Presentation is loading. Please wait.

Presentation is loading. Please wait.

PowerShell DSC v. ConfigMgr Compliance Settings MMS Minnesota 2014 Greg Ramsey David O’Brien Sherry Kissinger #MMSMinnesota.

Published byNelson Grant Modified over 9 years ago

Similar presentations

Presentation on theme: "PowerShell DSC v. ConfigMgr Compliance Settings MMS Minnesota 2014 Greg Ramsey David O’Brien Sherry Kissinger #MMSMinnesota."— Presentation transcript:

1 PowerShell DSC v. ConfigMgr Compliance Settings MMS Minnesota 2014 Greg Ramsey David O’Brien Sherry Kissinger #MMSMinnesota

2 Agenda Creation Targeting/Deployment, Enforcement, and Priority Reporting PowerShell DSC Demo – David ConfigMgr Client Settings Demo – Greg and Sherry Discuss MMS Minnesota 2014

3 PowerShell DSC Native Feature in Windows Powershell 4.0 Lots of Experimental Resources availableExperimental Resources AD, Azure, Certs, Bitlocker, Chrome, CompMgmt, CredSSP, Database, DHCPServer, DISM, DNS, Exchange, Cluster, Firefox, Hyper-V, JEA,MySQL, Networking, RebootPending, PHP, RemoteDesktopConfig, SafeHarbor, SCDPM, SCOM, Script, SMA, SCVMM, SMB, SQLPS, SQL, SystemSecurity, WebAdmin, WindowsUpdate, WinEventLog, WordPress, FileShare RBA? Not really.. Maybe control some with Partial Config MMS Minnesota 2014

4 “Make It So” DSC is Idempotent IdempotentIdempotent - The property of certain operations in mathematics and computer science, that can be applied multiple times without changing the result beyond the initial application. http://en.wikipedia.org/wiki/Idempotence MMS Minnesota 2014

5 DSC Example MMS Minnesota 2014

6 DSC Creation MMS Minnesota 2014

7 DSC Resource Anatomy 101 MMS Minnesota 2014 Test-TargetResource – tests presence, absence on a machine Get-TargetResource – Checks for how a machine is configured at a point in time. Set-TargetResource – Enforces State of machine, when Test- TargetResource returns false

8 DSC Resource – Simple Pseudocode MMS Minnesota 2014

9 DSC Targeting/Deployment and Priority Targeting/Deployment Install configuration locally Static (mostly) Configure “Local Configuration Manager” to PULL configurations Partial Configurations Dependencies Priority Conflict Detection MMS Minnesota 2014

10 Enforcement ApplyOnly – applies once, does nothing else until new/updated configuration ApplyAndMonitor – Apply, monitor – report compliance/noncompliance ApplyAndAutoCorrect - Apply, monitor, report compliance/noncompliance, auto remediate drift MMS Minnesota 2014

11 DSC Reporting Pass/Fail, no detail Use Web Services on Conformance Endpoint Use SCOMSCOM MMS Minnesota 2014

12 Demo - DSC MMS Minnesota 2014

13 ConfigMgr Compliance Settings Native Feature in ConfigMgr Lots of supported providers AD, File, Script (Jscript, VBScript, and PowerShell), SQL, Software Update, WMI, XML, Registry, IIS, MSI) RBA – Yes! MMS Minnesota 2014

14 Compliance Settings Example MMS Minnesota 2014

15 Compliance Settings Targeting/Deployment and Priority Targeting/Deployment Deploy using ConfigMgr Can be Dynamic (Query-based Collection) Client pollson regular interval for CI updates Partial Configurations* Dependencies Priority Conflict Detection reporting MMS Minnesota 2014

16 Compliance Settings Enforcement Monitor Monitor and Remediate *Maintenance Windows for Enforcement MMS Minnesota 2014

17 Compliance Settings Reporting In-Console monitoring *Create collections too ConfigMgr Reporting Point SQL Eventvwr MMS Minnesota 2014

18 Demo – Compliance Settings MMS Minnesota 2014

19 Session Title Evaluations Please provide session feedback by clicking the Eval button in the scheduler app. One lucky winner will get a free ticket to the next MMS! Visit all of our sponsors in the expo area and online! Platinum Sponsors: Gold Sponsors : MMS Minnesota 2014

Download ppt "PowerShell DSC v. ConfigMgr Compliance Settings MMS Minnesota 2014 Greg Ramsey David O’Brien Sherry Kissinger #MMSMinnesota."

Similar presentations

SIM311. Built on top of Microsoft ® System Center Configuration ManagerBuilt on top of Microsoft ® System Center Configuration Manager Supports all.

SIM311. Built on top of Microsoft ® System Center Configuration ManagerBuilt on top of Microsoft ® System Center Configuration Manager Supports all.
Internet Based Client Management

Internet Based Client Management
AppManager 7: Deep Technical Dive Tim Sedlack & Michi Schniebel Sr. Product Managers.

AppManager 7: Deep Technical Dive Tim Sedlack & Michi Schniebel Sr. Product Managers.
Practical PowerShell Tips & Tricks MMS Minnesota 2014 Trevor Sullivan, Jeff Wouters, David O’Brien – @david_Obrien.

Practical PowerShell Tips & Tricks MMS Minnesota 2014 Trevor Sullivan, Jeff Wouters, David O’Brien – @david_Obrien.
ConfigMgr State and Status Messages

ConfigMgr State and Status Messages
Automating Microsoft Azure with PowerShell MMS Minnesota 2014 Trevor Sullivan and David O’Brien – #MMSMinnesota.

Automating Microsoft Azure with PowerShell MMS Minnesota 2014 Trevor Sullivan and David O’Brien – #MMSMinnesota.
Windows Deployment - Now and Into the Future

Windows Deployment - Now and Into the Future
Advanced Infrastructures In System Center Configuration Manager 2012 R2 Jason blog.configmgrftw.com m Wally.

Advanced Infrastructures In System Center Configuration Manager 2012 R2 Jason blog.configmgrftw.com m Wally.
Software Distribution in Microsoft System Center Configuration Manager v.Next: Part 2.

Software Distribution in Microsoft System Center Configuration Manager v.Next: Part 2.
Your CMDB and PowerShell DSC: DevOps Techniques

Your CMDB and PowerShell DSC: DevOps Techniques
Patch Management Module 13. Module 2-421 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
VIR314. Understand the scenarios Application support Understand the scenarios Application support Review of the sequencing process Demo Review of the.

VIR314. Understand the scenarios Application support Understand the scenarios Application support Review of the sequencing process Demo Review of the.
Esri UC 2014 | Demo Theater | Using ArcGIS for Server in the Microsoft Azure Cloud Nikhil Shampur.

Esri UC 2014 | Demo Theater | Using ArcGIS for Server in the Microsoft Azure Cloud Nikhil Shampur.
Supporting Infrastructure (AD, Certs, DNS, WSUS) Monitoring (SCOM, Other, Custom) Remote Desktop Gateway Dev/StageProduction CI & Deployment.

Supporting Infrastructure (AD, Certs, DNS, WSUS) Monitoring (SCOM, Other, Custom) Remote Desktop Gateway Dev/StageProduction CI & Deployment.
LinuxUNIX Red HatSUSECentOSUbuntuDebianOracleAIXHP-UXSolaris Configuration Manager * * * * * * Endpoint Protection No Plans.

LinuxUNIX Red HatSUSECentOSUbuntuDebianOracleAIXHP-UXSolaris Configuration Manager * * * * * * Endpoint Protection No Plans.
Managing Your Datacenter with Microsoft System Center Configuration Manager Kent Agerlund, ECM MVP, Coretech.

Managing Your Datacenter with Microsoft System Center Configuration Manager Kent Agerlund, ECM MVP, Coretech.
Troubleshooting OS Deployment MMS Minnesota 2014 Johan Michael #MMSOSD.

Troubleshooting OS Deployment MMS Minnesota 2014 Johan Michael #MMSOSD.
Windows Domain Hardening

Windows Domain Hardening
SCORCH – Fun Recipes for RunBooks MMS Minnesota 2014 Steve Jesok & Matthew #MMSSCOrch.

SCORCH – Fun Recipes for RunBooks MMS Minnesota 2014 Steve Jesok & Matthew #MMSSCOrch.
Service Models in SCOM with VSAE examples

Service Models in SCOM with VSAE examples

Similar presentations

Ads by Google