How To Create SCCM Configuration Items Configuration Baselines

Let’s learn how to create SCCM Configuration Items and Configuration Baselines in ConfigMgr. Requirements and how to create a guide of configuration items and baselines in SCCM are explained below. A configuration item is a container in ConfigMgr that stores specific information.

Configuration Items are widely used in the SCCM world for identifying Software Updates, application models, etc.… In this post, I will cover the information that we configure depends on the configuration item type. Configuration items can include the following information:

Detection method information
Settings
Compliance rules
Supported platforms

Note: In this post, I will refer to Configuration Items as CI and Configuration Baselines as CB.

Introduction

The Configuration Item and Baseline can be used to check compliance settings for users and devices. In a larger environment migrating from one Windows 10 version to another, we may be required to check the compliance settings of OS versions, driver versions, applications version, user information, etc. If we found any noncompliance devices or users, we can use CI and CB for remediation.

What is Configuration Items in ConfigMgr

Using CI we can handle device settings. CI’s are not deployed directly to the collections but can be deployed via CB. The Configuration Items in ConfigMgr contain any of the following types which can be used in CB.

Active Directory Query
Assembly
File System
IIS Metabase
Registry Key
Registry Value
Script
SQL Query
WQL Query
XPath Query

What is Configuration Baselines in ConfigMgr

Configuration Baselines in configMgr is collection of CI’s and CB’s. CB can be include at least one or more CI’s to be deployed to device and user collections. Also below items are can be part of CB.

Configuration Items
Software Updates
Configuration Baselines

How to create custom Configuration Items in ConfigMgr

Open Configuration Manager Console. Go to Asset and Compliance -> Compliance Settings -> Configuration Items -> click ‘Create Configuration Item‘

Create Configuration Items How to Create SCCM Configuration Items Configuration Baselines | ConfigMgr

Provide name of CI and select option below and click ‘Next‘.

Select the operating system version for which you want to create the CI and click ‘Next‘.

Click on New to create new settings.

Provide settings Name and select settings type according to the requirement. Here I’m going to check the version of the OS through WQL, so I have selected ‘WQL Query‘ as below.

Click on ‘Compliance Rules‘ tab and press New to create new rule. You can also create compliance rules as next step as well.

Give Name of the compliance rule and provide build number of the Win10 20H2 version on ‘For the following values‘ section and press ‘Ok‘ to finalize.

How to Create SCCM Configuration Items Configuration Baselines | ConfigMgr 1 — Configuration Items compliance rule name

NOTE: You can add a custom PowerShell script to remediate if the CI is non-compliant and can generate the noncompliance report as well by selecting ‘Remediate noncompliant rules when supported‘ & ‘Report noncompliance if this setting instance is not found. In this scenario, I’m using a simple WQL query to detect the OS version.

As next step press ‘Apply‘ -> ‘Ok‘

Press Next -> Next -> Close to complete.

How to create Configuration Baselines

Now, in this section we will learn how to create ConfigMgr Configuration Baseline.

Open Configuration Manager Console. Go to Asset and Compliance -> Compliance Settings -> Configuration Baselines -> click ‘Create Configuration Baseline‘