What is New in SCCM 1906 New Features a Walkthrough

1
SCCM 1906 New Features

Let’s discuss and give you a walkthrough of new features of SCCM 1906 (SCCM 1906 New Features) production version. I have already explained and shown most of these new features in the video tutorial.

NOTE! – Many of you are interested to know whether MBAM made to the production version of SCCM 1906 or not. And the news is “MBAM is NOT part of SCCM 1906 Production release.”

Subscribe to this Blog via eMail

Join 16,386 other subscribers

Upgrade SCCM to 1906?

I have discussed all the upgrade scenarios in the following blog post. I would recommend reading this post before proceeding with the SCCM 1906 upgrade. Download SCCM 1906 and install that version using the following guide.

SCCM 1906 Upgrade Walkthrough Video Guide

Changes in Client Cache Settings

There are some noticeable changes in SCM Client cache setting policy options under the default client settings. Following are some of the highlighted changes:

  • Minimum duration before cached content can be removed (minutes)
  • Enable as peer cache source (renamed the old setting called Enable Configuration Manager client in full OS to share content)
SCCM 1906 What's New - Enable as peer cache source
SCCM 1906 What’s New – Enable as peer cache source

Communication Security tab

There is one new Communication Security tab in SCCM 1906 Site Properties. No, it’s not really a new tab with new options. Instead, this is the Client Computer communication tab got renamed to Communication Security Tab. I think this name change makes a lot of sense.

SCCM 1906 New Features - Communication Security
SCCM 1906 New Features – Communication Security

NTLM Detection

New SCCM Management insights rule for NTLM detection – There is a new inclusion rule that detects if you enabled the less secure NTLM authentication fallback method for the site: NTLM fallback is enabled.

Microsoft’s message – “Kerberos is the latest, most secure and recommended authentication method in a Windows Environment. Disable NTLM fallback (Client Push Scenario and WinPE using Network Access Account?) to increase the security of the Configuration Manager site”

SCCM 1906 New Features - NTLM Detection
SCCM 1906 New Features – NTLM Detection

Azure Active Directory user group discovery

Azure AD user discovery was always available with SCCM 1902 version. But, SCCM 1906 comes with the next level of Azure AD Discovery feature called “Enable Azure Active Directory Group Discovery.”

Once you enable AAD Group discovery, users found in Azure AD groups that haven’t been previously discovered will be added as user records in SCCM. Click on setting to schedule the Azure AD User Group discovery.

What about Azure AD Device Group Discovery? Would that work? I don’t know I never tested it. But, it seems it’s not a supported scenario yet.

SCCM 1906 New Features - Azure AD User Group Discovery
SCCM 1906 New Features – Azure AD Group Discovery

Synchronize collection membership results to Azure Active Directory groups

The SCCM Collection synchronization allows you to use your existing on premises grouping rules in the cloud by creating Azure AD group memberships based on collection membership results.

SCCM 1906 What is New - Enable Azure AD Group Sync
SCCM 1906 What is New – Enable Azure AD Group Sync

Co-Management Improvements

Multiple pilot groups for co-management workloads – Each workload can be assigned to a pilot collection.

SCCM 1906 New Features Co-management
SCCM 1906 New Features – Co Management Options

Group Mutiple Applications

Deploy Application Groups to Collections – Create a group of applications that you can send to a user or device collection as a single deployment.

SCCM 1906 New Features - Group Mutiple Applications - SCCM Application Group
SCCM 1906 New Features – Group Mutiple Applications – SCCM Application Group

Third-Party Software Updates

I think a new partner catalog has been added to SCCM 1906 production version. Also, I assume there is support for Catalog version 3 for third-party software update feature.

SCCM 1906 New Features - 3rd Party Software Updates
SCCM 1906 New Features – 3rd Party Software Updates

Retry the install of pre-approved applications

There is a new option in SCCM 1906 to Retry the install of pre-approved applications – You can now retry the installation of an app that you previously approved for a user or device.

Install an application for a device

This option will help to reduce the number of collections in SCCM environment. Install an application for a device – From the SCCM console, you can now install applications to a device in real-time.

SCCM 1906 Option to Install an Application for a Device
SCCM 1906 Option to Install an Application for a Device
SCCM 1906 - Select Application to Install on a device via fast channel
SCCM 1906 – Select Application to Install on a device via fast channel

Task sequence Debug Option

The SCCM TS debugger option in SCCM 1906 immensely helps in troubleshooting the Task Sequence scenarios. This option is similar to Simulate Application option. The Task sequence debugger – The task sequence debugger is a new troubleshooting tool.

SCCM 1906 New Features - TS Debug Option for troubleshooting
SCCM 1906 New Features – TS Debug Option for troubleshooting

Clear App Content from client cache during task sequence

This clear cache option is handy for modern desktops with less SSD storage:) Clear app content from client cache during task sequence – In the Install Application task sequence step, you can now delete the app content from the client cache after the step runs.

SCCM 1906 New Features Upgrade - Clear Caching Options
SCCM 1906 New Features Upgrade – Clear Caching Options

Pre-cache driver packages and OS images

Pre-cache driver packages and OS images – Task sequence pre-cache now includes additional content types like

  • OS images
  • Driver Packages
  • Packages.

OneTrace – New SCCM Log File Reader

OneTrace (CMPowerLogViewer.exe) is a new log viewer with in Support Center toolkit wold. The SCCM OneTrace log reader tool works similarly to CMTrace but much more fast and powerful.

C:\Program Files (x86)\Configuration Manager Support Center\CMPowerLogViewer.exe

SCCM 1906 - New Log Reader ONETRACE
SCCM 1906 – New Log Reader ONETRACE

NOTE! – OneTrace (CMPowerLogViewer.exe) might not work in WinPE because of the dependency on Windows Presentation Foundation (WPF) component.

Many Improvements to Software Center

Many Improvements to Software Center – Direct links to Software center softwarecenter:page=CustomTab1 is my favourite.

Use the following URL format to open Software Center to a particular tab from Start MenuRUN: softwarecenter:page=Applications

The string Applications is the first custom tab in order. For example, type this URL in the Windows Run window. You can also use this syntax to open default tabs in SCCM Software Center.

SCCM WSUS Maintanance – New Tasks

SCCM 1906 comes with more control over WSUS maintenance tasks. There are two new maintenance tasks got introduced with SCCM 1906.

  • Decline expired updates in WSUS according to supersedence rules (available in SCCM 1902 as well)
  • Add non-clustered indexes to the WSUS database (new one)
  • Remove obsolete updates from the WSUS database (new one)
SCCM 1906 New Features - WSUS Maintenance
SCCM 1906 New Features – WSUS Maintenance

Configure the default maximum run time for software updates

Configure the default maximum run time for software updates – You will get separate maximum run time options for Windows 10 upgrades and patches.

  • Maximum runtime for Windows Feature updates (minutes) – 120
  • Maximum runtime for Office 365 updates and non-feature updates for Windows (minutes) – 60
SCCM 1906 New Features - Maximum Run Time
SCCM 1906 New Features – Maximum Run Time

SCCM Folder RBAC

Role-based access for folders (SCCM Folder RBAC options)- You can now set security scopes on folders. If you have access to an object in the folder but don’t have access to the folder, you’ll be unable to see the object.

SCCM 1906 New Features RBAC Folder Options
SCCM 1906 New Features RBAC Folder Options

Administration service support for security nodes

Administration service support for security nodes – You can now enable some nodes of the SCCM console to use the administration service.

SCCM 1906 New Features Administrative Services
SCCM 1906 New Features Administrative Services

New Site server maintenance task improvements

Site server maintenance task improvements – Site server maintenance tasks can now be viewed and edited from their own tab on the details view of a site server.

  • In the Administration node, expand Site Configuration, then click on Sites.
  • Select a site from your list, then click on the Maintenance Tasks tab in the detail panel.
  • Right-click one of the maintenance tasks and select one of the following options:Enable – Turn on the task.
  • Disable – Turn off the task.
  • Edit – Edit the task schedule or its properties.
SCCM 1906 New Features Maintenance Tasks
SCCM 1906 New Features Maintenance Tasks

Desktop Analytics

Desktop analytics is not new to SCCM 1906 version. It was available for SCCM 1902 with the latest KB. You can refer to the following blog posts to get more details about Desktop Analytics.

SCCM 1906 - Desktop Analytics
SCCM 1906 – Desktop Analytics

CMPivot Standalone

You can run CMPivot outside of the Configuration Manager console to view the real-time state of devices in your environment. This change in SCCM 1906 enables us to use CMPivot on a device without first installing the SCCM console.

What is New in SCCM 1906 New Features a Walkthrough 1

You can install CMPivot.MSI from the following path C:\Program Files\Microsoft Configuration Manager\tools\CMPivot\CMPivot.msi. The CMPivot would be a standalone tool for your helpdesk and security teams for real-time analysis.

SCCM 1906 CMPivot.MSI A Standalone tool for helpdesk and security teams
SCCM 1906 CMPivot.MSI A Standalone tool for helpdesk and security teams

SCCM 1906 WVD Support

Windows Virtual Desktop is the new multi-session (concurrent users on Windows 10 virtual machine). The WVD is similar to terminal server running on Windows 10 machine from SCCM perspective.

In SCCM 1906 version, Microsoft included the support for managing the Azure WVD virtual machines. The best option is to deploy applications to devices instead of users.

More thoughts on SCCM/Intune VDI and WVD support is explained in the previous post “SCCM Intune Support for VDI Devices Persistent Non Persistent.”

SCCM 1906 PowerShell Cmdlet Changes

Let’s check out the PowerShell changes/updates/enhancements available with SCCM 1906 production release.

Cmdlet Library changes for version 1906. More details available https://docs.microsoft.com/en-us/powershell/sccm/1906-release-notes?view=sccm-ps

Get-CMTSStepRunTaskSequence
New-CMSoftwareCenterTabItem
New-CMTSStepRunTaskSequence
Remove-CMTSStepRunTaskSequence
Set-CMScript
Set-CMTSStepRunTaskSequence

Video SCCM 1906

Resources – SCCM 1906 New Features

1 COMMENT

  1. My SCCM v1810 database is hosted by SQL AlwaysOn availability group. My upgrade to v1906 is failing -even after running the prerequisites check with no issues- saying that the \ConfigMgr_DViewAccess user account already exists pointing to a different login. If I change this user settings pointing to the current SQL node and retry the upgrade, it fails again when the upgrade task fails over to the secondary cluster node with the same error message:

    *** IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name=’\ConfigMgr_DViewAccess’) BEGIN CREATE USER [\ConfigMgr_DViewAccess] FROM LOGIN [\ConfigMgr_DViewAccess] END

    *** [42000][15063][Microsoft][SQL Server Native Client 11.0][SQL Server]The login already has an account under a different user name.

    Any clues?

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.