Category Archives: Microsoft

License Management with ConfigMgr 2012

Firstly, if you intend to rely, solely, on ConfigMgr for software license management & compliance – think again!

According to Microsoft this functionality within the suite has its limitations. Microsoft admits to these ‘limitations’ within the ConfigMgr Asset Intelligence Documentation (http://technet.microsoft.com/en-us/library/gg681998.aspx)

Asset intelligence is a feature in ConfigMgr that utilizes special hardware inventory classes, a set of reports and a catalog that is periodically updated by Microsoft.

The section of the documentation which describes the limitations is below:

Legal Limitations
The information displayed in Asset Intelligence reports are subject to many limitations and the information displayed in them does not represent legal, accounting, or other professional advice. The information that is provided by Asset Intelligence reports is for information only and should not be used as the only source of information for determining software license usage compliance.

The following are example limitations involved in inventorying installed software and license usage in the enterprise by using Asset Intelligence that might affect the accuracy of Asset Intelligence reports:

Microsoft license usage quantity limitations

  • The quantity of purchased Microsoft software licenses is based on information that administrators supply and should be closely reviewed to ensure that the correct number of software licenses is provided.
  • The reported quantity of Microsoft software licenses contains information only about Microsoft software licenses acquired through volume licensing programs and does not reflect information for software licenses acquired through retail, OEM, or other software license sales channels.
  • Software licenses acquired in the last 45 days might not be included in the quantity of Microsoft software licenses reported because of software reseller reporting requirements and schedules.
  • Software license transfers from company mergers or acquisitions might not be reflected in Microsoft software license quantities.
  • Nonstandard terms and conditions in a Microsoft Volume Licensing (MVLS) agreement might affect the number of software licenses reported and, therefore, might require additional review by a Microsoft representative.

Installed software title quantity limitations
Configuration Manager Clients must successfully complete hardware inventory reporting cycles for the Asset Intelligence reports to accurately report the quantity of installed software titles. Additionally, there might be a delay between the installation or uninstallation of a licensed software title after a successful hardware inventory reporting cycle that is not reflected in Asset Intelligence reports run before the client reports its next scheduled hardware inventory.

License reconciliation limitations
The reconciliation of the quantity of installed software titles to the quantity of purchased software licenses is calculated by using a comparison of the license quantity specified by the administrator and the quantity of installed software titles collected from Configuration Manager client hardware inventories based on the schedule set by the administrator. This comparison does not represent a final Microsoft conclusion of the license positions. The actual license position depends on the specific software title license and usage rights granted by the license terms.

However, should you wish to use the Asset Intelligence feature for License Management regardless of its limitations, the following steps will need to be completed.

  1. A CSV file containing all license information will need to be created. A sample CSV License file is here:Not all fields need to be completed, however the following fields are mandatory; Name,     Publisher, Version and EffectiveQuantity. All dates within this CSV need to be in the US format i.e. mm/dd/yyyy.  Name & Version must match what is in the ConfigMgr DB – I (or another ConfigMgr Admin) can sort this.
  2. This CSV needs to then be imported into ConfigMgr;
    Open the console and navigate to Assets And Compliance -> Asset Intelligence.
    Right click on Asset Intelligence and select Import Software License.
    Run through the wizard ensuring you select General License statement when given the choice.
  3. Software Licenses can then be reported on.
    Navigate to Monitoring -> Reporting
    Run the report named License 15A – General License Reconciliation Report
    This will show you a basic report containing license count, usage and more importantly the difference between them both

Is this reliable? No!

Could you use this as evidence during a compliance audit? Definitely not.

Is it real-time? No, it can be days, weeks or even months out of date.

What other options are there?

There are a multitude of discovery tools available on the market, including tools from 1E, Snow, LicenseDashboard etc – these all range in price, but from our experience, 15-20GBP per client per annum is the norm.

These tools generally ‘plug-in’ to ConfigMgr and make use of Asset Intelligence, Software Metering and their own DBs to give you a bigger picture of your licensing within the enterprise.

Toolsets:

If, like many enterprises, you are in the process of moving towards a new Windows 7 platform along with a new implementation of Configuration Manager 2012 – take this as an opportunity to get hold of your licensing and manage it correctly. Knowing where software is installed can now become a business process rather than a technical investigation – and its easy!

ConfigMgr 2012 also offers Software Metering – i.e. Is software deployed but not being used? We can determine this easily, and with a bit of simple SQL Querying we can automate the removal of the application.

The one issue which still blights most enterprises is how to prevent deployment of applications when no licenses are remaining. In an ideal world, this wouldn’t be an issue, as the whole software approval process would look something like this:

  1. User requests a licensed application
  2. Service Desk passes the call to relevant parties;
    Whoever deals with software license purchasing to check license availability, costs etc
    IT Department to potentially ‘push back’ and ask for business justification and potentially suggest other software (Maybe a viewer is a better option?)
    Users manager to approve the ‘need’ for the software and potentially, the costs to his/her departmental budget
    CMDB guys to record software asset deployment
  3. Once the Service Desk has the required approval, the call is passed to ConfigMgr Administrator or Infrastructure guys to either (for example):
    Approve request from ConfigMgr Console
    Add the user to the relevant AD group for deployment.

If, when the call gets to 2a/b/c there are no licenses left, and the users manager approves the cost then more should be purchased prior to the call being forwarded to next person/department.
No manual installs should ever take place.

Unfortunately, the above process is nearly always flawed.

Another issue which impacts most enterprises is the recovery of licenses from lost, stolen or broken machines, or users who have left the company – its usually a dirty process which in most case is left to luck, and crossed fingers.

There is a tool available on the market which can prevent deployment of applications if no licenses are available, easily recover licenses from lost, stolen or broken machines and even from users who have left the company. It can even help bring existing software installations under control. Slickey License Manager (http://www.slickey.com) can be easily implemented and work alongside ConfigMgr and/or any discovery tool.

In summary, License Management + ConfigMgr 2012 = half a solution. However, it can help you keep a mindful eye on your licensing position – but its not automated and will need IT resources to manage.

Software Asset Management Obstacle 1 – decommissioning Machines

slickey001

Coming from a system management background, it never ceases to amaze me how many old unused assets are still lurking in active directory cluttering up that efficient looking directory service.

So what do you do to manage all these stale resources, Yes there are a myriad of scripts to pull the last log on date from  a computer account one of which you can see here:-

# This PowerShell Command will query Active Directory and return the computer accounts which have not logged for the past
# 60 days.  You can easily change the number of days from 60 to any number of your choosing.

$then = (Get-Date).AddDays(-60) # The 60 is the number of days from today since the last logon.

Get-ADComputer -Property Name,lastLogonDate -Filter {lastLogonDate -lt $then} | FT Name,lastLogonDate

# If you would like to Disable these computer accounts, uncomment the following line:
# Get-ADComputer -Property Name,lastLogonDate -Filter {lastLogonDate -lt $then} | Set-ADComputer -Enabled $false

# If you would like to move these computer accounts, uncomment the following line:
# Get-ADComputer -Property Name,lastLogonDate -Filter {lastLogonDate -lt $then} | Move-ADObject -TargetPath "OU=OLD-Computers,DC=Contoso,DC=Com"

Great we are making progress now we have the power to automate the task of cleaning up active directory of old stale computer accounts and have the ability to remove old accounts and then all them fancy reports from SCCM and other sources are pretty current and no longer are your staff looking for old assets.

This to me was great process, until I sat down and realized that this isn’t true lifecycle management and really has no place in the enterprise.

For example your company is spending huge amounts of money on software licensing, does your IT manager want to be paying for software licenses which are currently broken or even worse stolen.

So the fact that you have tidied active directory of stale computer accounts, this is a tiny and some would say insignificant house keeping exercise unless you manage the complete life cycle of the device from provisioning to decommision.

The average cost of a Corporate PC’s software licenses is around £1200, and if you don’t account for this in your housekeeping exercise then you might as well throw that money away.

Why do you think software discovery is big business and fetching huge revenues to software companies along with the need to manage the audits every month to remain compliant if there is such a word using these tool sets?

Well let me tell you about Slickey License Manager we have just introduced a new feature called “Decommission” which will place the licenses from these machines back in to the pool for redeployment.

So not only do we issue allocated licenses at the time of install with any Software Delivery Tool, we can also remove any license inventory on old computers and even employees who have left the company.

Is there a better way?

OSD in ConfigMgr 2012 SP1

Long time no speak…

With Christmas, New Year, a holiday to New York & Florida and a new job role, the blog has been lonely!

However, I’m back in the game and implementing ConfigMgr 2012 SP1!

I’ve been looking at OSD this morning, and noticed a change since SP1, which I’m not sure was detailed anywhere obvious.

When creating a Build & Capture Task Sequence, you get to the screen offering you to browse for the Operating System. In 2012, you could simply browse to an imported Operating System Installer, i.e. a copy of the Windows 7 source files which you have imported into the console.

In SP1, we don’t have this option. The only option presented is to browse for an Operating System Image. This is a bit crazy, considering that this is the reason we are creating a Build and Capture Task Sequence – to obtain an image, a *.wim file.

What we have to do in SP1 is to import the Windows 7 install.wim into the console as a Operating System Image. We can then select this in the task sequence.

Hope this helps someone!

Slickey License Manager

About to hit the ground running is Slickey License Manager;

Slickey makes it easy to deploy boxed, licensed products with enterprise deployment tools.

Up to now, packagers, administrators etc have been hampered in smaller businesses as generally, these type of small to medium companies have purchased software as and when it is needed, and not worried about volume licensing until its too late!

Obviously, it is not a viable option to create multiple packages/applications for the same product with different license keys…

Slickey allows you you create one package or application which ‘checks in’ to obtain available license keys from a central server. This the logs the machine name and date of license retrieval. Similarly, the uninstall will ‘check’ the license key back in once the software is removed.

As you probably already know, this could save thousands in licensing.

Its still a young product, but one which could not only save companies a lot of money, but also save system administrators a lot of time. This all improves efficiency of IT systems – which, lets face it, is the reason we all do what we do!

Check out the website, comments would be VERY gratefully received and welcomed!

Slickey License Manager

Could be a common fault on Dell E6230?? (UPDATED) (UPDATED AGAIN)

Today, we had a strange issue.A brand new Dell E6230 which we have been testing our OS Deployment task sequence on, suddenly failed to boot.

When powered on, the power button lit up, as did the battery indicator. But nothing else.

We listened closely and could hear a clicking sound. Not the hard drive as this machine has an SSD!

We reseated the RAM – Nothing.

We reseated the SSD – Nothing.

We called Dell, who said they would send an engineer out.

But suddenly, whilst on the call with Dell we noticed something!

Read more ...

Slickey License Management
SlicKey Software Limited
Info: +447932773506
Email: Information@slickey.com
Strategic Partners
Contact Us For Partnership Opportunities
Slickey License

@NickolajA Any ideas what this issue I have with modern driver management pic.twitter.com/O6zv5Dt2dK