Unified Endpoint Management
65 TopicsUpdate 2403 for Microsoft Configuration Manager current branch is now available.
Update 2403 for Configuration Manager current branch is available as an in-console update. Apply this update on sites that run version 2211 or later. When installing a new site, it will also be available as abaseline versionsoon after general availability. This article summarizes the changes and new features in Configuration Manager, version 2403. Site infrastructure Microsoft Azure Active Directory rebranded to Microsoft Entra ID Starting Configuration Manager version 2403, Microsoft Azure Active Directory is renamed to Microsoft Entra ID within Configuration Manager. Automated diagnostic Dashboard for Software Update Issues A new dashboard is added to the console under monitoring workspace, which shows the diagnosis of the software update issues in your environment this feature can easily identify any issues related to software updates. You can fix software update issues based on troubleshooting documentations. Special credit to Shankar Subramanian and Smita Jadhav for their details and troubleshooting notes. For more information, seeSoftware update health dashboard. Introducing centralized search box: Effortlessly find what you need in the console! Users can now use the global search box in CM console, which streamlines the search experience and centralizes access to information. This feature enhances the overall usability, productivity and effectiveness of CM. Users no longer need to navigate through multiple nodes or sections/ folders to find information they require, saving valuable time and effort. For more information, seeImprovements to console search. Added Folder support for Scripts node in Software Library You can now organize scripts by using folders. This change allows for better categorization and management of scripts. Full Administrator and Operations Administrator roles can manage the folders. For more information, seeFolder support for scripts. HTTPS or Enhanced HTTP should be enabled for client communication from this version of Configuration Manager HTTP-only communication is deprecated, and support is removed from this version of Configuration Manager. Enable HTTPS or Enhanced HTTP for client communication. For more information, seeEnable site system roles for HTTPS or Enhanced HTTP.andDeprecated features Windows Server 2012/2012 R2 operating system site system roles are not supported from this version of Configuration Manager Starting 2403, Windows Server 2012/2012 R2 operating system site system roles aren't supported in any CB releases. Clients with extended support (ESU) will continue to support. For more information, seeSupported-operating-systems-for-site-system-servers. Resource access profiles and deployments will block Configuration manager upgrade Any configured Resource access profiles and deployments block Configuration manager upgrade. Consider deleting them and moving the co-management workload for Resource Access (if co-managed) to Intune. For more information, seeFAQandResource access policies are no longer supported. Software updates New parameter SoftwareUpdateO365Language is added to Save-CMSoftwareUpdate cmdlet A new parameterSoftwareUpdateO365Languageis now added to PowerShell Save-CMSoftwareUpdate cmdlet. Customers now don't have to check a specific language in the SUP Properties (causing a metadata download for that language for all updates). PowerShell Commandlet: Save-CMSoftwareUpdate – SoftwareUpdateO365Language <language name> (<region name>)" Note Languages need to be in O365 format to be consistent with Admin Console UI. E.g. "Hungarian (Hungary)". OS deployment Support for ARM 64 Operating System Deployment Configuration Manager operating system deployment support is now added on Windows 11 ARM 64 devices. Currently Importing and customizing Arm 64 boot images, Wipe and load TS, Media creation TS, WDS PXE for Arm 64 and CMPivot is supported. Enhancement in Deploying Software Packages with Dynamic Variables Administrators while deploying the "Install Software Package" via Dynamic variable with "Continue on error" unchecked to clients, will not be notified with task sequence failures even if package versions on the distribution point are updated. For more information, seeOptions for Install Application. Cloud-attached management Upgrade to CM 2403 is blocked if CMG V1 is running as a cloud service (classic) The option to upgrade Configuration Manager 2403 is blocked if you're running cloud management gateway V1 (CMG) as a cloud service (classic). All CMG deployments should use a virtual machine scale set. For more information, seeCheck for a cloud management gateway (CMG) as a cloud service (classic). Deprecated features Learn about support changes before they're implemented inremoved and deprecated items. System Center Update Publisher (SCUP) and integration with ConfigMgr planned end of support Jan 2024. For more information, seeRemoved and deprecated features for Configuration Manager. Other updates Improvements to BitLocker This release includes the following improvements to BitLocker: Starting in this release, this feature ensures proper verification of key escrow and prevents message drops. We now validate whether the key is successfully escrowed to the database, and only on successful escrow we add the key protector. This feature now prevents a potential data loss scenario where BitLocker is protecting the volumes with keys that are never backed up to the database, in any failures to escrow happens. For more information on BitLocker management, seeDeploy BitLocker management.andPlan for BitLocker management.. From this version of Configuration Manager, the Windows 11 readiness dashboard shows charts for Windows 23H2. Defender Exploit Guards policy for controlled folder now accepts regex in the file path for apps.For example, [C:\Folder\Subfolder\app?.exe] [C:\Folder1\Sub*Name] Next steps At this time, version 2403 is released for slow ring (all in console update), Baseline will be updated in portal soon. Thank you, The Configuration Manager team Additional resources: What’s New in Configuration Manager Documentation for Configuration Manager Microsoft Configuration Manager announcement Microsoft Configuration Manager vision statement Evaluate Configuration Manager in a lab Upgrade to Configuration Manager Configuration Manager Forums Configuration Manager Support Report an issue Provide suggestions28KViews7likes30CommentsDesktop Analytics is now available in Public Preview
Desktop Analytics is now available in public preview. Desktop Analytics provides the insight and automation you need to efficiently get current and stay current with Windows. By integrating with System Center Configuration Manager, Desktop Analytics adds cloud value to your on-premises infrastructure. Read more inZach Dvorak's blog post Welcome to the Tech Community for Desktop Analytics!8.9KViews1like1CommentRecommendations and insights to enrich the Configuration Manager site health and device management
You can now use the Microsoft Intune admin center to view recommendations and insights for your Configuration Manager sites. These recommendations can help you improve the site health and infrastructure along with enriching the device management experience. With so many features and updates available, implementing the right available resources for your infrastructure management is essential. You might be new to the management world, or even if you have been managing your company’s infrastructure for a long time, this feature will provide you with insights that can help you to level up. We are currently providing recommendations that can help in following ways: Help you to simplify your infrastructure by reviewing your hierarchy. Assist you to enhance device management through co-management enablement. Refine gathering of device insights via endpoint analytics enablement. Improve the health of the site by reviewing current peer cache and delivery optimization settings. These recommendations will be based on your current site infrastructure and settings. Applying the recommendations is solely the admin’s discretion. We have created recommendation for TA customer solely based on their Site Configuration without interfering customer's privacy. Each recommendation points out how customer is leveraging features provided in site configuration. Recommendations are derived from database. Each recommendation is evaluated and updated in the next cycle. Recommendation will not be visible in the next cycle if fully applied or recommendation insight will be changed if partially applied. Every cycle we inspect the customer DB through static query and then flow this insight to cloud to show the recommendation. How can you view the recommendations? A user with global admin rights will be able to view recommendations for configuration manager sites that are version 2211 or higher and tenant attached. To view recommendations, open the Microsoft Endpoint Manager admin center, and go to Tenant administration > Connectors and tokens > Microsoft Endpoint Configuration Manager, and select a site to view recommendations for that site. Once selected, you’ll find the Recommendations tab that displays each insight along with a Learn more link that opens details on how to apply that recommendation. We are open to adding more recommendations in future and would love to hear from you!9.3KViews2likes4CommentsExtended Security Updates and Configuration Manager
This article describes software update management and OS deployment using Configuration Manager for clients covered under the ESU program. For those clients covered under the ESU program, the latest released version of Configuration Manager current branch can be used to deploy and install any Windows security updates released under the program.99KViews10likes0CommentsCollect client logs in Configuration Manager Technical Preview 1912
Update 1912 for the Technical Preview Branch of Microsoft Endpoint Configuration Manager has been released. You can now trigger a client device to upload its client logs to the site server by sending a client notification action from the Configuration Manager console.36KViews3likes5CommentsUpdate 2107 for Microsoft Endpoint Configuration Manager current branch is now available
Update 2107 for Microsoft Endpoint Configuration Manager current branch is now available.Starting in this release, you can enable an application deployment to support implicit uninstall. If a device is in a collection, the application installs. Then when you remove the device from the collection, the application uninstalls.32KViews4likes7CommentsManaging remote machines with cloud management gateway in Microsoft Endpoint Configuration Manager
The increase in the global workforce working from home is unsurprisingly putting an added focus from organizations on remote functionality and management.Naturally we have seen an increase in the number of queries, questions and tweets around the tools and features Microsoft Endpoint Manager can offer in the way of remote management of the workforce. One of the most common topics I have had to field enquiries is around the use of cloud management gateway (CMG), usually in conjunction with keeping traffic off the VPN.152KViews19likes70CommentsUpdate 1902 for Configuration Manager current branch is now available
In the 1902 update to Configuration Manager current branch, we continue to deliver value around our core themes of Cloud Value, Customer Voice, Get Current, and Simplification. Get Current with Office is one of our key capabilities in the 1902 update and optional integration with the Readiness Toolkit for Office provides insights to help prepare for Office 365 ProPlus deployments. These insights can now complement your organization’s end-to-end ability to deploy Office 365 ProPlus, from readiness, to deployment, to monitoring.56KViews9likes15CommentsUpdate 2103 for Microsoft Endpoint Configuration Manager current branch is now available
Update 2103 for Microsoft Endpoint Configuration Manager current branch is now available.You can now upgrade a client's Windows OS by using a feature update deployed with a task sequence. This integration combines the simplicity of Windows servicing with the flexibility of task sequences.32KViews1like0Comments