Hi

This blog post will be about what’s new in SCCM from the RTM og SCCM Current Branch to the Current SCCM 1703.

SCCM RTM (1511)

– Full Windows 10 support, incl. in-place upgrade in OSD and service plans and rings.
.- OSD Improvements. ( Risky deployment verification, Driver import)
– On premises mobile device management. (Windows 10 mobile devices management where you don’t want them to access the internet.)
– Microsoft Azure Support. (Site systems)
– Preferred management point configuration. (Specify that clients within a boundary uses a management point close to them rather than random selection.)
– New Updates and Servicing model for self-updating of Configuration Manager. (Keeps it self updated)

SCCM (1602)

– Client online status. (Shows clients online within the last 5 minutes.)
– Support for Site Server upgrade from Windows Server 2008 R2 to 2012 R2 OS upgrade. (WSUS 3.2 must be uninstalled prior to install WSUS 4.0 after the upgrade.)
– Clustered system support.
– Ability to control updating by percentage of system updating at same time. Treat computers in a collection in a special way in regards to software updates. Able to set how my computers that can be offline during pathing.
– You also be able to use a node drain and node resume script to control what happens before/after patching.
– SQL Server AlwaysOn availability group support.(After site install)
– Windows 10 device health attestation reporting. (Through cloud service only.)
– Windows 10 servicing improvements.
– Updates classification added, filtering on language, etc., Windows 10 upgrades only in Servicing node and high-risk deployment support. (Collections with Servicing plans will be listed as high-risk deployments)
– Office 365 update management
– Manage Office 365 updates via Configuration Manager.
– New antimalware policy settings
– A few new scan/exclusion options.
– Improvements with Microsoft Intune integration.
– iOS app config policies, VPP support, kiosk mode for Samsung KNOX, iOS activation locak, monitoring of Terms and & Conditions.

SCCM (1606)

Software Center Updates:
– List view versus Tile view.
– Single tab to view installed software.
– Separate tabs for Applications, Operating Systems, and Updates.
– Multi-select software updates. (Also Install All button)
– Sync Policy action. (Policy refresh)
– Centralized control over client cache configuration (via Client Settings)
– Remote Control support for clipboard sharing (via Client Settings)
– Remote System Health Validator (SHV) and Out Of Band (OOB) site system roles.
– Clustered systems moved to pre-release due to new feature for ordering of systems.
– On demand switching of software update points. (If a SUP is down in earlier releases there was a 2 hours delay before trying the next SUP server. Now on a collection you can right click and client notification and switch software update point)
– Content status link goes directly to the content, not top of the list.
– Enhancements to Windows Store for Business integration. Allows you to manage and deploy applications purchased through the Windows Store for Business portal for both online and offline licensed apps.
– Updated  SQL Server AlwaysOn availability group support (during site install able to select AlwaysOn group)
– Enterprise Data Proctection now named Windows Information Protection. Features allow you to create and deploy information protection policy, including the ability to choose your protected apps and define your EDP-protection level.
– On-premises Health Attestation Service integration.
– Was previously only via cloud service integration.
– Ability to pre-declare company owned devices.
– Via IMEI or iOS serial number via .csv or console import.
– Multiple device management points for on-premise MDM.
– Only for Windows 10 Anniversary edition PCs.
– Device categories for MDM enrolled devices.
– Improvements to iOS volume-purchased apps.
– Smart Lock for Android.
– IOS Activation Lock.
– Password for Work renamed to Windows Hello for Business. Policies for domain-joined Windows 10 devices managed by the Configuration Manager client.
– Windows Defender Advanced Threat Protection integration. Features enable the ability to on-board and off-board Windows 10 clients to the cloud service and view agent health in the monitoring dashboard (requires a Windows Defender ATP tenant in Azure).
– Only for Windows 10 Anniversary edition PCs.
– Ability to customize RamDisk TFTP block size and windows size for PXE-enabled DP’s.
– Timeout errors were common due to size of window.
– OSD can enforce a scan or use cached scan results for software updates.
– Improvements to Install Software Updates task sequence step for scans.
– Can specify a timeout value (TS variable).
– Better logging of updates processes. (SMSTSLog will list path to log containing more detailed information of the update process).
– OSDPreserveDriveLetter task sequence step deprecated
– Automatic selection or can be controlled in the TS Editor.
– No collisions with servicing plans.
– Updates to Updates and Servicing Node.
– Named changed from Site Servicing Status to Update and Servicing status.
– More detailed status – groups and steps.
– New Ribbon action in Monitoring to “ignore prerequisite warnings” to restart failed attempts.
– Only see most recently installed update, and available ones.
– History button in Administration node displays previous build status.
– Client Update Options renamed to Promote Pre-Production Client.

SCCM (1607 – Technical Preview)

– Customizable branding for end-user dialogs: End-user dialogs that are opened from Software Center or taskbar notifications now show the same organization name, color and icon branding as Software Center. The administrator workflow for specifying branding settings remains unchanged.
– Manage duplicate hardware identifiers: Allows you to add known duplicate MAC addresses or SMBIOS IDs so that they will be ignored hierarchy-wide for PXE boot and client registration.
– Microsoft Operations Management Suite (OMS) connector: Syncs data such as collections from Configuration Manager to Microsoft Operations Management Suite (OMS).
– Windows 10 Edition Upgrade: Allows you to upgrade PC clients running Windows 10 Professional edition to Windows 10 Enterprise edition with just a product key; no reimaging is required.

SCCM (1608 – Technical Preview)

– New Software’ indicators in Software Center: The Software Center Applications, Updates, and Operating Systems tabs now show which software was recently added. Numbers in the navigation pane show how many new software items are on each tab.
– Application Requests from Software Center: Users can now request approval for applications and view the request history for applications in the Application Details view in Software Center. The Request button in Application Details no longer redirects to the web-based Application Catalog.
– Improvements to Asset Intelligence: A new field has been added to the properties for inventoried software that lets you set a parent and child relationship with other software. In the Inventoried Software list, you can view the parent of any software and also hide child software.
– Keyboard Translation for Remote Control: By default in a remote control session, characters typed on the viewer’s keyboard are sent to the controlled device instead of the keys, whether or not their keyboard layouts match. This behavior may be turned off in the Remote Control viewer Action menu.
– Improvements to the Prepare ConfigMgr Client for Capture task sequence step: The Prepare ConfigMgr Client step will now completely remove the Configuration Manager client instead of only removing key information. When the task sequence deploys the captured operating system image, it will install a new Configuration Manager client each time.

SCCM (1609 – Technical Preview)

– Customizable branding for end-user dialogs: End-user dialogs that are opened from Software Center or taskbar notifications now show the same organization name, color and icon branding as Software Center. The administrator workflow for specifying branding settings remains unchanged.
– Manage duplicate hardware identifiers: Allows you to add known duplicate MAC addresses or SMBIOS IDs so that they will be ignored hierarchy-wide for PXE boot and client registration.
– Microsoft Operations Management Suite (OMS) connector: Syncs data such as collections from Configuration Manager to Microsoft Operations Management Suite (OMS).
– Windows 10 Edition Upgrade: Allows you to upgrade PC clients running Windows 10 Professional edition to Windows 10 Enterprise edition with just a product key; no reimaging is required.

SCCM (1610 Technical Preview)

– Improvements to the notification experience for high-impact task sequence and required application deployments: Task sequence deployments that have a high-impact to the end user, such as operating system deployments for example, now display more intrusive notifications. However, end users can dismiss (snooze) these notifications, and control when they reappear. Any relevant client settings for notification frequency are still honored.
– Deny previously approved application requests: As an administrator, you can deny a previously approved application request. This prevents new installations of the application To install this application later, users must resubmit a request.  If the application was previously installed, it will not be uninstalled.
– Filter by content size in automatic deployment rules: Use the content size filter in automatic deployment rules to prevent large software updates from automatically downloading to better support simplified Windows down-level servicing when network bandwidth is limited.
– Exclude clients from automatic upgrade: When you configure settings to control how clients automatically upgrade, you can now specify a collection to exclude specific clients from the upgrade. This applies to automatic upgrade as well as other methods such as software update-based upgrade. This can be used for a collection of computers that need greater care when upgrading the client
 
SCCM (1610)

– Windows 10 Upgrade Analytics integration allows you to assess and analyze device readiness and compatibility with Windows 10 to allow smoother upgrades.
– Office 365 Servicing Dashboard and app deployment to clients features help you to deploy Office 365 apps to clients as well as track Office 365 usage and update deployments.
– Software Updates Compliance Dashboard allows you to view the current compliance status of devices in your organization and quickly analyze the data to see which devices are at risk.
– Cloud Management Gateway provides a simpler way to manage Configuration Manager clients on the Internet. You can use the ConfigMgr console to deploy the service in Microsoft Azure and configure the supported roles to allow cloud management gateway traffic.
– Client Peer Cache is a new built-in solution in Configuration Manager that allows clients to share content with other clients directly from their local cache with monitoring and troubleshooting capabilities.
– Enhancements in Software Center including customizable branding in more dialogs, notifications of new software, improvements to the notification experience for high-impact task sequence deployments, and ability for users to request applications and view request history directly in Software Center.
– New remote control features including performance optimization for remote control sessions and keyboard translation.

For Configuration Manager customers using Microsoft Intune also has the following news:

– New configuration item settings and improvements now only show settings that apply to the selected platform. We also added lots of new settings for Android (23), iOS (4), Mac (4), Windows 10 desktop and mobile (37), Windows 10 Team (7), Windows 8.1 (11), and Windows Phone 8.1 (3).
– Lookout integration allows to check device’s compliance status based on its compliance with Lookout rules.
Request a sync from the admin console improvement allows you to request a policy sync on an enrolled mobile device from the Configuration Manager console.
Support for paid apps in Windows Store for Business allows you to add and deploy online-licensed paid apps in addition to the free apps in Windows Store for Business.

SCCM (1612 Technical Preview Branch)

– Azure Active Directory onboarding – Creates a connection between Configuration Manager and Azure AD to be used by other cloud services, such as the Cloud Management Gateway.
– Windows Hello for Business toast notification   – A new Windows 10 toast notification added to let end users know that they need to take additional actions to complete Windows Hello for Business PIN setup.
– Enhancement for online-licensed apps from the Windows Store for Business – You can now deploy online-licensed apps with a deployment purpose of “Available” to Windows 10 PCs managed with the Configuration Manager client.
– Express files support for Windows 10 Cumulative Update – Configuration Manager can now support Windows 10 Cumulative Update using Express files.
– Ability to block installation of an application if specified executables are running – You can now configure a list of executable files (with the extension .exe) in Deployment Type Properties which, if running, will block installation of an application. After installation is attempted, a user will see a dialog box asking them to close the processes that are blocking installation, and then try again.
– Ability to retry task sequence – If the task sequence doesn’t launch in the task sequence wizard, because policy or a task sequence dependency is not found, you can now click “Previous” to retry the task sequence.
– OData endpoint data access  – Configuration Manager now provides a RESTful OData endpoint for accessing Configuration Manager data. The endpoint is compatible with OData version 4, which enables tools such as Excel and Power BI to easily access Configuration Manager data through a single endpoint. Update 1612 for the Technical Preview Branch supports read-only access to objects in Configuration Manager.
– Data Warehouse for historical reporting – The Data Warehouse enhances reporting for Configuration Manager by storing long-term data for historic reporting.  This enables you to look at compliance, application deployment, and more, with reports that show trends over a period of time.

SCCM (1702)

– Support for Windows 10 Creators Update – This version of Configuration Manager now supports the release of upcoming Windows 10 Creators Update. You can upgrade Windows 10 ADK to the latest version for full OS imaging support.
– Express files support for Windows 10 Cumulative Update – Configuration Manager now supports Windows 10 Cumulative Update using Express files. For details see Manage Express installation files for Windows 10 updates.
– Deploy Office 365 apps to clients – Beginning in version 1702, from Office 365 Client Management dashboard, you can start the Office 365 Installer that lets you configure Office 365 installation settings, download files from Office Content Delivery Networks (CDNs), and deploy the files as an application in Configuration Manager. For details, see Manage Office 365 ProPlus updates.
– Customize high-risk deployment warning – You can now customize the Software Center warning when running a high-risk deployment, such as a task sequence to install a new operating system.
– Close executable files at the deadline when they would block application installation – If executable files are listed on the Install Behavior tab for a deployment type and the application is deployed to a collection as required, then a more intrusive notification experience is provided to inform the user, and the specified executable files will be closed automatically at the deadline. This is currently the feature with the second highest number of votes on UserVoice.
– Conditional access for PCs managed by System Center Configuration Manager – Now production ready in update 1702, with conditional access for PCs managed by Configuration Manager, you can restrict access to various applications (including but not limited to Exchange Online and SharePoint online) to PCs that are compliant with the compliance policies you set.

This release also includes new features for customers using Configuration Manager connected with Microsoft Intune. Some of the new feature include:
– Android for Work support – You can now enroll devices, approve and deploy apps, and configure policies for devices with Android for Work.
– Lookout threat details – You can view threat details as reported by Lookout on a device.
– Apple Volume Purchase Program (VPP) enhancements – You can now request a policy sync on an enrolled mobile device from the Configuration Manager console.
– Additional iOS configuration settings – We added support for 42 iOS device settings for configuration items.

SCCM (1704 Technical Preview Branch)

– Secure Boot inventory data – Hardware inventory can now determine whether the device has Secure Boot enabled (enabled by default).
– Run Task Sequence step – This is a new step in the task sequence to run another task sequence, which creates a parent-child relationship between two task sequences.
– Reload boot images with latest Windows PE version – During the “Update Distribution Points” wizard on a boot image, you can now reload the version of Windows PE in the selected boot image.

This release also includes the following improvements for customers using System Center Configuration Manager connected with Microsoft Intune to manage mobile devices:
– Android app configuration support– Administrators can create an app configuration policy for Android applications deployed with Google Play.
Feel free to write any comments below 🙂

Author

hca
Hans Christian Andersen
Cloud Solution Architect – EG a/s
Linkedin
Twitter