SCCM v.Next hits Beta 1

And goes public too at the same time. (It showed up for downloads on 24. May, but I didn’t notice it the same day.)
Downloadable from

I think it was about six months back that Microsoft disclosed that the roadmap for the SCMDM product would be a merge with SCCM in what has been codenamed v.Next. This would bring about the grand unified management console enabling you to manage both client computers, servers, and mobile devices from the same place. I’m having mixed feelings about this, not because I enjoy having to relate to different interfaces for managing different devices, but because managing computers and mobile devices aren’t necessarily the same thing. That’s not to say there aren’t benefits to it though, and if it’s pulled off the right way it could make sense. This is a topic I could rant on about for hours though, so we’ll leave that discussion aside. Microsoft has made a strategic choice, and I will of course try to evaluate what is available in this build.

I don’t have hands-on experience with SMS/SCCM from before since I mainly deal with MDM solutions. Even given this the installation experience went pretty smoothly. Sure, there are some beta issues, but nothing you can’t solve easily (at least when it comes to installing it). I’m not going to cover the installation process, as I’m trying to focus on what you can do with v.Next, and the install process is sure to change before RTM.

Microsoft and Nokia have both stated that Symbian devices will be supported by System Center, but it is not known whether this will apply to the current Series 60 generation, or only to new (and unannounced) devices. iPhone and Android are unsurprisingly not supported at the time of writing, and from what I can tell it seems like only Windows Mobile 6.1 and 6.5 are supported for now. This probably isn’t a problem as far as having an introductory look.

In this post I’m only going through the interface, and commenting on a few of the features I can see. I have not done a deep dive in the available technical documentation, and this means I might get something wrong/incorrect/missing too 🙂 I intend to do some actual testing of devices in the (hopefully) near future.

It seems the enrollment concept we saw in SCMDM is still present here. You need to fill in details like which OU to place device, which CA to use (you can easily choose), etc. The certificates you enroll are used by the device for authentication purposes, but not for establishing a VPN tunnel. The Mobile VPN feature is gone in v.Next, and last thing I heard it’s not clear if it will be re-introduced, and if so in what form.

After creating the enrollment policy you can create devices – either single devices or importing from a csv file:

App Distribution
The ability to distribute applications is naturally present. Most likely still based on the robust WSUS distribution engine underneath.

Configuration Items
Normally I refer to settings like Power-on-Password, device encryption, etc as security policies. In v.Next this is called “Configuration Items”. You’ll recognize most of these categories from Exchange (2007 & 2010), and SCMDM. Or other MDM solutions for Windows Mobile for that matter.

After checking the relevant categories you’ll be prompted for the specific settings. I’m thinking this might be more intuitive for new admins, but such things have a touch of personal preference so you might disagree. It’s nicely wizard-driven at least.

With policies implemented through Exchange there are some loopholes, and one can try to get around the policies. With SCCM we can have the devices report compliancy which would uncover such attempts.

You may check the operating systems you want to apply the settings to.

If the wizard configuration items aren’t enough you can also create custom settings; I’d say this is a nice and user-friendly way of setting registry keys (especially compared to having to build custom adm files in SCMDM):

You can also specify “Windows Mobile OMA URI”, but I’ll admit I’m not sure of how this URI should be formatted:

After you have created a couple of different policies, and perhaps an app or two, you can group it together as a baseline to apply to devices.

There’s obviously an inventory view as well, but since I haven’t enrolled any devices there wasn’t all that much info present in it 🙂

For a beta I’m very happy with the responsiveness in the UI, and I’m not seeing many hiccups in the UI either. I don’t see any fantastic new features at the moment compared to what SCMDM has to offer, but it’s a slightly different mindset required for administration (if you’re used to SCCM already I’m guessing it’s familiar stuff already). Of course, it’s not impossible for new features to surface as we progress through the beta builds.

This was a sort of “quick and dirty” article, but I wanted to get some initial impressions out there as quickly as possible. More testing and evaluation will be performed once I’ve verified the base deployment is working, and I’ve had time to read through some white papers.

Windows Phone 7 and Exchange ActiveSync

By a happy coincidence Windows Phone 7 had it’s technical unveiling at Mix 2010 just as I was wrapping up my previous write-up on ActiveSync. Microsoft also released an emulator for developers to start coding for the new OS. If you’ve been following the news mill you’ll know by now that there are some major changes this time around which differs from previous platform upgrades. While you will still be able to leverage knowledge like C# you have to make do with Silverlight or XNA, and compared to previous releases of Windows Mobile this breaks quite a few applications. (Only OEMs get native code access, and even they will be restricted as to which native APIs they can use.)

The emulator as delivered from Microsoft has a few limitations though:
– It requires you to install a “Phone Edition” of Visual Studio. (Which may come in conflict with other Visual Studio stuff you have installed previously.)
– It does not run in a virtualized environment like Hyper-V or Virtual PC. Probably because of the DirectX 10 requirement.
– You have to start it through Visual Studio.
– You can only use your own apps, and Internet Explorer.

And while it’s not a limitation as such it’s an x86 build, so for those hoping to get a hacked version onto their HTC HD2 there’s no solution yet. (I would not be surprised if some crazy guy managed to disassemble it, re-compile for ARM, and get it to run on a three year old device just for the fun of it. I’d be mighty impressed though.)

Well, let’s see… I can live with it requiring Visual Studio, and as luck has it I have a physical Windows desktop I can install to. Check.

You can run it stand alone if you install Process Monitor, start the emulator in Visual Studio, and capture the command line it invokes (in Process Monitor). It will look like this:
C:\Program Files (x86)\Microsoft XDE\1.0\XDE.exe” “C:\Program Files (x86)\Microsoft SDKs\WindowsPhone\v7.0\Emulation\Images\WM70C1.bin” /VMID {GUID}
The GUID is the reason you have to capture through Process Monitor.

While I cannot provide links or further info, there is also a method that will allow you to “unlock” the image and use all the goodness, and not just the browser.

Now what is the first thing a guy checks after getting access to the entire OS? Setup mail synchronization of course! Here’s what it looks like:
Locate “Mail setup” in the menu.

If you choose “Outlook” it seems you need a functioning AutoDiscover setup. Since I don’t have this on the Exchange I’m testing against I chose “advanced setup” which will let you specify the server address manually.

Enter your email address and password.

Seems kind of different to the present wizard, but only after providing the address you get to choose what kind of account it is.

Settings – upper half of wizard page.

Settings – lower half of wizard page.

The account will pop up with the familiar Outlook logo (and the account name you provided) on the menu.

Upon entering and starting to synchronize I get a info message telling me I need to apply some policies. I have checked Power-on-Password and encryption, and unchecked the box that will let non-provisionable devices sync.

Defining the password.

Lo-and behold – I’ve got a mail in my inbox. (Notice the filters – “all”, “unread” and “urgent”.)


Since Outlook 2010 introduces the possibility to have multiple Exchange accounts it is not entirely surprising that Windows Phone 7 will make no fuss when configuring multiple “Outlook accounts” on your device. (No, I don’t know how it plays out with different policies in effect.) I’m seeing some problems syncing in general, like reluctance to sync before I send a new mail to the inbox, but it is a CTP/Beta so far so I guess we’ll have to accept this much currently 🙂

The device reports the following info about itself:
user agent: MSFT-SPhone/7.0.6077
DeviceModel: XDeviceEmulator
DeviceOS : Windows CE 7.0.6077
DeviceType: SmartPhone
ASProtocolVersion: 14.0

I don’t know if this is a beta thing, or a change of direction, but as you can see it reports itself as a SmartPhone – not PocketPC, even though it has a touch screen. (Might it be that the difference between a SmartPhone and PocketPC is the absence/presence of a physical keyboard? This would be a wild guess of course, and I really wouldn’t know.)

This is just my first impressions after a very quick spin of the new OS. I expect to be investigating relevant matters further. And when I say relevant I mean related to topics usually covered on this blog. While I love the Zune interface, and see this as a potential iPod replacement, I’m not covering those features here.

You are probably also understanding to the fact that this is an early build, and before we see actual devices hitting the stores later this year it may all change…

23. November 2010: Update – I’ve posted an article with some more details on Windows Phone 7 vs Exchange: