In this post, we will go through new features released in Configuration Manager 2207 and we can use after upgrading to 2207 version. The update is available in SCCM console under updates and servicing node as an in-console update. if you are running SCCM version 2103 or later version, you can upgrade to latest version. You can use service connection point site system role to update online and when the service connection point is offline, use the service connection tool.
Install the update from Central administration site or from standalone primary site. After the update is installed in top level site, proceed with updating child sites. Child Primary sites will be update automatically after CAS update completed. We need to update secondary sites manually after primary site update completed. Automatic update is not supported for secondary sites. Please refer the below link for performing checklist for update 2207 Checklist for 2207 – Configuration Manager | Microsoft Docs
Once the update is completed in sites, please perform checks on site server whether database replication, site components & client reporting are working fine without any issues. Please refer the post update checklist in the following link. Checklist for 2207 – Configuration Manager | Microsoft Docs. Post that, please proceed with updating client agent to latest version so that the clients will be able to use new features released in 2207 version.
Client Settings: Compliance settings evaluation
After updating to version 2207, you can now define a Script Execution Timeout (seconds) when configuring client settings for compliance settings. the timeout value can be set from a minimum of 60 seconds to a maximum of 600 seconds. This new setting allows you more flexibility for configuration items when you need to run scripts that may exceed the default of 60 seconds. Open SCCM console and navigate to Administration workspace -> Client Settings node. Open any of the client settings – Navigate to Compliance Settings.
Automatic deployment rules (ADRs) Improvement
Microsoft has improved automatic deployment rules (ADRs) manageability and you can create folders to organize ADRs. Using this feature, you can move ADRs into the related folders. You can also use PowerShell cmdlets to create folders. Go to the Software Library workspace ->Automatic Deployment Rules and right click go to Folder and select the following options.
- Create Folder
- Delete Folder
- Rename Folder
- Move Folders
- Set Security Scopes
Below PowerShell cmdlets can be used to create & manage folders.
Enhanced Maintenance windows scheduling
Microsoft has enhanced monthly maintenance windows scheduling to better align deployments with the release of monthly software updates by configuring offsets. When you configure maintenance schedule, you can specify an offset of two days after the second Tuesday of the month, sets the maintenance window for Thursday.
Improved Microsoft Defender for Endpoint onboarding
You can now perform automatic deployment of modern, unified Microsoft Defender for Endpoint for Windows Server 2012 R2 & 2016. Microsoft Defender for Endpoint onboarding policies targeting Windows Server 2012 and 2016 devices will use the unified agent instead of the existing Microsoft Monitoring Agent solution if configured through Client Settings.
Endpoint Protection can help manage and monitor Microsoft Defender for Endpoint. Microsoft Defender for Endpoint helps enterprises detect, investigate, and respond to advanced attacks on their networks. Configuration Manager policies can help you onboard and monitor Windows 10 or later clients. Windows Defender Application Guard is now called Microsoft Defender Application Guard in the console.
SCCM Console Improvements
With Configuration Manager 2207, the search bar will now include a Path criteria to show that subfolders in the node are included in the search. The path criteria are informational and can’t be edited. By default, all subfolders will be searched when you perform a search in any node that contains subfolders. You can narrow down the search by selecting the Current Node option from the search toolbar. The dark theme has been available as a pre-release feature and the dark theme extended to additional components such as buttons, context menus, and hyperlinks. Enable this pre-release feature to experience the dark theme.