Leveraging Windows 11 Management Part 3 – Microsoft Endpoint Manager Management

Introduction

From the continuation of the previous part where we had covered all around Windows 11 readiness, this included an interesting overview on how we can look at the readiness across all the areas of Microsoft Endpoint Manager.

Now in this part we want to expand this subject a little bit further but this time with primary focus around the overview of management and leveraging of Windows 11 devices solely within your Microsoft Endpoint Manager environment.

At this point we look at the required levels which we need to reach to be able to accommodate Windows 11 devices into our environment. This part will be the closer for the series as we collate both parts of Microsoft Endpoint Manager as a unified look at how management of Windows 11 devices will be.

Configuration Manager Prerequisite Levels

Of course before you start your transition into managing Windows 11 with SCCM, you of course need to be made aware of the prerequisites which your site needs to have before you can start managing these devices.

Current Branch Levels

You will need to have a minimum level of SCCM 2107 in order for you to be properly managing Windows 11 devices. Now you may be able to get away with installing a client version which is not the same level but it wouldn’t be recommended as chances are this will cause a ton of issues with reliability of the managed device.

You may also run into an error code within the ccmsetup.log in C:\Windows\ccmsetup\logs which would evolve around the same information as stated above.

Further information on these levels can be found here

Windows ADK Levels

You would ideally need to be running the Windows 11 ADK going forward in order to fully support your Windows 11 estate.

You can do this with ADK 2004 as well, but depending on what stage you are at in terms of phasing out Windows 10 devices then you may want to look into this for the future, especially where using Task Sequences are concerned if you are indeed utilising gold image or hybrid image builds.

Further information on the ADK levels can be found here

Step Closer to Modern Management

With your Windows 10 devices being at a minimum of 1607 (1909 preferred) you are in a good position to consider modern management.

That is assuming of course these are your ONLY type of devices which are being managed within configuration manager at present. Meeting this requirement is fine, but of course your estate then incorporating Windows 11 devices or if only managing Windows 11 devices you are in a great position to transition to Modern Management.

A lot of organisations tend to use co-management topology because of the convenience of not having to be fully committed to one centralized area, especially considering when you have legacy clients to take into account where you could be put in a position to be monitoring two areas.

Utilising endpoint analytics

Endpoint analytics is the replacement for desktop analytics, more applicable for Windows 11 devices.

With this you can utilise the endpoint analytics especially when you are in a co-management environment where we can take advantage of using the tenant attach options within our CoMgmtSettingsProd properties.

Below in Figure 1.1 we can see the Configure Upload tab where we can import the devices from Configuration Manager right into the admin center and also enable endpoint analytics for these devices.

Summary

In conclusion, there are a lot of things to consider when it comes to moving to Windows 11, as there is not just the preparations for the devices themselves but you also have to consider whether the centralized solutions which you have in place are also able to accommodate them as well.

Improper planning can cause much bigger issues along the way, which is why its important to plan ahead. Even if this is a time where you may not even be remotely thinking of a migration towards Windows 11, other factors will also play a part such as the support of your overall configuration manager environment.

The further forward the current branch versions will go the more you will see the legacy devices or unsupported devices that you have will phase out of support much more.

The series presented here in parts 1-3 give a introduction on how to look forward and assess the scalability of your environment.

Share:

Facebook
Twitter
LinkedIn
Picture of Dujon Walsham

Dujon Walsham

Contact Us

=
On Key

More Posts

WME Cybersecurity Briefings No. 034
Cyber Security

WME Security Briefing 18 November 2024

New LightSpy Spyware Variant Poses Increased Threat to iPhone Users Overview Recent analysis reveals an enhanced version of the iOS spyware, LightSpy. It targets iPhones with advanced surveillance features and destructive capabilities. Basically, detected for the first time

Click Here to Read Full Article »
WME Cybersecurity Briefings No. 033
Cyber Security

WME Security Briefing 08 November 2024

Evasive Panda Exploits CloudScout Toolset to Hijack Cloud Service Sessions in Taiwan Overview A recent cybersecurity report disclosed an advanced cyber espionage campaign conducted by the China-affiliated threat actor, Evasive Panda, deploying a novel malware toolset called CloudScout. The operation

Click Here to Read Full Article »
WME Cybersecurity Briefings No. 032
Cyber Security

WME Security Briefing 30 October 2024

Chinese Nation-State Hackers APT41 Target Gambling Industry for Financial Gain Overview The Gambling and Poker industry experienced a sophisticated cyber attack last month, orchestrated by the notorious Chinese nation-state group APT41 ( AKA Brass Typhoon, Earth Baku, Wicked

Click Here to Read Full Article »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=