Blog Post

Configuration Manager Blog
4 MIN READ

New application actions in MEM admin center with Configuration Manager Technical Preview 2010.2

yvetteomeally's avatar
yvetteomeally
Icon for Microsoft rankMicrosoft
Oct 30, 2020

This month we have a second technical preview.  Update 2010.2 for the Technical Preview Branch of Microsoft Endpoint Configuration Manager has been released.

 

We've made improvements to applications for tenant attached devices. Administrators can now do the following actions for applications in the Microsoft Endpoint Manager admin center:

  • Uninstall an application
  • Repair installation of an application
  • Re-evaluate the application installation status
  • Reinstall an application has replaced Retry installation

application actions for tenant attached device

Learn more about Enhancements to applications in Microsoft Endpoint Manager admin center.

 

This preview release also includes:

 

Tenant attach: Troubleshooting portal lists a user’s devices based on usage - The troubleshooting portal in Microsoft Endpoint Manager admin center allows you to search for a user and view their associated devices. Starting in this release, tenant attached devices that are assigned user device affinity automatically based on usage will now be returned when searching for a user.

 

Tenant attach: Create and deploy firewall policies - You can now configure and deploy settings for Windows Defender Firewall with Advanced Security to tenant attached Windows 10 devices.

 

Enhancements to applications in Microsoft Endpoint Manager admin center - We've made improvements to applications for tenant attached devices. Administrators can now do the following actions for applications in the Microsoft Endpoint Manager admin center:

  • Uninstall an application
  • Repair installation of an application
  • Re-evaluate the application installation status
  • Reinstall an application has replaced Retry installation

Improvements to BitLocker management - Based on your UserVoice feedback, you can now manage BitLocker policies and escrow recovery keys over a cloud management gateway (CMG). This change also provides support for BitLocker management via internet-based client management (IBCM) and when you configure the site for enhanced HTTP. There's no change to the setup process for BitLocker management. 

 

Improvements to deploy an OS over CMG using boot media - This release streamlines the administrative workflow in the Configuration Manager console. On the Media Management page of the Create Task Sequence Media Wizard, the Internet-based media option no longer exists. Select the Site-based media option. Then still select the CMG for the management point on the Boot Image page.

 

Desktop Analytics support for new Windows 10 data levels - Microsoft is increasing transparency by categorizing the data that Windows 10 collects:

  • Basic diagnostic data is recategorized as Required diagnostic data
  • Full is recategorized as Optional

If you previously configured devices for Limited or Limited (Enhanced), in an upcoming release of Windows 10, they'll use the Required level. This change may impact the functionality of Desktop Analytics. Configuration Manager will properly configure the devices. If you're using another mechanism to configure these policies on devices, you may need to make changes for the upcoming new behavior.

 

Immediate distribution point fallback for clients downloading software update delta content - There's a new client setting for software updates. If delta content is unavailable from distribution points in the current boundary group, you can allow immediate fallback to a neighbor or the site default boundary group distribution points. This setting is useful when using delta content for software updates since the timeout setting per download job is 5 minutes.

 

Disable Azure AD authentication for onboarded tenants - You can now disable Azure Active Directory (Azure AD) authentication for tenants not associated with users and devices. When you onboard Configuration Manager to Azure AD, it allows the site and clients to use modern authentication. Currently, Azure AD device authentication is enabled for all onboarded tenants, whether or not it has devices. For example, you have a separate tenant with a subscription that you use for compute resources to support a cloud management gateway. If there aren't users or devices associated with the tenant, you can now optionally disable Azure AD authentication.

 

Additional options when creating app registrations in Azure Active Directory - You can now specify Never for the expiration of a secret key when creating Azure Active Directory app registrations.

 

Validate internet access for the service connection point - If you use Desktop Analytics or tenant attach, the service connection point now checks important internet endpoints. These checks help make sure that the cloud-connected services are available. It also helps you troubleshoot issues by quickly determining if network connectivity is a problem.

 

Improvements to the administration service - The Configuration Manager REST API, the administration service, requires a secure HTTPS connection. With the previous methods to enable HTTPS, enabling IIS on the SMS Provider was a prerequisite. Starting in this release, you no longer need to enable IIS on the SMS Provider for the administration service. When you enable the site for enhanced HTTP, it creates a self-signed certificate for the SMS Provider, and automatically binds it without requiring IIS.

 

Update 2010.2 for Technical Preview Branch is available in the Microsoft Endpoint Configuration Manager Technical Preview console. For new installations, the 2010 baseline version of Microsoft Endpoint Configuration Manager Technical Preview Branch is available on the Microsoft Evaluation Center. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features in a test environment before they are made generally available.

 

We would love to hear your thoughts about the latest Technical Preview!  Send us Feedback about product issues directly from the console and use our UserVoice page for ideas about new features.

 

Thanks,

The Configuration Manager team

 

 

Configuration Manager Resources:

Documentation for Configuration Manager Technical Previews

Try the Configuration Manager Technical Preview Branch

Documentation for Configuration Manager

Microsoft Endpoint Manager announcement

Microsoft Endpoint Manager vision statement

Configuration Manager Forums

Configuration Manager Support

Updated Oct 30, 2020
Version 1.0
  • Stefano_Nieri's avatar
    Stefano_Nieri
    Brass Contributor

    Wowww, finally the BitLocker policies and escrow recovery keys!!! Great news