For new or current AT&T customers out there, there is a new cool interesting offering from AT&T where they will give customer support to setup and test out SCMDM in their environment! See the full press release here and ask your local rep for more information:
http://www.att.com/gen/press-room?pid=4800&cdvn=news&newsarticleid=26038
|\\arco..
Just a quick reminder if you aren't already aware but the Microsoft SCMDM product team is posting some great troubleshooting tips over on their blog: http://blogs.technet.com/scmdm/
Some recent topics:
Troubleshooting device connection to the Device Management server
Remote Wipe Now and MDM Alerter troubleshooting
|\\arco..
For those of you that have been following along and interested in the Redfly, please note that the price has now been lowered to USD $399. You can also order it directly here:
https://redfly.store.enterprisemobile.com/
In other Redfly news, another batch of Windows Mobile device drivers have been released. Please see http://www.celiocorp.com/smartphone/ for the latest listing!
And finally, a new 30 day free trial program has been put in place: http://www.celiocorp.com/freetrial/
They will simply charge the current price if not returned after 30 days..
|\\arco..
I've tried to compile a list of which devices now have official supported upgrades available for them. This may be useful for many of you as well. I will keep this list updated..
Sprint Motorola Q9c:
http://direct.motorola.com/hellomoto/NSS/update_my_software.asp
Sprint Mogul:
http://www.htc.com/us/FAQ_Detail.aspx?p_id=75&act=sd
Sprint HTC Touch:
http://www.htc.com/us/faq_detail.aspx?p_id=76&act=sd
AT&T Motorola Q9h:
AT&T Tilt:
<imminent I have heard, will replace with link once available! Possible announcement at the CTIA conference Sept 10, 2008?>
HTC TyTN II:
http://www.intomobile.com/2008/05/24/htc-gets-official-with-windows-mobile-professional-61-update-for-htc-tytn-ii-kaiser.html
Samsung SCH-i760:
http://msmobiles.com/news.php/7497.html
Orange HTC TyTN II:
http://www.coolsmartphone.com/news4172.html
Telus HTC Touch:
http://www.htc.com/us/FAQ_Detail.aspx?p_id=80&act=sd
If you know of others please let me know!
|\\arco..
Skype has now released a updated version with Windows Mobile 6.1 support. So this means within a MDM environment you could package it up and ship it out to your supported WM 6.1 devices..
More info here:
https://developer.skype.com/WindowsMobileSkype
|\\arco..
This appears to be "silently" released almost 2 weeks ago, but haven't seen much posted about it so far.
Microsoft System Center Mobile Device Manager 2008 Management Pack for SC Operations Manager 2007:
http://www.microsoft.com/downloads/details.aspx?FamilyId=B9785235-826E-442B-AEAF-12F44BAE5517
I'm interested in seeing how someone could perhaps extend some of the event log and/or performance collection gathering to fit other needs.. Perhaps a nice view of connected devices and their IP pool addresses?
|\\arco..
I've been on vacation for a few weeks and now back in the saddle and will keep updating my blog here with more interesting Windows Mobile enterprise management information!
I new site I have added to the left side underneath the SCMDM Links section is the SCMDM Team Blog which will have comments and information directly from the product team. Check it out!
http://blogs.technet.com/scmdm/
|\\arco..
The company I work for, Enterprise Mobile, is hiring! If you know someone you might be a good fit please forward this on and see the links below! Much appreciated!
Description:
Reporting to the Regional Director, Professional Services, the Mobility Consultant will consult with customers on mobility strategy, making recommendations and suggestions.
Specific responsibilities:
- Delivering strategy workshops across a range of enterprise mobility related topics.
- Troubleshooting specific technical problems related to mobility infrastructure.
- Designing mobility architectures for enterprises.
- Delivering proposals related to mobility issues such as security, device management, etc.
- Either doing or providing technical leadership to technical staff doing hands-on work associated with any or all of the above.
For more details on requirements and qualifications, and to apply please go here:
http://www.interviewexchange.com/jobofferdetails.jsp?JOBID=10064
http://www.enterprisemobile.com/careers/overview.htm
Marco..
Several new support documents have now been posted to TechNet before TechEd this week to further support enterprise installations of SCMDM. Check them out!
Configuring External and Internal Firewalls in Mobile Device Manager
Describes how to configure external and internal firewalls to permit MDM to function.
Deploying Mobile Device Manager in a Global Enterprise Environment Helps you address the decisions and activities that are critical to successfully integrate MDM into a larger, more complex, or geographically dispersed enterprise environment.
Integrating Mobile Device Manager with Microsoft Exchange Server Helps you address the decisions and activities that are critical to successfully integrate MDM and Microsoft Exchange Server.
Integrating Mobile Device Manager with Existing Web Sites or SharePoint Server Helps you integrate MDM with existing Web sites or Microsoft Office SharePoint Server portals for Windows Mobile 6.1 access.
Using WM 6.1 Images on the Device Emulator with MDM Provides instructions for using the Windows Mobile 6.1 Device Emulator images to configure and test your MDM system.
New entry on June 19, 2008:
Using Wi-Fi with Mobile Device Manager
Helps you plan and deploy your wireless infrastructure using SCMDM 2008. Includes best practices and guidelines for a secure and reliable wireless architecture.
|\\arco..
Can't help think back in time when phones were literally a different "beast" than today.. This gives a nice recap, enjoy!
http://www.liveleak.com/view?i=d5a_1211301449
“Who hasn't rummaged through their pants pocket or purse looking for their ultra-sleek, super-tiny cell phone and longed for a return to the days when using a mobile phone meant lugging around a 2-pound battery pack and holding a brick to your face?
This three-minute video takes us on a nostalgic trip back to the early days of cell phones. Watch a 1985 Motorola DynaTAC morph into an Apple iPhone, with about three dozen cell models squeezed in between. The video even provides a glimpse of the cell phones of the future.”
BTW, I even found a company that is selling "vintage mobile phones" now: http://www.retrobrick.com :-)
Update July 14, 2008:
Chris Saint Amant forwarded me this nice graphic: http://www.newlaunches.com/entry_images/1107/12/nokia_timeline.jpg
|\\arco..
In case you have missed the news so far the last week or so.. Things are slowly starting to pick up with all the promised upgrades for specific models announced in October 2007 and April 2008:
Sprint Motorola Q9c:
http://www.everythingq.com/news/software/motorola-releases-windows-mobile-6-1-upgrade-for-sprint-moto-q-9c-20080603298/
HTC TyTN II:
http://www.intomobile.com/2008/05/24/htc-gets-official-with-windows-mobile-professional-61-update-for-htc-tytn-ii-kaiser.html
Which means the official AT&T upgrades should be around the corner as well you would think... :-)
|\\arco..
A few great new tools now available for download from http://tools.enterprisemobile.com!
These new tools can really be useful when trying to use and troubleshoot your SCMDM 2008 installation. Check them out and feel free to give me some feedback on how they could be made even better!
This utility provides a graphical user interface (GUI) for signing CAB files (files used for installing software on WM devices) in order to easily creates secure mobile deployment. Microsoft System Center Mobile Device Manager requires each software distribution to be digitally signed, which may be a challenge for the Mobile Administrator using existing process and procedures. The utility makes the signature step super easy and simple.
GUI CAB Signer Utility provides:
· Graphical User Interface for CAB signing for easier and simpler process
· Enables faster deployment through visual verification of certificate
· Can be installed on any PC running Windows XP or Vista
This utility combines basic troubleshooting tools commonly available on the desktop and widely used by IT Staff and Administrators (ping, traceroute, ipconfig) with some more advance capabilities (ping sweep, speed test) into one package that is compatible with WM 5, WM 6 and WM 6.1.
Windows Mobile IP Utility enables easy troubleshooting of connectivity on Windows Mobile devices, enables and eases out troubleshooting of Microsoft System Center Mobile Device Manager VPN connections and even enables troubleshooting of PCs connected to the same network as the WM device i.e. WiFi network.
Windows Mobile IP Utility provides:
· IPCONFIG for all adapters on the Windows Mobile device
· PING to any host or destination
· PING SWEEP of multiple hosts within the specified range
· Traceroute to any host or destination
· Speed Test to check your connection speed and performance
· Is compatible with WM 5, WM 6 and WM 6.1 devices
· Requires .NET CF 2.0 (additional install for WM 5 devices, in ROM for WM 6 and later)
|\\arco..
Today new Resource Kit v1.1 downloads were made available for the Client and Server, together with the long awaited Reporting Services!
I will attempt to post a more detailed review of all the tools at a later date.
For now this is a quick overview and what is included in which release:
MDM Server Tools:
- v1.0: MDM Certificate Tool
- v1.0: MDM Bulk Pre-Enrollment Tool
- v1.0: MDM Cleanup Tool
- v1.0: MDM Device Enrollment Cleanup Tool
- v1.0: MDM Application Hash Code Tool
- v1.1: MDM CAB Signing Tool
- v1.1: MDM Active Directory Validation Tool
- v1.1: MDM System Configuration Cmdlets
- v1.1: MDM Device Records Synchronization Tool
- v1.1: MDM Additional Group Policies
- v1.1: MDM Group Policy Models
- v1.1: MDM Blocked Device Cleanup Tool
- v1.1: MDM Security Configuration Wizard Templates
MDM Client Tools:
- v1.0: MDM Connect Now Tool
- v1.0: MDM VPN Diagnostics Tool
- v1.1: MDM Managed Device Status Viewer
MDM Reporting Services:
"provides a reporting and data access service across all feature areas of MDM. MDM Reporting Services is based on and integrated with SQL Server Reporting Services 2005."
|\\arco..
Since things are heating up and more and more people are asking questions on SCMDM information, I have gathered up this little quick-hit list:
System Center Product Page:
http://www.microsoft.com/systemcenter/mobile
One page overview:
http://www.microsoft.com/systemcenter/mobile/evaluation/overview.mspx
TechNet Product Page:
http://technet.microsoft.com/en-us/scmdm
TechNet Forum for SCMDM 2008:
http://forums.technet.microsoft.com/en-US/SCMDM/threads/
Product Documentation:
http://technet.microsoft.com/en-us/scmdm/cc304592.aspx
This currently has the following guides listed:
- Architecture Guide
- Planning Guide
- Deployment Guide
- Security Guide
Resource Kit Tools: (v1.1 released on May 14th, 2008)
http://technet.microsoft.com/en-us/scmdm/cc304591.aspx
This currently has the following downloads:
- Self Service Portal (SSP)
- Server Tools (See my other blog posting for the v1.0 release)
- Client Tools: ConnectNow and VPNDiag see this blog posting, MDM Managed Device Status Viewer new with the v1.1 release)
- Best Practices Analyzer Tool (BPA)
- Reporting Services (new with v1.1)
One note on the Server and Client Tools:
The v1.0 downloads dated April 1, 2008 where removed and updated with the v1.01 or later dated after May 1, 2008. Do not extract the older versions to your root C:\ drive folder as it will blow away your OS! See the KB article on this here: http://support.microsoft.com/kb/952338.
120-day Trial/Evaluation Download:
http://technet.microsoft.com/en-us/evalcenter/cc339027.aspx
MSDN media: http://msdn.microsoft.com/subscriptions/downloads
Windows Mobile 6.1 Emulator
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D6F581E-C093-4B15-AB0C-A2CE5BFFDB47
Emulator setup documentation: http://technet.microsoft.com/en-us/library/cc461417.aspx
Windows Mobile 6.1:
http://www.microsoft.com/windowsmobile/6-1/default.mspx
Windows Mobile - System Center Mobile Device Manager overview:
http://www.microsoft.com/windowsmobile/mobiledevicemanager
Proxy assistance:
To configure a Proxy running ISA server to tunnel HTTPS packets on port 8443 to the Device Management server, use the AddTPRange.vbs script from here: http://www.microsoft.com/technet/isa/2004/plan/managingtunnelports.mspx
|\\arco..
Summer 2008 is coming and a new wave of mobile devices are being announced. Yesterday it was the long anticipated new batch HTC Touch devices.
As these devices come towards to the consumer (via direct stores and carriers), there will automatically be questions raised to the Enterprise administrator when these employees start bringing these new devices into their work space.. "When can these be supported?", "How can I get my corporate e-mail and apps on them?", etc..
The major good news is that many of these newer devices now are coming with WM 6.1, so using them with your MDM infrastructure and mandating the same settings throughout your environment has become much easier!
Comparison Table of the HTC Touch Diamond and Sony Ericsson Xperia X1:
http://www.gsmarena.com/compare.php3?idPhone2=2368&idPhone1=2246
For grins, an added comparison with an iPhone, as this new wave of devices appear to attack that premium marketplace:
http://pdadb.net/index.php?m=pdacomparer&id1=815&id2=1311&id3=1117
Together with a new breed of mobile browsers (ie. Skyfire, etc) and graphical display engines (Adobe Flash, Silverlight), it think these high-powered, high-resolution, memory crammed devices will be highly sought after and enter the enterprise space rather quickly!
|\\arco..
Steve Hughes from BostonPocketPC made this very detailed and slick review of this killer device. It basically extends your Windows Mobile device over Bluetooth to an external screen, with full keyboard, USB ports, VGA output and additional battery.
Check it out the length review here: http://www.bostonpocketpc.com/Review++Celio+REDFLY.aspx
I had a similar positive experience when I had a REDFLY unit for a day and used it with an AT&T Tilt to display an internal SharePoint site through SCMDM 2008 on a projector. Very sweet and brings a lot of possibilities to the table as you can manage the WM 6.1 devices through SCMDM!
|\\arco..
For those going to the upcoming TechEd North America 2008, IT Pro Conference, June 10-13 in Orlando Florida my Enterprise Mobile colleague Patrick Salmon has two sessions just about SCMDM:
My other Enterprise Mobile college Doug Field, is managing the Hands-On-Lab for SCMDM as well!
Find more information on TechEd 2008 here:
http://www.microsoft.com/events/teched2008/itpro/default.mspx
There is also a ton of sessions on Windows Mobile and Windows Mobile 6.1 that could be very interesting!
|\\arco..
There is a new interesting online forum Microsoft has brought up:
http://www.windowsmobiletraining.com/connection/ or
http://www.windowsmobileconnection.com
“Join the Windows Mobile® Connection, the official Microsoft forum for anyone who sells mobile phones or works in the mobile industry. Built by us and made awesome by you, it's a destination for sharing discussions, opinions, and advice with other sales and support professionals in the mobile industry.”
Already found several interesting tidbits of information, such as this excellent listing of mobile optimized sites:
http://www.windowsmobiletraining.com/connection/forums/t/14.aspx
|\\arco..
Another great article in the current issue of Smartphone/PocketPC Magazine from my Enterprise Mobile colleague Patrick Salmon:
http://www.pocketpcmag.com/cms/_archives/Jun08/SystemCenterDevice
Good round up of knowledge skills and necessary to get started with SCMDM. Provides an excellent overview of the technology and why it is important as well!
|\\arco..
Matt Fontaine wrote a great 6 page article printed in the May 2008 issue of TechNet Magazine titled "Introducing System Center Mobile Device Manager".
You can check it out here online: http://technet.microsoft.com/en-us/magazine/cc462799.aspx
|\\arco..
Great useful article from my Enterprise Mobile colleague Chris Hopson on how to deploy existing Microsoft signed .CAB files in your MDM environment:
http://blog.enterprisemobile.com/2008/04/software-distribution-with-mdm/
|\\arco..
[Work in progress posting - I'm still adding tidbits!]
As described a few days ago in the Client Tools blog posting I did, another excellent collection of SCMDM tools are available in the Resource Kit Server Tools.
Direct download link: http://www.microsoft.com/downloads/details.aspx?FamilyId=E898BF6D-325F-43E7-98A6-40149FDF2C2D
These tools are meant to assist SCMDM administrators with server related tasks on the SCMDM server(s). Each comes with a little text file with instructions for their usage and their requirements.
I will step through them and highlight scenarios where they would be useful. All of them require that you run them with either MDM Server Administrator or local Administrator permissions.
It is not advised to run the tools from non-writeable media such as CD/DVD as the automatic log files can not be created in that case.
MDM Application Hash Code Tool
This tool is a command line utility that assists with creating a SHA-1/MD5 hash code file. This has code file can then be used in a Group Policy Object (GPO) to create a software restriction policy so specific applications can or can not be run on your managed Windows Mobile devices.
Supported file-types are .cab, .exe or .dll files.
MDM Bulk Pre-Enrollment Tool
This tool provides you with a method to mass enroll devices for your production SCMDM 2008 implementation. Instead of adding them manually through the MDM Console or through the Self Service Portal (SSP).
The installation of this tool is a little tricky as it is a PowerShell snap-on.
1. First you need to run the .NET Framework InstallUtil, which I had to find in the .NET Framework installation directory, and then give the full path to the .DLL we want to install:
2. Then you must open the PowerShell window and execute two more commands. After-which the new cmdlet is activated and it's usage can be displayed:
[To do: More information on how to use the New-BulkEnrollmentRequest cmdlet]
MDM Certificate Tool
This tool is a super-duper certificate fix-it-up tool that could be handy if you fear you have issues with expired certificates after your initial SCMDM installation or if an ACL is out of whack. These could show up as Event ID 12105 and 12503 on the Gateway Server.
This tool is probably the most complex of the 5 tools in the Resource Kit, but it gives you 4 high-level functions:
/validate - Validate the ACL on the Gateway Central Management (GCM) certificate or existing certs.
/set - Set the ACL on the Gateway Central Management (GCM) certificate.
/install - Install one of the 6 certificates used on various SCMDM roles.
/alert - Notification by log, console, e-mail on when specified web site certs will expire.
The usage text output is quite complete and helpful to get the syntax right:
if you execute "MDMCert /validate" or one of other operational arguments the tool will give you further useful usage text. In the case of the /validate and /set it will even detect the proper certificate authority names available and display them!
[To do: How does the MDMCert.exe.config file work with the SMTPhost value?]
[To do: How does the alert messages look like?]
MDM Cleanup Tool
This is a tool for the purely paranoid at heart. :-) No, actually, this is a powerful tool for remote administrators who may have the need to quickly and remotely uninstall one or more SCMDM components. Also handy for lab work, when you need to clean things up or script training environments..
This tool is an .exe file and requires it's companion .DLL file to be in the same directory to execute.
The arguments are straightforward and dictate which server roles you wish to remove as seen in it's usage text:
BTW, This tool can be run in a regular Command prompt window.
MDM Device Enrollment Cleanup Tool
This PowerShell script can quickly be a lifesaver to clean up orphaned and obsolete device objects in the Active Directory and MDM databases.
Some examples where this could occur that you might run into and want to tidy things up:
- A device is manually hard-reset/wiped due to another issue.
- A device is hasn't connected for a duration of time.
When you run the .\RemoveDevice.ps1 script without any arguments a helpful usage text will appear and you can also see where it creates a useful .LOG file for the output:
The key arguments let you prune the Active Directory and MDM Database for device objects by name or by different date methods. Days since last connected or last connected before. You can use wildcards ("*") in the names as a suffix or prefix.
As listed in the usage text you can also use the PowerShell Get-Date function, so for example you can make it handy and automated like this to prune any orphaned devices that are more than 1 year old from the first day in the current month:
.\RemoveDevice(Get-Date -year ((Get-Date -uformat "%Y")-1) -day 1)
Remember that you will need to run the RemoveDevice.ps1 file from the Mobile Device Manager Shell window!
Also the script is signed, so you don't need to execute the "Set-ExecutionPolicy Unrestricted", "Set-ExecutionPolicy RemoteSigned" will do which should already be set on the server you are running the SCMDM Administrator Tools from..
|\\arco..
A new forum for SCMDM has just appeared on the new (v3.0) TechNet Forums underneath the Mobility heading:
http://forums.technet.microsoft.com/en-US/SCMDM/threads/
BTW, This newer TechNet Forum platform was announce earlier this year in February. It has several new features for avatars and alerting compared to the legacy Forum system still used on http://forums.microsoft.com/TechNet..
See http://blogs.msdn.com/sjarawan/archive/2008/02/14/forums-3-0-releases-today-along-with-community-platform-1-0.aspx for more information directly from the team that built it. :-)
|\\arco..
What is Yona? As stated in the Release Notes (or on http://technet.microsoft.com/en-us/library/cc161048.aspx):
The Beta software for Microsoft System Center Mobile Device Manager 2008, originally code named "Yona Server", expires on May 14, 2008. To continue to use System Center Mobile Device Manager (MDM), you have to update your company IT infrastructure with the official release version of MDM before this date.
So Yona was the codename for System Center Mobile Device Manager, and a little story behind that codename can be found here with an interesting audio clip: :-)
http://patricksalmon.blogspot.com/2008/04/yona-preserved-for-posterity.html
|\\arco..
To again discount the proverbial "can't teach an old dog new tricks", I happened to find this older blog entry on Christopher Fairbair's excellent development blog:
http://www.christec.co.nz/blog/archives/49/trackback
Not alone is there a shortcut to a Run command-box (hold down Action key while tapping and holding the stylus on the clock in the navigation bar), but also a trick to toggle from a digital to analog clock in the top navigation bar! Who knew??
|\\arco..
As I mentioned in my previous posting, the updated Windows Mobile 6.1 Emulator is almost a requirement to use until there is more physical devices available running the Windows Mobile 6.1 OS that you can feel and touch. :-)
I was going to start to write-up the installation and usage steps, but I found this recent article posted over on TechNet that does a fine job of going through all the details. Check it out if you want to know more!
http://technet.microsoft.com/en-us/library/cc461417.aspx
|\\arco..
If you are trying to get up to speed with System Center Mobile Device Manger (SCMDM) and having issues with the WM 6.1 clients, one of the key Resource Kit Tools now available is the Client Tools.
See the current listing of all the Resource Kit Tools here: http://technet.microsoft.com/en-us/scmdm/cc304591.aspx
The direct download link to the Client Tools is:
http://www.microsoft.com/downloads/details.aspx?FamilyID=d07e6997-836a-4abe-84f3-b563e976b131
The Client Tools v1.01 currently consists of two unique tools that are meant to run on the physical Windows Mobile 6.1 devices or one of the updated Windows mobile 6.1 Emulator images (located here: http://www.microsoft.com/downloads/details.aspx?FamilyID=3d6f581e-c093-4b15-ab0c-a2ce5bffdb47). The two are the MDM Connect Now and VPN Diagnostics tool. The .CAB installations have support for both Standard (Smartphone) and Professional (PocketPC) device editions.
I won't go into all the details of each tool, but highlight what I believe are most important..
MDM Connect Now Tool
This tool will force a device synchronization back to the Device Management (DM) server. This is useful to use when you have the IPSec VPN tunnel working on the device and want to accomplish several things:
- Quickly get a new/updated GPO down to the device for testing.
- Kick off the inventory cycle, which will piece-meal the data back to DM.
If the tool returns an error message you should check out the network routing you have from/to the Device Management server, the Gateway and device.
MDM VPN Diagnostics Tool
This is a great tool to understand and troubleshoot IPSec VPN connectivity issues. It can also be used to control some functionality of the IPSec VPN service that runs on the WM 6.1 device (enable/disable/shutdown). Quick run down of features:
- Status - Gives a one screen overview of connection details and uptime. Very useful in the IP addresses for the device and Gateway server.
- Configuration - Based upon the privilege level, by toggling the "Edit Mode" you can actually change the config entries on the fly! So here you could edit the Proxy name, NAT values, and WWAN Roaming Keepalive settings.
- Diagnosis - Check a nice checklist of the service, certificate, and other values. Anything marked red should definitely be checked out!
- Port Filtration Tests - Can assist to check if the UDP 500 and UDP 4500 ports necessary for the IPSec VPN tunnel are open going back to the Gateway server. This will not necessarily assist with testing if Protocol 50 has been published correctly.
- Report - You can save/e-mail a full report of the status, configuration and diagnosis screen as a .TXT file. Including details on the certificate chain..
- Logging - By enabling logging you can perhaps look more closely for connectivity issues to determine what is at fault.
- Edit Mode - Toggle this to edit the fields on the Configuration screen.
All-in-all some very handy tools that any SCMDM Admin needs to understand and use!
|\\arco..
Looks like the first patch for the SCMDM RTM release has now been released:
http://support.microsoft.com/kb/950135
It appears to be an update for the random number generator used within the Gateway server and will increase security of the server.
|\\arco..