Integrate Windows 10 Upgrade Readiness with SCCM – Part 2

3
Windows 10 Upgrade Readiness Integration With SCCM

In this post we will see step by step configuration to integrate Upgrade readiness with SCCM. Finally, we will verify the result in SCCM console. This post assume that you have a valid Azure Subscription, SCCM CB 1610+ with service connection point role and OMS workspace.

This is a series of posts as listed below:-

    1. Define Windows 10 Upgrade Readiness Architecture with SCCMPart 1
    2. How to integrate Windows 10 Upgrade Readiness with SCCMPart 2
    3. Configure Telemetry for Upgrade Analytics/Readiness with Intune & SCCM – Part 3

The following 3 high levels steps are required for SCCM Upgrade Analytics and Upgrade Readiness integration. We will cover each one in detail.

  1. Create an application in Azure AD that SCCM can use to access the OMS workspace.
  2. Grant permission to the Resource Group which contain Azure AD application that the OMS workspace uses.
  3. Finally configure Upgrade Analytics in the SCCM console.

TL;DR

How to create an application in Azure AD for SCCM to access Upgrade Readiness

  • Login to the Azure Management portal  with Global Admin.
  • Navigate to your Azure Active Directory-> Enterprise applications – All applications.
  • Select “New Application”

Azure new custom application

  • Select “Application you’re developing”

Azure new custom application

  • Click on “New application”

Azure new custom application

  • Type web application name
  • Select Web app /API
  • Type Sign-on URL (you can enter any URL, because this URL’s doesn’t need to be resolvable)
  • Click on “Create” at the bottom to create the application

Integrate Windows 10 Upgrade Readiness with SCCM - Part 2 1

  • Select the application which we created.
  • Click on “Settings->Keys”
  • Type a Key name Description
  • Select a duration
  • Click on Save.The key gets created after clicking Save.We can retrieve this key only from this page.

Azure new custom application key

  • Copy the Key value and keep it with you. It will be needed while configuring the connector in SCCM console.

Azure new custom application key copy

  • Also copy the Application ID and keep it with you.With this we completed Step 1.

Azure application ID

How to configure Azure application permission for SCCM to connect OMS

  • In Azure Portal, we need to configure permission for the custom application which we created in Step 1.
  • Navigate to the resource group.  Select the Resource Group that contains your OMS workspace. Example “test” is my resource group name which have my custom application.
  • Select Access Control (IAM) and Click Add
  • Select the Contributor Role and select custom application which we created earlier. Click Save

Note : Azure console didn’t display custom application in drop down menu by default. Only user objects displayed. I typed first few characters of the application then custom application name displayed.

Azure application Access control permission

  • As shown below, ensure “Contributor” permission is set for the resource group (Test).

Note : I have seen issues if you configure permissions on your custom application directly.

Azure application Access control permission resource group

Configuration of Upgrade readiness in SCCM console

  • Launch SCCM console.Navigate to Administration workspace -> Cloud Services.
  • Right click on the “Upgrade Analytics Connector” node.
  • Select “Create connection to Upgrade Analytics”.

SCCM connection to Upgrade Analytics

  • Update Azure Tenant name, Client ID (application ID) and key. We have already noted these details from step 2.

configuration of SCCM connection to Upgrade Analytics

  • Azure subscription,Azure resource group,OMS workspace details will populate.
  • If details are not populated automatically then re-check Resource Group permission correctly as mentioned in Step 2.

SCCM connection to Upgrade Readiness

  • We completed SCCM and Upgrade Analytics Integration successfully.

SCCM connection to Upgrade Analytics

End result for SCCM Administrator

  • You can verify the dmpdownloader.log.This log helps us to verify the integration between SCCM server Upgrade analytics and OMS Upgrade readiness.

dmpdownloader.log

  • You can check the SCCM console after 48 hr and confirm whether Upgrade Readiness information got updated.

Upgrade Readiness Dashboard sccm Windows devices reporting telemetry

References :-

  1. Integrate Upgrade Readiness with SCCM – Here
  2. Register a new application using the Azure portal – Here
  3. Azure resource group – Here
  4. Manage Windows upgrades with Upgrade Readiness-Here

3 COMMENTS

  1. Hi – Just one question – Is this going to cost money in Azure? I am already spending close to $125 per month in Azure. Don’t have any more budget within home lab to spare.

    Thanks

    Ra,

    • Hi Ram – Do you have OMS workspace already?. As per MS, Upgrade readiness/Windows Analytics solution is not metered and billed by OMS workspace.I suggest to open free support request with MS to get confirmed for your subscription model.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.