Configuration Manager 1602 Changes – Part 1

 

Here are few new items in the 1602 branch of Configuration Manager

 

  1. A new option in the Software Center that allows the user to poll the user and machine policies (without going through the Control Paten applet). In Software Center (after the new client push), a Sync Policy button has been added to the Options > Computer Maintenance page.

  1. Windows 10 Device Health Attestation. This can be enabled in Administration > Overview > Client Settings under Computer Agent

To view the device health attestation view, in the Configuration Manager console go to the Monitoring workspace of, click Security node, and then click Health Attestation.

  1. Configuration Manager sites that run version 1602 or later support the in-place upgrade of the site servers operating system from Windows Server 2008 R2 to Windows Server 2012 R2. Before you upgrade to Windows Server 2012 R2, you must uninstall WSUS 3.2 from the server.
  2. New filter options are available for Windows 10 servicing plans that allow you to filter for Language, Required, and Title. Only upgrades that meet the specified criteria will be added to the associated deployment. Prior this change, all upgrades were being downloaded regardless of language or SKU.

Chicago Systems Management Users Group (CSMUG)

After couple of years of debates to do this or not, we have decided to move forward with this group.  There is no similar group like this in Chicagoland area.  We have done topics with the Chicago Windows User Group in the past and will continue to support them in joint events.  However, the membership for a Windows user group vs. a System Center, EMS, datacenter and client management, is much different.

If you are in the Chicago area, please sign up.

http://www.meetup.com/Chicago-Systems-Management-Users-Group-CSMUG/

The group is co-founded by Rich Lilly.  Check out his blog here and follow him on Twitter

Jay @jparekh_tech

Enroll Windows 10 Enterprise Preview to Hybrid ConfigMgr + Microsoft Intune

The following are quick steps to enroll the Microsoft Windows 10 Insiders Preview (as of build 10130) to Microsoft Intune in a hybrid environment with Microsoft System Center 2012 R2 SP1 Configuration Manager (SCCM).

This assume you have already configured Microsoft Intune into your SCCM environment.

  1. In the SCCM console, navigate to Administration -> Overview -> Cloud Services -> Microsoft Intune Subscriptions.
  2. On the top ribbon bar, click the Configure Platforms button. Click Windows in the drop down

  3. From the Microsoft Intune Subscription Properties, click the Enable Windows enrollment.

  1. Log onto your Windows 10 desktop, go to Settings and choose Network and Internet

  2. Click on Accounts and then Work access. On the Connect to work or school section, click the + Connect

  3. Enter your work email address that are Intune enabled (an account that has synchronization between your on-premise Active Directory and Windows Azure Active Directory). After you click continue, you will be sent to the Microsoft site to authenticate.

  4. Once done, you see the connected account on the main section.

  5. In the SCCM console, you will now be able to see your newly enrolled device as a Mobile device. You will be able to deploy applicable compliance policies just like any other mobile devices in your organization.

-Jay

Hybrid – Intune Mobile Application Management and Conditional Access for Outlook blog NOTE

As most have seen the blog announcing the Intune Mobile Application Management and Conditional Access for Outlook.  At the very bottom, there is a Note about the hybrid customers (SCCM) availability that seems to be missed by few folks when they update to SP1.

Note: These features are currently available in Intune standalone (cloud only) and will be made available to hybrid customers by July 2 as part of an upcoming Intune service update.

Microsoft Intune – March Update

Microsoft will be making the next update for Microsoft Intune between March 4, 2015 and March 7, 2015. New Intune standalone (cloud only) features that will be released as part of this service update include:

  • Ability to streamline the enrollment of iOS devices purchased directly from Apple or an authorized reseller with the Device Enrollment Program (DEP)
  • Ability to restrict access to SharePoint Online and OneDrive for Business based upon device enrollment and compliance policies
  • Management of OneDrive apps for iOS and Android devices
  • Ability to deploy .appx files to Windows Phone 8.1 devices
  • Ability to restrict the number of devices a user can enroll in Intune

It’s important to note that the updates are for the stand alone Cloud only and not the integrated with SCCM. Updated to the integrated extensions are usually 3-6 months after the standalone is available.

Jay