CCMEXEC.COM – System Center blog

CCMEXEC.COM – by Jörgen Nilsson

Browsing Posts in System Center Configuration Manager

When I logged in my Microsoft Intune account today it was already updated with the new UI which looks great and all the new cool features are there as well, just in time for my session at Microsoft Techdays 2014 in Stockholm tomorrow. It even looks cool in Swedish ;-)

Intune_2014_swedish

The November update 2014 of Microsoft Intune adds a lot of new features and brings the standalone version of Intune or Cloud only if you like up to parity with the Hybrid solution where you integrate Intune with Configuration Manager. There are actually settings/features that can be used only in the standalone version.
Looking at the TechED session of what will come next with a secure way of managing corporate applications, an app wrapper to manage your LOB apps and Office for Android as well I would say that this brings Intune up as a really strong enterprise device management solution with unique features and end user experience!

So what is new in the November release? It is listed here as as well on the Intune blog which you really should follow: http://blogs.technet.com/b/microsoftintune/archive/2014/11/17/new-microsoft-intune-capabilities-coming-this-week.aspx

  • Enhanced user interface for Intune administration console
  • Ability to restrict access to Exchange on-premises email based upon device enrollment
  • Bulk enrollment of devices using a single service account
  • Lockdown of Supervised iOS devices and devices using Samsung KNOX with Kiosk mode
  • Targeting of policies and apps by device groups
  • Ability to report on and allow or block a specific set of applications
  • Enforcement of application install or uninstall
  • Deployment of certificates, email, VPN and WiFi profiles
  • Ability to push free store apps to iOS devices
  • More convenient access to internal corporate resources using per-app VPN configurations for iOS devices
  • Remote pin reset for Windows Phone 8.1 devices
  • Multi-factor authentication at enrollment for Windows 8.1 and Windows Phone 8.1 devices
  • Ability to restrict administrator access to a specific set of user and device groups
  • Updated Company Portal apps to support customizable terms and conditions

There is a recorded webinar here that shows the new features of Conditional Access: https://azureinfo.microsoft.com/US-Azure-WBNR-FY15-11Nov-EMSWebinarSeries4-Registration-Page.html?ls=Social&WT.mc_id=Blog_Intune_Announce_PCIT

And as I wrote above you will be able to use control access and manage you LOB applications as well in the future and it is demoed here at TechED if you want to have a look: http://channel9.msdn.com/Events/TechEd/Europe/2014/EM-B312

If you haven’t looked at Intune before you really should and if you have look again! If you are attending Techdays 2012 in Stockholm 19-20 November I hope to see you there!

Mine and Stefan Schörling’s (www.cmtrace.com) session, System Center Configuration Manager Community Jewels from TechED Europe 2014 is now live on Channel 9. If you think you saw it already in Houston you are mistaking, we have switched some Demos and added new tools in the presentation like Cireson Remote Manage App, 2Pint Software – BranchCache for OSD. Thanks to all who contribute to the community and thanks to all who attended our session!

http://channel9.msdn.com/Events/TechEd/Europe/2014/EM-B308

Teched_Community

Note: And my name is not Stefan…… ;-) ;-) ;-)

Stefan(www.cmtrace.com)  and I had the great honor of presenting Configuration Manager Community Jewels at TechED Europe 2014, it was great fun!
There are so many cool tools out there that can save a lot of time, increase the quality in what we do and improve the implementations out there as well. Thanks to all who contribute to the community and thanks to all who attended our session!

We have collected all the links to the tools we showed and many many more on a TechNet Wiki page so that everyone can edit and add their own favorite tools you use or create on your own. http://social.technet.microsoft.com/wiki/contents/articles/22802.system-center-2012-configuration-manager-tools.aspx

I also do feel a need to apologize to all who have created tools that we haven’t found or didn’t have the time do mention or show. :-(

When preparing for our session a TechED 2014 in Barcelona on Community Tools, we found this nice little tool that adds BranchCache support in WinPE, which means that during OS deployment the client can download the content from a client on the local network instead of pulling it from a DP, this is great for small branch offices for instance without a DP. It can be found here: http://2pintsoftware.com/portfolio-items/branchcache-for-osd-toolkit/ At TechED 2014 Europe it was also announced that BranchCache support will be added in WinPE in ConfigMgr vNext as well, so this is a technology that is coming.

I created an OSD Task sequence,updated the boot image, enabled BranchCache and added the tools and steps from the toolkit to my Task Sequence. To prestage the data on another client in the network I created a check in the start of the Task Sequence to see if the “Prestage” variable was set to TRUE, if so the Task Sequence will not install anything on the client but it will download all the content and add it to the BranchCache on the client.

2pint1

Then I deployed the task sequence with the option “download all content locally before starting the Task Sequence” remember to make sure that the content will fit in the CCMCache.

After that I deployed a client and it used the BranchCache from the client on the same network, really cool! We like free stuff

2pint2

The reporting is awesome as well be sure to check it out!

2pint3

Here is a short video from 2Pint Software as well: https://www.youtube.com/watch?v=4HcRRb-ayW4

At Teched 2014 in Barcelona some new information about the next version of Microsoft Intune and Configuration Manager / MDT vNext was displayed and mentioned. The session recordings are now out be sure to check them out!

Enterprise Client Management with System Center Configuration Manager and Intune

This session outlines the current and future plans for Intune and System Center Configuration Manager. We also provide a sneak peek into the newest enhancements for managing Windows, Windows Phone, iOS, and Android systems
http://channel9.msdn.com/Events/TechEd/Europe/2014/EM-B216

What’s New and Upcoming with OS Deployment in System Center Configuration Manager and the Microsoft Deployment Toolkit

This session covers future improvements for deployment and upgrade in the next versions of System Center Configuration Manager, Microsoft Deployment Toolkit, and Windows. Learn how Microsoft is gearing up to make the deployment and upgrade of the next version of Windows on Configuration Manager the easiest yet.
http://channel9.msdn.com/Events/TechEd/Europe/2014/EM-B326

There is a session today Thursday that sounds really interesting as well, EM-B312 Mobile Application Management with Intune

Be sure to check them out!



I thought I must write this one as well for all the Configuration Manager / Intune geeks out there like myself. All the sessions at Teched that are related to Configuration Manager 2012 / Intune. A couple of the sessions looks really promising with perhaps new stuff?:

-          EM-B317 – Configuring Corporate-Owned Mobile Devices with Intune, where the Apple Configurator will be used to bulk enroll iOS devices: In this session, learn how to use Apple Configurator to bulk-enroll iOS devices, how to tightly control devices usage, and how to pre-provision apps and policies to devices. We walk you through how Intune enables IT pros to keep devices secure and managed, while enabling end users to be productive. Not all mobile devices are personally owned. Often, corporations own the devices and issue them to end users. It’s up to the IT pro to configure these devices.  Intune and System Center Configuration Manger make it easy for IT pros to provision, configure, and manage corporate-owned devices.

-          EM-B216 – Enterprise Client Management with System Center Configuration Manager and Intune: This session outlines the current and future plans for Intune and System Center Configuration Manager. We also provide a sneak peek into the newest enhancements for managing Windows, Windows Phone, iOS, and Android systems.

All the Configuration Manager 2012 R2 and Intune related sessions.

-          EM-B216 – Enterprise Client Management with System Center Configuration Manager and Intune

-          EM-B326 – What’s New and Upcoming with OS Deployment in System Center Configuration Manager and the Microsoft Deployment Toolkit

-          EM-B321 – Infrastructure Deployment for Mobile Device Management with System Center Configuration Manager and Intune

-          WIN-B312 – Deploying Microsoft BitLocker Administration and Monitoring 2.5 (yes, it includes the integration with ConfigMgr)

-          EM-B320 – Securing Mobile Device Access to Corporate Resources with Intune

-          EM-B312 – Mobile Application Management with Intune

-          EM-B308 – System Center Configuration Manager Community Jewels

-          CDP-B308 – Compliance and Patch Management for Linux and UNIX in System Center 2012 R2

-          WIN-B351 – Enterprise App Deployment for Windows and Windows Phone

-          EM-B317 – Configuring Corporate-Owned Mobile Devices with Intune

Sessions not to miss during TechED 2014 in Barcelona. After the Keynote there are foundational sessions which will go deeper into each of the topics demoed/presented during the keynote.

My problem this year is that there are so much great content, I want to attend both of these two foundational sessions. Lucky me that they will be available on Channel 9 afterwards J

-          Windows 10: What’s in it for the Enterprise?

-          Empowering Enterprise Mobility

Breakout sessions during the week.

There are many great sessions during the week I will list some of the ones I will attend that is related to Enterprise Client Management in some way. There are so many great looking Windows 10 sessions, it is going to be a great week!

-          EM-B210 – Hybrid Identity with Active Directory, Microsoft Identity Manager and Microsoft Azure Active Directory

-          WIN-B335 – Windows 10: User Experience

-          EM-B216 – Enterprise Client Management with System Center Configuration Manager and Intune

-          WIN-B324 – Real-World Windows Deployment: Notes from the Field

-          WIN-B336 – Windows 10: Disrupting the Revolution of Cyber-Threats with Revolutionary Security

-          EM-B326 – What’s New and Upcoming with OS Deployment in System Center Configuration Manager and the Microsoft Deployment Toolkit

-          WIN-B338 – Windows 10: Deployment

-          EM-B316 – Directory Integration: Creating One Directory with Active Directory and Azure Active Directory

-          EM-B321 – Infrastructure Deployment for Mobile Device Management with System Center Configuration Manager

-          WIN-B331 – Windows 10: Overview

-          WIN-B337 – Windows 10: The End Game for Passwords and Credential Theft

-          EM-B312 – Mobile Application Management with Intune

-          WIN-B339 – Windows 10: Protecting Your Data with Containers Without Boxing Yourself In

-          WIN-B334 – Windows 10: Management

-          EM-B317 – Configuring Corporate-Owned Mobile Devices with Intune

So much great content, and remember it will be available on Channel 9!

One of the updates that was released as part of the October 2014 Patch Tuesday release, kb2984976 requires multiple reboots on Windows 7 and Windows 2008 R2 when deployed as a software update in a Task Sequence and breaks the task sequence. It is actually in the description for the KB, “You may have to restart the computer multiple times when you install this update”

The KB article that lists all updates that requires multiple reboots and breaks task sequence execution after the Install Software Updates step  is not updated yet when writing this. The article with the well.-known updates is “Software Updates That Require Multiple Reboots may Cause Task Sequence Failure within Configuration Manager“ http://support.microsoft.com/kb/2894518/

The reports of this started to appear on forums last friday. Thanks all for sharing the issues they see..