Presentation is loading. Please wait.

Presentation is loading. Please wait.

Updates, Servicing and Telemetry

Published byRandall Walker Modified over 8 years ago

Similar presentations

Presentation on theme: "Updates, Servicing and Telemetry"— Presentation transcript:

1 Updates, Servicing and Telemetry
in Configuration Manager current branch Aaron Czechowski Senior Program Manager Microsoft Kerim Hanif Senior Program Manager Microsoft Aaron

2 Aaron Czechowski Kerim Hanif @AaronCzechowski @KerimHanif
Senior Program Manager, Configuration Manager product team Senior Program Manager, Configuration Manager product team 4 years on product team, 9 years at Microsoft. 18 years working with Configuration Manager 4 years on product team, 13 years at Microsoft. 16 years working with Configuration Manager Aaron, Kerim Anything coconut Cooking, Scuba, Bass guitar

3 Updates and Servicing Configuration Manager Aaron

4 Servicing Strategy Supports the faster pace of updates for Windows 10 and Microsoft Intune New Updates and Servicing node Delivers periodic updates for new features, bug fixes, and extensions for hybrid deployments using Microsoft Intune Simplifies the upgrade experience In-place upgrade from Configuration Manager 2012 to latest Listens to and more quickly responds to customer feedback Foundational improvements allow us to respond to customer feedback more quickly Aaron

5 Configuration Manager Current Branch
Product version Release vehicle Availability Windows 10 features supported Support Windows Servicing Model supported Configuration Manager Current Branch Generally available December 2015 with updates released periodically throughout the year New features, security updates, and bug fixes Can defer updates for up to 12 months before you must deploy updates to maintain support Windows 10 Current Branch, Current Branch for Business, and Long Term Servicing Branch Configuration Manager Current branch (version 1511) Current branch (version 1602) Aaron Current branch (version yymm) Technical Preview (version yymm) WINTER SPRING SUMMER

6 Consolidating All ConfigMgr Updates
Updates and Servicing node in the console No more searching for the updates, gets updates automatically from the cloud No more Cumulative Updates No more Service Packs No more Microsoft Intune Extensions Hotfixes will also be integrated GOAL: Reduce this list as much as possible Kerim for rest of section

7 Types of Releases Baseline In-Console Update Out-of-Band (OOB) Update
E.g. Configuration Manager 1511 Full setup (CD) Will be upgradeable from R2 SP1/SP2 Supported for 1 year In-Console Update E.g. Configuration Manager 1602 Not a full setup, cumulative Requires a baseline release Out-of-Band (OOB) Update Will be released if needed Mostly will contain only features Hotfixes GDR (General Distribution Release) LDR (Limited Distribution Release) Traditional

8 History of Releases Production Release (every 3-4 months) Technical Preview Release (every month) Date Baseline (CD) TP May 2015 TP2 (8271) July 2015 TP3 (8287) August 2015 In-console Update (1st) 1509 (8299) September 2015 In-console Update 1510 (8321) October 2015 1511 (8325) TP4 (8325) December 2015 1512 (8336) December 2016 1601 (8347) January 2016 1602 (8355) February 2016 1602 (8360) March 2016 1603 (8372) TP5 (8385) April 2016 1604 (8385) 1605 (8396) May 2016

9 History of Releases None yet None 1511 Traditional: 1511 GDR:
Production Release (every 3-4 months) Technical Preview Release (every month) Updates (OOB) None yet (will be released if needed) None (most cases we will not be releasing an update for preview builds) Hotfix 1511 Traditional: KB , KB , KB , KB , KB , KB , KB , KB , KB , KB , KB 1511 GDR: KB (Exchange Connector) 1602: None yet (most cases we will not be releasing an hotfix for preview builds)

10 Recommended Customer Infrastructure
Technical Preview Pre-Production Production ConfigMgr Preview Build Standalone Primary No hierarchy support 10 Clients Update monthly Test new features ConfigMgr Production Build Replica of production site (on the server side) Appropriate number of clients for testing purposes Install updates here first ConfigMgr Production Build Live environment

11 Service Connection Point
Can be Online or Offline or Skipped (not recommended) During Setup After Setup

12 Service Connection Point (SCP) role needs to be installed
Requirements Service Connection Point (SCP) role needs to be installed Either in Online or Offline mode SCP role == Intune Connector role (doesn’t exist anymore) ConfigMgr 2012 R2SP1/SP2 Hybrid (Intune+ConfiMgr) customers upgrading to 1511 will not need to install SCP since it is already there TIP: If using a third party backup, “cd.latest” folder needs to be added to backup

13 Service Connection Point
Nags will show if not installed Nag will only show at the top level site, during console start, to the admins with “SMS_Site modify” right

14 Offline Servicing Created for customers that can’t connect to a cloud service (must be offline) STILL needs to install Service Connection Point (SCP) role to “a” server (doesn’t have to be connected to the internet) Set the SCP to Offline mode Use “Service Connection Tool” on computer connected to the internet download the content from the cloud service TIP: ServiceConnectionTool.exe needs to be copied together with all the other files in the directory when needs to be copied and run in another location Recommended to have 2GB on media (if USB)

15 Service Connection Tool
1 Server with Service Connection Point (no internet connection) Cloud Service ServiceConnectionTool.exe -Prepare -usagedatadest D:\USB\usagedata.cab 1602 Cab 3 2 Any machine with internet connection ServiceConnectionTool.exe -import –updatepacksrc D:\USB\UpdatePacks ServiceConnectionTool.exe -Connect -usagedatasrc D:\USB\usagedata.cab –updatepackdest D:\USB\UpdatePacks 1602

16 Updating Site Systems CAS/Standalone Primary Primary Sites
Download automatic in Online mode Download and import manually in Offline mode (using the Service Connection Tool) For both modes, initiate install manually using the console Primary Sites Download and install automatic but can be controlled specifiying “Service Windows” Secondary Sites Download and install is manual Distribution Points and all other site system roles Download and install is automatic

17 Configuration Manager Consoles
During initialization detects and if server version is greater, auto upgrades Can be ignored, but not recommended If ignored, it continues nagging when using the console

18 Clients Allow admins to select a pre-production collection to test new client After testing, admins can choose to promote the new client bits to production TIP: Client upgrade won’t start until the whole hierarchy is updated (including MPs, DPs, all server roles)

19 Known Issues Full administrator with default scope can NOT see 1602 update. Admins needs to have permission for “All instances of the object” under “Security Scopes” Redistributables can fail to download for various reasons, please check dmpdownloader.log and configmgrsetup.log for which exact files it fails to download If the update is being downloaded, CM admin console [monitoring]->[Overview]->[Site Servicing Status] does not show status for each site If the update content is being replicated, CM Admin console [monitoring]->[Overview]- >[Site Servicing Status] does not show status for each site

20 Known Issues 1602 shown in Admin console as Not Applicable, this is because the environment has a LONG CM installation path that 1602 cannot handle correctly. <CM InstallDir>\Inboxes\clifiles.src\Configuration.mof will be overwritten. Please find the backup from <CM InstallDir>\data\hinvarchive\ and add your custom extension back. Using 1602 CD.Latest to add a new peer primary site to a CAS, you will get a prereq failure (setup file build number does not match parent site build number), after verifying this is the only prereq rule failure, use /noprereq option

21 Improvements Coming Soon
More granular status monitoring Update download and replication progress percentage Revised installation status window interface References to applicable log files in user interface SQL upgrade performance improvements Pre-release Consent Feature node improvements Previous updates moved to new History node Limiting SQL access during database upgrade (1602+) Stop all current SQL connections to CM DB Deny remote MP “execute” permissions to CM DB 1602+ MPs will return "no new policy" to clients when update is in progress

22 Folders used by Updates and Servicing Feature
On "Service Connection Point“ Server EasySetupPayload\<PackageGuid> Consider this as package source for software distribution scenario On each "Site Server" <drive:>\SCCMContentLib\ Just like how regular software packages store their content CMUpdate use content library to distribute content to all primary site and CAS in a hierarchy, doesn’t use DPs though. <CMInstallDir>\CMUStaging\<PackageGuid> Temporary folder used by CMUpdate service. To extract, validate and apply the content <CMInstallDir>\CD.Latest (more here: Used for site recovery once the update is applied Can also be used for site expansion, or add a new primary site to the hierarchy <CMInstallDir>\StagingClient For storing client binaries for piloting clients <CMInstallDir>\CMUClient Contains new client binaries. For environments where client and MP are co-located.

23 If Download not showing
Log Files If Download not showing Dmpdownloader.log Hman.log During Download ConfigMgrSetup.log Replication Distmgr.log Sender.log (CAS) Despool.log (Primary) Prerequisites ConfigMgrPrereq.log Install Hman.log CmUpdate.log

24 THINGS YOU MUST ABSOLUTELY AVOID DOING!
Do NOT manually clean up EasySetupPayload folder for CM update that is being downloaded/processed. Do NOT manually clean up CMUStaging folder. Do NOT restore CM database/CM site server in case of error hitting in CM Update (fix the issue and “retry installation”) Do NOT reinstall “Service Connection Point” if an update is in progress. Do NOT use 1602 bits in CD.Latest folder to install a standalone primary site. Do NOT use 1602 bits in CD.Latest folder to upgrade a 1511 site or R2 SP1 (or earlier) sites. Do NOT manually clean up any Cm_Update* tables. Do NOT restart CMUpdate service during installation. Do NOT keep the CMUStaging\<Guid> folder open during installation. Do NOT copy files in CMUStaging folder. Do NOT restart smsexec during payload download (dmpdownloader.log shows if the package content is downloading) notifications can get lost in this scenario.

25 Configuration Manager Servicing

26 Diagnostics and Usage Data
Configuration Manager Aaron for this section

27 1960 Mercedes-Benz 300 Messwagen (measuring car)

28

29 SaaSifying Configuration Manager
Strategy SaaSifying Configuration Manager Running the product “as a service” requires visibility Product versions Scale and performance Default vs custom configurations

30 Benefits and Value Customer Future potential Microsoft
Improved setup/upgrade Improved quality Future potential Environment insights Peer comparisons Better support Microsoft Accurate test matrix Product insights Prioritization decisions

31 How the data is used Site server versions of Windows Server for supported configurations Installed language packs for scope of localization Delta of SQL schema against default Prerequisite checks

32 Individual customer identification
How it is NOT used Individual customer identification Licensing audits, such as comparing customer usage against license agreements Auditing of products that are out of support Advertising based on available data such as feature usage or geolocation (timezone) Configuration Manager does not collect site codes or sites names, IP addresses, user or computer names, physical addresses, or addresses on the Basic or Enhanced levels. Any collection of this information on the Full level is not purposeful (potentially included in advanced diagnostic information like log files or memory snapshots) and will not be used by Microsoft to identify you, contact you, or for advertising purposes.

33 Engineering Commitment Example: TS Step Names
Started collecting statistics on task sequence steps During tests, data returned: SMS_...(get from ) BDD_... If MDT can create steps via SDK, so can customers Extending OS Deployment: Contoso_SuperSecretProductStep Solution: Hash the names on both ends and compare Known hash = built-in step Unknown hash = custom step

34 Engineering Commitment Example: State Msg Perf
What state messages generate the most processing costs? Get test data from Dogfood environment: Now, what else can be derived? us/library/bb aspx 500 = SUM_UPDATE_DETECTION 7012 updates detected Could this highlight potential vulnerabilities?

35 Engineering Commitment Example: State Msg Perf
Solution: Business question is regarding performance We don’t need the raw data Calculate the magnitude and average cost, stack rank Telemetry captures the resultant summary:

36 Collected per site, sent per hierarchy once per week
Configuration Collected per site, sent per hierarchy once per week Only via SQL queries Service Connection Point Online Offline via service connection tool Levels: Basic, Enhanced, Full Site setup On by default Enhanced level

37 Data Flow SQL queries per site, insert to TEL_TelemetryResults Primaries replicate to CAS Once a week, SCP sends data up to service No data direct from clients

38 Viewing telemetry data

39 References Updates and Servicing Diagnostics and Usage Data
Install in-console updates Flowchart - Download updates Use the Service Connection Tool Use the Update Registration Tool to import hotfixes Use the Hotfix Installer to install updates Checklist for updating from Configuration Manager version 1511 to 1602 Diagnostics and Usage Data How diagnostics and usage data is used Levels of diagnostic usage data collection How diagnostics and usage data is collected How to view diagnostics and usage data Customer Experience Improvement Program (CEIP) Frequently asked questions about diagnostics and usage data

40 And Then …

41 Appendix Process Flows and Troubleshooting

42 Common Issues and Possible Reasons
Update stuck in downloading state Check internet connectivity, check dmpdownloader.log to see if it is able to get the CM update manifest Make sure system context is allowed for internet connection, and if it requires proxy to access internet Redist download (check configmgrsetup.log) Check which file it failed to download, if possible check proxy server setting is blocking the download Some customers’ proxy only allow HTTPS connection Some customers’ proxy have a white list of servers where it can download files from Make sure antimalware/virus exclude <CM install dir> and sub-directories If this is HybridMDM, first make sure the connector role certificate issued by Microsoft Intune is consistent. Check in hman.log to see if there error rejecting messages from “Service connection point” Make sure all the following places have the SAME cert. My store on CM “Service connection point” machine CertificateData table on CM database (Where CertType = 1) Active DMPConnector certificate that Microsoft Intune Service trusts (thinks the tenant has) If you are deleting an Intune subscription, make sure to delete the “Service connection point” role as well.

43 Common Issues and Possible Reasons
Update stuck in content replicating state Make sure there is enough space on site server If there is no disk space on site server, distmgr.log will show error it cannot get the files into content library on site server. Make sure hman.log has correctly created/updated the software distribution package used for CM update Make sure distmgr has processed update package successfully If this is hierarchy, check file replication channel to make sure the content has been replicated successfully to the primary sites. Check if the site server machine account can access the \\<Service Connection Point>\EasySetupPayloader

44 Process Flow – Downloading (CAS/Standalone Primary)

45 Process Flow – Downloading (CAS/Standalone Primary)

46 Process Flows – Replication (CAS)

47 Process Flows – Replication (CAS ..continued)

48 Process Flow – Replication (Primaries)

49 Process Flow – Replication (CAS/Standalone Primary)

50 Process Flow – Replication (CAS/Standalone Primary)

51 Installation Process (flow coming soon)
CMUpdate: Checks if prereq has passed Checks if the site server is OK to install update Checks if CMUpdate itself is up to date Checks if the site server is in service window Extracts the package from content library into CMUStaging folder Validates the content Installs the package Marks the site has finished installing the update Hman: Checks if prereq has passed If this is top level site, marks current site OK to install update, (peer primary site not OK to install) (CM_UpdateReadiness) If this is top level site, and CAS has finished installing the update, marks peer primary site OK to install update (only after this peer primary site proceeded to install) Aggregates overall update state from all site servers (excluding secondary sites) Extracts the package from content library into CMUStaging folder Validates the content Updates and restarts CMUpdate service Marks CMUpdate service is up to date (CM_UpdateReadinessSite) If overall state is update installed, updates the clients bits.

52 CM Update Database Schemas
--Overall state for CM Update --Only created/updated by HMan on TOP level site --The OverallState is checked by hman/cmupdate to decide what further action they should take select * from CM_UpdatePackages --Per site CM update state --Hman update it for heart beat, no state change --CMUpdate update it for state changes --trigger ObjectDistributionState_ins_upd to update the state regarding to content --trigger EasySetupSettings_iu (1602) to update the state regarding to content (for handling certain timing conditions) select * from CM_UpdatePackageSiteStatus --detailed installation status select * from CM_UpdatePackageInstallationStatus order by MessageTime desc --detailed prereq status select * from CM_UpdatePackagePrereqStatus

53 CM Update Database Schemas
-- Only created/updated by HMan on top level site -- HMan will mark the top level site is ready once CMUpdate service has passed prereq, waiting to install, CM_UpdatePackages -- Once top level site finished installation, it will add/update all peer primary sites into the table to tell them to go ahead select * from CM_UpdateReadiness -- created/updated by Hman on each site -- Once the site is ready to install -- HMan checks if cmupdate (CONFIGURATION_MANAGER_UPDATE) service is up to date, if not patch the cmupdate service first -- Hman mark the site cmupdate service is ready -- Read by CMUpdate service to see if it can continue to apply the update select * from CM_UpdateReadinessSite -- service window for the site server select * from SC_SysResUse_ServiceWindow

54 CM Update Database Schemas
-- saves the current EasySetup software dist package ID, version and hash of the content directory select * from EasySetupSettings select SourceVersion, StoredPkgVersion from SMSPackages where PkgID in (select packageid from EasySetupSettings) -- client piloting settings select * from ClientPilotingConfigs -- HISTORY tables -- Only maintained on top level site to track history of overall state -- For troubleshooting purposes, hman/cmupdate do not care about the history select * from CM_UpdatePackages_Hist order by RecordTime desc select * from CM_UpdatePackageSiteStatus_HIST order by RecordTime desc

Download ppt "Updates, Servicing and Telemetry"

Similar presentations

David Johnson | Page #1 © 2009 Blackbaud What Every Blackbaud DBA Ought to Know Welcome to the Support Roundtable for DBAs Presenter: David Johnson, Technical.

David Johnson | Page #1 © 2009 Blackbaud What Every Blackbaud DBA Ought to Know Welcome to the Support Roundtable for DBAs Presenter: David Johnson, Technical.
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 14 Upgrading to Exchange Server 2003.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 14 Upgrading to Exchange Server 2003.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.

Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
Software Distribution in Microsoft System Center Configuration Manager v.Next: Part 1.

Software Distribution in Microsoft System Center Configuration Manager v.Next: Part 1.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.

How To Keep Up With Security Patches Eric Schultze Security Strategies Microsoft.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
NovaBACKUP 10 xSP Technical Training By: Nathan Fouarge

NovaBACKUP 10 xSP Technical Training By: Nathan Fouarge
Module 16: Software Maintenance Using Windows Server Update Services.

Module 16: Software Maintenance Using Windows Server Update Services.
16.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.

16.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.

Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.
Wally Mead Senior Program Manager Microsoft Corporation.

Wally Mead Senior Program Manager Microsoft Corporation.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Wayne Miller Consultant Microsoft Soap Clorox Comet Murphy 2012.

Wayne Miller Consultant Microsoft Soap Clorox Comet Murphy 2012.

Similar presentations

Ads by Google