1 / 42

Windows Management Technologies

Windows Management Technologies. Agenda. Architecting & Deploying Windows Server Update Services WMI and WS-Management Introducing the Microsoft Management Console (MMC) 3.0 Group Policy and the GPMC Monad. Architecting and Deploying Windows Server Update Services (WSUS).

xue
Download Presentation

Windows Management Technologies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows Management Technologies

  2. Agenda • Architecting & Deploying Windows Server Update Services • WMI and WS-Management • Introducing the Microsoft Management Console (MMC) 3.0 • Group Policy and the GPMC • Monad

  3. Architecting and Deploying Windows Server Update Services (WSUS)

  4. What Is Update Services? • Corporate update management offering • Gets content from Microsoft Update (MU) service • RTW component of Windows Server • Free to Windows Server (2000 and above) licensees • Requires Windows Server / Core CAL for target systems • Does not change currently available offerings • SUS 1.0 continues to get content from WU • Core component of Microsoft’s Patch and Update Management solutions and roadmap

  5. Solution Overview Microsoft Update WSUS Server Desktop ClientsTarget Group 1 Server ClientsTarget Group 2 WSUS Administrator Administrator approves updates Administrator puts clients in different target groups Administrator subscribes to update categories Server downloads updates from Microsoft Update Clients register themselves with the server Agents install administrator approved updates

  6. Supported Updates • Content Partners • Windows, Office, SQL, Exchange at RTM • Additional products added over time • OS platforms • Client/agent • Windows 2000 SP3 and later, Windows XP RTM and later (incl. XP embedded and XP x64) • Windows 2003 RTM (32-bit only), Windows 2003 SP1 (x64 and ia64) • Server • Windows 2000 SP4 and later • Windows 2003 RTM and later (32-bit only) • International support • Client is localized to 25 Windows client locale • Server is localized to 17 Windows Server locales • MUI support

  7. WSUS

  8. Server Summary • Simple to use Web UI allows administration from any computer • Synchronization engine to download updates from Microsoft Update • SQL-based database holds all data other than content (software files) • Can be set up in a hierarchy to suit organizational needs • Completely built on managed code • Uses BITS to efficiently utilize the network • Secure • Scalable

  9. Server Architecture WSUS Servers/MU Admin workstation Clients Server/Server Web service Client/Server Web service Reporting Web service Admin UI Content sync Catalog sync Server API Metadata Store MSDE/SQL File Store (NTFS)

  10. Client Summary • Win32 Service (Agent) implements most functionality • Extensible architecture based on Update type Handlers • Handlers for MSI, update.exe, drivers etc. • Automatically self-updates to newer versions offered on the server • Automatic Updates feature controllable by policy • Secure

  11. Client Architecture WU Serviceor WSUS IE (WU Site) Customscripts WU Client WU Client API Updatehandlers Updatemanager Automaticupdates BITS Content store Metadata Store

  12. Deployment Options • Server deployment options • Single server • Multiple servers • Replica • Autonomous • Disconnected servers

  13. Single Server Microsoft update WSUS server Desktop clients

  14. Single Server Small organization or simple network • Configure single server to talk to MU • Synchronize all relevant updates (e.g. Windows XP critical and security updates) • Configure clients to point to the WSUS server • Optionally: • Create target groups for different groups of machines • Configure clients to be members of a target group • Configure auto approval rules to approve updates for install automatically

  15. Multiple Servers Microsoft Update WSUS server WSUS server Desktop clients Desktop clients

  16. Multiple Server ScenarioLarge organization/complex network • Configure single/multiple servers to talk to MU • Synchronize all relevant updates (e.g. All Windows XP, 2000, 2003 critical, security updates) • Create a hierarchy of servers • Independent WSUS servers in the intranet • Replica servers • Configure clients to point to respective WSUS servers • Optionally: • Create target groups for different groups of machines • Configure clients to be members of a target group

  17. Disconnected Servers Microsoft update WSUS server WSUS server Desktop clients

  18. Disconnected ServerDisconnected networks • Setup an external server to talk to MU • Synchronize all relevant updates (e.g. all Windows XP, 2000, 2003 critical, security updates) • Export update data and content to media • Import update data and content to WSUS server on disconnected network • Server will validate Microsoft certificates on content and data relationships integrity • Configure clients to point to respective WSUS servers

  19. WMI and WS-Management • WMI Architecture • WS-Management Overview

  20. WMI Overview • WMI is the WBEM/CIM Microsoft implementation • Various components of Windows are surfaced by WMI • +600 WMI classes, + 3000 properties exposed • In the box since Windows 2000 • Windows NT 4.0 = ± 15 providers • Windows 2000 = ± 29 providers • Windows 2003 = ± 80 providers • Supports various WMI Clients • Supports scripting (WSH) • Native C++ • Managed code (.NET) • Supports command line operations (WMIC) • Remoting based on DCOM

  21. .NET Client Applications Windows Forms Web Forms C/C++ Client Scripts WMI Consumers (Management Applications) System.Management WMI Scripting API COM Inter-Op 1 3 WMI COM API COM/DCOM 2 WMI Repository WMI Core (CIM Object Manager) WMI Infrastructure COM/DCOM COM Inter-Op SNMP WMI Provider Cimv2 WMI Provider Any WMI Provider WMI Providers System.Management. Instrumentation … Managed Objects SNMP Managed entity Windows (Win32) Managed entity Any Managed entity (Native Code) .NET WMI Provider .NET Managed App/entity Native C/C++ .NET C#, VB.NET, etc WMI Architecture

  22. WS-ManagementThe Protocol • WS-Management is a joint effort with Intel, Sun, AMD, Dell, BMC Software and WBEM Solutions to use web services protocol for interoperable management • A Web-Services based Structured Access Protocol

  23. WS-ManagementImplementation So what is WS-Management? • A Web Service • An XML/SOAP-based Management Protocol • Is used over HTTPS • Can access most existing WMI objects • Can access WS-Management capable SPs OB • In-Band provides a richer set of capabilities than the OOB, specifically software management

  24. WS-ManagementImplementation - Continued • Microsoft Windows Server R2 ships with the first version of WS-Management • This version supports • Access to hardware instrumentation • Firewall friendly access to Windows instrumentation • Implemented over HTTPS • A WSMAN command line tool

  25. .NET Client Applications Windows Forms Web Forms System.Management COM Inter-Op WS-Management WMI Plug-in For WS-Mgmt C/C++ Client Scripts WMI Consumers (Management Applications) WS-Management WMI Repository WMI Core (CIM Object Manager) WMI ScriptingAPI 3 WMI Infrastructure WMI COM API COM/DCOM COM/DCOM COM Inter-Op 2 SNMP WMI Provider Cimv2 WMI Provider Any WMI Provider WMI Providers System.Management. Instrumentation … SNMP Managed entity Windows (Win32) Managed entity Any Managed entity (Native Code) Managed Objects .NET WMI Provider .NET Managed App/entity 1 Native C/C++ .NET C#, VB.NET, etc WS-Management Access-Path WS-Management Enumerate Response WS-Management Enumerate Request HTTPS (TCP/443)

  26. Group Policyand the GPMC

  27. “New Policy” Many End User Results Many Computer Results Active Directory Group Policy OverviewDo More with Less Effort • Group Policy enables administrators to set and maintain a desired computing state • Allows for mass-customization – scalability without sacrificing flexibility to customize • Group Policy Management Console (GPMC) for administration One Administrator Action

  28. Policy-Based ManagementWhat can you do with Group Policy? • Centralized storage and mgmt of user data • Users have access to data and settings from any computer • Consistency of user experience across computers • Data safety and availability • Rapid PC replacement • Configuration of the Operating System: • Networking settings, control panel access, remote assistance, disk quotas, IE • Securing the Operating System • Ongoing and dynamic configuration management

  29. GPMC Overview • Admin tool for managing Group Policy • Set of scriptable interfaces for managing GP • MMC Snap-in, built on these interfaces • Feature Summary • Reporting • Search • Resultant Set of Policy (RSoP) integration • Backup/restore • Import/export, copy/paste • Scripting of GPO operations (not settings)

  30. GPMC User Interface

  31. IntroducingMicrosoft Management Console (MMC) 3.0

  32. Key MMC 3.0 User Benefits • More reliable • Improved detection and reporting of snap-in problems • Ability to isolate hung snap-ins from console (new snap-ins only) • Improved usability • Asynchronous UI model • Simpler customization of consoles • Discoverability of actions • Richer snap-ins • Simplified customization for increased functionality • Templatized snap-in design • Functionally rich views through Winforms

  33. Console Authoring Users asked us to make customizing consoles simpler OLD NEW

  34. Actions Pane Users asked us to make functionality more discoverable Sub-panes: • Provide actions for the selected tree node • Provide actions for the selected item • Provide a helpful description for the selected item

  35. Snap-in Customization Easy development of custom MMC snap-ins with minimal coding • Simple model for developing snap-ins • Functionally rich snap-ins with minimal development effort • VB snap-in development supported “400 lines of code instead of 6,000 for MMC 1.0” “Hands down it makes the job of creating a snap-in almost trivial”

  36. Platform Support *Available via Windows Update or Web Download

  37. MMC 3.0 - Vista

  38. Weak Cmd shell Weak language Spotty coverage Little guidance Inconsistent GUI focus Hard to automate SDK focus Programmer abstractions Monad and MSH Command-oriented scripting Users Admins Scripters Systems integrators Provides Interactive shell Cmdlets Utilities Scripting language Monad Introduction Problem Solution

  39. MSI Version 3.0 • Ships With XP SP2 • Does not Support Windows 9x, ME or NT. • Improved Logging • Scripting Objects • SourceList API Enhancements • Enhanced inventory API • Command line switches • Extensive enhancements in patching • SDK Tools and Documentation Updates • MSI 3.1 is now available

  40. On-line Resources • Windows Server Update Services Home Page • http://www.microsoft.com/windowsserversystem/updateservices/default.mspx • Introduction to WMI • http://msdn.microsoft.com/library/en-us/dnanchor/html/anch_wmi.asp • Introduction to WS-MAN • http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wsman/wsman/about_ws-management.asp • What’s New in MMC • http://msdn.microsoft.com/library/default.asp?url=/library/en-us/managedMMC/html/7d607c5f-94e9-4d4f-9e4a-cd35cdbee7eb.asp • Introduction to Group Policy • http://www.microsoft.com/windowsserver2003/techinfo/overview/gpintro.mspx • Group Policy Management Console • http://www.microsoft.com/windowsserver2003/gpmc/gpmcwp.mspx

  41. MMS 2005 DVD Resources • SW02: Practical Group Policy - Application and Usage (Part 1) • SW03: Practical Group Policy - Application and Usage (Part 2) • SW04: Microsoft Baseline Security Analyzer (MBSA) 2.0 • SW05: Admin scripting: Managing Windows Security with scripts • SW06: Using web services for platform hardware management • SW10: Extending Software Update Services with the Application Programming Interface • SW11: Architecting and Deploying Software Update Services • SW15: Developing custom management tools in MMC V2.1 using VB.Net • SW12: Introduction to Monad Command Line Scripting

  42. © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

More Related