SCCM( System Center Configuration Manager) Update 1706 is available as an in-console for the systems installed with the versions-1606, 1610 or 1702. Below listed are the some new functionalities added in the update 1706 of SCCM.
Operating System Deployment
Mobile Devices Management and
Under this, we can see the following features:
Client peer cache supporting of update files for Office 365 and distribution of express installation files for Windows 10 is available in this release.
In this update, below are some additional accessibility improvements have been introduced for the Configuration Manager Console.
|Ctrl + D||Set the focus to the details pane, when available|
|Ctrl + I||Set the focus to the breadcrumb bar, below the ribbon|
|Ctrl + L||Set the focus to the Search field, when available|
|Ctrl + M||Set the focus on the main (central) pane|
|Ctrl + T||Set the focus to the top node in the navigation pane. If the focus was already in that pane, the focus is set to the last node you visited|
|Alt||Change the focus in and out of the ribbon|
Central Administration sites and Configuration Manager Primary sites include Configuration Manager Update Reset Tool which can be used to fix issues when there are downloading or replicating problems in in-console updates.
With this update, Configuration Manager Console can measure and display different parts of User Interface when viewed on high DPI devices.
In this release, Azure Active Directory(AD) integration with Configuration Manager is improved in a way that streamlines the configuration of Azure services usage with the Configuration Manager
In this updates, below are the new configuration item settings that have been added for Windows 10 devices that are enrolled with Intune, or managed on premises by Configuration Manager. The settings are:
Device name modification
Region settings modification (desktop only)
Language settings modification
Power and sleep settings modification
Language settings modification
System time modification
Use private store only
Auto-update apps from store
Store originated app launch
Smartscreen prompt override for files
Block access to about:flags
Default search engine
SmartScreen prompt override
openSearch XML URL
WebRTC localhost IP address
Homepages (desktop only)
Block USB debugging on device. You do not have to configure this settings as USB debugging is already disabled on Android for Work devices.
Block apps from unknown sources. Require that devices prevent installation of apps from unknown sources. You do not have to configure this setting as Android for Work devices always restrict installation from unknown sources.
Required password type. Specify whether the user must create an alphanumeric password or a numeric password. For alphanumeric passwords, you also specify the minimum number of character sets that the password must have. The four character sets are: Lowercase, uppercase letters, symbols and numbers.
Windows Phone 8+
Samsung KNOX Standard 4.0+
Require threat scan on apps. This setting specifies that the Verify apps feature is enabled on the device.
Android 4.2 through 4.4
Samsung KNOX Standard 4.0+
In Configuration Manager, you can deploy scripts to client devices using packages and programs. In this release, we've added new functionality that lets you take the following actions:
Run scripts on collections of Windows client PCs, and on-premises managed Windows PCs. You don't deploy scripts, instead, they are run in near real time on client devices.
Import PowerShell Scripts to Configuration Manager
Edit the scripts from the Configuration Manager console (for unsigned scripts only)
Mark scripts as Approved or Denied, to improve security
Examine the results returned by the script in the Configuration Manager console.
Beginning with this release, you can use three new mobile application management (MAM) policy settings:
Disable contact sync: Prevents the app from saving data to the native Contacts app on the device.
Block screen capture (Android devices only): Specifies that the screen capture capabilities of the device are blocked when using this app.
Disable printing: Prevents the app from printing work or school data.
Collapsible task sequence groups
This version introduces the ability to expand and collapse task sequence groups. You can expand or collapse individual groups or expand or collapse all groups at once.
Hardware inventory now collects information about whether Secure Boot is enabled on clients. This information is stored in the SMS_Firmware class (introduced in version 1702) and enabled in hardware inventory by default.
When you run Update Distribution Points on a selected boot image, you can now choose to reload the latest version of Windows PE (from the Windows ADK installation directory) in the boot image.
In this release, we have significantly improved the download time for Express Updates.
You can now use Configuration Manager to manage Microsoft Surface driver updates.
All software update points must run Windows Server 2016.
This is a pre-release feature that you must turn on for it to be available.
To manage Surface driver updates
Enable Synchronization for MS Surface drivers. Use the procedure in Configure classification and products and select the Include Microsoft Surface drivers and firmware updates, checkbox on the Classifications tab to enable Surface drivers.
Deploy synchronized Microsoft Surface drivers
Synchronize the Microsoft Surface drivers.
You can now configure deferral policies for Windows 10 Feature Updates or Quality Updates for Windows 10 devices managed directly by Windows Update for Business. You can manage the deferral policies in the new Windows Update for Business Policies node under Software Library > Windows 10 Servicing.
Improvements have been made to leverage the Office Click-to-Run user experience when a client installs an Office 365 update. This includes pop-up and in-app notifications, and a countdown experience.
Windows Analytics is a set of solutions that run on Operations Management Suite. The solutions allow you to form insight into the current state of your environment. Devices in your environment report Windows telemetry data. The data can be accessed through the Operations Management Suite web portal. In the case of Upgrade Readiness the data is directly available in the monitoring node of the Configuration Manager console.
With this release, the values for the Allow data sharing between work and personal profile setting in the Work Profile setting group have been updated. We’ve also added a custom setting to block copy-paste between work and personal profiles.
With this release, you can now specify that users cannot enroll personal Android or iOS devices. New device restriction settings let you limit Android device enrollment to predeclared devices. For iOS devices, you can block enrollment of all devices except those enrolled with Apple's Device Enrollment Program, Apple Configurator, or the Intune device enrollment manager account.
In this release, further capabilities are added to Device Guard policy management.
You can now optionally add trust for specific files for folders in a Device Guard policy. This lets you:
Trust line-of-business apps that cannot be deployed with Configuration Manager
Overcome issues with managed installer behaviors
Trust apps that are included in an operating system deployment image
|SSAS||SQL Server DBA|
|Team Foundation Server||BizTalk Server Administrator|