Presentation is loading. Please wait.

Presentation is loading. Please wait.

What’s New in Configuration Manager Current Branch

Published byNorman Rice Modified over 6 years ago

Similar presentations

Presentation on theme: "What’s New in Configuration Manager Current Branch"— Presentation transcript:

1 What’s New in Configuration Manager Current Branch
As of October, 2017 – Parts 1 & 2 Kent Agerlund Principal Consultant CTGlobal @Agerlund Wally Mead Principal Program Manager Cireson

2 Agenda Is ConfigMgr servicing a path to Modern Management?
What was added in 1702 What was added in 1706 What is included in Technical Previews As a glimpse of what may make 1710

3 Come let’s go for a walk Prepare for the future

4 Modern Management Defined
Kent

5 Savings Jörgen

6 From the press – Mac is cheaper than PC
IBM confirms that Macs are $535 less expensive than PCs Jörgen

7 Definition - Modern Management
Admins do less, users do more! Microsoft Mechanics “Modern Windows 10 management strategies, using Configuration Manager and Microsoft EM+S” Not suitable for all organizations, yet…. Modern management doesn’t mean MDM Kent

8 Our challenges

9 Life as an Enterprise admin
Challenges Operating system(s) keeps updating New devices are coming faster than ever before Demand to stay agile User DNA – new generations Our daily workloads Requirements Stay current on our management platform Realizing that the meaning of the word Expert might have changed

10 What’s New in 1702 Came out since last year’s presentation, and wanted to ensure that everyone was updated on it

11 New Features in 1702 Deprecated support for:
Windows Server 2008 and Windows Server 2008 R2 as site systems Windows Server 2008 R2 still supported for builds proper to 1702 Both are supported as a DP, 1702 also supports SMP on Windows Server 2008 R2 SQL Server 2008 R2 Still supported in builds prior to 1702 Windows XP Embedded

12 New Features in 1702 (2) Software update point now boundary group aware! No fallback configuration yet like distribution points have In-console search improvements Shows path to objects found by search Retains search text between nodes Provide feedback directly from the Configuration Manager Console Feedback option from Ribbon Feedback option from context menu

13 New Features in 1702 (3) Data warehouse service point (Pre-release feature) Long term data storage for Configuration Manager Content Library Cleanup Tool Remove orphaned content from distribution points OMS Connector for OMS Log Analytics to Azure Government cloud Peer cache improvements to not access peer source if source: Is in low battery mode, has high CPU use, has high disk queue, or no available connections Also adds three reports in “Software Distribution – Content”

14 New Features in 1702 (4) Ability to designate, and control behavior, of ‘blocking’ programs when running an application deployment (Pre-release feature) Can specify blockers and how to handle them in the properties of the application deployment type Deployment of Office 365 apps to clients from the dashboard Support for Windows 10 Express updates Hardware inventory reports UEFI startup status by default Can disable if you don’t need the information

15 Demo Some 1702 features

16 New Features in 1702 (5) Lots of OSD updates:
Increased application limit from nine to 99 Added multi-select of applications in the Install Applications step Additional content types supported in standalone media Can set an expiration on standalone media Configurable timeout for the Auto Apply Drivers step Package ID displayed in task sequence steps Tracks Windows 10 ADK for boot image editing Can no longer change default boot image source path

17 New Features in 1702 (6) More OSD updates:
Restart a failed task sequence Access to previous task sequence page Ability to configure any task sequence as ‘high risk’ Customizable messages to end user Notification of expected download size and run time Message to users indicating real migration of apps, data and settings Ability to pre-cache deployed available content in an Upgrade Operating System package and task sequence (Pre-release feature)

18 New Features in 1702 (7) Lots of mobile device management updates:
Many new compliance settings for iOS Easier targeting of Android and iOS platforms Support for Android for Work Ability to deploy volume purchased iOS apps to devices Support for iOS VPP for Education Support for multiple VPP tokens Ability to deploy own LoB apps in Windows Store for Business Conditional access check for ‘non-compliant’ apps

19 New Features in 1702 (8) Can trigger an alert when at least 20% of managed clients have expired Endpoint Protection Antivirus engine versions Device threat monitoring New dashboard, attribute in Devices view, tab on device Windows Hello for Business Deployment of certificate profiles Notifications to end users if they need to perform additional actions

20 New Features in 1702 (9) Cool updates to the Updates and Servicing feature: Accessed outside of Cloud Services Root level node now Only downloads most current build automatically Listed as “Available for install” Prior builds not downloaded, but can be if desired and listed as “Ready for download” Automatic cleanup of older content Works with new updates AFTER updating to 1702 (i.e )

21 Demo Additional 1702 features

22 It hasn’t been out that long, some may not have installed it yet
What’s New in 1706 It hasn’t been out that long, some may not have installed it yet

23 New Features in 1706 Client peer cache supports express updates for Windows 10 and Office 365 Just need to enable Express updates and client peer cache Peer Cache no longer uses the Network Access Account to authenticate requests from peers Data warehouse is now a full feature No longer pre-release feature as was in 1702 Also supports SQL Server Always on availability groups and failover clusters

24 Demo Some 1706 features

25 New Features in 1706 (2) Improvements to SQL Server Always On Availability Groups Support for asynchronous commit replicas Update reset tool For ConfigMgr updates that haven’t completed successfully Support for High DPI consoles Fallback configuration for SUPs in boundary groups 1702 added SUPs to boundary groups without fallback configuration 1706 adds fallback to neighboring boundary groups after 2 hours to last used SUP

26 New Features in 1706 (3) Configuration Manager integration with Azure AD New integration with a wizard to configure: Cloud Management – client authentication as well as Azure AD User Discovery OMS Connector Upgrade Readiness Windows Store for Business New compliance settings for Windows 10 mobile devices New device compliance policy rules

27 Demo Additional 1706 features

28 New Features in 1706 (4) Import scripts to ConfigMgr
Run PowerShell scripts directly from Configuration Manager Import scripts to ConfigMgr Software Library, Scripts Edit unsigned scripts in ConfigMgr Console Mark as approved or denied Run on collections of Windows clients Don’t need to deploy, they run real time Monitor results in the ConfigMgr Console Monitoring workspace, new node – Script Status

29 New Features in 1706 (5) New MAM policy settings:
Block screen capture for Android – block screen capture for an app Disable contact sync – can’t save to Contacts Disable printing of work or school data Android for Work setting for “Allow data sharing between work and personal profile” updated and includes ability to block copy/paste Device Guard allows trust configuration for files and folders

30 New Features in 1706 (7) Software update improvements:
Reduced time to download Express Updates Management of Surface driver updates Must enable as a classification for the SUP configuration SUP must be on Windows Server 2016 Windows Update for Business Policies node under Windows 10 Servicing Configure deferral policies for Windows 10 Quality or Feature Updates Click-to-Run user experience for Office 365 updates Popups, in-app notifications, and countdowns

31 Demo Still more 1706 features

32 What’s New in Technical Previews
In other words, what we could see in future production releases

33 What are Technical Previews?
Technical Previews are pre-release builds that provide a look at new features that may get implemented in a future production release Technical Preview sites are NOT production sites They are very limited in client count, operating systems, configuration And they expire every 90 days if not kept up to date However they give you a glimpse at what the future of production versions of Configuration Manager may include Features should ‘move’ from Technical Preview to Production when ready based on testing feedback

34 Highlights From TPs OData endpoint data access using RESTful interaction Azure Active Directory onboarding between AAD and Configuration Manager cloud services, such as Cloud Management Gateway Hosting of software update packages on cloud distribution points Can create compliance policies for Windows Update for Business assessment Lots of new compliance settings for iOS devices Ability to bind a Google account to Android for Work Ability to create PFX certificate profiles with S/MIME support for user deployment

35 Highlights From TPs 1611-1706 (2)
Ability to install ConfigMgr applications from Software Center without searching for them Nested task sequences Support for Windows Defender Application Guard policies For Windows 10 Creator’s Update to isolate untrusted websites in secure isolated containers New capabilities for Azure AD and cloud management Install the ConfigMgr client from the Internet and assign to ConfigMgr site Use Intune to deploy ConfigMgr client to Internet devices

36 Highlights From TPs 1611-1706 (3)
Support for Entrust certification authorities for PFX certs to MDM clients Support for macOS VPN profile for Cisco (IPsec) connection types Ability to restrict enrollment of personal Android or iOS devices Allow company-owned, predeclared, and Apple DEP Device Health Attestation assessment for conditional access compliance

37 New in Technical Preview 1707
Surface Device dashboard Monitoring, Surface Devices Percent of Surface devices Percent of Surface models Top five operating system versions Configure and deploy Windows Defender Application Guard policies For Windows 10 Fall Creators Update Configure parameters for PowerShell scripts from Configuration Manager Running of PS scripts was added in 1706

38 New in Technical Preview 1708
PowerShell Scripts – designate parameters as required or optional PowerShell Scripts was added in production 1706 Management Insights in the console Applications without deployments Empty collections Initiate client reboots from Client Notifications Creates request to reboot, client notifications, and reboot occurs Customized Software Center Company name, colors and logo  Control which tabs are displayed

39 Some technical preview features of interest
Demo Some technical preview features of interest

40 New in Technical Preview 1709
Co-management of devices between Intune (standalone) and Configuration Manager There to bridge the gap from on-premises management to modern management of devices Allows some workloads to be managed in Intune, and others from Configuration Manager Both ‘management agents’ installed/enabled at the same time Need Intune subscription and licenses Azure AD Windows (Fall Creators Update) Cloud management gateway Improved VPN Profile creation in ConfigMgr Console Adjusts settings based on platform Platform moved to front of wizard to allow configuration of appropriate settings

41 Why the need for co-management
Vision vs Tools & Services Feature gap 20+ years of dealing with enterprise client management in the same way Lack of faith Daily workloads

42 Bridging to Modern Management
6/22/ :39 PM Bridging to Modern Management Adopt & Connect Transition to Modern ConfigMgr Content Delivery to Cloud Content Delivery Win32 to Modern Apps Kerberos to Modern Auth GPO to MDM Policy Imaging to Signature Image WSUS to WUfB Modernizing with a co-management bridge Adopt Windows 10 As I see it, the road is long and Winding. But breaking it down, will help us all. There a couple of things we can all start preparing today, and then there will be elements that for many reasons can be fixed in a heartbeat. What are the reasons we are not moving to modern management: Feature gaps – common one is managing Win32 apps and GPO. This is one that Microsoft can fix on the engineering side Then there are the non-technical issues One Day problem, CEO one day wants to go modern and the next asking the same resources to do something else. Partner and home grown solutions, integrated with AD and SCCM especially the App lifecycle management solutions Windows 7 Adopt Office 365/ProPlus AD/AAD connect Today 1/2020 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

43 Modern Management Challenges
6/22/ :39 PM Modern Management Challenges Cloud-first Startup companies Big Switch Transition The bold & the brave what are the paths to modern management The original intent was really a Big switch or group by group transition. The challenge there is that a lot of workloads has to be changed at one time, and it’s simply to complicated. this will often only work in the scenarios where IT get’s a reset. Group by Group Transition Moving slowly © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

44 The path we have been waiting for
Iterative (“Co-management”) And look, we have friends Windows Autopilot Intune & Configuration Manager Azure AD & AD

45 AD Domain-joined & AAD Joined
6/22/ :39 PM Co-Management Architecture With ConfigMgr and Intune Azure portal ConfigMgr console ConfigMgr Site Servers Mobile devices Intune MDM Co-management is a practical way to migrate over time, it’s not all or nothing and can be used to minimize risk. Co-managed defind as domain joined, AAD registrered, Intune and SCCM enrolled. Define if a device is going to hybrid joined or only AAD joined. What happens here, autopilot…you get Intune and offline domain join, Intune will deliver the sccm agent. How do I get sccm policies from this point onwards. Either on-prem or using the Cloud Management Gateway. Management Insights in TP1708 is analyzing objects like collections ConfigMgr Agent MDM Windows 10 AD Domain-joined & AAD Joined ConfigMgr Agent Windows 7/8.x © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

46 How to get to co-management
6/22/ :39 PM How to get to co-management Existing ConfigMgr managed devices ConfigMgr agent AD Domain Joined AAD Joined Intune MDM AutoPilot Intune MDM AD Domain Joined AAD Joined ConfigMgr agent New devices How do I get to co-management? Existing devices: Also providing a way to populate the existing win10 devices. By pushing a button in SCCM we will AAD register the devices automatically. New devices Uses Autopilot integration, you end up with a device that is both AAD and AD joined. © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

47 Build new reference computer Copy to Configuration Manager
Why do co-management? Modern IT yields Lowest TCO Self-service deployment Always up to date Proactive insights Simplified management Deployment is what we have done for 20+ years Expensive Time consuming Never up to-date Proven process Complete control Enrollment Backend configuration Always up-to-date New process Limited control New Updates released Build new reference computer Capture Image Copy to Configuration Manager Test and Validate Release to production

48 Summary System Center Configuration Manager is GREAT!
You really should not be on any previous versions of Configuration Manager You want to keep Configuration Manager (current branch) up to date, which is very easy to do I’d recommend a technical preview site that you keep up to date so you are aware of new features coming to production

Download ppt "What’s New in Configuration Manager Current Branch"

Similar presentations

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.
Plan Build Custom Image (Drivers, Apps, Updates) New Hardware In-Place (Refresh) WipeReimage New Windows Version or Major Image Revision.

Plan Build Custom Image (Drivers, Apps, Updates) New Hardware In-Place (Refresh) WipeReimage New Windows Version or Major Image Revision.
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
Wally Mead Senior Program Manager Microsoft Corporation.

Wally Mead Senior Program Manager Microsoft Corporation.
Managing Your Datacenter with Microsoft System Center Configuration Manager Kent Agerlund, ECM MVP, Coretech.

Managing Your Datacenter with Microsoft System Center Configuration Manager Kent Agerlund, ECM MVP, Coretech.
Tim Vander Kooi Systems

Tim Vander Kooi Systems
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.
Are you Ready for Configuration Manager vNext?

Are you Ready for Configuration Manager vNext?
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
What’s New in Configuration Manager Since RTM How to stay current with the new coolness available Aaron Czechowski Senior Program Manager Microsoft Wally.

What’s New in Configuration Manager Since RTM How to stay current with the new coolness available Aaron Czechowski Senior Program Manager Microsoft Wally.
70-417 MCSA Windows Server 2012 Pass Upgrading Your Skills to MCSA Windows Server 2012 Exam By The Help Of Exams4Sure Get Complete File From

MCSA Windows Server 2012 Pass Upgrading Your Skills to MCSA Windows Server 2012 Exam By The Help Of Exams4Sure Get Complete File From
Selecting the Management Platform Cloud-based Management Standalone Windows Intune No existing Configuration Manager deployment Simplified policy.

Selecting the Management Platform Cloud-based Management Standalone Windows Intune No existing Configuration Manager deployment Simplified policy.
What’s New in Configuration Manager Since 1511 #ITDevConnections.

What’s New in Configuration Manager Since 1511 #ITDevConnections.
The time to address enterprise mobility is now

The time to address enterprise mobility is now
What's New in System Center Configuration Manager, Current Branch and Intune INF324a Steven Hosking.

What's New in System Center Configuration Manager, Current Branch and Intune INF324a Steven Hosking.
Align your Windows 10 management strategy to end-user and IT needs

Align your Windows 10 management strategy to end-user and IT needs
People-Centric Management

People-Centric Management
Introduction to Windows Azure AppFabric

Introduction to Windows Azure AppFabric
5/19/2018 7:00 AM © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

5/19/2018 7:00 AM © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Manage Windows devices in the complex hybrid cloud world of today

Manage Windows devices in the complex hybrid cloud world of today

Similar presentations

Ads by Google