Configuration Manager 1602 Changes – Part 1

 

Here are few new items in the 1602 branch of Configuration Manager

 

  1. A new option in the Software Center that allows the user to poll the user and machine policies (without going through the Control Paten applet). In Software Center (after the new client push), a Sync Policy button has been added to the Options > Computer Maintenance page.

  1. Windows 10 Device Health Attestation. This can be enabled in Administration > Overview > Client Settings under Computer Agent

To view the device health attestation view, in the Configuration Manager console go to the Monitoring workspace of, click Security node, and then click Health Attestation.

  1. Configuration Manager sites that run version 1602 or later support the in-place upgrade of the site servers operating system from Windows Server 2008 R2 to Windows Server 2012 R2. Before you upgrade to Windows Server 2012 R2, you must uninstall WSUS 3.2 from the server.
  2. New filter options are available for Windows 10 servicing plans that allow you to filter for Language, Required, and Title. Only upgrades that meet the specified criteria will be added to the associated deployment. Prior this change, all upgrades were being downloaded regardless of language or SKU.

Disable Wi-Fi Sense – Windows 10

Option 1.

Update to registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\config

Or via Login Script or during the task sequences in Configuration Manager or MDT (post image install)

reg add HKLM\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\config /t REG_DWORD /v AutoConnectAllowedOEM /d 0

Option 2.

Modify Unattend.xml to add Microsoft-Windows-WiFiNetworkManager

Set WiFiSenseAllowed to 0

Option 3.

For Windows 10 build 1511 or later

Configure the Group Policy Object Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services under

Computer Configuration\Administrative Templates\Network\WLAN Service\WLAN Settings\.

MDT 2013 Update 2 Now Available

Microsoft has just released an update to MDT 2013 today as Update 2.  Update 1 provided Windows 10 support (Windows 10 supported ADK is needed still).  Update 2 as stated in the blog does not add major new features but adds some improvements to existing features and functionality.

http://blogs.technet.com/b/msdeployment/archive/2015/12/22/mdt-2013-update-2-now-available.aspx

@jparekh_tech (Twitter)
jparekh at netrixllc dot com
www.desktopguy.com

Enabling iOS 9 Extension for Microsoft Intune in System Center 2012 R2 Configuration Manager SP1 CU1

On September 24, 2015 Microsoft announced support for iOS9 through he iOS9 extension for Microsoft Intune in Configuration Manager.

To enable the extension, go to your SCCM console (2012 R2 SP1 CU1).  Under Administration, expand Cloud Services and click Extension for Microsoft Intune.

2015-10-17_11-15-47

In the right pane, right click the iOS 9 Extension and click Enable (or from the toolbar).  If you do not have CU1, this can fail.

2015-10-17_11-06-33

Accept the License Terms – make sure you read all of it first 🙂

2015-10-17_11-19-09

MDM in Windows 10

Built-In Mobile Device Management capabilities in Windows 10

The MDM capabilities provided in Windows covers the complete lifecycle of the device.

  • Enrollment capabilities to automate the MDM enrollment of the device as part of the Azure Active Directory join process.
  • New controls for configuring and managing the Start menu.
  • New controls over Windows updates, allowing you to control when specific Windows updates are deployed to MDM-managed devices (think “WSUS from the cloud”).
  • New AppLocker and Enterprise Data Protection configuration settings.
  • Integration with the Windows Store and the Business Store Portal (BSP) to enable automated app management.
  • Full device wipe capabilities, even for PCs.

These capabilities are supported on all types of devices, including Windows phone devices, PCs and tablets, and Internet-of-Things (IoT) devices.

MDM in Windows 10

Chicago Systems Management Users Group (CSMUG)

After couple of years of debates to do this or not, we have decided to move forward with this group.  There is no similar group like this in Chicagoland area.  We have done topics with the Chicago Windows User Group in the past and will continue to support them in joint events.  However, the membership for a Windows user group vs. a System Center, EMS, datacenter and client management, is much different.

If you are in the Chicago area, please sign up.

http://www.meetup.com/Chicago-Systems-Management-Users-Group-CSMUG/

The group is co-founded by Rich Lilly.  Check out his blog here and follow him on Twitter

Jay @jparekh_tech

Microsoft Desktop Optimization Pack GPO Administrative Templates (#MDOP)

These MDOP Group Policy Templates delivers .admx and .adml templates to manage policy across the enterprise for the following MDOP technologies:

  • App-V 5.0
  • App-V 5.0 SP1
  • App-V 5.0 SP2
  • App-V 5.0 SP3
  • MBAM 1.0
  • MBAM 1.0 R1
  • MBAM 2.0
  • MBAM 2.0 SP1
  • MBAM 2.5
  • UE-V 1.0
  • UE-V 1.0 SP1
  • UE-V 2.0
  • UE-V 2.1

Instructions to deploy MDOP administrative templates at https://technet.microsoft.com/library/dn659707.aspx

More information at https://technet.microsoft.com/en-us/windows/bb899442

Follow me on Twitter  @jparekh_tech and www.desktopguy.com

https://twitter.com/jparekh_tech