Microsoft SCCM product group released new preview version 1806. I have noticed that every TP version before production version of SCCM will have a number of features than other TP versions. SCCM TP 1806 is released with 13 new capabilities. My favourite one is the ability to Offload Office 365 workload to Intune.
Do You have an SCCM TP Lab?
Do NOT install TP version in the production environment. To build SCCM TP lab, you can download SCCM 1804 from evaluation portal. SCCM TP 1804 is the latest baseline version of preview releases. A TP lab will help you to stay ahead of other SCCM admins! In this post, we will see the upgrade walk through and overview of SCCM 1806 new features.
Content of SCCM TP 1806 Post
Video Tutorial to Upgrade SCCM TP 1806 and New Features How to Patch 3rd Third-party Applications with SCCM & without SCUP? Deploy Patches/software updates without Package content Transition Office 365 workload to Intune using co-management Sync MDM policy from Microsoft Intune for a co-managed device Download content from a CMG - NO Need of Cloud DP Remove Eliminate Network Access Account Requirement How to Install SCCM Client Installation from Internet via CMG?
Video Tutorial to upgrade SCCM 1806
How to Patch 3rd Third-party Applications with SCCM & without SCUP?
SCCM TP 1806 improved the third-party (3rd) application patching or updates. SCCM team started the improvement since last 4-5 releases of SCCM CB. I blogged about the tedious things which SCCM admin needs to go through for patching 3rd party apps. You don’t require to install SCUP and integrate that with WSUS and SCCM to patch 3rd party applications or software.
The new Third-Party Software Update Catalogs node in the SCCM CB console allows you to subscribe to third-party catalogs, publish their updates to your software update point, and then deploy them to clients. The catalogs will automatically get updated whenever new vendor catalog is available. I would recommend reading following Microsoft documentation here.
\Software Library\Overview\Software Updates\Third-Party Software Update Catalogs
Deploy Patches/software updates without Package content
This is another exciting feature to use the public cloud or peer to peer caching for patching machines. In this scenario, you don’t need to create Software Update packages and distribute the content to all your DPs. I would recommend reading following Microsoft documentation here.
This setting is only integrated with the Deploy Software Updates Wizard. It isn’t currently available with automatic deployment rules.
- Start a software update deployment via SCCM CB console
- In the Deploy Software Updates Wizard, on the Deployment Package page, select the new option for No deployment package.
Transition Office 365 workload to Intune using co-management
This is my favorite capability of SCCM TP 1806. Now we can now transition the Office 365 workload from SCCM to Microsoft Intune. To transition this workload, go to the co-management properties page and move the slider bar from SCCM to Pilot or All.
There is also a new global condition, does Intune manage office 365 applications on the device. This condition is added by default as a requirement to new Office 365 applications. When you transition this workload, co-managed clients don’t meet the requirement on the application, thus don’t install Office 365 deployed via SCCM.
Sync MDM policy from Microsoft Intune for a co-managed device
Starting in this release when you switch a co-management workload, the co-managed devices automatically synchronize MDM policy from Microsoft Intune. This sync also happens when you initiate the Download Computer Policy action from Client Notifications in the Configuration Manager console. For more information, see Initiate client policy retrieval using client notification.
This sync also happens when you initiate the Download Computer Policy action from Client Notifications in the Configuration Manager console.
Download content from a CMG – NO Need of Cloud DP
Cloud DP is no more required in the future releases of SCCM to download the content for SCCM client installation in CO-Management scenario. The CMG content download works the same as Cloud DP. You don’t have any additional requirement for this capability. This is my second favorite capability of SCCM TP 1806.
To enable this feature, enable the new option to Allow CMG to function as a cloud distribution point and serve content from Azure storage on the Settings tab of the CMG properties.
Eliminate Network Access Account Requirements -Task Sequence
SCCM TP 1806 release continues to iterate on improved secure client communications by removing additional dependencies on the network access account (NAA).
Enable the new site option to Use Configuration Manager-generated certificates for HTTP site systems.
The following scenarios don’t require a network access account to download content from a distribution point:
- Task sequences running from boot media or PXE
- Task sequences running from Software Center
These task sequences can be for OS deployment or custom. It is also supported for workgroup computers.
How to Install SCCM Client Installation from Internet via CMG?
Yes, you can install SCCM clients via Cloud Management Gateway and Microsoft Intune. You need to create an Mobile app in Intune portal with accurate command line. Otherwise you can manually install the client using the following command line.
When you install the SCCM client from internet via a CMG, fewer command-line properties are now required (SCCM TP 1806 or later).
The following command-line properties are required in all scenarios:
The following properties are required when using Azure AD for client authentication instead of PKI-based client authentication certificates:
The following property is required if the client will roam back to the intranet:
The following example includes all of the above properties:
ccmsetup.exe CCMHOSTNAME=CONTOSO.CLOUDAPP.NET/CCM_Proxy_MutualAuth/72186325152220500 SMSSiteCode=ABC AADCLIENTAPPID=7506ee10-f7ec-415a-b415-cd3d58790d97 AADRESOURCEURI=https://contososerver SMSMP=https://mp1.contoso.com
Capabilities in Technical Preview 1806 for SCCM CB – here