The recent release of ConfigMgr 1706 brought a lot of improvements and a few cool new features. 1706 is currently in the fast ring and should make start to make it to environments over the next few weeks. If you want it to show up immediately, download and execute this PowerShell script on your primary site server: https://gallery.technet.microsoft.com/ConfigMgr-1706-Enable-9dd40f68. After executing the script, run an update check from the Updates and Servicing node of your console.
Azure AD Integrations
There’s now one wizard to integrate ConfigMgr with the various services provided by Azure, including setting up the OMS Connector and Upgrade Readiness tools. For cloud management, users can now authenticate using Azure AD, and you can do discovery of Azure AD user objects (more on this in a later blog). Azure AD can also now authenticate your clients, replacing the need for client authentication certificates. Finally, you can now install the ConfigMgr client on devices that are on the Internet.
Software Update Point Improvements
In ConfigMgr 1702, clients started obeying boundary groups when looking for a software update point. This was a big step up and provided administrators with the ability to specific SUP’s based on boundary group. Administrators still lacked the ability to set a time for fallback, which is now available in 1706. Also, clients will now start rotating SUP’s if it cannot reach it’s assigned one for 2 hours (this will also be configurable in a later version).
ConfigMgr will also now deliver driver and firmware updates for the Microsoft Surface line of laptops/tablets. These will show up like any other update. Your SUP’s must be running Server 2016 for this to work (no word on a hotfix or anything to make it work on older operating systems). Note that this also requires your primary site server to also be on Server 2016.
Two changes were made to OSD. First, you can now collapse task sequence groups. This should make reading long task sequences much easier. Next, you now have the option to reload boot images to the current WinPE. This will be helpful when upgrading your ADK, as you’ll no longer have to manually import the new WinPE images.
Sorry, no nested task sequences yet (or, calling a task sequence from another task sequence). Hopefully that will be in the next version.
PowerShell Scripts from the Console
Arguably the best new feature of this release. The feature allows you to execute a pre-approved PowerShell script on a client from the right-click menu when selecting a client. These scripts must be imported prior to running them and approved by an administrator. These scripts are not deployed, instead they are executed in real-time on clients. The console will tell you the result of the script. Look for a detailed blog on this in the future.
All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.