What is New in SCCM 1906 New Features a Walkthrough

Let’s discuss and walk through the new features of the SCCM 1906 (SCCM 1906 New Features) production version. I have explained and shown most of these new features in the video tutorial.

The SCCM 1906 Upgrade Walkthrough Video Guide discusses all the upgrade scenarios. I recommend reading it before proceeding with the SCCM 1906 upgrade. Download SCCM 1906 and install that version using the following guide.

Many of you are interested to know whether MBAM was added to the production version of SCCM 1906. The news is that “MBAM is NOT part of SCCM 1906 Production release.”

Subscribe to this Blog via Email

Sign up to get the best of How To Manage Devices straight to your inbox!

Changes in Client Cache Settings

There are some noticeable changes in SCCM Client cache setting policy options under the default client settings. Following are some of the highlighted changes:

• Minimum duration before cached content can be removed (minutes)
• Enable as peer cache source (renamed the old setting called Enable Configuration Manager client in full OS to share content)

Communication Security tab

There is one new Communication Security tab in SCCM 1906 Site Properties. No, it’s not a new tab with new options.

Instead, the Client Computer communication tab was renamed the Communication Security Tab. I think this name change makes a lot of sense.

NTLM Detection

New SCCM Management insights rule for NTLM detection – A new inclusion rule detects if you enabled the less secure NTLM authentication fallback method for the site: NTLM fallback is enabled.

Microsoft’s message – “Kerberos is the latest, most secure, and recommended authentication method in a Windows Environment. Disable NTLM fallback (Client Push Scenario and WinPE using Network Access Account?) to increase the security of the Configuration Manager site.”

Azure Active Directory user group discovery

Azure AD user discovery was always available with the SCCM 1902 version. But, SCCM 1906 comes with the next level of Azure AD Discovery feature, “Enable Azure Active Directory Group Discovery.”

Once you enable AAD Group discovery, users found in Azure AD groups that haven’t been previously discovered will be added as user records in SCCM. Click on the setting to schedule the Azure AD User Group discovery.

What about Azure AD Device Group Discovery? Would that work? I don’t know; I never tested it. But, it seems it’s not a supported scenario yet.

Synchronize collection membership results to Azure Active Directory groups

The SCCM Collection synchronization allows you to use your existing on-premises grouping rules in the cloud by creating Azure AD group memberships based on collection membership results.

Co-Management Improvements

Multiple pilot groups for co-management workloads – Each workload can be assigned to a pilot collection.

Group Multiple Applications

Deploy Application Groups to Collections – Create a group of applications that you can send to a user or device collection as a single deployment.

Third-Party Software Updates

I think a new partner catalog has been added to the SCCM 1906 production version. Also, I assume Catalog version 3 is supported for the third-party software update feature.

Retry the installation of pre-approved applications

There is a new option in SCCM 1906 to Retry the installation of pre-approved applications. You can now retry the installation of an app you previously approved for a user or device.

Install an application for a device

This option will help reduce the number of collections in the SCCM environment. Install an application on a device—You can now install applications on a device in real-time from the SCCM console.

Task sequence Debug Option

The SCCM TS debugger option in SCCM 1906 helps troubleshoot Task Sequence scenarios. It is similar to the Simulate Application option.

The Task sequence debugger – The task sequence debugger is a new troubleshooting tool.

Clear App Content from the client cache during a task sequence

This clear cache option is handy for modern desktops with less SSD storage. Clear app content from client cache during task sequence – In the Install Application task sequence step, you can now delete the app content from the client cache after the action runs.

Pre-cache driver packages and OS images

Pre-cache driver packages and OS images – Task sequence pre-cache now includes additional content types like

• OS images
• Driver Packages
• Packages.

OneTrace – New SCCM Log File Reader

OneTrace (CMPowerLogViewer.exe) is a new log viewer within the Support Center toolkit. The SCCM OneTrace log reader tool works similarly to CMTrace but is much faster and more powerful.

C:\Program Files (x86)\Configuration Manager Support Center\CMPowerLogViewer.exe

NOTE! OneTrace (CMPowerLogViewer.exe) might not work in WinPE because of the Windows Presentation Foundation (WPF) component dependency.

Many Improvements to the Software Center

Many Improvements to Software Center – My favorite is direct links to the software center:page=CustomTab1.

Use the following URL format to open Software Center to a particular tab from Start Menu – RUN: software-center:page=Applications.

The string Applications is the first custom tab in order. For example, type this URL in the Windows Run window. You can also use this syntax to open default tabs in SCCM Software Center.

SCCM WSUS Maintenance – New Tasks

SCCM 1906 gives users more control over WSUS maintenance tasks and introduces two new maintenance tasks.

• Decline expired updates in WSUS according to supersedence rules (available in SCCM 1902 as well)
• Add non-clustered indexes to the WSUS database (new one)
• Remove obsolete updates from the WSUS database (new one)

Configure the default maximum run time for software updates

Configure the default maximum run time for software updates – You will get different maximum run time options for Windows 10 upgrades and patches.

• Maximum runtime for Windows Feature updates (minutes) – 120
• Maximum runtime for Office 365 updates and non-feature updates for Windows (minutes) – 60

SCCM Folder RBAC

Role-based access for folders (SCCM Folder RBAC options)- You can now set security scopes on folders. If you have access to an object in the folder but don’t have access to the folder, you’ll be unable to see the thing.

Administration Service Support for Security Nodes

Administration service support for security nodes – You can now enable some nodes of the SCCM console to use the administration service.

New Site Server Maintenance Task Improvements

Site server maintenance task improvements – Site server maintenance tasks can now be viewed and edited from their tab on the details view of a site server.

• In the Administration node, expand Site Configuration, then click on Sites.
• Select a site from your list, then click on the Maintenance Tasks tab in the detail panel.
• Right-click one of the maintenance tasks and select one of the following options: Enable – Turn on the task.
• Disable – Turn off the task.
• Edit – Edit the task schedule or its properties.

Desktop Analytics

Desktop analytics is not new to the SCCM 1906 version. It was available for SCCM 1902 with the latest KB. The following blog posts provide more details about Desktop Analytics.

• Desktop Analytics Configuration Step-by-Step Guide – Device Mgmt Portal
• SCCM Desktop Analytics Integration step-by-step guide

CMPivot Standalone

You can run CMPivot outside of the Configuration Manager console to view your environment’s real-time state of devices.

This change in SCCM 1906 enables us to use CMPivot on a device without first installing the SCCM console.

You can install CMPivot.MSI from the following path C:\Program Files\Microsoft Configuration Manager\tools\CMPivot\CMPivot.MSI. The CMPivot would be a standalone tool for real-time analysis for your helpdesk and security teams.

SCCM 1906 WVD Support

Windows Virtual Desktop is the new multi-session (concurrent users on Windows 10 virtual machine). From an SCCM perspective, the WVD is similar to a terminal server running on a Windows 10 machine.

In the SCCM 1906 version, Microsoft included support for managing Azure WVD virtual machines. The best option is to deploy applications to devices instead of users.

The previous post, ” SCCM/Intune VDI and WVD support,” explains more thoughts on SCCM Intune Support for VDI Devices Persistent Non-Persistent.”

SCCM 1906 PowerShell Cmdlet Changes

Let’s check out the PowerShell changes/updates/enhancements available with the SCCM 1906 production release.

Cmdlet Library changes for version 1906. More details available https://docs.microsoft.com/en-us/powershell/sccm/1906-release-notes?view=sccm-ps

Video SCCM 1906

This video will show how to upgrade the SCCM 1906 production version in fast ring.

Resources – SCCM 1906 New Features

• New Features of SCCM 1906 production version – Microsoft documentation
• Announcement Post of SCCM 1906 release

We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here –HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc