Microsoft SCCM team released the new production version of SCCM 1802. When you have service connection point is in Online mode. In this post will go through end to end video tutorial SCCM 1802 Upgrade.
Update:- Microsoft already tweaked SCCM 1802 not to block upgrade for DPs running with Windows 2008. Here is the tweet from Djam on this topic.
Other Posts Related to SCCM 1802
- SCCM CB 1802 Enable Third Party Software Update Support
- Review Management Insights of SCCM CB 1802
- List of SCCM CB Prerequisite Checks via ConfigMgrPrereq.log
The 1802 production upgrade process should be initiated from top level sever CAS or stand-alone primary. This upgrade process automatically upgrades child Primary servers, and remote systems system servers (MP, DP, and SUP). Automatic upgrade of SCCM CB secondary site servers is not supported. I also produced a quick review after SCCM CB upgrade to 1802 in this post.
What is the latest Baseline Build for SCCM CB?
SCCM CB 1802 is the latest (NEW) baseline build. You can download SCCM CB 1802 from MSDN or Volume Licensing portal. Once 1802 baseline build is downloaded, then you can build new SCCM infra with 1802. There is two scenario where you can use baseline version.
Use the latest baseline version when you install a new site in a new hierarchy SCCM CB 1802 Baseline version to upgrade from SCCM 2012
SCCM 1802 Upgrade Checklist
Before the start of the SCCM CB Upgrade process, I would recommend going through the following checklist. More details about the SCCM 1802 checklist.
- Make sure your SCCM server infra is supported for SCCM CB 1802. More details here.
- Run the setup prerequisite checker at least one week before the SCCM CB 1802 upgrade
- Plan the upgrade of remote SCCM CB 1802 consoles or the console published in Citrix. Even though SCCM CB 1802 support 1710 console.
- Ensure that all sites run a version of SCCM that supports update to 1802:- Minimum supported version for SCCM CB 1802 upgrade is 1702. If your existing SCCM CB environment is not 1702 or later then, you won’t get SCCM CB 1802 production update in the console.
- Review the version of the Windows ADK for Windows 10 – Make sure your Windows 10 ADK version is 1709 or later. I would recommend updating the Windows ADK 1709 before SCCM CB 1802 upgrade. This helps the default boot images to get automatically updated to the latest version of Windows PE. Also, remember that the custom boot images must be updated manually. More details here.
- Review the backlog of File and SQL based Replication
- Disable database replicas for MP at primary sites (Also, SUP with NLB)
- Set SQL Server AlwaysOn availability groups to manual failover
- Disable site maintenance tasks (backup, delete aged client, and delete aged discovery) at each site (primary and CAS)
- Temporarily stop any antivirus software
- Create a backup of the site database at the SCCM CAS and primary sites
- Plan and Use client piloting for newer version of the SCCM CB 1802 client
How to Start SCCM 1802 Upgrade
I hope, you have already gone through before going through the upgrade process. Login to CAS or stand-alone primary server and launch SCCM CB console. Navigate SCCM console via – Administration > Overview > Cloud Services > Updates and Servicing. Make sure you right click and select “Install Update Pack”.
You can go through the Wizard as I shown in the SCCM CB 1802 upgrade video tutorial. But remember to select pilot collection for new client version deployments. Following is the sample summary of SCCM CB 1802 update package installation in my lab.
Success: Install Update Package Configuration Manager 1802 Prerequisite warnings will be ignored Turn on the following features: • Approve application requests for users per device • Enable third party update support on clients • Support for Cisco AnyConnect 4.0.07x and later for iOS • Phased Deployments Test new version of the client in pilot
Find Out SCCM CB Update Stage IDs and Stage Names
SCCM CB 1802 production Upgrade process is straight as you can see in the video tutorial for 1802 upgrade. Check the status from monitoring workspace (\Monitoring\Overview \Updates and Servicing Status\Configuration Manager 1802) and the logs.
When you have some problem with the download of SCCM CB 1802 production update then, refer to my previous troubleshooting guide. The SCCM 1802 Upgrade usually is super easy but in case. Fix to SCCM CB update Redist Download Issue.
|Stage Id||Stage Name|
SCCM CB 1802 Versions
SCCM CB 1802 Version 1802 SCCM CB 1802 Console Version 5.1802.1082.1700 SCCM CB 1802 Site Version 5.0.8634.1000 SCCM CB 1802 Build Number 8634 SCCM CB 1802 Client Version 5.00.8634.1007
Features Overview of SCCM 1802 Production Release
All the features which are available in SCCM 1802 preview version are not available in the production version of SCCM 1802. This is expected, and I noted this in the previous post about SCCM CB 1802 preview. I’m pointing out the features which are listed down in the following path of SCCM console.
\Administration\Overview\Updates and Servicing\Features
SCCM CB 1802 production release has five (5) Pre Release Features and Fifteen (15) production features. One of the exciting feature missing from SCCM 1802 production release (at least from SCCM console features GUI) is Management Insight. But the feature is available on the product.
Five(5) Pre Release Features of SCCM CB 1802 Production Release
Windows Defender Application Control Phased Deployments Enable third (3rd) party update support on clients Server Groups Support for Cisco AnyConnect 4.0..7x and later for iOS
Fifteen(15) Release Features of SCCM CB 1802 Production Release
PFX Create Passport for Work Windows Defender Exploit Guard Policy Surface Driver Updates OMS Connector Device Health Attestation assessment for compliance policy for CA Create and Run Scripts Client Peer Cache Approve Application requests for User per Device Run Task Sequence Step (Promoted) Conditional Access for Managed PCs Task Sequence Content Pre-Caching Data Warehouse Service Point Cloud Management Gateway VPN for Windows
Not Listed Features?
Reassignment Distribution Point (The feature is by default enabled and removed from features list) Add a passive primary site server Surface Device Dashboard ( The feature is by default enabled and removed from features list) Management Insights ( The feature is by default enabled and removed from features list) Office 365 Support Volume Licensing SKU in C2R Wizard Passport for Work ( The feature is by default enabled and removed from features list)
Quick Explanation about new Features of SCCM 1802 Production Release
What is SCCM Data Warehouse Service Point – Use the data warehouse service point to periodically copy data from your SCCM site database to another DB for long-term storage and trend analysis.
What is SCCM Cloud Management Gateway (CMG) – SCCM CMG Provides a simple way to manage SCCM client on the internet. The gateway server (Azure PaaS) is deployed to Microsoft Azure. This Connects internet clients to your on-premises SCCM infrastructure.
Windows Defender Application Control – Windows Defender Application Control helps to lock down Windows 10 computers so that they can only run trusted software
What are SCCM Phased Deployments – Phased Deployments automate a coordinated, sequenced roll-out of software across multiple collections
Enable third (3rd) party update support on clients – Enabled configuration by allowing signed third party updates policy and installation of WSUS code signing certificate on clients.
Client Settings Changes After SCCM 1802 Upgrade
There are two (2) types of client setting policies. User Client Settings and Device Client Settings are two of them. But there is one mother of client settings policy, and that is called Default Client Settings.
22 categories are there in SCCM CB 1802 Default Client Settings Policies 20 categories are there in SCCM CB 1802 Device Client Setting (User and Device Affinity are missing) 3 categories are there in SCCM CB 1802 User Client Settings (Cloud Services, Enrollment, and User & Device Affinity)
Windows Analytics setting is only available in default policies.
Co-Management Changes – SCCM 1802 Production Release
For Windows 10 devices that are in co-management state, you can have Microsoft Intune start managing different workloads. Choose pilot Intune to have Intune Manage the workloads for only the clients in the pilot group. When you are not ready to move the workload to Intune, then select SCCM (ConfigMgr). More details here.
You can move the co-management workloads with SCCM, Intune, or use both. There are four (4) workloads which we can offload to Intune. Endpoint protection (Windows Defender ) is the one newly added to SCCM 1802 production version. I have a post about co-management strategy.
Compliance Policies – Intune Compliance Policies
Resource Access Policies – Intune WiFi and VPN Profiles
Windows Update Policies – Windows Update for Business – Patching
Endpoint Protection – Windows Defender