxes

1. Include in CRLs. Clients use this to find Delta CRL locations.
2. Include in CDP extension of issued certificates.
3. Include in the IDP extension of issued CRLs

• We haven’t clicked OK for a reason, hold off

In my lab, this doesn’t allow me to publish the CRL to the CDP, it will however include this extension modification in any future certificates issued by the Certificate Authority.

To publish the CRL to the CDP, I had to repeat the above steps with some different inputs.

• Add another CRL Distribution Point, this time so that we can publish to it by clicking Add again
• Wipe the Location field as we’re about to reconstruct it, and type file://C:\CRLD\
• Select CaName from the variable drop down and select Insert
• Select CRLNameSuffix and Insert it, then select DeltaCRLAllowed and insert it then add .crl
• It should look like this

• This is the same dialog that shows the end of the Location field

• Back at the Extensions tab and while highlighting the newly created entry, tick the following check boxes

1. Publish CRLs to this location
2. Publish Celta CRLS to this location

• Now select the Exit Module tab, and Select Properties

• Tick the Allow certificates to be published to the file system
• Select OK

• Opt to recycle Active Directory Certificate Services, only takes a moment to complete.

Great, we’ve got several things in place now, an Intune trial, Certificate Services, a DNS entry, a  directory for the CDP, an IIS Virtual Directory, and the CDP has been configured for publishing and client use in Certificate Services.

Let’s make the Certificate Authority publish the CRL to the CDP.

• From Certificate Authority console, right click Revoked Certificates, select All Tasks then Publish

• Select a New CRL:

• Select OK
• You should now see the Full and Delta CRL’s listed in the CRLD directory from File Explorer, it should not take more than a few moments

• You can point a browser at the CDP and should see the main and delta certificate lists as well

If any of this is broken, circle back to see where you’ve possibly deviated.

Now we turn to the Intune Evaluation, so as to integrate it with ConfigMgr for Hybrid mode.

• From the ConfigMgr Console create a User Collection to host the accounts that can perform Intune device enrolment

• I’ve called it Intune On-Premise Enrollment Users

• I’ve not enabled incremental updates or a schedule, I'll be adding a test user manually. Complete the Collection wizard
• Make sure you have Active Directory User Discovery enabled, and that at least one discovery of the Forest\Domain has taken place, confirm the user you want to do all the device enrolment with is seen by ConfigMgr
• Add the enrolment administrator you’ve selected from your discovered Users to the newly created collection

Before you can continue, your Site server must have the Service Connection Point role installed, a prerequisite for Intune, make sure this is done, and that it is working. Once you have a working Service Connection Point (not blocked by a Proxy, Firewall, is synchronising) proceed.

• From the ConfigMgr Console now go to Administration, expand Cloud Services, and right click Microsoft Intune Subscriptions, finally select Add Microsoft Intune Subscription

• Select Next

• Select Sign In

• Tick off “I understand …” and Select OK

• Sign into Intune using your Intune administrator account. If this fails, at the top of the guide I mentioned adding the Intune website to Internet Explorers Safe Zone …

• You’ll see that the sign in is greyed out and you can proceed, Select Next

• Select Browse
• Select your newly created User Collection for Intune use

Select OK

• Add some details, company name, choose colour scheme, select Site code, Select Next

• Select Next

• Add in a logo if you want, Select Next

• Select Next

• Select Next

• Select Next

• Select Close

Now we need to enable the Windows Platform for support via On premise MDM.

• Right click the Subscription that has just shown up in the Microsoft Intune Subscriptions pane

• Select Configure Platforms then Select Windows

• Tick Enable Windows enrolment
• Select OK

Since Mobile Device Management requires a secure Management Point and Distribution Point, and because I want to run the Primary in HTTP mode due to the Fallback Status point residing there, we need a new Site system - “We’re going to need a bigger boat!”.

Make sure your new Site system has a web certificate in place before you proceed, if you jumped the gun and gave it a certificate before we changed the Extension properties on the Certificate Authority, reissue the certificate to get the updated extensions for the CRL Distribution Point properties. I’m not sure if this is an important step for the web server certificate, most likely just the client certificate, but get it done anyway or circle back to it if things won’t work.

A Windows 10 device that has been domain joined will receive a Trusted Root Certificate as well as a Client Certificate, the trusted root cert from the domain join, and the client cert from a group policy that should already be setup to auto enrol devices. For workgroup devices, make sure you’ve exported your Trusted Root Certificate, and the Client Certificate (use the DP Client certificate if you made one, or the WINPE Boot Image as they all have the Client Authentication purpose) as you’ll need them.

• Create a VM for your new Site system, install IIS and make sure IIS is configured for an MP and DP, has the site servers computer account added to local administrators, and has the web certificate added (see this guide for the steps)
• From the ConfigMgr Console create the new site system,  make sure your Site server is in the local administrators group of the Site System beforehand, setup the roles using HTTPS mode. Note that when adding roles, include the internal FQDN in the Internet FQDN field

• Add the Enrollment Point and Enrollment proxy point

• Select Next

• Nothing to configure, Select Next

• Select Next, Next, Close.
• Check SITECOMP log to confirm the roles were installed correctly. Also check the components log files on the Site system. If the Site system that you are installing these roles onto has not yet been configured for HTTPS\SSL yet, you’re going to get errors. Restarting Site Component manager on the Site server will retry if you fall foul of a prerequisite issue
• I had problems in this area, I had to reboot the Site system before the roles would install and activate correctly. A significant indicator that something is up is if the CMEnrollmentService.log is missing. I re-seated the roles then rebooted, but I suspect and Gerry Hampson has confirmed, that a single reboot after initial role deployment would have fixed the problem

• Once you know that HTTPS is working fine for the two roles you just installed, go ahead and install the Management Point and Distribution Point in HTTPS mode
• Make sure the Distribution Point is configured as below, importing the Distribution Point Client certificate
  

• Tick Allow mobile devices to connect to this distribution point
• Make sure your Management Point is configured as below. I had issues with the Management Point where I had to configure SQL permissions for the newly created Site system by hand, so that the Management Point had access to the smsdbrole_DMP and smsdbrole_MP SQL roles

• Tick Allow mobile devices and Mac computers to use this management point
• Make sure both roles go on correctly, MPControl log on the Site system should let you know all is well with the Management Point, and DistMgr on the Site server will let you know if the Distribution Point went on ok and is working.

• Import the exported Trusted Root Certificate into your Site server. Note that I do not think this step should be necessary. If you skip it and get stuck at the end of the guide with devices that won’t enrol, come back here and set it. I don’t think this is necessary in B1511 and onwards but I imported while I was troubleshooting (it did not move things forward at the time) so cannot confirm myself.

If you want too, you can install the ConfigMgr Agent onto a device in HTTPS mode and deploy something to it, this will test your MP and DP running in HTTPS mode.

We’ll now make a change to the Default Client Settings so that Users will be able to enrol Modern Devices (Windows 10 et al), we’ll first create a Certificate Profile, and specify the Trusted Root Certificate that is used to verify authenticity of the device. This certificate is not passed to the device being enrolled, it is merely being used to validate authenticity of the device being enrolled.

• From the ConfigMgr Console head to Assets and Compliance, expand Compliance Settings, Company Resource Access and right click Certificate Profiles, select Create Certificate Profile

• Enter a descriptive name
• Select Trusted CA certificate
• Select Next

• Point to your exported Certificate Authority Root Certificate file, making sure the Destination store is Computer certificate store – Root
• Select Next

• Select Windows 10

• Select Next, Close

Now we need to configure Default Client settings to allow modern devices to enrol.

• Open up your Default Client settings

• Make sure Allow users to enroll modern devices is set to Yes
• Select Set Profile …

• Select Create

• Give it a descriptive Name
• Select the Management site code
• Select the newly created Certificate Profile from the Certification Configuration pane
• Select OK

• Select OK

• Your Client Settings should now be enabled and show the enrolment profile being used

Now on the Windows 10 device, if it is in workgroup mode import the Trusted Root Certificate into the computers Trusted Root Certification Authorities store, and the Client certificate into the Personal store, both for the Computer. If it is domain joined this isn’t necessary, both certificates are provided, the root certificate is issued during the domain join, and the client certificate auto-enrolled via Group Policy (if all is setup correctly!).

The Client certificate is necessary so that the device can contact the Device Management Point for policy, and the Distribution Point for content post-enrolment. The trusted root certificate is needed to get the enrolment underway via the HTTPS enabled Enrollment Proxy Point, which wouldn’t trust us if we didn’t have it.

If in workgroup mode without the trusted root certificate, you’ll get blocked as in the example below. Without the client certificate you’ll enrol but have issues later on with deployments to the device.

Now let’s manually enrol a device. Note that there is the option to bulk enrol which is covered here, it leverages ConfigMgr and the Windows 10 ADK to produce a package that can be executed on a Windows 10 device, automating and watering down the enrolment process to just handling the execution of a package (local interaction) on the device.

I’m using an activated version of Windows 10 Enterprise Build 10240.

• Open Settings

• Click Accounts

• Click Connect

• Tap in the credentials (UPN) for the Intune enrolment administrator that you put in the user collection a while back and select Continue

• Now you’ll be prompted for the Enrollment Proxy Point FQDN, select Continue
• We are now talking to the ConfigMgr Enrollment Proxy Point!

• Tap in the credentials (UPN) again and select Sign In

• This is pretty much confirmation that we’re able to talk to the Enrollment Point
• Let Windows store the credentials away, and Select Yes to get underway

• We wait a few moments for the process to complete

• That’s it, the device is enrolled. Select Done
• If the device wouldn’t enrol, you can take a look at the devices event log, open Applications and Services , take a bit of time to render the list, then expand Microsoft, Windows and DeviceManagment-Enterprise-Diagnostics-Provider, click Admin and you’ll be greeted with events that may show why the enrolment failed
• Click on the Intune Evaluation grey box, it will expand out to show multiple buttons

• Clicking Info will show us whether the sync is underway, problems with certificates will cause this to fail instantly

• Errors at this point are most likely going to be due to the enrolment point or the enrolment proxy point not installing correctly, or the certificates are not configured correctly. If you are in doubt whether your PKI is working, install a ConfigMgr Agent in HTTPS mode and test it.

• Open up the ConfigMgr Console and go look for your Windows 10 device by its host name in the Devices node

• You’ll see that it has a different icon than for a normal device, a mobile device,
• Right click and select Start then Resource Explorer
• It may take a few minutes for it to appear, but we will see a limited set of inventory appear, for now this really is all we’ve got

• Come back to ConfigMgr, and right click the device again

• As you can see the options for this resource record are different than that of a normal device resource record

• A good end to end test is to tell the device to lock . Make sure the device is unlocked, then select Remote Device Actions and select Remote Lock

• We’ll be prompted to confirm

Head to your device, confirm that the console session has locked.

And to wrap things up here is a shot of part of the resource record

Well, for those of you that made it up the mountain, congratulations!

I’d recommend checking out Kent, Panu and Gerry’s guides as well since they had bits I've not covered here as deeply on troubleshooting.

I found this handy to lookup MDM Errors

Today I see that ConfigMgr current Branch B1602 released, I installed it onto 1511 today, and thought I’d put together a brief guide to provide a light overview of the installation process, showing how easy it is now that it is integrated into the product. Configuration Manager as a Service (CaaS) really is kicking in, with the flow of change ramping up.

The actual Updates and Servicing feature entirety relies on the Service Connection Point role that was introduced in Configuration Manager Current Branch (and LTSB), and I suspect that in a day or two, when standing up a Build 1511 Site server, and then deploying this role, you will see Build 1602 showing within minutes of the first sync, whereas today, it may take a few more hours before everyone can see the update pack globally.

To deploy a 1602 site server you must first deploy the ‘baseline’ build, which is currently 1511. You can move from 1511 to 1602 in both offline and online modes (offline servicing just means having the 1602 kit to hand and not downloading from the internet). After a year, a new baseline build should replace 1511, resulting in a single installation taking place to get to the current build. I would not expect that to last long, and that a double-install will be the norm, since these update packs are released (cadence) quite quickly.

Here’s the release version matrix for current branch as it now stands:

Note that 1602 updates a 1511 Database. It most likely will always be okay until it isn’t okay, so please make sure you are backing up your SQL DB Unlike past versions of Configuration Manager, if installing an update fails, you should not need to perform a site recovery, and instead can Retry the update installation. Therefore, while the test upgrade of the database is less critical than in past product versions, it still remains as a concern, and a recommended step (more so for production!).

On the subject of database changes and failure during upgrade, you should note this statement in the documentation here

Unlike past versions of Configuration Manager, if installing an update fails you should not need to perform a site recovery and instead can Retry the update installation. Therefore, while the test upgrade of the database is less critical than in past product versions it remains a recommended step.

Failure during upgrade can be retried, previously the show was over, and a restore was needed, pretty rad that!

• Here’s a 1511 Site server showing 1602 has arrived

• Clicking on the 1602 update pack will give you some options via the Ribbon or a Right click

I’ve already covered most of how the Updates and Servicing mechanism works in this blog post here, in this post I’ll simply walk lightly over deploying Current Branch Build 1602 to a lab based Stand-alone Primary Site server.

Let’s get the upgrade from B1511 to B1602 underway.

• Go create a device collection, call it Client Pre-deployment (Validation of B1602)
• Add some devices to the new collection, these will be automatically updated for us

• From the Console, go to Administration, Cloud Services, Updates and Servicing,
• If Build 1602 does not show, then from the ribbon or a right click select Check for updates
• If it shows then most likely its already been downloaded, but if it doesn’t show and initiating a check for updates or a recycle of the SMS_Executive service gets it to appear, check the DMPDownloader log file on the Site server

• You should see that something is afoot, a cab being downloaded, unpacked and verified

• Here you can see the download of the update pack has completed

Even though we can retry if there is any failure during the upgrade while dealing with SQL, it would make sense to copy your database over to a server hosting the same SQL edition (with service packs and hotfixes as the ConfigMgr Database Site server) so as to test the upgrade on your database using TestDBUpgrade. I’d do this every single time with production, for the lab I don’t bother. That a retry after upgrade failure is supported indicates that most likely over coming releases, we should see far more robustness of the whole SQL upgrade process until nursing it becomes a distant memory.

Check out Nickolaj Andersen post here on handling TestDBUpgrade, it is pretty simple, takes a bit of effort to keep SQL server like for like, although for 1602 I didn’t dig out where the install kit was pre-installation, and after it’d been downloaded, you’ll have to go find the installation kit (might be in cab only form at this point, or in unpacked form, go eek it out) in the ConfigMgr folder once 1602 state changes to available.

• One you are ready to proceed with the upgrade, from the Updates and Servicing node, right click the 1602 update pack

• Select Install Update Pack

• We’re welcomed by the Configuration Manager Updates Wizard
• You can tick Ignore any prerequisite check warnings and install this update regardless of missing requirements, so as to override any warnings regarding requirements not being met, or let it stall and notify you so you can resolve them
• Select Next

• This is where we select the features we want installed, as you can see 1602 delivers

• Apple Volume Purchase Program
• Windows 10 conditional access with health attestation service
• iOS Activation Lock management
• iOS App configuration

• Tick or untick the features you are interested in
• Select Next

• Your choice on whether you update your current production ConfigMgr Client package with Build 1602 Client kit straight off, or whether you stage the event, and when confident perform the update later
• Select Browse

• Find the collection you created earlier
• Select OK

• Looking good, we’re going to validate the client in pre-production, by deploying to a specific collection of devices and not the entire estate
• Select Next

• Tick the licence agreement checkbox
• Select Next

Select Next

• Select Close

• From the Updates and Servicing node we can see that things are underway

• If you have a CAS there is over 1GB of content that needs to be replicated, for a stand-alone primary this shouldn’t take more than a few minutes

• Once the staging is complete, the prerequisite checker will kick in

• This part will take a long time

• Once the prerequisite checker has completed with no errors (and that we’re ignoring or observing missing requirement warnings) you should see the status transition to Installing 

• Let’s take a look at the prerequisites
• Head to Monitoring, Site Servicing Status, and from the Ribbon or a right click select Show Status

• We can see what did and didn’t pass …
• Also check out the CMUpdate log

• Once the update packs status changes to installed, check out the SiteComp log to make sure all the components\roles have reinstalled correctly

• Here is a resource record of a device in the pre-production collection that was automatically updated for me

If you had any consoles open, after a bit of cruising they should start to prompt you to upgrade to a newer version. Opening a new 1511 console will produce the same prompt until it has been accepted, which will kick off the console upgrade.

• Accepting the upgrade will get the Console MSI downloaded from the Site server and the upgrade process underway

• MSI Logic detected that I had a Console related executable still in memory, Status Message Viewer, which was blocking the upgrade, so I closed that manually and clicked OK

The MSI Installer then rolls off the older version, and rolls on B1602.

• A quick nose around the Features node of Updates and Servicing shows us the features, which can be viewed in the documentation here:

Also, my three test clients all upgraded to 1602 as well. I did have a delay here, am not 100% sure right now what caused it, but the clients all kicked off their upgrades once they fetched their policy from the MP.

Okay that’s it, done, and it was easy wasn’t it!

Once we are all good with the client upgrade, we can switch 1602 Client kit to become the production kit used for all future clients deployments

• Navigate to the Updates and Servicing node again

• From the Ribbon or a Right click select Client Update Options

• Tick I am ready to make pre-production client version available to production
• Select OK
• Get the hierarchy Settings up and you’ll see that pre-production deployment has been turned off, and the production client version has changed to 5.00.8355.1000

You could also check at the file level to make sure the client files have been upgraded, perhaps I’ll circle back for that fully and update the guide another time, here is a shot of CCMSETUP.EXE to show its version (8355 is 1602)

Feature-wise In-place upgrade the operating system of site servers that run Windows Server 2008 R2 is a real winner, enabling many quick upgrades to supported OS versions without a backup\restore being needed. Very enabling, as is SQL Server AlwaysOn availability groups. For mobility there’s a whole bunch of iOS MDM related features pouring in too, nice, and cloud-wise we have more management over Office 365 usage\deployment. For the full list of features don’t forget to check out the documentation.

Thank you to all that attended the Configuration Manager and the Cloud event!

And a big thank you to our sponsors Flexera Software

The event was set for 50 attendees, but we had 8 slots reserved for the WMUG Team to make sure we had a seat. We were fully booked within the first week. On the day, our attrition rate was the lowest we've ever seen other than when we had Wally Mead over, and we were pretty much just down a handful of attendees.

This time we wanted more speakers to fit into the day so we reduced session times from 1 hour to 45 minutes, it seemed to work, gave us an additional slot at the end of the day, as a format it seemed to go down well with the attendees.

Before we move on we would like to thank those that cancelled and informed us of their non-attendance, it allowed us to pass their ticket to the reserves, good job!

The venue @ Microsoft Paddington in London was very well laid out, all our equipment worked (there were some niggles that failed a demo, but something we can resolve next time). We'll definitely go back, and we have taken note of those that would like Reading to go back on our venue list. I'm sure we'll see Reading at some point this year, as well as new venues (North of England and Ireland) being planned.

Paul Hossack was first up, with a presentation around the Flexera Software product range, was very provocative (security and keeping up with patching always is!), the audience really soaked that presentation up, lots of questions fired at Paul who had this nailed down hard, responding to all the questions with reasonable responses and style

Next up was Paul Winstanley (SCCMentor) from the WMUG Team who presented on Management Point Replica's and high availability of ConfigMgr. It provoked a lot of discussion on design and how architects should think when it comes to high availability

Followed by Gerry Hampson - Enterprise Mobility MVP and WMUG Teamie who touched on his favourite subject at the moment, managing Modern Devices using on premise Mobile Device Management. Pretty cool stuff, don't forget to check out his posts on the subject here

Next up Robert Marshall - Enterprise Mobility MVP and WMUG Leader who gave a whistle stop tour of Servicing, while impressing on the audience the importance of checking the integrity of backups and having a DEV environment to perform a TESTDBUPGRADE before upgrading DEV and PROD. By the time he'd finished everyone had a DEV lab setup due to his constant tutting at not having one (joking, practically everyone put their hand up when he asked if they had a DEV environment) and they knew to check backups before upgrading and not assuming the backups are solid :-) Read more from Robert Marshall on servicing here and here

Sam Erskine - Cloud and Datacenter Management MVP gave us a good overview of OMS, and dug deep to show us some of the features he thinks are mind-blowing, such as Event Log harvesting, as with all the other sessions, humour permeated the air and Sam entertained us well while covering off a novel but interesting technologoy

Matt White - MCS Consultant and WMUG teamie gave us a great overview of managing Modern Devices (Windows 10) in a cloud-only model. What a great way to show off how far things have come with the Cloud technologies at Microsoft

And to wrap the presentations on the day Phil Wilcock of 2Pint Software gave us a very detailed run through of BITS\BrancheCache and PeerCache, the depth was stunning, recounting tales of yore (the story behind BranchCache and its authors demise) as well as giving insight into areas of the subject matter, very revealing, empowering session. The audience would have eaten up a lot more but we ran out of time

As usual we had something to give away, and this time thanks to our sponsor Flexera Software we were able to give a Raspberry Pi (V3) away to a lucky winner

Well done Craig Strong! We hope to see some pictures of you and whatever you get the Pi to do!

Paul Winstanley gave away the prize, since Paul eats sleeps and lives Raspberry Pi! (Ask him what that is all about, interesting story ...)

We also had a special give-away, a USB Hub that was previously owned by the generous grand-father of SMS Wally Mead. Robert Marshall had this in his stash for a couple of years and it was time to let it go!

Keith Sanderson won the prize by guessing Who owned this device? I had to hint a just a little, but I did leave it open!

And finally, not really related to the event itself, but at the venue there was a Microsoft Surface Hub and some of us gave it a spin, if WMUG had the cash and a need for a meeting room We'd love to have one of these, so super cool!

All presentations except the Flexera Software presentation can be downloaded from here

Well, what is next, keep an eye on the WMUG Tweet account as we have two additional physical events lined up for the South of England, and a possible event taking place further North, as well in Ireland. We'll announce all of this as things are locked into place.

In the meantime, please do keep an eye on the WMUG Tweet account for our announcements for further WMUG Clinics - The intent is to rerun the same sessions from this event and go further, or dwell on areas that are of interest to the audience in an informal setting.

Again, thank you for attending, and thank you again to our very cool sponsors Flexera Software!

The WMUG TEAM

Join WMUG on the day for System Center Configuration Manager and on-premise\off-premise Cloud sessions.

Thursday, 31st March 2016.

Featuring three (3) Microsoft MVP's, Robert Marshall (EM), Gerry Hampson (EM) and Sam Erskine (CDM), alongside the WMUG team, guest speakers and our event sponsor, Flexera Software.

The agenda will be as follows:

The event is completely FREE to you including refreshments and lunch, courtesy of our sponsor for the day Flexera. Please note that registrants Name and Email address will be provided to the Sponsor, please do let us know if this is an issue for you. We view providing your details as a small token of gratitude towards the Sponsor, which enables the event to be free.

Flexera Software is the leading provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises. Their next-generation software licensing, compliance and installation solutions are essential to ensure continuous licensing compliance.

We also have an open questions session back by popular demand, and of course some giveaways for those who make it to the end of the day.

So what are you waiting for? Register now! There are limited seats available, and as always, we expect these to fill up quickly. Don't delay or you may be disappointed. If you book and are unable to attend, please do cancel your booking via the event page so that others may take up the opportunity, thank you.

Venue location

Microsoft,

2 Kingdom Street,

LONDON,

W2 6BD

About the speakers:

Paul Hossack - Paul is our sponsor guest speaker for this event, and will give us a demo of Flexera Software product offerings. Paul has been securing networks since 2007. A seasoned project leader and encryption specialist, and most recently hardware firewall adept, Paul is an expert in his field. Now working with Flexera Software (formerly Secunia) he brings his skills to vulnerability defence.

Paul Winstanley - Independent contractor with 20+ years experience. 7 years specialised in Configuration Manager and Enterprise Client Management. Also a CGJam Contributor and Pi enthusiast who regularly teaches kids in his spare time.

Gerry Hampson - Senior Consultant Engineer with Ergo Group based in Dublin. Recently awarded his first MVP in Enterprise Client Management through his awesome work on gerryhampsoncm.blogspot.ie and Microsoft TechNet forums.

Robert Marshall - Owner and Senior Consultant at London based Consultancy SMSMarshall Ltd, specialists in ConfigMgr. Microsoft EM MVP in Configuration Manager since 2009, and WMUG founder in 2006.

Sam Erskine- Samuel is our guest speaker, a CDM MVP, and an independent IT consultant and trainer, specializing in System Center and MS Cloud technologies. He is the content designer and lead author of several Microsoft System Center Cookbooks, and co-author of two System Center Unleashed books.

Phil Wilcock - Phil is our guest speaker, and has been in IT for a long time. Some would say too long. He started life as a farmer, ended up managing a huge Moo-Cow database (the DB was large not the cows), worked for Bill Gates for a while, co-founded 1e.com, went back to farming for a few years, trained as a Butcher and is now Director at 2pint Software, a specialist in Configuration Manager and presenter.

WMUG TechTalks presents an Overview of Flexera Software products and features.

Your host for this session is Robert Marshall - Enterprise Mobility MVP, and your presenter is Paul Hossack from Flexera Software.

This session is a repeat and extension of the session presented by the event sponsors at the recent WMUG Configuration and the Cloud event, with the opportunity for further Q&A with the Flexera Software presenter Paul Hossack.

Attendance is free, with the requirement for Skype for Business Full or Web App.

Tips

• Make sure you have Skype for Business Full or Web App installed before you join the meeting
• Mute your microphone
• Use the Chat feature of Skype for Business to ask questions

Click here to join the event on the 24th of May 2016 at 8PM UK BST time.

Paul Hossack - Paul will give us a demo of Flexera Software product offerings. Paul has been securing networks since 2007. A seasoned project leader and encryption specialist, and most recently hardware firewall adept, Paul is an expert in his field. Now working with Flexera Software (formerly Secunia) he brings his skills to vulnerability defence.

Robert Marshall - Owner and Senior Consultant at London based Consultancy SMSMarshall Ltd, specialists in ConfigMgr. Microsoft EM MVP in Configuration Manager since 2009, and WMUG founder in 2006.

Be aware, some of my customers and others in the community have been reporting issues once KB3159706 is deployed to their WSUS servers.

This is a known issue, and you’ll need to do the manual steps at the end of the KB3159706 article to get your WSUS server operational again.

This patch replaces KB3148812 which kind of had some ‘issues’.

Here is an example of the kind of whining you’ll get if you connect to WSUS once this patch has been automatically deployed, and the manual steps not carried out:

Thanks Nick Mitchell for the heads up!

In the following series of blog posts I will introduce you to C#, Visual Studio and the ConfigMgr SDK, and show you how to produce your own custom tooling easily.

The motivation behind this series of postings is to enable you to create community tools or bespoke tooling to assist you in your day-to-day ConfigMgr role, and thus to enhance the Community overall, as hopefully you’ll produce the very next best tool and we’ll all benefit from it.

To underpin the guide I’ve written a tool called MonitorMP which will keep an eye on the health of your Management Points outside of the ConfigMgr Console, the source code for this tool will be built up and completed by the time we’ve finished with the series of posts, at which point we’ll make the tool made available in both compiled and source code form and everyone that read this guide will feel somehow connected to it :)

Previous postings for this guide

Guide to creating your own ConfigMgr tools – Part 1

Guide to creating your own ConfigMgr tools – Part 2

I’ve extended Part 2 because I wanted to throw in some info on setting up the Help system in Visual Studio 2013, it reduces round trips from the browser when trying to figure something out, but it still doesn’t entirely remove the need to go out to search engines so as to find good examples to learn from.

Go ahead and open Visual Studio Express 2013 for Windows Desktop, and from the menu bar click Help and select Add and Remove Help Content:

Once you launch into Add and Remove Help Content you’ll be presented with a tree representation of the available help modules:

The key ones for us to download and which are selected already in the shot above are:

1. .Net Framework 4.5
2. Visual Studio 2013: Fundamentals
3. Visual Studio 2013: Visual Basic and Visual C#
4. Help Viewer 2.1
5. Desktop Development
6. Windows Debugging

The first two are added automatically, the remaining 4 I chose, help for the C# language, an update for the help system and helpful information on Desktop Development and Windows Debugging, always handy.

Make a note that the help files are being stored on the C: drive, move them to another volume if desired, this can be done before or after downloading the modules

You’ll notice that by default several help modules have already been installed, these and all newly added modules can be managed over time by clicking Update so as to get the latest content.

Now go and click Update to begin downloading new and updating old documentation:

The .Net update is quite large, so this will take a bit of time, you can track the progress in the status bar at the bottom of the updater:

After the process has settled down, you’ll notice that the help system on the left hand side has new updated content showing:

You can search the help system for keywords around what you want to learn about or do, and you should find technical MSDN information and good usage examples immediately without leaving the IDE:

In the above shot I’ve searched for Console.WriteLine and have a bunch of results showing on the right hand side.

When you’re trying to piece something together I have the IDE and the Help system Windows setup like this:

This should really help you as you move forwards with your skills, I use to have to do this by hand with reference books, such as this one:

By Stefan Dittrich

Not that searchable, hehe, mostly remembered where things were to save time, I still have these books and they have been thumbed so much they started falling apart, kind of puts how useful Help Viewer is into perspective :-)

Next posting for this guide

Guide to creating your own ConfigMgr tools - Part 3

Dear Robert Marshall,

Congratulations! We are pleased to present you with the 2016 Microsoft® MVP Award! This award is given to exceptional technical community leaders who actively share their high quality, real world expertise with others. We appreciate your outstanding contributions in Enterprise Mobility technical communities during the past year.

Very pleased to be informed that I am an MVP for another year. This is going to be a year of frequent updates from the Product Group responsible for ConfigMgr, due to how they have changed their provisioning model. I cannot wait to see all the other features they bring us and explore them with you.

Thanks to everyone that takes their time to read my posts, tweets, I hope they are of some help. I especially enjoyed the development stuff, and have more to produce, but I will also be focusing on Windows 10 and the rapid changes that took place in ConfigMgr to support it, plenty of feature depth there.