Top New features in Configuration Manager 2207

In this post, we will go through new features released in Configuration Manager 2207 and we can use after upgrading to 2207 version. The update is available in SCCM console under updates and servicing node as an in-console update. if you are running SCCM version 2103 or later version, you can upgrade to latest version. You can use service connection point site system role to update online and when the service connection point is offline, use the service connection tool.

Install the update from Central administration site or from standalone primary site. After the update is installed in top level site, proceed with updating child sites. Child Primary sites will be update automatically after CAS update completed. We need to update secondary sites manually after primary site update completed. Automatic update is not supported for secondary sites. Please refer the below link for performing checklist for update 2207 Checklist for 2207 – Configuration Manager | Microsoft Docs

Once the update is completed in sites, please perform checks on site server whether database replication, site components & client reporting are working fine without any issues. Please refer the post update checklist in the following link. Checklist for 2207 – Configuration Manager | Microsoft Docs. Post that, please proceed with updating client agent to latest version so that the clients will be able to use new features released in 2207 version.

Client Settings: Compliance settings evaluation

After updating to version 2207, you can now define a Script Execution Timeout (seconds) when configuring client settings for compliance settings. the timeout value can be set from a minimum of 60 seconds to a maximum of 600 seconds. This new setting allows you more flexibility for configuration items when you need to run scripts that may exceed the default of 60 seconds. Open SCCM console and navigate to Administration workspace -> Client Settings node. Open any of the client settings – Navigate to Compliance Settings.

Automatic deployment rules (ADRs) Improvement

Microsoft has improved automatic deployment rules (ADRs) manageability and you can create folders to organize ADRs. Using this feature, you can move ADRs into the related folders. You can also use PowerShell cmdlets to create folders. Go to the Software Library workspace ->Automatic Deployment Rules and right click go to Folder and select the following options.

  • Create Folder
  • Delete Folder
  • Rename Folder
  • Move Folders
  • Set Security Scopes

Below PowerShell cmdlets can be used to create & manage folders.

  • New-CMFolder
  • Set-CMFolder
  • Get-CMFolder
  • Remove-CMfolder

Enhanced Maintenance windows scheduling

Microsoft has enhanced monthly maintenance windows scheduling to better align deployments with the release of monthly software updates by configuring offsets. When you configure maintenance schedule, you can specify an offset of two days after the second Tuesday of the month, sets the maintenance window for Thursday.

Improved Microsoft Defender for Endpoint onboarding

You can now perform automatic deployment of modern, unified Microsoft Defender for Endpoint for Windows Server 2012 R2 & 2016. Microsoft Defender for Endpoint onboarding policies targeting Windows Server 2012 and 2016 devices will use the unified agent instead of the existing Microsoft Monitoring Agent solution if configured through Client Settings.

Endpoint Protection can help manage and monitor Microsoft Defender for Endpoint. Microsoft Defender for Endpoint helps enterprises detect, investigate, and respond to advanced attacks on their networks. Configuration Manager policies can help you onboard and monitor Windows 10 or later clients. Windows Defender Application Guard is now called Microsoft Defender Application Guard in the console.

SCCM Console Improvements

With Configuration Manager 2207, the search bar will now include a Path criteria to show that subfolders in the node are included in the search. The path criteria are informational and can’t be edited. By default, all subfolders will be searched when you perform a search in any node that contains subfolders. You can narrow down the search by selecting the Current Node option from the search toolbar. The dark theme has been available as a pre-release feature and the dark theme extended to additional components such as buttons, context menus, and hyperlinks. Enable this pre-release feature to experience the dark theme.



Contact Us

On Key

More Posts

WME Security Briefing 27 May 2024

Kinsing Hacker Group Exploits Docker Vulnerabilities Overview Recent investigations have shown that the hacker group Kinsing is actively exploiting Docker vulnerabilities to gain unauthorized access to systems. The modified hacker group targets misconfigured Docker API ports deployed with cryptocurrency mining malware.

Read More »
WME Cybersecurity Briefings No. 010
Cyber Security

WME Security Briefing 20 May 2024

Advanced Persistent Threats: North Korean Hackers Launch Golang Malware Overview A new malware strain, called Titan Stealer, is currently actively circulating in the threat landscape, targeting a variety of personal data and linked to North Korean state-sponsored cyber espionage

Read More »
WME Cybersecurity Briefings No. 009
Cyber Security

WME Security Briefing 08 May 2024

Exploitable vulnerability in Microsoft Internet Explorer, used to deploy VBA Malware Overview Cybersecurity researchers discovered a severe exploitation targeting a bug that had already been patched in the Microsoft Internet Explorer browser. Their report added that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.