New Management Capabilities in System Center Configuration Manager Update 1706
SCCM( System Center Configuration Manager) Update 1706 is available as an in-console for the systems installed with the versions-1606, 1610, or 1702. Below listed are some new functionalities added in the update 1706 of SCCM.
- Site Infrastructure
- Compliance Settings
- Application Management
- Operating System Deployment
- Software Updates
- Mobile devises Management and
- Protect Devices
Are You Looking for SCCM 2016? Check Out here for Advanced SCCM Online Training Course
Under this, we can see the following features:
Client peer cache supporting of update files for Office 365 and distribution of express installation files for Configuration Manager Windows 10 is available in this release.
In this update, below are some additional accessibility improvements that have been introduced for the Configuration Manager Console.
|Ctrl + D||Set the focus to the details pane, when available|
|Ctrl + I||Set the focus to the breadcrumb bar, below the ribbon|
|Ctrl + L||Set the focus to the Search field, when available|
|Ctrl + M||Set the focus on the main (central) pane|
|Ctrl + T||Set the focus to the top node in the navigation pane. If the focus was already in that pane, the focus is set to the last node you visited|
|Alt||Change the focus in and out of the ribbon|
Central Administration sites and Configuration Manager Primary sites include Configuration Manager Update Reset Tool which can be used to fix issues when there are downloading or replicating problems in in-console updates.
With this update, the Configuration Manager Console can measure and display different parts of the User Interface when viewed on high DPI devices.
In this release, Azure Active Directory(AD) integration with Configuration Manager is improved in a way that streamlines the configuration of Azure services used with the Configuration Manager
In this updates, below are the new SCCM configuration item settings that have been added for Windows 10 devices that are enrolled with Intune, or managed on-premises by Configuration Manager. The settings are:
Device name modification
Region settings modification (desktop only)
Language settings modification
Power and sleep settings modification
Language settings modification
System time modification
Subscribe to our youtube channel to get new updates..!
Use private store only
Auto-update apps from the store
The store originated app launch
The SmartScreen prompt override for files
Block access to about: flags
Default search engine
SmartScreen prompt override
OpenSearch XML URL
WebRTC localhost IP address
Homepages (desktop only)
New device compliance policy rules
Block USB debugging on the device. You do not have to configure these settings as USB debugging is already disabled on Android for Work devices.
Block apps from unknown sources. Require that devices prevent the installation of apps from unknown sources. You do not have to configure this setting as Android for Work devices always restrict installation from unknown sources.
Required password type. Specify whether the user must create an alphanumeric password or a numeric password. For alphanumeric passwords, you also specify the minimum number of character sets that the password must-have. The four character sets are Lowercase, uppercase letters, symbols, and numbers.
- Windows Phone 8+
- Windows 8.1+
- iOS 6+
- Android 4.0+
- Samsung KNOX Standard 4.0+
Require threat scan on apps.
This setting specifies that the Verify apps feature is enabled on the device.
Android 4.2 through 4.4
Samsung KNOX Standard 4.0+
In Configuration Manager, you can deploy scripts to client devices using packages and programs. In this release, we've added new functionality that lets you take the following actions:
- Run scripts on collections of Windows client PCs, and on-premises managed Windows PCs. You don't deploy scripts, instead, they are run in near real-time on client devices.
- Import PowerShell Scripts to Configuration Manager
- Edit the scripts from the Configuration Manager console (for unsigned scripts only)
- Mark scripts as Approved or Denied, to improve security
- Examine the results returned by the script in the Configuration Manager console.
Beginning with this release, you can use three new mobile application management (MAM) policy settings:
- Disable contact sync: Prevents the app from saving data to the native Contacts app on the device.
- Block screen capture (Android devices only): Specifies that the screen capture capabilities of the device are blocked when using this app.
- Disable printing: Prevents the app from printing work or school data.
Operating system deployment
Collapsible task sequence groups
This version introduces the ability to expand and collapse task sequence groups. You can expand or collapse individual groups or expand or collapse all groups at once.
- Hardware inventory collects Secure Boot information
Hardware inventory now collects information about whether Secure Boot is enabled on clients. This information is stored in the SMS_Firmware class (introduced in SCCM version 1702) and enabled in hardware inventory by default.
- Reload boot images with current Windows PE version
When you run Update Distribution Points on a selected boot image, you can now choose to reload the latest version of Windows PE (from the Windows ADK installation directory) in the boot image.
- Improvements to Express Update download time
In this release, we have significantly improved the download time for Express Updates.
- Manage Microsoft Surface driver updates
You can now use Configuration Manager to manage Microsoft Surface driver updates.
- All software update points must run Windows Server 2016.
- This is a pre-release feature that you must turn on for it to be available.
To manage Surface driver updates
- Enable Synchronization for MS Surface drivers. Use the procedure in Configure classification and products and select the Include Microsoft Surface drivers and firmware updates, a checkbox on the Classifications tab to enable Surface drivers.
- Deploy synchronized Microsoft Surface drivers
- Synchronize the Microsoft Surface drivers.
Configure Windows Update for Business deferral policies
You can now configure deferral policies for Windows 10 Feature Updates or Quality Updates for Windows 10 devices managed directly by Windows Update for Business. You can manage the deferral policies in the new Windows Update for Business Policies node under Software Library > Windows 10 Servicing.
Improved user notifications for Office 365 updates
Improvements have been made to leverage the Office Click-to-Run user experience when a client installs an Office 365 update. This includes pop-up and in-app notifications, and a countdown experience.
- Use Windows Analytics with Configuration Manager
Windows Analytics is a set of solutions that run on the Operations Management Suite. The solutions allow you to form insight into the current state of your environment. Devices in your environment report Windows telemetry data. The data can be accessed through the Operations Management Suite web portal. In the case of Upgrade Readiness, the data is directly available in the monitoring node of the Configuration Manager console.
Mobile device management
Updates to Android for Work sharing configuration
With this release, the values for the Allow data sharing between work and personal profile settings in the Work Profile setting group have been updated. We’ve also added a custom set to block copy-paste between work and personal profiles.
- Android and iOS enrollment restrictions
With this release, you can now specify that users cannot enroll in personal Android or iOS devices. New device restriction settings let you limit Android device enrollment to predeclared devices. For iOS devices, you can block the enrollment of all devices except those enrolled with the Apple Device Enrollment Program, Apple Configurator, or the Intune device enrollment manager account.
- Protect devices
Include trust for specific files and folders in a Device Guard policy
In this release, further capabilities are added to Device Guard policy management.
You can now optionally add trust for specific files for folders in a Device Guard policy. This lets you:
- Trust line-of-business apps that cannot be deployed with Configuration Manager
- Overcome issues with managed installer behaviors
- Trust apps that are included in an operating system deployment image
List of Related Microsoft Certification Courses:
|SSAS||SQL Server DBA|
|Team Foundation Server||BizTalk Server Administrator|