Leveraging Windows 11 Management Part 3 – Microsoft Endpoint Manager Management

Introduction

From the continuation of the previous part where we had covered all around Windows 11 readiness, this included an interesting overview on how we can look at the readiness across all the areas of Microsoft Endpoint Manager.

Now in this part we want to expand this subject a little bit further but this time with primary focus around the overview of management and leveraging of Windows 11 devices solely within your Microsoft Endpoint Manager environment.

At this point we look at the required levels which we need to reach to be able to accommodate Windows 11 devices into our environment. This part will be the closer for the series as we collate both parts of Microsoft Endpoint Manager as a unified look at how management of Windows 11 devices will be.

Configuration Manager Prerequisite Levels

Of course before you start your transition into managing Windows 11 with SCCM, you of course need to be made aware of the prerequisites which your site needs to have before you can start managing these devices.

Current Branch Levels

You will need to have a minimum level of SCCM 2107 in order for you to be properly managing Windows 11 devices. Now you may be able to get away with installing a client version which is not the same level but it wouldn’t be recommended as chances are this will cause a ton of issues with reliability of the managed device.

You may also run into an error code within the ccmsetup.log in C:\Windows\ccmsetup\logs which would evolve around the same information as stated above.

Further information on these levels can be found here

Windows ADK Levels

You would ideally need to be running the Windows 11 ADK going forward in order to fully support your Windows 11 estate.

You can do this with ADK 2004 as well, but depending on what stage you are at in terms of phasing out Windows 10 devices then you may want to look into this for the future, especially where using Task Sequences are concerned if you are indeed utilising gold image or hybrid image builds.

Further information on the ADK levels can be found here

Step Closer to Modern Management

With your Windows 10 devices being at a minimum of 1607 (1909 preferred) you are in a good position to consider modern management.

That is assuming of course these are your ONLY type of devices which are being managed within configuration manager at present. Meeting this requirement is fine, but of course your estate then incorporating Windows 11 devices or if only managing Windows 11 devices you are in a great position to transition to Modern Management.

A lot of organisations tend to use co-management topology because of the convenience of not having to be fully committed to one centralized area, especially considering when you have legacy clients to take into account where you could be put in a position to be monitoring two areas.

Utilising endpoint analytics

Endpoint analytics is the replacement for desktop analytics, more applicable for Windows 11 devices.

With this you can utilise the endpoint analytics especially when you are in a co-management environment where we can take advantage of using the tenant attach options within our CoMgmtSettingsProd properties.

Below in Figure 1.1 we can see the Configure Upload tab where we can import the devices from Configuration Manager right into the admin center and also enable endpoint analytics for these devices.

Figure 1.1 – Tenant Attach Options in SCCM

Summary

In conclusion, there are a lot of things to consider when it comes to moving to Windows 11, as there is not just the preparations for the devices themselves but you also have to consider whether the centralized solutions which you have in place are also able to accommodate them as well.

Improper planning can cause much bigger issues along the way, which is why its important to plan ahead. Even if this is a time where you may not even be remotely thinking of a migration towards Windows 11, other factors will also play a part such as the support of your overall configuration manager environment.

The further forward the current branch versions will go the more you will see the legacy devices or unsupported devices that you have will phase out of support much more.

The series presented here in parts 1-3 give a introduction on how to look forward and assess the scalability of your environment.

Share:

Facebook
Twitter
LinkedIn
Picture of Dujon Walsham

Dujon Walsham

Contact Us

=
On Key

More Posts

E-Commerce Security - Solutions for Online Retailers
Azure

E-commerce Security – Solutions for Online Retailers

Today’s hyper-charged e-commerce landscape demands top-notch cybersecurity measures. Cybersecurity for this bustling sector isn’t just about ticking a technical box; it’s the cornerstone of building trust. As businesses and consumers flock to the online space, the

Read More »
WME Cybersecurity Briefings No. 017
Cyber Security

WME Security Briefing 08 July 2024

SnailLoad: A New Stealthy Threat to Web Privacy Overview: Researchers discover a concerning new side-channel attack technique: SnailLoad. It exploits inherent weaknesses in the internet to potentially monitor a user’s web activity without requiring any direct access to

Read More »
WME Cybersecurity Briefings No. 016
Cyber Security

WME Security Briefing 27 June 2024

ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor Overview An unknown Golang-based backdoor GoRed is being employed by the cybercrime gang ExCobalt. This group has roots dating back to at least 2016 and possibly originates

Read More »
Top 7 Office 365 Backup Solutions
Cloud Computing

Top 7 Office 365 Backup Solutions

Let’s explore the top 7 Microsoft 365 (Office 365) backup and recovery solutions. These solutions feature, among others, automated backups, detailed reporting, and efficient deduplication. We will guide you through their pros and cons and what

Read More »
WME Cybersecurity Briefings No. 015
Cyber Security

WME Security Briefing 24 June 2024

Google’s Privacy Sandbox Faces Scrutiny Over User Tracking Allegations Overview Google’s Privacy Sandbox was initially designed to replace third-party cookies in Chrome. It was a more privacy-conscious solution, but the Austrian privacy group Noyb is now

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=