490 likes | 516 Views
Windows Management Technologies in Vista and beyond. Name : Mick Healy Title : Architect Group : WEMD Microsoft Corporation. Agenda. WMI Group Policy WinRM – Windows Remote Management WS-Man Remote Protocol WinRS – Windows Remote Shell New Vista Windows Event Log support
E N D
Windows Management Technologies in Vista and beyond Name : Mick Healy Title : Architect Group : WEMD Microsoft Corporation
Agenda • WMI • Group Policy • WinRM – Windows Remote Management • WS-Man Remote Protocol • WinRS – Windows Remote Shell • New Vista Windows Event Log support • Windows Vista Task Scheduler • WSUS 3.0 Changes • Windows PowerShell • Service Modeling Language
Windows Management Infrastructure (WMI) Enhancements Improve Manageability • Windows Vista includes 13 new WMI Providers: • BitLocker Drive Encryption • Trusted Platform Module • Boot Configuration Database • Intelligent Platform Management Interface • Windows Parental Controls • Network Access Protocol Client • Others…
Improvements In Group Policy For Windows Vista • Extends the reach of Group Policy with hundreds more settings • Reliably and efficiently apply policy • Easier to use
Extending The Reach Of Group Policy Over 500 new settings across key areas
Improvements In Group PolicyApplied more reliably, and easier to use Reliable and Efficient Application of Policy Easier to Use Network aware application of Group Policy Support for editing Group Policy settings in Multilingual Environments Support for Multiple Local GPOs GPMC integrated into Windows Search and filter (Post Vista) Templates (Post Vista)
WinRM - Windows Remote Management • Firewall Friendly Remote Access Protocol (Replaces DCOM) • HTTP and HTTPS • Microsoft’s implementation of WS-Management Use WinRM to Access WMI Information over the Internet
Components • WinRM: Windows Remote Management • WSMan implementation in Windows • WinRS: Windows Remote Shell • Uses WSMan stack for remote script executions • IPMI Driver • Event Collector • Event Forwarder
In-Band And Out Of Band Management console OS Client App Cmdlinetool WSMan Service WSMAN WSMan client WMI EventLog IPMIdriver WSMAN Hardware BMC
EventLog Service WMI Service Machine Boundary Reg Config plugin WMI plugin SEL plugin Events plugin Client App Cmdlinetool WSMan Prov DLL WSMan Client DLL WSMan Automation DLL WSMan service WSMan Prov DLL WSMan Client DLL WSMan plugin WinHTTP HTTP/HTTPS Architecture Svchost Config plugin HTTP.sys 3rd party WSMan Other mgmnt component Windows platform
Machine Boundary HTTP/HTTPS Event Forwarding Collector Machine Event Source Machine 3rd party App Cmdline tool EventViewer Collector API CreateSubscription Svchost Svchost EventLog Service Events plugin EventLog Service EventCollector Service WSMan service WSMan Client API Event Log Event Log WinHTTP HTTP.sys 3rd party WSMan component EventLog component Windows platform
Remote Shell • Access to Remote shell (cmd.exe) • Batch mode execution of scripts and commands • Access to output streams from remote shell • Input data for prompts • Example usage: Add/Remove server roles, collect inventory, configure Firewall etc • PowerShell will use WinRS for remoting
New Vista Event LoggingWindows Eventing 6.0 • Right Data to Diagnose Problems • The right data…but not too much data • Improved supporting data and documentation for all events • Infrastructure Supports Ad-hoc Diagnosis and Management Tools • Schematized events (XML) provide richer information • Easy integration with management tools
Event Log In Windows VistaPerformance, scalability, and security • New event publishing API • Schematized, discoverable, structured events • Unified API for event logging and tracing • Logging is asynchronous (Does not block the application) • Log size limitation removed • Now limited only by available disk space • Improved security
Event Log In Windows VistaEvent consumption • New event consumption API • XPath-based queries • Event subscriptions • Bookmarks • Full remoting support • Full backwards compatibility with existing applications • Event forwarding using WS-Management protocol • New event collector service
Event Log In Windows VistaConfiguration, management, and tools • New configuration and metadata API • Log management improvements • Group Policy based event log configuration • GUI – Enhanced Event Viewer • Command line utility
Event Viewer In Windows Vista • Know where to look • Admin, operational, analytic and debug logs • High-level event summary on home page • Find what you need • Enhanced filtering, multi-log queries, preview • Event views • Know what to do • Richer online information about events
Event Viewer In Windows Vista • Manage centrally • Full remoting to Event Log service • Cross-log queries • Log configuration • Self-contained archives • Event forwarding from multiple sources • Troubleshooting flow • Admin, operational, analytic, and debug logs • Enable/disable detailed logging • E2E tracing
What’s New in Task Scheduler? • Power and Flexibility • Sophisticated Scheduling Options with new triggers, conditional launch, and action chaining • Completely scriptable • Visibility • Task dashboard shows active and upcoming tasks • Improved Reliability and Resource Allocation • Retry tasks in case of failure • Run when next available
What launches the task? Multiple triggers allowed OR-ed Task Structure Triggers Defines constraints Multiple conditions allowed AND-ed Conditions Many Actions per Task now Serialized Actions
TimeTrigger / CalendarTrigger (Periodic) At specified global (UTC) time Jittered (Delayed) start Triggers Schedule ~ OR ~ EventLog event trigger Registration based on EventLog query Generic Event ~ OR ~ IdleTrigger, BootTrigger, LogonTrigger RegistrationTrigger SessionStateChangeTrigger System Events
DisallowStartIfOnBatteries StopIfGoingOnBatteries Conditions Power State ~ AND ~ Run Only If Idle Stop at Idle End Restart at Idle Resume Idle State ~ AND ~ Launch if network is available Any or specific network profile Network Availability
Any command shell program Exe, Script, Batch DLLs hosted in user apps Task Actions Command Line / DLL Includes attachments Over SMTP E-Mail Body and title For interactive tasks Message Box
%windir%\system32\tasks Task Management Interfaces XML File New COM / Scripting API Programmatic MMC Admin Tool SchTasks.exe Admin Tools Create Task Wizard End User
Status Events Configuration (Registry) Task Scheduler UI &Command line Transient Control Process 2 per login session (high and low privileges) COM+ Scripting Task Scheduler Service (shared svchost) Session Manager API S4U / CredMan (Logon) Credentials (Credman) “Jobs” Pre-Vista computers DCOM, RPC Access User Process(cmd.exe, dll, etc.) User Process(cmd.exe, dll, etc.) User Process(cmd.exe, dll, etc.) Task XML (File System) Info bucket (Registry) Task Scheduler Architecture
WSUS 3.0 Improvements • Simpler Deployment • Improved Performance • Improved Reliability • Reporting Support • Targeting Enhancements • Improved Admin Experience
Simpler Deployment • WSUS 3.0 is an in-place upgrade of 2.0 • 3.0 has all the features of 2.0 and then some! • WSUS 2.0 Servers can sync from a 3.0 Server • Allows for a gradual top down roll out • New OOBE (Out of the box experience) wizard to help guide initial setup • Many improvements to replica mode to support branch office deployments • Move between Replica and Autonomous modes without a reinstall • Support for language subsetting on downstream replica servers • Replica’s can sync meta-data from a USS and content from MU • Support for disconnected replica synchronization
Improved Performance • Reporting performance • 50% performance gain • Server Synchronization • Full sync down from 1 ½ hours to 20 minutes • New UI makes it easier to see what’s relevant • New deployment options make it easier to build large scale deployments • Server now has native support for x64
Reporting Support • See a single unified view of the status of your organization • Reporting rollup is in the box! • Roll up detailed status or summaries • Roll up from autonomous or replica servers • UI reporting based on Rosetta controls • Print, Save to Excel or PDF • New “Reporters” user role • Allows read-only access to the server
Targeting Enhancements • WSUS 3.0 supports 2 new grouping concepts • Nested target groups • Overlapping group membership • A computer can be a member of > 1 group • Eg: Computer 1 is a member of Servers as well as Exchange Servers
Improved Admin Experience • New MMC 3.0 based console • Column sorting and reordering • Context Menus • Host multiple servers in a single console • Home pages to give a quick overview • Custom Views • Additional Filtering views for the results pane • Integrated reporting “in context” • Built in email notifications and status • Access to drivers and hotfixes via the Microsoft Update (MU) Catalog site • API support for importing 3rd party updates
Windows PowerShell • Next generation shell that is: • As interactive and composable as BASH/KSH • As programmatic as Perl/Ruby • As production oriented as AS400 CL/VMS DCL • Allows access to data stores as easy to access as filesystems
Shell PowerShell Highlights • Rich set of Namespaces (data dources) • Man-style help with rich schema and searching • Command-line-oriented following strong naming guidelines • E.g., Verb-Noun • Interactive experience (aliases, navigation, tab-completion, command line editing) • Pipelines • Object utilities
Shell Uniformity Get-Process | Where { $_.handles –gt 500 } | Sort handlecount | Format-Table Common PowerShell Parser Get-ProcessClass Sort Class FormatClass Where Class PowerShell Pipeline Processor
Shell Commands • Verb-Noun • Verb-Noun –FirstP Val –SecondP V2,V3 –ThirdP:V4 • You can alias • Set-Alias gps Get-Process • Parameters can be positional • gps –ProcessName LSASS • gps LSASS • Parameters can be wildcarded • gps c* • Partial parameter names allowed • Gps –p lsass
Shell Trusting Operations • Commands with side-effects support: • Whatif • Gps |where {$_.handles –ge 500} | stop-process –WhatIf • Confirm • Stop-process S* -Confirm • Verbose • Stop-Process [a-x]*[q]*[r-t] -Verbose
Shell Finding Data • Data stores surfaced as “Drives” • Filesystem, Registry, Alias, Certs, Env, Functions, Variables, etc • > Get-Drive • > dir HKLM:\SOFTWARE\Microsoft • Drive is a namespace with numerous information axis • Item, ChildItem, Content, ItemProperty, ACL, etc. • New navigation/interaction model supported with aliases for existing commands
Shell Explicit Object Formatting • Built-in formatters for lists, tables, wide, and custom-views • > Get-Command Format-* • Formatters allow you to specify properties, propertysets and property expressions • > gps |format-table name,id,handlecount • > gps |format-table Configuration -auto • > gps |format-table name,@{Expression= {$_.mainmodule.filename}; Label="File"} • > gps |format-list name,*size64
Scripting Scripting • Supports existing scripting models • *NIX model of text processing including regular expressions • Visual Basic Script model of COM automation • Supports scripting .NET objects • Support loose, strong, and extensible typing models • Uniform syntax to access to a wide range of types • WMI, XML, COM, ADSI, ADO • Rich variable semantics (typed, read-only, constraints, descriptions) • Rich operators and control structures (C#-like with access to cmds & utilities) • Functions (positional, named, typed, constrained params)
Service Modeling Language • An XML Schema based modeling language that provides a rich set of constructs for modeling complex IT services and systems • the system’s structure • relationships between the system’s components • relationships with other systems • applicable constraints • Goals • Increase automation of management tasks by capturing knowledge about managed systems in a machine usable way • Allow different participants with different domain expertise to collaborate in building models
Windows Perf CountersBefore Windows Vista • Win32 Counter Providers • Requires performance counter DLLs • Uses registry and system files as central repository • Uses no unified IPC mechanism • Managed Counter Providers • Provides a simple managed API for a Win32technology • Uses a component oriented design • Integrated with Visual Studio Designers
Windows Perf CountersBefore Windows Vista • Developer’s Concerns • Complex programming model • Registry corruption • Inefficient handling of multiple instances • 32-bit and 64-bit incompatibility
Windows Perf CountersWhat’s new in Windows Vista • Improved Manageability • Simplified programming model • No more 32-bit/64-bit issue • Development tools • Improved Reliability • No more registry corruption • No need for performance counter DLLs • Improved Scalability • Retrieval of only requested data