Service Manager 2012 RC – Managing Employee Lifecycle

Posted by on January 18, 2012 No comments

SCSM 2012 RC was just released and we are excited! This blog is designed to show you how the Self-Service Portal can help you manage employees and the hardware they will use throughout their time with your company. Here is our scenario:

    1. John Smith is hired and needs a user account, computer, and smartphone.

    2. John proves himself valuable and is rewarded with a new job in a different department.

    3. Finally the John decides it’s time to retire and puts in notice of resignation.

The page below shows our available Service Offerings. Service Offerings are made up of multiple request offerings which contain the forms that users will actually fill out.

Now we go into our HR Service Offering and you can see the three Request Offerings. We’ll start with New Hire Request.

The form is pretty basic but it queries the Service Manager CMDB for the Department and Manager fields. This allows the user to search for what they are looking for and automatically adds it as a Configuration Item to the Service Request. Pretty Slick!

John has done a great job on the Sales team and is eventually accepted into a position in the Marketing department. When his new boss fills out this form the CMDB is queried again for John’s username and his new Department.

Finally John decides its time to retire. His manager logs in, selects his termination date, and his username from the CMDB. The request is submitted and the technician assigned to it can automatically find his computer and smartphone from information already in the CMDB.

ForeFront UAG Direct Access – POC

Posted by on January 5, 2012 No comments

Direct Access has always sounded great. When it came out I couldn’t wait to try it but after looking into it seemed like it would be impossible to manage…at least until Forefront UAG developed support for it. I was able to get my hands on some spare hardware and setup a POC environment. Here are initial thoughts and experiences.

No need to re-invent the wheel for the actual configuration. I used these resources:

1. Forefront UAG DirectAccess Technical Overview – I strongly recommend reading this. It will give you the base knowledge to work with this product and troubleshoot when necessary.

  • Technet UAG/DA Technical Overview

    2. Direct Access Step by Step. This is a great guide but does not include ForeFront UAG. Use it for reference with #2.

  • Base Config
  • Direct Access Step by Step

    3. UAG SP1 DirectAccess: Configuration Guide by Shannon Fritz. This guide really tied everything together for me. I recommend you follow it page by page and reference the above guides if you are unsure about a specific step (e.g. how to configure your CA). Comment if you get stuck, I’m happy to help :)

  • UAG SP1 Direct Access Guide

    A few things I ran into that may help you.

    1. Computer Certificate AutoEnrollment was already enabled in my domain. This caused DA not to work initially because I had added my UAG/DA server to the domain before configuring my CA. To resolve I just needed to issue a new computer level Server Certificate and specify it in Step 2 of the UAG/DA wizards.

    2. I also had an issue with 6to4 transitions (used when client has public IP, e.g. tethering from my phone). To resolve I opened Protocol 41 on my FireWall. This is in the guide but I found it confusing. This is a screenshot of what I did to open it:

    • Failed Cluster and Domain Controllers

    Posted by on December 23, 2011 No comments

    I received a call from a friend the other day who had lost power for an extended period of time.  He had implemented a small Hyper-V Cluster to house a file server, an app servers, and his domain controllers.

    Both DCs were inside the cluster on Cluster Shared Volumes (CSVs) which put us in a bad situation – the cluster would not start because it relies on AD and we could not access the DCs b/c they were part of the cluster.  It took a while to work around but eventually we were able to gain access to one of the DCs on the CSV, copy it outside of the CSV, and get everything up and running.  Here’s how:

    1. Determine which node was acting as the Coordinator at the time of the failure.  To do this open Disk Management on each node until you find the one that shows the Volume Names.  Note how the disks are reserved – this will prevent you from being able to add a drive letter to them.

    2. Shutdown all nodes other than the Coordinator (determined in step 1).  This prevents your quorum settings from trying to start Cluster Service on other nodes.

    3. Start the Cluster Service on the remaining node and open Failover Cluster Manager (start-run-services.msc).

    4. Open Failover Cluster Manager and go to Storage, right-click the CSV that holds your DC and remove it from CSV.

    5. The volume should now show as Available Storage.  Right-click it and go to properties.  Note the disk number.

    6. Open Powershell and Import the Failover Cluster module into powershell by running Import-Module FailoverClusters.

    7. Run the Clear-ClusterDiskReservation –disk X where X is the disk number from the previous step.

    8. Open Disk Management.  You should see the volume and it should no longer be Reserved.  Right click and add a drive letter.  The copy/paste the folder containing the old DC to a local disk (can be on the C:\ drive as long as there is enough space).

    9. Rename the Folder on the CSV (the volume you added a drive letter to) to .OLD to make sure the VM does not Auto-Start when the cluster comes back up.

    10. Open Hyper-V Manager, go to New-Virtual Machine-select a Name and choose a new location to store it (local storage).  Select memory, networking, and choose to Use An Existing Virtual Hard Disk.  Select the .VHD file from the folder we copied in step 9.

    11. Before you bring your other nodes up you need to undo the CSV changes you made.  Open up disk management and remove the drive letter you just added.

    12. Go back to Failover Cluster Manager and go to Cluster Shared Volumes.  Click Add Storage and pick the volume you removed earlier.

    13. Boot your other Hosts. They should start up and join the cluster normally.

    14. Open Failover Cluster Manager and go to Nodes and Services.  Right-Click the DC that you have running locally and choose Delete.  You will still have the local copy of the DC running which will allow you to bring the cluster up if this happens again (it is still recommended to have a physical DC).

    Hello World!

    Posted by on October 8, 2011 No comments

    Hi, my name is Tom and this is my blog.  I’m an IT Pro Services Consultant and I’ll be posting some of my experiences here.  Thanks for reading!