What s new in System Center Configuration Manager Current Branch? Ievgen Liashov

Similar documents
What s new in Configuration Manager 1702 and beyond. Jörgen Nilsson.

Kent Agerlund Enterprise Mobility MVP & Microsoft Regional Director

PowerShell for System Center Configuration Manager Administrators

Windows 8 Deployment

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

Windows 10. scalable IT services & solutions. October 25, Bruce Ward, VP of Business Strategy. Dan Sharp, Senior Consultant

ZENworks 2017 What s New Reference. December 2016

Quo vadis? System Center Configuration Manager Full managed desktop. Mobile device management Light managed device policies, inventory,

Microsoft. MS-101 EXAM Microsoft 365 Mobility and Security. m/ Product: Demo File

Implementing a Desktop Infrastructure

A tale of Modern Management Part 1

Q&A. DEMO Version

Course 10747D: Administering System Center 2012 Configuration Manager Exam Code:

CAN MICROSOFT HELP MEET THE GDPR

Co se změnilo ve Windows 10 z pohledu IT administrátora

1 Introduction Requirements Architecture Feature List... 3

PowerShell for System Center Configuration Manager Administrators (55133)

IBM Endpoint Manager. OS Deployment V3.5 User's Guide

Categories Administrative Security Categories 57 Alerts Hidden Categories 2 Asset Intelligence Total 59 Client Push Client Status Total Reports 541

CONDITIONAL ACCESS FROM A TO Z

Comprehensive cloud platform. Cost savings and increased efficiencies. Support for a modern work style

Use EMS to protect your mobile data and mobile app

Managing Windows-based Dell Wyse Thin Clients using System Center Configuration Manager Administrator s Guide

Deployment Genval November 2018

ASSURANCE CONTINUITY MAINTENANCE REPORT FOR. Microsoft Windows 10 IPsec VPN Client (VPNPP14)

McAfee MVISION Mobile Microsoft Intune Integration Guide

Windows 10 Deployment and Security. Crissier Jean-Francois Ageneau

EXAM Upgrading Your Windows XP Skills to MCSA Windows 8.1. Buy Full Product.

Office 365: Modern Workplace

KillTest *KIJGT 3WCNKV[ $GVVGT 5GTXKEG Q&A NZZV ]]] QORRZKYZ IUS =K ULLKX LXKK [VJGZK YKX\OIK LUX UTK _KGX

MD-101: Modern Desktop Administrator Part 2

Implementing a Desktop Infrastructure

"Charting the Course... MOC B Implementing a Desktop Infrastructure. Course Summary

10747D: Administering System Center 2012 Configuration Manager

Administering System Center 2012 Configuration Manager

Deploying Windows 7 Using MDT UDI

IBM Endpoint Manager. OS Deployment V3.8 User's Guide - DRAFT for Beta V.1.0 (do not distribute)

McAfee MVISION Mobile Microsoft Intune Integration Guide

MCSE- Windows Server 2012

Keeping Current with Windows 10. Jon Anderson Senior Systems Consultant, Now Micro December 5 th, 2018

Adnan Cloud Solutions Architect. SAFFA living in Netherlands, work globally. Microsoft Trainer +25y (xrl MSLearning)

WORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong

IMPLEMENTING A DESKTOP INFRASTRUCTURE. Course: 20415A Duration: 5 Days; Instructor-led

Windows 7 Deployment Key Milestones

70-247: Configuring and Deploying a Private Cloud with System Center 2012

ForeScout Extended Module for VMware AirWatch MDM

GET YOUR HOUSE IN ORDER. Patching and Imaging Creation Strategies

Session 7: Configuration Manager

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

Mastering the Move to Modern Management using ConfigMgr

10747D: ADMINISTERING SYSTEM CENTER 2012 CONFIGURATION MANAGER

ADMINISTERING SYSTEM CENTER 2012 CONFIGURATION MANAGER

Exam : Implementing Microsoft Azure Infrastructure Solutions

9 Years in Consulting. Broad experience in Microsoft Infrastructure solutions. Specialised in Windows 10 & Surface familly

Implementing a Desktop Infrastructure

Symantec Mobile Management for Configuration Manager 7.2 MR1 Release Notes

Waiting for another installation to complete. Waiting for another installation to complete

"Charting the Course to Your Success!" MOC D Administering System Center 2012 Configuration Manager. Course Summary

Installing and Configuring Windows 10 (698)

benefits for customers with subscriptions in CSP

MOC ADMINISTERING SYSTEM CENTER 2012 CONFIGURATION MANAGER

Beta Material. This is subject to change

Windows Intune Trial Guide Getting the most from your Windows Intune trial. Simplify PC management. Amplify productivity.

MCSA Windows 10. A Success Guide to Prepare- Installing and Configuring Windows 10. edusum.com

Developing Microsoft Azure Solutions (70-532) Syllabus

Configuration Guide. BlackBerry UEM Cloud

Windows 10 Management Technologies: What s New. Michael Niehaus Senior Product Marketing Manager, Windows Microsoft

COURSE OUTLINE: B Deploying and Managing Windows 10 Using Enterprise Services. Course Name. Course Duration Course Structure Course Overview

ForeScout Extended Module for MaaS360

ForeScout Extended Module for Carbon Black

WS011 - Deploying and Managing Windows 10

Leveraging Azure Services for a Scalable Windows Remote Desktop Deployment

Windows Analytics and Upgrade Readiness configuration. Ievgen Liashov Microsoft MVP Enterprise Mobility

Dpm 2010 Agent Manual Install Workgroup >>>CLICK HERE<<<

Comodo IT and Security Manager Software Version 6.6

Configuration Guide. BlackBerry UEM. Version 12.9

Improve productivity with modernized PCs and Windows 10. Christopher Choong, DTM Field Marketing Manager

Mobility Windows 10 Bootcamp

Parallels Mac Management for Microsoft SCCM. Deployment Guide and Pre-Install Checklist. v6.1

Deploying and Managing Windows 10 Using Enterprise Services

Guide Series. How to upgrade to Microsoft Windows 10? Guide Series

PATCH MANAGER AUTOMATED PATCHING OF MICROSOFT SERVERS AND 3RD-PARTY APPS

System Center Course Administering System Center Configuration Manager. Length. Audience. 5 days

Step by Step Guide to Upgrade SCCM 2012 R2 Environment to SCCM R2 SP1 and R2 SP1 CU2

PLATFORM CONVERGENCE JOURNEY

Comodo IT and Security Manager Software Version 6.4

ForeScout Extended Module for MobileIron

ForeScout Extended Module for IBM BigFix

Sccm 2007 Manual Client Install Command >>>CLICK HERE<<<

Administrering System Center 2012 Configuration Manager vd

Integrating with Microsoft Intune to Enforce Compliance on Macs Managed by Jamf Pro. Technical Paper Jamf Pro or Later 14 December 2017

1 Introduction Requirements Architecture Feature List... 4

Course A: Administering System Center Configuration Manager

IBM Deployment Pack for Microsoft System Center Configuration Manager 2007 Installation and User s Guide

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Exam /Course C or B Configuring Windows Devices

MCSE Mobility. A Success Guide to Prepare- Deploying Windows Desktops and Enterprise Applications. edusum.com

Symantec Endpoint Protection Installation Guide

Duration Level Technology Delivery Method Training Credits. System Center Configuration Manager

BlackBerry UEM Configuration Guide

Transcription:

What s new in System Center Configuration Manager Current Branch? Ievgen Liashov http://liashov.com http://en.liashov.com admin@sccm.com.ua

Introduction IT engineer at METSYS, Paris 14 years experience Microsoft MVP Enterprise Mobility SCCM, SCOM, Intune, MDT 2

Agenda Infrastructure changes Windows 10 support Updates and Servicing New features 3

First things first Name is System Center Configuration Manager 4

Updates and Servicing new role Service connection point (ex-microsoft Intune Connector) is used for: - manage mobile devices with Microsoft Intune - manage mobile devices with on-premises MDM - submitting usage and diagnostic data from Configuration Manager* - downloading updates to Configuration Manager* online and offline modes Service Connection Tool for offline infrastructures can only be installed at the top-tier site of your hierarchy * Microsoft Intune subscription is not required 5

Updates and Servicing Branch Release date 1511 December, 2015 1602 March, 2016 1606 July, 2016 1610 November, 2016 1702 March, 2017 6

Site upgrade Demo 7

Unsupported and deprecated OS: - Windows XP - Windows Vista - Windows Server 2003 - Windows Server 2003 R2 - Windows Server 2008 - Windows Server 2008 R2 SQL Server 2008 R2 Features: - Network Access Protection - Out of Band Management 8

Infrastructure changes A hierarchy supports up to 700,000 A single primary site supports up to 175,000 clients Migrate up to 50 shared distribution points at the same time Cloud management gateway for managing Internet-based clients Connector to the Microsoft Operations Management Suite 9

Infrastructure changes The Data Warehouse service point: - Infrastructure health - Security - Compliance - Malware - Software deployments - Inventory details 10

Infrastructure changes Preferred management point Software update points are added to boundary groups 11

Infrastructure changes Improvements for boundary groups 12

Infrastructure support In-place upgrade ConfigMgr CB 1602 Site Server from Windows 2008 R2 -> 2012 R2 -> 2016 In-place upgrade ConfigMgr CB 1602 SQL Server 2008 R2 SP3 -> SQL Server 2016 SQL Server AlwaysOn support: - You can move your site database to the default instance of an availability group - You can add or remove replica members from an availability group that hosts a site database - You can move your site database from an availability group to a default or named instance of a standalone SQL Server 13

Console improvements Built-in right click tools Object path 14

Client management Client deployment status Client online status Client piloting to pre-production New client settings: - cache size - Office 365 Client Agent management - grace period for enforcement after deployment deadline (hours) 16

Client piloting to preproduction Demo 17

Software updates Multiple deployments for automatic deployment rule Integration with Windows Update for Business in Windows 10 WSUS cleanup task (manually) Manage Office 365 client updates Manually switch clients to a new software update point Restart options for Windows 10 clients after software update installation Run software updates compliance scan immediately after a client installs software updates and restarts Software updates dashboard Filter by content size in automatic deployment rules Deploy Office 365 apps to clients Manage Express installation files for Windows 10 updates 18

Software updates Demo 19

Compliance settings and data protection Support for Windows 10 and Mac OS X Improved workflow for creating mobile device configuration items Integration with Microsoft Passport for Work Compliance settings for devices running Windows 10 Team Kiosk mode settings for Android Samsung KNOX Standard devices New compliance settings for configuration items 20

Conditional access Restricting access based on the health of devices (Health Attestation Service) Conditional access for PCs managed by System Center Configuration Manager New compliance policy rules Make sure enrolled and compliant devices always have access to Exchange on-premises Smart Lock setting for Android devices 21

On-premises Mobile Device Management 23

On-premises Mobile Device Management You can manage devices that do not connect to the Internet or that are limited to accessing a few Internet resources Bulk enrollment of Windows 10 devices with on-premises MDM Requirements: - The Enrollment point - The Enrollment proxy point - Public Key Infrastructure - Distribution point - Microsoft Intune subscription - Management point that supports mobile devices 24

MDM and MAM ios app configuration policies Manage volume-purchased ios apps Automatic creation of Office mobile apps Device enrollment manager role Specifying and monitoring terms and conditions Placing a limit on the number of devices a user can enroll ios Activation Lock Policy sync for Intune-enrolled devices Use compliance settings to configure Windows Defender settings on Intune-enrolled Windows 10 computers Conditional access device compliance policy improvements New Mobile Threat Defense monitoring tools 25

MDM and MAM Use compliance settings to configure Windows Defender settings on Intune-enrolled Windows 10 computers Android and ios versions are no longer targetable in creation wizards for hybrid MDM Android for Work support Deploy volume-purchased ios apps to device collections Support for ios Volume Purchase Program for Education Support for multiple volume-purchase program tokens Support for line of business apps in Windows Store for Business Intune compliance policy charts Lookout integration for hybrid implementations to protect ios and Android devices MAM policies support: - Devices that run Android 4 and later - Devices that run ios 7 and later 26

Operating system deployment Windows 10 Servicing Rings, Plans and Dashboard 27

Windows 10 servicing Demo 28

Operating system deployment Improvements to the task sequence steps: - Install Software Updates a new setting Evaluate software updates from cached scan results - Prepare ConfigMgr Client for Capture completely remove the Configuration Manager client - a new TSUEFIDrive variable will prepare a FAT32 partition for transition to UEFI - OSDPreserveDriveLetter variable has been deprecated Improvements to the Windows 10 Edition Upgrade Policy Manage hardware identifiers Customize the RamDisk TFTP window size for PXE-enabled distribution points Windows 10 ADK tracked by build version Default boot image source path can no longer be changed Support for additional content in stand-alone media Customize the Task Sequence user notification Package ID displayed in task sequence steps Default boot images are regenerated after upgrading Configuration Manager to a new version 29

Operating system deployment Customize the RamDisk TFTP window size for PXE-enabled distribution points Expire stand-alone media Access content directly from the distribution point (Task Sequence Details tab) A new hardware inventory class SMS_Firmware for UEFI mode inventory Return to previous page when a task sequence fails Settings to manage high-risk deployments Pre-cache content for available deployments and task sequences based on the architecture and language values (pre-release feature) Convert from BIOS to UEFI during an in-place upgrade Increased the maximum number of applications that you can install to 99 in the Install Applications task sequence step Improvements to the Auto Apply Driver task sequence (new variables) Peer Cache for content distribution to clients Download Package Content task sequence step 30

OSD improvements Demo 31

Operating system deployment Windows 10 in-place upgrade from Windows 7/8/8.1: - Upgrades the operating system - Retains the applications, settings, and user data on the computer - Has no external dependencies - Is faster and more resilient than traditional operating system deployments - Supplements existing deployment scenarios, which remain supported 32

Operating system deployment Windows 10 in-place upgrade is not supported if you want to: - change the computers domain membership - update Local Administrators - partition disk - change from x86 to x64 - implement UEFI - modify the base operating system language - use 3 rd party disk encryption or 3 rd party anti-virus - implement a custom base image - implement requirements in WinPE offline mode 33

Windows 10 in-place upgrade Demo 34

Operating system deployment Windows PE Peer Cache task sequence starts from boot media and can get the following content objects using Windows PE: - Operating system (OS) image - Driver package - Packages and Programs - Additional boot images Configuring Windows PE Peer Cache: - Task Sequence variables - Client Settings - Task Sequence step 35

Software Center The new Software Center: - a new Sync Policy option - a new look - user-available apps appear under the Application tab - users can request apps - customizable branding for dialogs - improved functionality in dialog boxes about required software 37

Software Center Demo 38

Application management Universal Windows Platform (UWP) apps for devices running Windows 10 and later The new Windows Installer through MDM application type Manage apps from the Windows Store for Business Manage ios volume-purchased apps When you create an application for an in-house ios app you only need to specify the installer (.ipa) file for the app All updates can be installed at once by clicking Install All Check for running executable files before installing an application 39

Application management Demo 40

Device protection A new Endpoint Protection Manager role Improvements to antimalware settings Windows Defender Advanced Threat Protection Deployment of Windows Hello for Business (Passport for Work) Predeclare devices with IMEI or ios serial numbers On-premises Health Attestation service communication New Mobile Threat Defense monitoring tools Device health attestation updates Certificate profiles for Windows Hello for Business New Windows Hello for Business notification for end users 41

Other Office 365 Client Management dashboard Pre-release features Allow your users the opportunity to accept or deny file transfers during remote control session The Content library cleanup tool 42

Microsoft Azure support Scenario 1: Configuration Manager in a Microsoft Azure and clients in a Microsoft Azure Scenario 2: Configuration Manager in a Microsoft Azure and on-premises clients Scenario 3: Configuration Manager site system roles in a Microsoft Azure 43

Resources Microsoft Intune overview https://www.microsoft.com/en-gb/server-cloud/products/microsoftintune/overview.aspx Download Configuration Manager Current Branch for evaluation https://www.microsoft.com/en-gb/evalcenter/evaluate-system-centerconfiguration-manager-and-endpoint-protection Microsoft Virtual Academy https://mva.microsoft.com/ Blog about Configuration Manager, MDT and Intune http://liashov.com Youtube channel about Configuration Manager, MDT and Intune https://goo.gl/b1imez Windows Server 2012 Release Candidate предварительная информация 44

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback