Anoop C Nair is Microsoft MVP from 2015 onwards for consecutive 10 years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is Blogger, Speaker, and Local User Group Community leader. His main focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career etc...
SCCM’s latest version (SCCM 1902) introduced many new ways to manage Office 365 ProPlus updates better. SCCM uses the existing Software Update workflow to update Office 365 ProPlus update management.
SCCM’s latest version has a unique dashboard for Office 365 Client management. This dashboard can be used to manage your organization’s Office 365 ProPlus apps.
This post will show how to Deploy and Install Office 365 Software Updates with the SCCM Automatic Deployment Rule (ADR). The video tutorial provides more details.
How to Deploy and Install Office 365 Software Updates with SCCM CB ADR
SCCM has the ability to manage Office 365 client updates and patching. SCCM uses the Software Update workflow to update using the Software Update management workflow. Configuration Manager can update Office 365 ProPlus, Visio Pro for Office 365, Project Online Desktop Client, and Office 365 Business.
SCCM to Deploy and Install Office 365 ProPlus Updates – Video 1
What is the High-level Workflow of O365 ProPlus Updates Deployment via SCCM?
SCCM Office 365 ProPlus Automatic Deployment rule can create an end-to-end workflow. This will help us to automate Office 365 app installation and management. I have another post on How to Deploy and Install Office 365 Applications via SCCM CB.
1. Office publishes Office 365 app update metadata to Microsoft Update service 2. SCCM gets the notification about the updates from Microsoft update services via scheduled WSUS sync 3. SCCM refers to office CDN for file lists and downloads required files for on-prem SCCM server sharing. This can be done using SCCM ADR (Automatic Deployment Rule) or a normal Software update process. 4. SCCM Clients get a new policy to deploy the latest updates for Office 365 apps as per the scheduled deployment
SCCM to Deploy and Install Office 365 ProPlus Updates – Fig.1
What are the Prerequisites to Managing Office 365 ProPlus Updates via SCCM CB?
There are 3 prerequisites to manage Office 365 updates/patches via SCCM CB at a high level. I assume all the devices are managed via SCCM CB and all the SCCM client prerequisites have already been met.
#1 and #2 – Enable Classification and Product for Office 365 Updates
We must enable the following classification and product to manage Office 365 updates via SCCM CB. Navigate via SCCM console – \Administration\Overview\Site Configuration\Sites. Click on Settings – Configure Site Components – Software Update point component – Properties. Go to the Classification tab and enable Updates.
Once updates from the classification tab are enabled (to support Office 365 updates), you can go to the Products tab to enable “Office 365 Client“. More details are available in the video tutorial here.
SCCM to Deploy and Install Office 365 ProPlus Updates – Fig.2
#3 – Enable Client Settings for Office 365 Updates
We must enable the following settings to manage Office 365 updates via SCCM CB. Navigate the SCCM console via \Administration\Overview\Client Settings. Go to Client Settings – Software Updates tab – Enable Management of Office 365 Clients = YES.
How to Create Automatic Deployment Rule for Office 365 ProPlus Updates?
Use Automatic Deployment Rule Wizard (from Office 365 Client Management node) to automate Office 365 application updates/patches through SCCM CB. Using ADR, you can eliminate the repetitive process of creating a Software Update Group, Packages, and Deployments.
You can automatically deploy software updates by adding new ones to an update group associated with an active deployment. You can use an automatic deployment rule (ADR) to create a new deployment for complex scenarios.
Be very careful before creating and implementing SCCM ADR. I recommend testing ADR in a pre-prod environment before implementing it in production. The video tutorial here has end-to-end details about this process.
SCCM to Deploy and Install Office 365 ProPlus Updates – Fig.3
What Should Be the Search Criteria for Office 365 ProPlus Updates?
Search Criteria are the brain of SCCM ADR. When selecting the criteria to add new updates to the existing Software Updates group, it would be best to be careful. In this post, I said the search criteria should include Monthly channel updates for the last month.
Software updates that meet the specified criteria are added to the associated software update group. I have included details of the requirements that I selected below.
Date Released or Revised ==> Last Month
Product ==> Office 365 Client
Title ==> Update – Monthly Channel
Other Office 365 Update Channels as well in the Criteria
Monthly Channel (formerly Current Channel)
Monthly Channel (Targeted)
Semi-Annual Channel (Differed Channel)
Semi-Annual Targeted (formerly First Release for Deferred Channel)
SCCM to Deploy and Install Office 365 ProPlus Updates – Table 1
Remember to hit the PREVIEW button to check whether you get the expected search results. The video tutorial provides more details. Specify the settings for the Automatic Deployment Rule, automatically deploy all software updates found, and approve any license agreement.
SCCM to Deploy and Install Office 365 ProPlus Updates – Fig.4
Specify the Recurring Schedule for the Office 365 ProPlus Updates ADR
You can select “Run the rule after any software update point synchronization” or SCCM CB ADR according to your schedule.
Configure Schedule Details for the Deployment
In this ADR wizard, you need to confirm whether the ADR rule for the Office 365 App update has been completed. The package has been deployed to DPs, the deployment has been scheduled, etc. I selected all the default settings.
Specify the scheduled deployment time. There are 2 options for setting the deployment time. The time can be the client’s local or Universal Coordinated Time (UTC). The default setting is Local client Time. The video tutorial provides more details.
SCCM to Deploy and Install Office 365 ProPlus Updates – Fig.5
Configure Office 365 ProPlus Update Available Time
Specify when software updates should be available for users in the Software Center. Once this ADR rule is run, software updates will be distributed to the DP servers.
Office 365 ProPlus Updates are available to install as soon as possible or per the schedule. I usually set this as ASAP so the user can go into the SCCM CB software center and run.
Installation Deadline for SCCM CB Office 365 ProPlus Updates
In this section of the ADR wizard, you can specify a deadline for required Office 365 updates. The deadline is determined by adding the deadline time to the installation time.
When the deadline is reached, the required Office 365 software updates will be installed on the device. I have selected the Deadline of 7 days from the deployment available time. You can also have a deadline as soon as possible, which will help you deploy apps as quickly as possible on the device.
You have another granular option while setting up the installation deadline. According to user preferences, this deployment is delayed up to the grace period defined in client settings.
More details are available in the video tutorial here.
User Experience – SCCM ADR for Office 365 ProPlus Updates
The default user experience behavior is Hide in Software Center and All notifications. There are loads of granularity options in setting up the deadline behaviour, Device restart behaviour, Write filter handling for Windows Embedded (IoT) devices, and Software updates deployment re-evaluation behaviour upon restart.
If any Office 365 software update in this deployment requires a system restart, run the updates deployment evaluation cycle after the restart.
SCCM to Deploy and Install Office 365 ProPlus Updates – Fig.6
As you can see in the above picture, Office 365 updates are stuck at 50% downloading on Windows 10 machines. I couldn’t find a solution while writing this post. I will update this post whenever I have an update on the resolution or fix for this issue.
References
Ignite Video Deploy Microsoft Office 365 Client using SCCM – here
Manage updates to Office 365 ProPlus with SCCM – here
Troubleshooting Office 365 ProPlus patching through SCCM – here
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
About the Author: Vidya is a computer enthusiast. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She loves writing about Windows 11 and related technologies. She is also keen to find solutions and write about day-to-day tech problems.
Let’s find the best way to Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM. This is the best and easiest method to deploy and install all the Microsoft 365 apps to Windows 11 or 10 devices.
The latest version of SCCM makes creating Office 365 ProPlus client packages accessible. In this post, you will learn how to create an Office 365 ProPlus client application. I have already created a video tutorial to explain the wizard’s process (Install Office 365 ProPlus).
SCCM Learn How to Deploy Install Office 365 ProPlus Applications Configuration Manager ConfigMgr. We can deploy Office 365 ProPlus apps (Word, Excel, PowerPoint, Outlook, etc..) to clients using SCCM CB.
You can start the Office 365 ProPlus application Installer from SCCM version 1702, starting from the Office 365 ProPlus Client Management dashboard.
The new feature will let us configure Office 365 ProPlus installation settings, download files from Office Content Delivery Networks (CDNs), and deploy the files as an application.
What is Office 365 ProPlus Microsoft 365 Apps Client Installer?
The Office 365 client installer is nothing but an installer for Office 365 client applications. Is that a bit clearer? So, which are those Office 365 Client applications? Word, Excel, PowerPoint, OneDrive, Outlook, etc.
OFFICE 365 ProPlus or Microsoft 365 Apps Client installer will help install all these applications to end-user devices like Windows 11, Windows 10, Windows 8, and Windows 7.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM
Start the Office 365 client installation wizard from the SCCM console – \SoftwareLibrary\Overview\Office 365 Client Management dashboard. Click on the + Office 365 Installer to launch the Office 365 installer from the SCCM CB console.
Office 365 client installation files will be downloaded to this location if they do not already exist. Without the internet, you can’t proceed to the 2nd page of this wizard. This is in case you have not downloaded the Office 365 configuration files.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Fig.1
You can set up all the client settings using the “Import Client settings” option in Office 365 Client Installation Wizard. You can import the configuration.xml file to automatically configure all the Word, Excel, PowerPoint, Outlook settings, etc.
Otherwise, you can select the option to manually configure all the settings via the Office 365 or Microsoft 365 apps installation wizard.
Select the List of Office 365 Applications You Want to Install
Select the Office Suite as part of the O365or Microsoft 365 apps installation wizard. There are four office suites available as part of the installation wizard.
Four Office Suites Available as Part of the Installation Wizard
Microsoft 365 Business Basic
Microsoft 365 Business Standard.
Microsoft 365 Business Premium
Microsoft 365 Apps
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Table 1
You will also get an option to select Office 365 ProPlus or Microsoft 365 Applications, including installation. I don’t want to install OneDrive for Business (Groove) application as it’s the old sync client.
The rest of the apps will be installed on the Windows device based on the application selected from the wizard.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Fig.2
Access
Excel
OneDrive for Business
OneNote
Outlook
PowerPoint
Publisher
Skype for Business
Word
You have an option to select additional office products like Visio and Project. For those two products, there is a special licensing option.
Those license options are available in Office 365 Subscription Standard Edition—Volume License and Professional Edition —Volume License. The video tutorial provides more details.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Fig.3
Select Office 365 ProPlus Microsoft 365 Apps Architecture using SCCM
Select the Architecture for Office 365 applications like Word, Excel, PowerPoint, etc. There are two versions: 32bit Vs. 64bit. There are 4 update channels available in the SCCM Office 365 client to install the wizard.
However, these updated models have recently changed. The following are the latest Office365 update models: Monthly Channel (formerly Current Channel), Monthly Channel (Targeted), Semi-Annual Channel (Differed Channel), and Semi-Annual Targeted (formerly First Release for Deferred Channel).
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Video 1
You can select different languages for Office 365 applications. You can choose the language of applications depending on your preference or region. This wizard will help you download the languages that will be downloaded for Office 365.
You can also configure it to “Accept EULA” and auto-activate the applications. You can also have Pin Icons in the Windows 8 and Windows 7 taskbar. The pin option is not applicable for Windows 10 devices. More details are provided in the video tutorial here.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Fig.4
Deployment and Scheduling Options for Office 365 ProPlus Microsoft 365 Apps using SCCM
Deployment options/settings are also part of the Office 365 Client Installation Wizard. You must select the collection you want to deploy the Office 365 client on your SCCM CB environment. Select the content locations or DPs from the Content page.
There are two Office 365 client installation options: mandatory and Optional deployments. You can schedule the deployment according to your organization’s requirements.
General • Collection: All Desktop and Server Clients • Use default distribution point groups associated with this collection: False • Automatically distribute content for dependencies: True
Success: Content (1): • SCCMTP1.INTUNE.COM
Deployment Settings • Action: Install • Purpose: Required • Pre-deploy software to the user’s primary device: False • Send wake-up packets: False • Allow clients to use a metered Internet connection to download content: False
Scheduling • Time based on: UTC • Available Time: As soon as possible • Deadline Time: Disabled • Delayed enforcement on deployment Disabled
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Fig.5
End-User Experience of Office 365 App on Windows 10 Devices
You can see the Office 365 app listed in the Software Center. It was a mandatory deployment and was automatically installed on Windows 10.
All O365 Applications were installed on Windows 10 or Windows 11 Devices. The Office365 update channel is the Current Channel (Monthly channel).
Excel, PowerPoint, Outlook, etc., apps are installed successfully on Windows 10 or 11 devices. However, the Windows 10 device had no internet connection, so the activation didn’t happen automatically.
The License will automatically be assigned according to the user’s subscription. After the installation, you can launch all the applications (Word, Excel, PowerPoint, OneDrive, etc.) from your Windows 10 machine.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Fig.6
The Office 365 Client Management dashboard details the number of managed O365 clients in your SCCM CB hierarchy. The video tutorial provides more details on creating an Office 365 ADR and deploying Office 365 Software Updates.
Example of Office 365 Microsoft 365 Client Installation Wizard Configuration –
Now, let’s learn how to Deploy and Install Office 365 ProPlus or Microsoft 365 Apps using SCCM or Configuration Manager.
User Experience • User notifications: Display in the Software Center and show all notifications • Ignore Maintenance Windows: False • System restart (if required to complete the installation): False • Commit changes at the deadline or during a maintenance win&dow (requires restarts): True
Alerts • Enable System Center Operations Manager maintenance mode: False • Generate System Center Operations Manager alert when a software installation fails: False • Create a deployment alert when the threshold is lower than the following: False • Create a deployment alert when the threshold is higher than the following: False
Sample Configuration.XML file configuration for Office 365
There are a few new application installations, maintenance, and removal technologies. In this post, we are going to see more aboutClick-to-Run technologies.
Click-to-Run is an alternative to the traditional Windows Installer-based (MSI) method. It uses virtualization technology to run an Office product in a self-contained environment. Click-to-run virtualization capabilities are taken from APP-V.
The UWP application comes with various installation options, the most prominent of which are web-based and Windows store-based. Both use the App Streaming Install method to install the application. Office has a UWP app version, which will be available in the Microsoft store.
UWP is dead? This was one of the news spread on Twitter. And the reason for that Twitter news was because of the information about Progressive Web Applications (PWA).
PWA are Web pages designed to work as applications. PWA is supported by Chrome, Edge, and Safari (Apple has also started working on it). PWA is one of the new app technology which I’m excited about.
Office Click-to-Run Installation Options with SCCM
This click-to-run installation technology used in SCCM CB is an alternative to traditional MSI installation. Click-to-run Office client installation is independent of SCCM SUP and WSUS software updates.
As mentioned above, the SCCM console requires an internet connection to download the latest updates from Office CDN. More details about creating a Click to Run Office App in SCCM are available.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – video 2
Office updates via SCCM SUP and WSUS depend on Click-to-Run client installations. If the office is installed using a click to run the installation, you can have office updates or upgrades through SCCM/SUP.
#1 – You should have the latest version of SCCM Current Branch to get a better experience and integration of Office 365 client package creation and Office 365 patches/updates.
#2—You must build two Office 365 ProPlus installation packages in SCCM. One is a Semi-Annual channel, and the other is a Semi-Annual Channel (Targeted).
#3 – Deploy to two deployment groups: a pilot group that receives the Semi-Annual Channel (Targeted) and a broad group that receives the Semi-Annual Channel.
#1 – You should have SCCM 1806 or later to create Office 365 proplus package with an office customization tool. If you have not upgraded to the 1806 version, I recommend reading my previous post, “How to Deploy and Install Office 365 Applications via SCCM CB“.
#2 – The SCCM client Application installation wizard has integrated with the Office Customization Tool. This tool needs an internet connection on the machine where the console is running. This office customization tool renders the online website in the background to create a Configuration.XML file.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Fig.7
#3 – You should have requiredRBAC permissions on the SCCM console to perform Office 365 ProPlus client package creation.
Video Tutorial – Office 365 ProPlus Client Package Creation
The video below provides more details about creating the Office 365 ProPlus package. You can also learn SCCM, Intune, and other device management topics via videos from my new Video Blog website,https://howtomanagedevices.com/.
Deploy Office 365 ProPlus Microsoft 365 Apps using SCCM – Video 3
How to Create Office 365 ProPlus Client Package (Install Office 365 ProPlus)
The following steps will help you create your organisation’s Office 365 Proplus client package. As recommended above, it would be great to create two packages (Semi-Annual and Semi-Annual Targeted) for the Office 365 ProPlus client package.
Launch the SCCM console from an internet-connected machine
Navigate to \SoftwareLibrary\Overview\Office 365 Client Management dashboard
Click on the + Office 365 Installer from the Office 365 Client Management Dashboard
Give the NAME of the Office 365 ProPlus Client Package and the Description of the package
Browse to a location mainly on the file server or SCCM server package source folder
Click on the Next button
This is the primary step in the Office 365 proplus client configuration. Click on the Office Customization tool (More details about the tool are in the section below this post) to customize and import your XML to the SCCM application engine.
As you can see in the screenshot above, you must complete all the above sections to create a configuration.xml file for the Office 365 proplus client package.
Ensure you have a tick mark symbol for all the sections in the Office Customization tool; otherwise, it won’t be able to create the XML file. The video tutorial above provides more details.
In the General section, you need to give a name and Organization details and click the Next button to go to the next section.
You can select the Office 365 product and architecture (x64) you want to deploy in the Product and Releases section. I selected Office ProPlus and Clicked on the Add button. You must also choose which update channel and Version you wish to use for your Office 365 clients. I selected the Semi-Anual Channel for updates.
Select the Language of the Office 365 ProPlus Client you want to deploy. You also need to select the installation options, such as shortcut behavior. Click on NEXT to proceed to the next section of the wizard.
Select the upgrade options from the Update and Upgrade section of the office customization tool. I have enabled the toggle for the Upgrade Office Click-to-run products. Also allows options to Uninstall any MSI versions of the office including visio and project. Click on NEXT.
Complete the Licensing and Activation settings and click on NEXT.
Application Preferences gives IT pros a wide range of customization options for each office product, such as Word and Excel.
Click the Finish button to complete and Review the Office 365 ProPlus client.
Click on the SUBMIT button to IMPORT configuration.xml to the application package.
Click the NEXT, NEXT, NEXT, and CLOSE buttons to finish the Microsoft Office 365 Client Installation Wizard. This wizard takes 30-40 minutes to complete depending on the internet connection.
Deploy this Office 365 ProPlus client package to test machines.
Learn More about The Office Customization Tool
The Office Customization Tool for creating a configuration.XML file that controls Office 365 Proplus client behavior. This tool is an Azure-based cloud service that allows you to create XML configuration files that are used with the Office Deployment Tool. Install Office 365 ProPlus.
Previously, you needed to create the configuration files in Notepad or another text editor. The Office Customization Tool makes this part of the deployment process more accessible and less likely to introduce errors. Now, this tool is also integrated with SCCM version 1806 or later.
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager. SCUP 2017 has four 3rd party software update catalogs.
Dell, HP, Fujitsu, and Adobe are the four third-party software update catalog providers in the SCUP 2017 Preview version.
In previous blog posts and video tutorials, I explained the installation, configuration, and integration process of SCUP with SCCM.
This post will show how “How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB“. We must follow the same process for publishing HP and Fujitsu software updates.
How to Publish Dell BIOS Firmware Updates Via SCUP and SCCM CB
Dell Software updates Catalog (Bios, Drivers and Applications, Firmware) are added to the SCUP console. Click on the Dell Folder and expand the Dell folder to see subfolders.
How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager ConfigMgr – Video 1
How to Add Dell Software Update Catalog to SCUP
Open the SCUP 2017 console. Navigate to “Update Workspace—Overview” and click Add Partner Software Updates catalogs. Select Dell and click on the Add button.
This will add the Dell updates to the SCUP database. Dell updates include Dell Bios, Drivers, Applications, and Firmware updates.
How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager ConfigMgr – Fig.1
How Do you Publish Dell Software Updates to SCUP, WSUS, and SCCM CB?
Dell Software updates Catalog (Bios, Drivers and Applications, Firmware) are added to the SCUP console. Click on Dell Folder. Expand the Dell folder to see subfolders. Select the updates from the right pane of the SCUP console that you want to publish to SCCM CB.
Specify the publish option—There are three options while posting updates: Automatic, Full content, and Metadata Only. I usually recommend selecting the Automatic option. The reasons for choosing the Automatic option are given below. This has been shown in the videohere.
Click Automatic to all updates publisher to query SCCM to determine whether the selected software updates are published with full content or only metadata.
In this mode, software updates are only published when they meet the client request count and package source size thresholds specified on the SCCM server page of the Options dialog box. Automatic is available only when SCCM integration is selected on the SCCM server page.
Select the checkbox at the bottom of the SCUP publish wizard. When published software updates have not changed, but their certificate has changed, this checkbox will sign all software updates with a new publishing certificate.
How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager ConfigMgr – Fig.2
How to Select Dell Products from SUP Component Properties in SCCM?How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager ConfigMgr
Once the updates are published from the SCUP console, you can go to the SCCM CB console to configure the rest. Navigate SCCM console – \Administration\Overview\Site Configuration\Sites.
Click on Settings—Configure Site Components—Software Update point component—Properties. Go to the Products tab and Select Dell, Bios, Drivers and Applications, and Firmware. This is the same thing I showed in the video.
Dell
Bios
Drivers and Applications
Firmware
How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager ConfigMgr – Table 1
How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager ConfigMgr – Fig.3
Once the appropriate products are selected, navigate \Software Library\ Overview\Software Updates in the SCCM CB console. Right-click on the Software Updates node & select Synchronize Software Updates.
This will help sync and get the Dell updates to the SCCM CB console. WsyncMgr.log will provide you with the details about Dell updates.
How to Deploy Dell Updates via the Software Updates Deployment Method?
As shown in the video, select all the Dell Bios and Firmware updates you want to deploy from the All Software Updates node. Once selected, right-click those updates and click on Deploy.
How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager ConfigMgr – Fig.4
For Dell software updates, you must provide the Deployment name and software update group name. On the next screen, select the collection name from the list.
The members of that collection will get the Dell software updates deployment. Schedule the deployment and make sure you set a good user experience.
Also, provide the new Dell software update package name and the shared folder location to store the Dell software updates. You also need to select the DPs to distribute this package.
Example of the Dell Software Update Deployment via SCUP and SCCM – How to Deploy Dell Bios Firmware Updates Via SCUP and SCCM CB Configuration Manager ConfigMgr
It would be best to have an internet connection to the server to download the Dell updated from Dell. Otherwise, you must have already downloaded the binaries from Dell and stored them in a shared location, as shown in the video here.
Do you want to download these Dell software updates in different languages? If so, you can select other languages on the Language Selection page.
• Dell Latitude 10 ST2 System BIOS,A09 0XM7C(Article ID) • Dell Latitude 10 ST2e System BIOS,A07 T47W6(Article ID) • Dell Latitude 12 Rugged Extreme 7204 System BIOS,A11 J6PG2(Article ID) • Dell Latitude 12 Rugged Tablet,A15 X2GXX(Article ID) • Dell Latitude 3180/3189 System BIOS,1.1.1 M6HF7(Article ID) • Dell Latitude 3330 System BIOS,A08 800F5(Article ID) • Dell Latitude 3340 System BIOS,A13 48CH6(Article ID) • Dell Latitude 3350 System BIOS,A09 0468G(Article ID) Success: General: • Deployment Name: 3rd Party Updates SCUP - Dell Software Updates • Collection: All Desktop and Server Clients Deployment Settings: • Send wake-up packets: No • Verbosity Level: Only success and error messages Scheduling: • Deployment schedules will be based on: Client local time • Available to target computers: 23-09-2017 07:25:00 • Deadline for software update installation: 30-09-2017 07:23:00 • Delayed enforcement on deployment: False User Experience: • User Notifications: Display in Software Center and show all notifications • Install software updates outside the maintenance window when deadline is reached: No • Restart system outside the maintenance window when deadline is reached: Suppressed • If a restart is required it will be: Allowed • Commit changes at deadline or during a maintenance window (requires restarts): Yes • If any update in this deployment requires a system restart, run updates deployment evaluation cycle after restart: No Alerts: • On software update installation error generate a Window Event: No • Disable Window Event while software updates install: No Download Settings: • Computers can retrieve content from remote distribution points: No • Download and install software updates from the fallback content source location: Yes Package: Success: The software updates were placed in a new package: • 3rd Party Updates SCUP - Dell Software Updates Success: Content (1): • SCCMTP1.INTUNE.COM Software updates downloaded from the internet Success: Dell Latitude 10 ST2 System BIOS,A09 Success: Dell Latitude 10 ST2e System BIOS,A07 Success: Dell Latitude 12 Rugged Extreme 7204 System BIOS,A11 Success: Dell Latitude 12 Rugged Tablet,A15 Success: Dell Latitude 3180/3189 System BIOS,1.1.1 Success: Dell Latitude 3330 System BIOS,A08 Success: Dell Latitude 3340 System BIOS,A13 Success: Dell Latitude 3350 System BIOS,A09 Language Selection: English
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Let’s discuss the SCCM Management Insights Configuration Manager ConfigMgr Details. SCCM team introduced a new feature called Management Insights with SCCM CB 1708 preview version.
I mentioned the management insights feature in my previous post, “SCCM CB 1708 Preview Upgrade Video Guide and New Features”. In this post, we will look at the details of management insights, and you will get some ideas about SCCM CB Management insights. Video tutorial here.
Management Insights will help you gain valuable insights into the current state of the SCCM CB environment based on data analysis in the site database.
One of the scenarios in the management insight would be useful for better understanding your environment and taking action based on that insight.
I hope the SCCM team will include loads of other data or details into management insights in future releases of SCCM CB. You don’t have to dig into the SQL Database and run SQL queries to find out these details anymore!
Where Can You Find the Node for SCCM CB Management Insights?
Navigate through SCCM CB 1708 preview console – \Administration\Overview\Management Insights\All Insights. I have explained this in the video tutorial here.
How Do We Find Applications without Deployments in the SCCM CB Environment?
You can find the details or list of applications without deployments from the SCCM CB console. This is under \Administration\Overview\Management Insights\All Insights – Application without deployments node.
I have explained the scenario in the video tutorial here. From the Application without the deployment node, you will get an option to delete the application directly.
You don’t have to go to the Software Library—Applications node to delete a particular application without deployment.
The last run time tab will tell you the last time the rule ran against your SCCM CB site database. To simplify the list of applications, we can find the list of undeployed applications.
How to Find Out Applications without Deployments in the SCCM CB Environment?
How Do You Find Empty Collections in the SCCM CB Environment?
The details or list of Emptycollections can be found in the SCCM CB console. This is beneficial information, as you no longer need to dig into SQL DB and run SQL queries to find these details.
This is under \Administration\Overview\Management Insights\All Insights – EMPTY Collections node.
In the following screenshot, you can see the list of empty collections of the SCCM CB environment from the management insights node in the SCCM console.
You may also delete the empty collections from the “Management Insights – All Insights – Empty Collections” node.
You can Right-click on the empty collection and delete it. Otherwise, you can select the collection you want to delete and click the “Delete” button from the ribbon menu of the SCCM CB console. More details in the video tutorial are here.
Is SCCM CB Management Insights not Working as Expected?
Check out the log SMS_CLOUDCONNECTION.log and look for any error in the log file. Registry Key details of SCCM CB management insights component:- HKEY_LOCAL_ MACHINE \SOFTWARE \Microsoft\SMS\Components\SMS_CLOUDCONNECTION.
ERROR: Found exception System.IO.FileLoadException: Could not load file or assembly 'Microsoft.ConfigurationManager.ManagementInsights.MIWorker, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Strong name validation failed. (Exception from HRESULT: 0x8013141A)~~File name: 'Microsoft.ConfigurationManager.ManagementInsights.MIWorker, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' ---> System.Security.SecurityException: Strong name validation failed. (Exception from HRESULT: 0x8013141A)~~The Zone of the assembly that failed was:~~MyComputer~~ at System.Reflection.RuntimeAssembly._nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, RuntimeAssembly locationHint, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)~~ at System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(AssemblyName assemblyRef, Evidence assemblySecurity, RuntimeAssembly reqAssembly, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean throwOnFileNotFound, Boolean forIntrospection, Boolean suppressSecurityChecks)~~ at System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, IntPtr pPrivHostBinder, Boolean forIntrospection)~~ at System.Reflection.RuntimeAssembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection)~~ at System.Reflection.Assembly.Load(String assemblyString)~~ at Microsoft.ConfigurationManager.TaskExecutionManager.TaskExecution.InvokeWorker(String assemblyToLoad, String typeToLoad, String componentName)
What is SCCM CB Management Insights – Find Out Unused Collections and Applications
The Management Insights node in the SCCM CB console. This feature will help you maintain SCCM infra. At the moment, it will help you get the details of EMPTY collections and Applications without deployments.
SCCM Management Insights Configuration Manager ConfigMgr Details – Video 1
References
SCCM CB 1708 Preview Upgrade Video Guide and New Features – Here
Update 1708 for Configuration Manager Technical Preview Branch – Available Now! – here
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Let’s discuss how to Troubleshoot and Fix Intune Issues with Easy Steps. Intune troubleshooting is easy with the Azure portal. You should start with the “Microsoft Intune—Help and Support” page in the Intune portal whenever you face any issue with Intune.
This post will see “How to start Troubleshooting Intune Policy Deployment Issues from the Intune portal.” For more tips, see Troubleshoot Intune Issues.
Update 20-Jan-2018 – When you have an iOS device and want to perform the Intune side of troubleshooting, Microsoft released an excellent document here, “Troubleshooting iOS device enrollment problems in Microsoft Intune.”
How Do You Check the Status of the Intune Service? – Troubleshooting Intune Issues
When you have a major issue with Intune managed devices, the first place is to look at the current status of the Intune and other dependent services. You can check that from the Intune Tenant Admin – tenant status tab from the MEM Admin Center portal.
Under the Tenant status tab, there is a link to check the status of your Intune and other services for your tenant. Intune service status – See the current level of the service where you can get the position.
You can check Intune service health for your tenant from the Service Health and Message Center tab. The Intune message center also provides details about new changes and related information.
How to Start Troubleshooting Intune Issues Fix Intune Issues with Easy Steps – Fig.1
How to Start Troubleshooting Intune Policy Deployment?
When you significantly impact all Intune-managed devices/users, ensure that the tenant’s health is OK. Once you are sure there is no issue from the Intune service side for your tenant, it’s time to proceed with your policy assignment and other detailed troubleshooting.
When the issue is NOT impacting all devices or users, it’s better to start with the second stage of Intune troubleshooting.
Troubleshoot +Support is the tab from the MEM admin center portal. Select one of the users having issues with application or policy deployment. For example, when a user is not getting the application assigned to AAD Group. Another example is that the user is not compliant with the configuration policies assigned.
How to Start Troubleshooting Intune Issues Fix Intune Issues with Easy Steps – Fig.2
I selected Anoop Nair as the user. All the details of this user will be available in the troubleshooting tab. This will help the Intune admin to confirm whether we have targeted all the applications and policies to correct AAD groups. You can check and confirm whether the user.
You can check and confirm whether the user
Does the user have a valid Intune license or not
Is the user part of the correct AAD group or not
Is the Device compliant or not
Status of Company Data Removal/wipe from a device
How to Start Troubleshooting Intune Issues Fix Intune Issues with Easy Steps – Table 1
Another set of user details you can check in the troubleshooting tab of Intune Blade is the Principal name of the selected user and Email ID. All the other information available in the Intune troubleshooting blade are
Intune license assigned to a user or not
Whether Devices compliant status
Whether apps are in a compliant state or not
Azure AD Group membership for the user
Mobile Apps Assignment to the user
Compliance policies deployed or assigned to users
App protection status for the devices
Configuration profile deployment status for the user
List of the devices for that user and status of devices
There are some red icons, as seen in the video tutorial and the screenshot below. Those red icons could indicate potential issues with application or policy deployments. I could see problems with Anoop’s Android device. The app protection status does not look suitable for Android devices. The Intune troubleshooting blade provides a valuable report that “31 apps non-compliant“.
How to Start Troubleshooting Intune Issues Fix Intune Issues with Easy Steps – Video 2
Intune Troubleshooting Blades has six (6) Assignment categories. Each type provides details about the user assignments. If some terms are missing, we need to examine the targeting AAD groups of those policies.
Mobile Apps
Compliance Policies
Configuration Profiles
App Protection Policies
Windows 10 Update Rings
Enrollment Restrictions
How to Start Troubleshooting Intune Issues Fix Intune Issues with Easy Steps – Fig.3
The above information is essential to start Intune troubleshooting from the Azure portal. From the troubleshooting tab, we can directly access details of each assigned policy for that user. We can also look at the device properties and hardware information for more detailed troubleshooting.
For example, you have started a company data wipe action for a device, but the device or user can still access the corporate mail from the device. Intune admin can directly search for the user from the Intune troubleshooting session and get all the user’s device details. Once the device is identified, you can check the following information about it.
Device name, Managed by, Azure AD join type, Ownership, Intune compliant, Azure AD compliant, OS, OS version, and Last check-in.
How to Start Troubleshooting Intune Issues Fix Intune Issues with Easy Steps – Fig.4
Last Check-In details are essential in this device retirement or company data wipe troubleshooting scenario. The previous check-in details will tell you when the device was in touch with Intune service for the last time. You can check the Company Data Removal action, Factory reset details, and status from the Intune troubleshooting blade.
The Intune Troubleshooting Blade is a one-stop shop for all the troubleshooting activities related to Intune device management, compliance policies, configuration profile deployments, etc.
How Do You Raise a Free Intune Support Case for Intune Issues?
Microsoft provides an option to raise a support case for Intune issues from the Intune MEM admin center portal’s Help and Support tab. The charges for these support cases are directly linked to your Intune subscription contract.
There is an option to raise an Intune support case with Microsoft’s exclusive contract. I recommend using premier contract support for high-impact Intune issues and if you need immediate help.
How to Start Troubleshooting Intune Issues Fix Intune Issues with Easy Steps – Fig.5
Severity options are essential while raising an Intune support case. Severity options should be selected based on the impact of the issue. Also, depending on the severity of the problem, the response time will vary. There are three categories, as you can see below:-
C- Minimal Impact – The issue impacts only a few users, devices, etc.
B—Moderate Impact—These issues can become critical in a couple of days if they aren’t resolved ASAP.
A – Critical Impact – Priority issues that are impacting a whole lot of users
How to Troubleshoot Windows 10 MDM Policy Deployments – here
Intune Support Case Severity Levels and Response time – here
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Let’s discuss how to Schedule iOS Automatic Updates Using Intune Policies. Do you have supervised iOS devices managed through Intune?
If so, you may know that iOS software updates will force installation updates on supervised mode iOS devices. Intune has a new policy to prevent/delay these force updates.
This option will also give more granular control over iOS software updates. This post will discuss how to Prevent iOS Automatic Updates Using Intune Policies.
New options have been added to the automatic iOS and iPad OS updates. The following are the exciting options available for this update.
How to Create iOS Software Update Policies in Intune? iOS Automatic Updates Using Intune
This Intune policy will help delay iOS automatic updates. iOS devices should be part of the Apple DEP program and managed through supervised mode. Create a profile to force assigned devices to automatically install the latest iOS/iPadOS updates.
These settings determine how and when software updates deploy. This profile doesn’t prevent users from updating the OS manually, which can be controlled for up to 90 days with a device configuration restriction policy. Updates will only apply to devices enrolled through Apple’s Automated Device Enrollment (ABM or ASM).
How to Create iOS Software Update Policies in Intune
Login to the MEM Admin Center portal
Navigate via the Devices – iOS/iPad Update Policies (Update policies for iOS/iPadOS)
Click on + Create update policy
From the Update Policy Settings page for iOS/iPad OS update – The version of iOS/iPadOS to install on devices at the time of update
How to Schedule iOS Automatic Updates Using Intune Policies – Table 1
You can create a new policy with a proper name and description of the policy. This policy will prevent iOS Automatic Updates from forcefully getting installed on supervised iOS devices.
How to Schedule iOS Automatic Updates Using Intune Policies – Fig.1
Update Policy Schedule Settingsfor iOS/iPad OS Devices
Update policy schedule settings: By default, when an iOS/iPadOS Software Updates policy is assigned to a device, Intune deploys the latest updates at device check-in (approximately every 8 hours).
You can instead create a weekly schedule with customized start and end times. If you choose to update outside the scheduled time, Intune won’t deploy updates until the scheduled time ends.
Select Type and Schedule for iOS update (When the updates will occur. Additional input is required to schedule updates during or outside of scheduled times)
Update at next check-in
Update During the scheduled time
Update Outside of the scheduled time
How to Schedule iOS Automatic Updates Using Intune Policies – Fig.2
Update During the scheduled time, stop updates from being installed at any random time. By configuring this policy, you can delay the software update (automatic update) of iOS on the device.
Weekly Schedule-> TimeZone, Start Day, Start Time, End Day, End Time
You can select the Time zone, Date, and time for iOS/iPad OS updates. Select the time zone of the targeted devices – In this section, you must select the Time Zone of the devices you want to target for this policy. For the India Time Zone, I selected UTC+5:30.
Start Time—Select the beginning of the interval to stop iOS software updates from Installing on supervised iOS devices. You usually don’t want to install software updates on iOS devices during business hours. This will help you schedule iOS phone updates via Intune policies.
End Time – Select the end of the interval to stop iOS software updates from installing on supervised iOS devices.
Start Day of the update: You can select any day of the week from the start and end day options, from Sunday to Saturday. End the Day of the iOs/iPad OS update by selecting any day between Sunday and Saturday.
How to Schedule iOS Automatic Updates Using Intune Policies – Fig.3
You can select the iOS/iPad updates outside the scheduled time. You must set a scheduled time when you don’t want this update to happen on iOS devices. The update will be initiated outside the scheduled time configured below.
How to Schedule iOS Automatic Updates Using Intune Policies – Fig.4
How to Deploy or Assign Intune iOS Software Update Prevention Policy?
Once the Intune iOS Automatic Updates prevention Intune Policy is created, you can start assigning this policy to Azure AD Device groups. Deploy Updates Prevention Policy to iOS Devices.
Select Assignments—Click on Select Groups to find the appropriate Azure AD group to target the iOS update prevention policy. Once the policy is deployed to devices, the iOS software update will be postponed.
It would help to be careful about the policy settings while targeting the AAD device groups. In the policy configuration, there is an option to configure the devices’ time zones. Time zone configuration in this policy is a bit tricky.
Reporting options for iOS update policies in Intune are coming soon.
How to Schedule iOS Automatic Updates Using Intune Policies – Video 1
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Let’s understand the differences between SCCM Package Vs Application 32 Vs 64 Context. Discussing the differences between SCCM CB packages and the application model is not new.
I have seen several posts and discussions about the advantages of using an application model rather than “classic” packages. Let’s see more details about the SCCM Package Vs. Application.
I recommend using applications rather than packages for several reasons. I’m not getting into the details of the advantages of using the SCCM CB application model.
In this post, we will see a video experience of the SCCM CB package running in 32-bit and the application running in a 64-bit context. SCCM 2007 was a 32-bit application, and if I understand correctly, SCCM 2007 packages always run in a 32-bit context.
SCCM CB Package Runs in 32 Bit Context and Application in 64-bit– SCCM Package Vs Application 32 Vs 64 Context
In this video, you will get all the details about the SCCM CB Package Runs in 32 Bit Context and Application in 64 Bit. Create and RUN Powershell script almost in real-time through the SCCM CB version. Real-time example scenarios are explained in the video.
SCCM Package Vs Application 32 Vs 64 Context – Video 1
History of SCCM Packages?
This could be because the package implementation is simply a 32-bit code. The packages can’t run in a 64-bit context. Is this true for SCCM CB as well?
SCCM Package Vs Application 32 Vs 64 Context – Fig.1
Per my testing and video tutorial here, the packages in SCCM CB always run in a 32-bit context. This statement is true for Windows 10 32-bit and 64-bit machines. It won’t be easy to understand and reproduce this scenario when deploying MSI or EXE applications as a package.
The MSI/EXE applications, packaged to run only with 32-bit, will work fine with SCCM CB packages. However, these apps will fail when trying to convert these 32-bit packages into a new application model.
To fix this issue, we need to enable an option in the SCCM app model (Deployment type properties) called “Run installation and uninstall the program as 32-bit process on 64-bit clients“.
Programs
Run installation and uninstall the program as 32-bit process on 64-bit clients
SCCM Package Vs Application 32 Vs 64 Context – Table 1
SCCM Package Vs Application 32 Vs 64 Context – Fig.2
How to Confirm SCCM Packages Run with a 32bit Code?
I created a PowerShell script to use package options in SCCM CB. Navigate \ Software Library \ Overview\Application Management\Packages” and right-click and create a package with the PowerShell script. Deploy the script to a Windows 10 64bit machine.
When we deploy the PowerShell script to a Windows 10 64-bit machine, the Windows PowerShell 32-bit application is executed, as shown in the video above. This proves that the SCCM CB package uses 32-bit code, which can’t run in a 64-bit context.
You can deploy 64-bit MSI/EXE/Scripts using SCCM packages. The best method is to run the package from the SysNative context. Sysnative is a virtual folder that will help us access the 64-bit System32 folder from a 32-bit application or script.
SCCM Package Vs Application 32 Vs 64 Context – Fig.3
SCCM CB Software Center client is still a 32-bit application. The app SCClient(32-bit) is visible in the above picture. This proves that the new software center is a 32-bit client on a Windows 10 64-bit machine.
How to Confirm SCCM Applications Run with 64-bit Code?
SCCM CB application always runs in a 64-bit context. By default, all the applications created using the SCCM CB app model use 64-bit context to start the execution. Your 32-bit application will fail if you create and deploy an SCCM application to clients.
When a specific requirement to run within a 32-bit context exists, you need to enable the following option: “Run installation and uninstall the program as a 32-bit process on 64-bit clients.” You can find this option in Application—deployment type properties.
To prove SCCM applications use 64bit context to run MSI/EXE/Scripts, I have created an application via \Software Library\Overview\Application Management\Applications. I used the same PowerShell script (which I used to develop the SCCM package). Deployed application to Windows 10 device.
As you can see in the video here, I initiated the PowerShell execution from the software center. The PowerShell script (Windows PowerShell) runs within a 64-bit context. When deployed as an SCCM package, the same PowerShell script ran in a 32-bit context.
SCCM CB Task SequenceRuns within a 64bit Context
The Task Sequence in SCCM CB runs within a 64-bit context. However, the SCCM CB TS engine provides a similar option for applications to run 32-bit applications/scripts.
The option is to enable the following: “Run installation and uninstall the program as 32-bit process on 64-bit clients“.
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Let’s discuss the SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr. SCCM CB fast channel has an option to push PowerShell scripts to devices. These PowerShell scripts can be pushed almost in real time.
The video tutorial attached above explains this real-time push of the RUN PowerShell script. This post will see “SCCM Run Scripts options and architecture“.
For more details about the run PowerShell script option, refer toSCCM CB Run PowerShell ScriptDirectly from the Collection post.
SCCM 1810 Updates – Improvements in SCCM Run Scripts
There have been many improvements to SCCM run script deployment in recent releases. One of the latest releases is SCCM 1810, and the following are some upgrades that Microsoft brought in.
With SCCM 1810, you can view detailed script output in raw or structured JSON format. The following SCCM script performance and troubleshooting improvements apply from the SCCM 1810 version onwards:
Updated SCCM 1810, clients return output of less than 80 KB to the site over a fast communication channel. This change increases the performance of viewing script or query output.
Additional logs for troubleshooting, as I mentioned in the CMPivot post.
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Fig.1
What is the Process of Pushing PowerShell Scripts using the SCCM Right Click Option?
SCCM CB 1706 supports pushing normal PowerShell scripts using this method. However, the SCCM team included two new features in the Run Script option in SCCM CB preview releases. The architecture details of SCCM Run Scripts are explained.
Enable the Create and Run Script feature
Import PowerShell Script
Approve or Decline the PowerShell Script
Right-click on Device Collection and run the script
Get the status of PowerShell script execution via the Monitoring workspace
Read parameters from the PowerShell script.
The capabilities of PowerShell script parameters have been improved. They now detect mandatory and optional parameters and prompt you to enter mandatory and optional parameters.
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Fig.2
Why is the “Script” Node Not Visible in the SCCM CB Console?
Create and Run Script is a pre-release feature of SCCM CB 1706. The script node is visible in the Software Library workspace. So, if you have not enabled this feature from “Administration – Updates & Servicing – Features, “Navigate through the console path \Administration\ Overview\Updates and Servicing\Features. Right-click on the “Create and Run Script” feature and select Turn On.
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Fig.3
How to Import PowerShell Script to SCCM CB?
As I explained in the video, navigate the SCCM console Software Library workspace (“\Software Library\Overview\Scripts”) and click on the Scripts node. Right-click on the script node and select the Create Script option. Script wizard will guide you through importing PowerShell script to SCCM CB.
Provide the appropriate Script name, “Create Files and Folders.” The supported script language is ONLY PowerShell now. We may soon have some other supported options. Don’t expect SCCM to check the PowerShell script syntax errors before importing.
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Fig.4
How to Approve PowerShell Script via Fast Channel Push Method?
The SCCM team included an approval flow into the Run Script engine to avoid accidental PowerShell script pushes to devices. By default, you can’t approve your PowerShell script.
To enable the approval script option to yourself, you must disable the following option from Hierarchy settings properties “Do Not Allow Script authors to approve their scripts“.
You can right-click on the script you want to execute and select the Approve/Deny button. The Approve or Deny script wizard will walk you through the script Approval process. The video guide has more details.
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Fig.5
How to Execute the PowerShell Script via SCCM CB Fast Channel using the Push Method? SCCM Run Scripts?
Once SCCM approves the Script, that script will be available for execution. The PowerShell script is initiated from “\Assets and Compliance\Overview \Device Collections” in the SCCM CB console.
Select the device collection you want to target to execute the PowerShell script and right-click on the group – select the Run Script (SCCM Run Scripts) option.
The Run Script wizard will not show all the PowerShell scripts imported into SCCM. It will only show the scripts that admins have approved. You can select one approved script at a time from the SCCM Console.
How to Execute the PowerShell Script via SCCM CB Fast Channel
Device Collections
All Desktop and Server Clients
Run Script
Confirm the Script Execution Details
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Table 1
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Fig.6
End-User Experience of Run PowerShell Script via Fast Channel Push Method?
Once the script is initiated for a collection, all the devices with the correct SCCM client version (SCCM CB 1706 and above) will get a push notification to execute a script (SCCM Run Scripts). The SCCM client Windows 10 devices will immediately execute the script on the device.
As you can see in the video here, I initiated a file and Folder creation script for Windows 10 devices. The SCCM client received a notification from the notification server and immediately executed the script on the Windows 10 machine.
The script created 20 files and folders in the C drive root of the Windows 10 device. I have another post explaining troubleshooting of running a script, “What is Fast channel push notification“.
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Fig.7
How to Monitor the Execution of PowerShell Scripts through Push channel?
Once the PowerShell script is executed on a Windows 10 machine, the client will send the result to the SCCM notification server. You can see the results in “\Monitoring \Overview\ Client Operations”. If I’m not wrong, the operation Name is “Run Script (SCCM Run Scripts)”, and each task will be active for 1 hour.
SCCM CB Run PowerShell Script Directly from Collection Configuration Manager ConfigMgr – Fig.8
References
Video Guide to Troubleshoot SCCM CB Fast Channel Push Notification Issues – here
Fast channel notification and MP replica issues – Here
What’s New With ConfigMgr’s Client Notification Feature – Here
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
SCCM How do you hide tabs in New Software Center Customization? SCCM CB 1708 has introduced new features into software center customization. Earlier, enterprise-level customization of software centers was possible only with Intune subscription.
With the new software center feature, you can customize the software center without an Intune subscription. This post will show SCCM CB How to Hide Tabs in the New Software Center.
In the future version of SCCM CB, the Software center can be customized according to your enterprise customer requirements. The first step toward using new customization features is to enable a new software center policy in client settings.
Also, you must know that “Application Catalog” website support ends with the first update released after June 1, 2018.
SCCM How to Hide Tabs in New Software Center Customization
SCCM Admins can add enterprise branding elements to the software center, which will help specify each tab’s visibility. In the video below, you will get all the details on hiding tabs in New Software Center Customization.
SCCM How to Hide Tabs in New Software Center Customization – Video 1
The First Step to Getting New Customization Options in the Software Center?
Ensure you enable the client setting policy for the “New Software Center”. The SCCM team already documented that the previous version of Software Center will no longer be available.
The new policy can be enabled via client settings, Computer Agent > Use new Software Center.
SCCM How to Hide Tabs in New Software Center Customization – Fig.1
What are the New Features Coming up in the SCCM CB Software Center?
These options are available only with the preview version of SCCM CB 1708. I assume that these features (even more) will be available in the next production release of SCCM CB 1710.
Set Software Center-specific company name
Change/Set a Software Center color theme
Set a company logo
Hide/Disable tabs on Software Center for SCCM client devices
SCCM How to Hide Tabs in New Software Center Customization – Fig.2
What is the Recommendation for Implementing Software Center Changes?
The Recommendation is NOT to change default client setting policies. It’s better to create a new custom client setting policy to test new software centre features and deploy it to pilot client devices. Once you have tried and confirmed that everything is OK with testing new software centre features, you can deploy it to all SCCM CB client devices.
More Details about Logo Setting in SCCM CB New Software Center
Specify settings that apply to all clients in the hierarchy and can be modified by custom settings. You may disable new features for some client devices. You must say NO for the following location: “Select these new settings to specify company information.”
I could see that the following 3 settings of the new software center are disabled when I set NO to the “Select these new settings to specify company information” policy. When you put this policy to YES, you can set Company Name, color Scheme for the Software center can be selected from this option.
Ensure you have the correct logo dimension and size per the following description. Select a logo for the software center. The Maximum dimensions are 100×400 pixels, and the file cannot be larger than 750 kb. This is the information for the 1708 preview version of SCCM CB.
SCCM How to Hide Tabs in New Software Center Customization – Fig.3
How to Hide/Disable Options Tab in the SCCM Software Center
Disabling or hiding the options tab in SCCM CB’s new software center is easy. This option is part of the client-setting policy. It’s better to disable or hide the software center options tab from client devices when you don’t want to allow users to change their work hours settings.
You can disable or hide other tabs of the software center as per your requirements. For example, if you don’t want a user to see the Software update installations, you can turn off the UPDATES tab in the software center and all the tabs mentioned in the list below.
Select NO to disable or hide tabs in the new Software Center for SCCM CB client devices. At least one tab must be set to be visible or should be enabled.
Disable Applications tab
Disable Updates tab
Disable the Operating Systems tab
Disable the Installation Status tab
Disable the Device Compliance tab
Disable Options tab
SCCM How to Hide Tabs in New Software Center Customization – Fig.4
End-User Experience of New Software Center in Windows 10
I have disabled the Updates, Operating System, and Options tabs for my testing. Also, I have changed the colour theme of the new software center and deployed the client setting policies to Windows 10 devices.
The user on that device can see only three tabs in the Software Center: Applications, Installation Status, and Device Compliance.
The user on that device can see only three tabs in the Software Center
Applications
Installation Status
Device Compliance
SCCM How to Hide Tabs in New Software Center Customization – Table 1
SCCM How to Hide Tabs in New Software Center Customization – Fig.5
References
SCCM CB Software Center customization Preview – here
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Let’s discuss the SCCM Reboot Task for Collection of Devices via Fast Channel Push Notification. SCCM CB 1708 version added a new feature called the “Reboot” action to the fast channel push client notification.
SCCM CB preview version 1708 has been released. I have the pleasure of upgrading my lab environment to this preview version.
We can use the SCCM console to identify client devices that are pending reboot. Once identified, the devices can be restarted using a client notification action.
This post will show the Video Experience of the SCCM Reboot Task for the Collection of Devices via Fast Channel Push Notification. The YouTube video tutorial is here.
This video provides all the details of the Reboot Task via Fast Channel SCCM CB 1708. The video details are shown below.
SCCM Reboot Task for Collection of Devices via Fast Channel Push Notification – Video 1
How to Restart Computers from the SCCM Console– SCCM Reboot Task for Collection of Devices via Fast Channel Push Notification
Using the SCCM CB 1708 preview version, you can restart the computers in a device collection. The first step is to identify the computers in a “pending restart” state.
How Do you Find Out the Restart/Reboot of Pending Devices?
Once restart pending devices are identified, right-click on collection or device to initiate the REBOOT action. This reboot action is created via the FAST client notification channel.
SCCM Reboot Task for Collection of Devices via Fast Channel Push Notification – Fig.1
We don’t have a reboot script that can be deployed to machines. Most importantly, this “REBOOT” action is triggered via the PUSH channel of SCCM CB client notification.
SCCM Reboot Task for Collection of Devices
Assets and Compliance
Overview
Devices
All Desktop and server clients
Client Notification
Reboot
SCCM Reboot Task for Collection of Devices via Fast Channel Push Notification – Table 1
SCCM Reboot Task for Collection of Devices via Fast Channel Push Notification – Fig.2
Restart Action Failed on a Client Device?
I initiated a reboot action for the Pending reboot machine, and it didn’t work. Why? I checked the log files and ConfigMgr applet on a Windows 10 machine.
I realized that I had upgraded the SCCM CB server version (5.00.8549.1000) to 1708, but we didn’t upgrade the Windows 10 machine’s SCCM client version (5.00.8542.1000) to 1708.
CcmNotificationAgent.log is the best log to check for troubleshooting fast-channel push notification tasks.
You can check the status of the REBOOT action in the monitoring workspace, the “Client Operations” node in the SCCM console.
The operation name for the REBOOT action is Task 17! But I’m sure this will be changed in the production version of the release. The error logging can be improved because the error message was “Failed to execute task, error 0.”
CcmNotificationAgent LOG with Errors
<![LOG[NetworkInfo: IPAddress 20.20.20.23,fe80::b09e:95a3:172a:4212]LOG]!><time="21:07:18.726-330" date="08-26-2017" component="BgbAgent" context="" type="1" thread="6212" file="bgbconnector.cpp:124">
<![LOG[NetworkInfo: IPSubnet 255.0.0.0,64]LOG]!><time="21:07:18.726-330" date="08-26-2017" component="BgbAgent" context="" type="1" thread="6212" file="bgbconnector.cpp:147">
<![LOG[NetworkInfo: AccessMP SCCMTP1.Intune.com]LOG]!><time="21:07:18.757-330" date="08-26-2017" component="BgbAgent" context="" type="1" thread="6212" file="bgbconnector.cpp:155">
<![LOG[NetworkInfo: IsClientOnInternet 0]LOG]!><time="21:07:18.757-330" date="08-26-2017" component="BgbAgent" context="" type="1" thread="6212" file="bgbconnector.cpp:159">
<![LOG[Update the timeout to 900 second(s)]LOG]!><time="21:07:18.757-330" date="08-26-2017" component="BgbAgent" context="" type="1" thread="6212" file="bgbtcpclient.cpp:916">
<![LOG[Receive signin confirmation message from server, client is signed in.]LOG]!><time="21:07:18.851-330" date="08-26-2017" component="BgbAgent" context="" type="1" thread="6212" file="bgbconnector.cpp:221">
<![LOG[Receive task from server with pushid=1002, taskid=1007, taskguid=5AFF6AEA-67D5-4124-B04F-162FDB0E314E, tasktype=17 and taskParam=]LOG]!><time="21:13:36.115-330" date="08-26-2017" component="BgbAgent" context="" type="1" thread="6212" file="bgbconnector.cpp:312">
<![LOG[Failed to find action instance for task type 17]LOG]!><time="21:13:36.115-330" date="08-26-2017" component="BgbAgent" context="" type="3" thread="6212" file="bgbcontroller.cpp:682">
<![LOG[Failed to execute task, error 0]LOG]!><time="21:13:36.115-330" date="08-26-2017" component="BgbAgent" context="" type="3" thread="6212" file="bgbcontroller.cpp:646">
Results of Successful REBOOT PUSH Task
Upgraded the client version to 5.00.8549.1000 and reinitiated the REBOOT task by right-clicking on a collection – Client Notification – Reboot. This action created a new task for the devices (pending reboot) in that collection through SCCM PUSH fast channel notification.
What is the architecture flow of SCCM CB Fast channel push notification? I have explained fast channel architecture flow in the post here.
The SCCM fast channel push client notification service will immediately notify the client about the task assigned. However, the client won’t be restarted immediately after receiving the task from the notification server component. The SCCM client will check the policy settings for “Computer Restart” and schedule the restart per the policy.
The computer restart policy is 90 minutes by default, and you can customize this policy from the client settings tab. The reboot or restart notification is very well integrated with the “Software Center” experience, which is a great advantage of this feature.
SCCM Reboot Task for Collection of Devices via Fast Channel Push Notification – Fig.3
Resources
Update 1708 for Configuration Manager Technical Preview Branch – Available Now! – here
Capabilities in Technical Preview 1708 for System Center Configuration Manager – here
Video Guide to Troubleshoot SCCM CB Fast Channel Notification Issues – here
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Let’s discuss how to Troubleshoot SCCM Fast Channel Push Notification Issues. The fast channel notification feature has been in SCCM products since 2012 SP1. SCCM fast channel notification was mainly used to notify clients about vital policies, collect inventories, etc.
SCCM CB 1706 introduced the “RUN Script” option through the fast channel push notification. This post will use a video guide to troubleshoot SCCM CB fast channel push notification issues. A video tutorial about SCCM CB fast channel push notification is here.
Let’s understand Fast channel notifications for clients. SCCM Fast channel notification is a “PUSH” method of notifying clients about the new policies. This communication channel for SCCM client fast notification is TCP (port 10123) or HTTP (port 80).
How to Troubleshoot SCCM CB Fast Channel Notification Issues
In the video, you’ll find comprehensive details on troubleshooting SCCM CB Fast Channel Notification issues. This guide will cover scenarios where Fast Channel Notifications may fail or encounter issues within the SCCM environment.
Troubleshoot SCCM Fast Channel Push Notification Issues – Video 1
What is SCCM Fast Channel Push Notification?– Troubleshoot SCCM Fast Channel Push Notification Issues
The SCCM client communicates to its MP every 15 minutes to confirm that it’s still online. When your client does not show as ONLINE in the SCCM console, we may have a problem with the fast notification communication channel.
SCCM Push Vs. Pull
Historically, SCCM uses the PULL method, expecting the client to ask for new policies regularly. But, the fast channel uses the PUSH method. What is BGB in SCCM? BGB = Fast Channel Notification related components. I don’t know whether this notification channel was codenamed “Big Green Button” or not 😉
Troubleshoot SCCM Fast Channel Push Notification Issues – Fig.1
What are the Components of SCCM CB Fast Channel Notification?
SCCM CB fast channel notification has three components. The notification manager will be located along with site servers (Primary/Secondary). It generates “push messages” for clients, sends notifications to the BGB server (MP), and stores the results.
The notification manager initiates push notifications from the site server. The log file BGBmgr.log provides more details about the notification manager. Notification files (*.BOS files) are stored in the INBOX/BGB.box folder. The video tutorial here shows the BOS file being created.
As you can see in the following fast channel notification architecture diagram, when the primary server has an MP component, the notification manager and notification server are also on that primary server.
The notification server will be located along with the Management Point (MP) and secondary sites. It will have TCP and HTTP listeners. These will help listen to the notification manager (DB) push notifications and confirm the client’s online status.
The notification manager pushes result files (*.BTS) from clients. BGBServer.log is the file on the MP setup or site server setup directory.
The Notification Agent is a fast-channel notification component at the SCCM client end. It’s part of the SMS agent (CCMEXEC). The agent establishes a persistent connection with its notification server.
This will receive the PUSH messages from MP. CcmNotificationAgent.log is the log file on the SCCM client device. The log can note MP/Notification server communication errors.
What is the architecture flow of SCCM CB Fast channel push notification?
Troubleshoot SCCM Fast Channel Push Notification Issues – Fig.2
Why is the SCCM CB Client NOT Showing as ONLINE?
The problem is that the SCCM CB client is not showing as ONLINE in the console. Instead, it always stays offline. The problem is ONLY with FAST notification channel communication; normal deployments and policies are working fine.
Troubleshooting of SCCM CB Fast Channel Notification
First, you must ensure all the notification components are installed correctly on the server and client sides. The following log files can confirm this for installation issues and troubleshooting.
Installation Issues and Troubleshooting
SCCM CB Notification Server/Manager
BGBServer.log
BgbHttpProxy.log
BgbSetup.log
BGBisapiMSI.log
Troubleshoot SCCM Fast Channel Push Notification Issues – Table 1
Fast Channel Notification – Server-Side Troubleshooting
I checked the log files on my primary and MP (both are on the same server), and BGBServer.log shows a warning all the time: “WARNING: Notification Server (% systemroot%system32dllhost. exe) with TCP port 10123 is NOT allowed by Windows Firewall on all interfaces I.” But I thought it should work with the port 80 HTTP channel. It was not working as expected.
Following are the extracts of troublesome logs on the BGB notificationserver. BGBServer.log
Starting SMS Notification Server…~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:16:02.005-330> Server GC is OFF~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:16:02.006-330> Trigger to start TCP listener~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:16:02.022-330> The HTTP listener is started~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:16:02.030-330> Listening connections on port 10123. Waiting for clients to connect…~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:16:02.061-330> WARNING: Notification Server (%systemroot%\system32\dllhost.exe) with TCP port 10123 is NOT allowed by Windows Firewall on all interfaces.~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:16:02.062-330> Total online clients: 0 (TCP: 0 HTTP: 0)~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:21:02.039-330> Generated BGB online status FULL report C:\Program Files\Microsoft Configuration Manager\inboxes\bgb.box\Bgb72ul2.BOS (version: 0) at 08/15/2017 01:21:02~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:21:02.055-330> WARNING: Notification Server (%systemroot%\system32\dllhost.exe) with TCP port 10123 is NOT allowed by Windows Firewall on all interfaces.~~
lt;SMS_NOTIFICATION_SERVER><08-15-2017 01:21:02.067-330> Wait 300 seconds for notifications…
The notification agent was running. But, the CcmNotificationAgent.log log showed loads of errors. One of the errors indicated that there could be a communication issue between the server and the client.
Troubleshoot SCCM Fast Channel Push Notification Issues – Fig.3
Error 10060 means ==> A connection attempt failed because the connected party did not appropriately respond after a period, or an established connection failed because the connected host could not respond. BGBAgent component log :-
<![LOG[Bgb client agent is starting...]LOG]!><time="01:23:55.212-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="6372" file="agentendpoint.cpp:238">
<![LOG[BgbController main thread is started with settings: {bgb enable = 1}, {tcp enabled = 1}, {tcp port = 10123} and {http enabled = 1}.]LOG]!><time="01:23:55.259-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="6372" file="bgbcontroller.cpp:126">
<![LOG[Startup random sleep for 1 seconds.]LOG]!><time="01:23:55.290-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbcontroller.cpp:416">
<![LOG[Critical Battery: [FALSE]]LOG]!><time="01:23:56.306-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbcommon.cpp:60">
<![LOG[Connection Standy: [FALSE]]LOG]!><time="01:23:56.306-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbcommon.cpp:61">
<![LOG[Network allowed to use: [TRUE]]LOG]!><time="01:23:56.306-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbcommon.cpp:62">
<![LOG[Access point is SCCMTP1.INTUNE.COM. (SSLEnabled = 0)]LOG]!><time="01:23:56.415-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbcontroller.cpp:276">
<![LOG[CRL Checking is Enabled.]LOG]!><time="01:23:56.431-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbcontroller.cpp:284">
<![LOG[Both TCP and http are enabled, let's try TCP connection first.]LOG]!><time="01:23:56.431-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbcontroller.cpp:792">
<![LOG[Connecting to server with IP: 20.20.20.22 Port: 10123
]LOG]!><time="01:23:56.447-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbtcpclient.cpp:699">
<![LOG[Failed to connect to server with IP v4 address with error 10060. Try next IP...
]LOG]!><time="01:24:17.468-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbtcpclient.cpp:703">
<![LOG[Failed to signin bgb client with error = 80004005.]LOG]!><time="01:24:17.468-330" date="08-15-2017" component="BgbAgent" context="" type="3" thread="5200" file="bgbcontroller.cpp:635">
<![LOG[Connecting to server with IP: 20.20.20.22 Port: 10123
]LOG]!><time="01:25:17.482-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbtcpclient.cpp:699">
<![LOG[Failed to connect to server with IP v4 address with error 10060. Try next IP...
]LOG]!><time="01:25:38.501-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbtcpclient.cpp:703">
<![LOG[Failed to signin bgb client with error = 80004005.]LOG]!><time="01:25:38.501-330" date="08-15-2017" component="BgbAgent" context="" type="3" thread="5200" file="bgbcontroller.cpp:635">
<![LOG[Fallback to HTTP connection.]LOG]!><time="01:25:38.501-330" date="08-15-2017" component="BgbAgent" context="" type="1" thread="5200" file="bgbcontroller.cpp:828">
[CCMHTTP] ERROR: URL=http://SCCMTP1.Intune.com/bgb/handler.ashx?RequestType=Continue, Port=80, Options=224, Code=0, Text=CCM_E_BAD_HTTP_STATUS_CODE
Successfully queued event on HTTP/HTTPS failure for server 'SCCMTP1.Intune.com'.
Failed to post continue request with error code 87d0027e.
Troubleshoot SCCM Fast Channel Push Notification Issues – Fig.4
Fix for SCCM CB Fast Channel Notification Issues
The Firewall port 10123 was not opened between the SCCM client and the primary BGB server. I ran the following command from the client, “Telnet 10123,” and it didn’t work (the port was not opened).
I checked the software and hardware firewalls on the server side and discovered that Windows Firewall was blocking the port communication 10123.
Disabled the Windows Firewall on the notification server for testing and restarted the client agent services (SMS Agent) on the client machine. This helped to resolve the fast channel notification issue with the SCCM CB environment.
In an ideal world, you should exclude/exempt port 10123/80 from the hardware and software firewall between the fast channel notification server and agent. This will help to resolve the issue.
More details are available in the video tutorial here
Troubleshoot SCCM Fast Channel Push Notification Issues – Fig.5
Server Side Logs – After Successful Actions on Fast Channel Notification
I finished sending push tasks (PushID: 1 TaskID: 3) to 1 client and generated the BGB online status DELTA report, two critical lines of SCCM CB fast notification channel server log BGBServer.log.
Fast channel notification and MP replica issues – Here
What’s New With ConfigMgr’s Client Notification Feature – Here
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
Let’s discuss the SCCM CB 1708 Preview Upgrade Video Guide New Features. SCCM CB preview version 1708 has been released.
I enjoy upgrading my lab environment to the SCCM CB 1708 preview version. However, upgrading to SCCM CB preview version 1708 will fail if you have an SCCM primary server in passive mode.
It would help if you remembered that the SCCM ConfigMgr CB technical preview version should not be deployed to a production environment. This post will see the SCCM CB 1708 Preview Upgrade Video Guide. You can find the YouTube video tutorial here.
The SCCM CB preview version is similar to the Windows Insiders program, which helps SCCM admins test the new features of SCCM CB. Before installing this technical preview, you can review the limitations of the SCCM CB version here.
We can’t install the CAS version of SCCM CB with the preview version. The prerequisite for installing the SCCM CB 1708 preview version has not changed.
SCCM CB 1708 Preview Upgrade Video Guide New Features – Fig.1
How to Download SCCM CB Preview Version
The upgrade process is explained in the video tutorial here. Have you installed an SCCM CB preview version? If not, you can download the latest baseline version of ConfigMgr SCCM CB Technical Preview from here. One particular version of the SCCM preview has a maximum validity of only 3 months (90 days).
How to Upgrade from SCCM CB 1707 to 1708?
The SCCM CB update and servicing process are the same as before. Once the latest version of the preview is released, the update will be available in the SCCM console.
The update will automatically download to your server. This behavior depends on the Service connection point (SCP) mode. There are two modes for SCP: ONLINE and OFFLINE.
The next upgrade process step is the replication of new content to secondary servers. Once replication is completed successfully, the update component will start the prerequisite checks on the SCCM CB hierarchy. The prerequisite checks will run on all the site servers and site systems.
Detailed Status for the SCCM Technical Preview 1708
Details
Installation
In progress
Start WMI
Completed
Install Services
Not Started
SCCM CB 1708 Preview Upgrade Video Guide New Features – Table 1
SCCM CB 1708 Preview Upgrade Video Guide New Features – Fig.2
Once prerequisite checks have been completed, the update component will start the actual upgrade/installation process of SCCM CB 1708. After the upgrade process, the post-installation or upgrade process will begin. All these are explained in the video tutorial here.
New Features of SCCM CB 1708 Preview Version
One of the newest features added to SCCM CB 1708 is the ability to create and run scripts with optional parameters. This script deployment is done through SCCM CB’s new fast channel.
Supported Scenarios of Run Script Option Scenarios
There is no need to deploy the script as a package or application; rather, you can directly import the PowerShell script. This Script can be targeted to collections or devices without creating any deployment.
Create and run PowerShell scripts on collections of devices from the Configuration Manager console.
Create and run PowerShell scripts with parameters to devices and collections from the Configuration Manager console.
Create and run PowerShell scripts with optional parameters to devices and collections from the Configuration Manager console.
SCCM Infra Management insights is another option in SCCM CB 1708. This will give you valuable insights into your environment’s current state based on the data analysis in the site database. This will provide the details of EMPTY collections and applications without deploying your environment.
You can view the management insights below – \Administration\Overview\Management Insights.
Scenarios: Review a management insight to understand your environment better and take action based on the insight
SCCM CB 1708 Preview Upgrade Video Guide New Features – Fig.3
The two new features added to SCCM CB 1708 are initiating restarting computers from the admin console and the pending restart column. The restart computer action is also performed through SCCM fast channel notification.
The monitoring workspace in the SCCM CB 1708 console shows a different name for the Restart computer action: Operation Name #17.
SCCM CB 1708 Preview Upgrade Video Guide New Features – Fig.4
References
Update 1708 for Configuration Manager Technical Preview Branch – Available Now! – here.
Capabilities in Technical Preview 1708 for System Center Configuration Manager – here
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
