SMS 2003 is the next generation of desktop and change-management services. Building on the successes of SMS 2.0, SMS 2003 incorporates a slew of new features. Microsoft didn’t develop SMS 2003 as a complete code rewrite (as much as the company did between SMS 1.2 and SMS 2.0). SMS 2003’s improvements are based on feedback from Microsoft customers.
Some of the most customer-requested new features in SMS 2003 are centered on software delivery. SMS 2.0’s software delivery feature set is robust, but in a mobile environment, you might need third-party add-ons or special procedures. SMS 2003 addresses the mobile workforce by using special technologies to allow distribution to remote users who are connected by slower-speed connections. By taking advantage of the rich manageability infrastructure in the Windows operating system, industry-standard Internet technologies such as HTTP, and the technology and best practices of Windows Update—which enterprises use today to implement millions of software updates per month—SMS 2003 provides an enterprise-scalable solution for all mobile PC needs. SMS 2003 includes:
Client-sensitive bandwidth throttling. SMS 2003 allows both traditional desktops and mobile PCs to download software in a bandwidth-sensitive manner—ensuring bandwidth usage doesn’t impact the business users’ productivity for accessing business applications—when connected over a limited-bandwidth connection.
Checkpoint/restart. Should a connection be terminated during a transmission, SMS 2003 provides a restart capability for resuming transfer where it left off instead of resending the entire package—ensuring transfer of the minimal amount of software to mobile workers.
Location awareness. As users move from location to location, SMS 2003 determines the physical location and can provide download of critical software from the closest source. This feature can dramatically lessen traffic impact on expensive and slow WANs in organizations that meet the requirements.
Microsoft also developed SMS 2003 to interoperate with the more common and emerging Windows technologies, making it completely compatible with installed Windows infrastructures. For example, SMS 2003 incorporates infrastructure management components and capabilities such as Windows Management Instrumentation (WMI), Active Directory, and the Windows Installer service. SMS 2003 uses these key elements to provide an increased level of manageability for Windows-based clients, above and beyond the level of manageability available for other products or platforms.
The following are some of the ways in which SMS 2003 takes advantage of platform services:
Active Directory integration. With the increased deployment and adoption of Active Directory as the key business directory, Microsoft has extended SMS 2003 to take advantage of the components of Active Directory. This includes targeting software at Active Directory sites, domains, organizational units, security groups, and non-security groups.
Rich distribution targeting. You can finely target software distribution and other management tasks to machines and users by using a wide variety of properties, including network and hardware configuration, the Active Directory organizational unit, or group membership and software installation status. You can deploy software based on business organization, not just the properties of the network infrastructure.
Dynamic distribution targeting. If a new user joins a user group, SMS 2003 automatically sends software to the user according to predefined administrative settings for that group. Likewise, new computers that match predefined targeting policies (such as IP subnet, Active Directory organizational unit, or installed video card) automatically receive specified packages or driver updates. When you add a new computer or user to an organization, it can automatically receive the software it requires without any administrative intervention.
Add/Remove Programs integration. Microsoft specifically designed this powerful user interface included in Windows 2000 Professional and Windows XP Professional for users to install or uninstall software for the business desktop. SMS 2003 enables users to manage business applications through the same familiar interface, reducing training and support costs while increasing the success rate and timeliness of installation of business applications on corporate desktops.
Elevated-rights installation. With the pronounced move of the corporate desktop to Windows 2000 Professional and Windows XP Professional, the need for providing business users with the authority to execute installation tasks without needlessly endangering the integrity or security of the desktops has become more pressing. SMS 2003 provides simple and specific delegation of authorization capabilities in relation to Windows Installer technology (Microsoft Software Installation—MSI), empowering the business user to perform the software installations required without compromising security. In SMS 2.0, this feature is unavailable as part of SMS, but you can obtain it by employing a special wrapper program that’s part of a feature pack.
Security update rollout. SMS 2003 can automatically check the Windows systems (both servers and desktops) against an updated database of available critical patches and fixes (maintained on the Microsoft.com Web site). Alternatively, this same database can be downloaded and maintained locally within the company firewall. SMS 2003 generates a simple Web report showing which patches each computer requires. Under administrator control, the required patches can then be downloaded and deployed automatically to those PCs that require them. In SMS 2.0, this ability was available only through the installation of the SUS Feature Pack