What is New in SCCM 1906 New Features a Walkthrough

Let’s discuss and give you a walkthrough of the new features of the SCCM 1906 (SCCM 1906 New Features) production version. I have explained and shown most of these new features in the video tutorial.

NOTE! – Many of you are interested to know whether MBAM was made to the production version of SCCM 1906 or not. And the news is “MBAM is NOT part of SCCM 1906 Production release.”

Subscribe to this Blog via Email

[jetpack_subscription_form show_only_email_and_button=”true” custom_background_button_color=”#fcb900″ custom_text_button_color=”#313131″ submit_button_text=”Subscribe” submit_button_classes=”wp-block-button__link has-text-color has-very-dark-gray-color has-background has-luminous-vivid-amber-background-button-color” show_subscribers_total=”true” ]

Upgrade SCCM to 1906?

I have discussed all the upgrade scenarios in the following blog post. I would recommend reading this post before proceeding with the SCCM 1906 upgrade.

Patch My PC

Download SCCM 1906 and install that version using the following guide.

SCCM 1906 Upgrade Walkthrough Video Guide

Changes in Client Cache Settings

There are some noticeable changes in SCM Client cache setting policy options under the default client settings. Following are some of the highlighted changes:

  • Minimum duration before cached content can be removed (minutes)
  • Enable as peer cache source (renamed the old setting called Enable Configuration Manager client in full OS to share content)
SCCM 1906 What's New - Enable as peer cache source
SCCM 1906 What’s New – Enable as a peer cache source 1

Communication Security tab

There is one new Communication Security tab in SCCM 1906 Site Properties. No, it’s not a new tab with new options.

Adaptiva

Instead, this is the Client Computer communication tab that got renamed to Communication Security Tab. I think this name change makes a lot of sense.

SCCM 1906 New Features - Communication Security
SCCM 1906 New Features – Communication Security 2

NTLM Detection

New SCCM Management insights rule for NTLM detection – A new inclusion rule detects if you enabled the less secure NTLM authentication fallback method for the site: NTLM fallback is enabled.

Microsoft’s message – “Kerberos is the latest, most secure, and recommended authentication method in a Windows Environment. Disable NTLM fallback (Client Push Scenario and WinPE using Network Access Account?) to increase the security of the Configuration Manager site.”

SCCM 1906 New Features - NTLM Detection
SCCM 1906 New Features – NTLM Detection 3

Azure Active Directory user group discovery

Azure AD user discovery was always available with SCCM 1902 version. But, SCCM 1906 comes with the next level of Azure AD Discovery feature called “Enable Azure Active Directory Group Discovery.”

Once you enable AAD Group discovery, users found in Azure AD groups that haven’t been previously discovered will be added as user records in SCCM. Click on the setting to schedule the Azure AD User Group discovery.

What about Azure AD Device Group Discovery? Would that work? I don’t know; I never tested it. But, it seems it’s not a supported scenario yet.

SCCM 1906 New Features - Azure AD User Group Discovery
SCCM 1906 New Features – Azure AD Group Discovery 4

Synchronize collection membership results to Azure Active Directory groups

The SCCM Collection synchronization allows you to use your existing on-premises grouping rules in the cloud by creating Azure AD group memberships based on collection membership results.

SCCM 1906 What is New - Enable Azure AD Group Sync
SCCM 1906 What is New – Enable Azure AD Group Sync 5

Co-Management Improvements

Multiple pilot groups for co-management workloads – Each workload can be assigned to a pilot collection.

SCCM 1906 New Features Co-management
SCCM 1906 New Features – Co-Management Options 6

Group Multiple Applications

Deploy Application Groups to Collections – Create a group of applications that you can send to a user or device collection as a single deployment.

SCCM 1906 New Features - Group Mutiple Applications - SCCM Application Group
SCCM 1906 New Features – Group Multiple Applications – SCCM Application Group 7

Third-Party Software Updates

I think a new partner catalog has been added to SCCM 1906 production version. Also, I assume there is support for Catalog version 3 for third-party software update feature.

SCCM 1906 New Features - 3rd Party Software Updates
SCCM 1906 New Features – 3rd Party Software Updates 8

Retry the installation of pre-approved applications

There is a new option in SCCM 1906 to Retry the installation of pre-approved applications. You can now retry the installation of an app you previously approved for a user or device.

Install an application for a device

This option will help to reduce the number of collections in the SCCM environment. Install an application for a device – From the SCCM console, you can now install applications to a device in real-time.

SCCM 1906 Option to Install an Application for a Device
SCCM 1906 Option to Install an Application for a Device 9
SCCM 1906 - Select Application to Install on a device via fast channel
SCCM 1906 – Select Application to Install on a device via a fast channel 10

Task sequence Debug Option

The SCCM TS debugger option in SCCM 1906 helps troubleshoot the Task Sequence scenarios. This option is similar to Simulate Application option.

The Task sequence debugger – The task sequence debugger is a new troubleshooting tool.

SCCM 1906 New Features - TS Debug Option for troubleshooting
SCCM 1906 New Features – TS Debug Option for troubleshooting 11

Clear App Content from client cache during a task sequence

This clear cache option is handy for modern desktops with less SSD storage:) Clear app content from client cache during task sequence – In the Install Application task sequence step, you can now delete the app content from the client cache after the action runs.

SCCM 1906 New Features Upgrade - Clear Caching Options
SCCM 1906 New Features Upgrade – Clear Caching Options 12

Pre-cache driver packages and OS images

Pre-cache driver packages and OS images – Task sequence pre-cache now includes additional content types like

  • OS images
  • Driver Packages
  • Packages.

OneTrace – New SCCM Log File Reader

OneTrace (CMPowerLogViewer.exe) is a new log viewer within the Support Center toolkit. The SCCM OneTrace log reader tool works similarly to CMTrace but much more fast and more powerful.

C:\Program Files (x86)\Configuration Manager Support Center\CMPowerLogViewer.exe

SCCM 1906 - New Log Reader ONETRACE
SCCM 1906 – New Log Reader ONETRACE 13

NOTE! OneTrace (CMPowerLogViewer.exe) might not work in WinPE because of the Windows Presentation Foundation (WPF) component dependency.

Many Improvements to Software Center

Many Improvements to Software Center – My favorite is direct links to the software center:page=CustomTab1.

Use the following URL format to open Software Center to a particular tab from Start MenuRUN: software-center:page=Applications.

The string Applications is the first custom tab in order. For example, type this URL in the Windows Run window. You can also use this syntax to open default tabs in SCCM Software Center.

SCCM WSUS Maintenance – New Tasks

SCCM 1906 comes with more control over WSUS maintenance tasks. There are two new maintenance tasks got introduced with SCCM 1906.

  • Decline expired updates in WSUS according to supersedence rules (available in SCCM 1902 as well)
  • Add non-clustered indexes to the WSUS database (new one)
  • Remove obsolete updates from the WSUS database (new one)
SCCM 1906 New Features - WSUS Maintenance
SCCM 1906 New Features – WSUS Maintenance 14

Configure the default maximum run time for software updates

Configure the default maximum run time for software updates – You will get different maximum run time options for Windows 10 upgrades and patches.

  • Maximum runtime for Windows Feature updates (minutes) – 120
  • Maximum runtime for Office 365 updates and non-feature updates for Windows (minutes) – 60
SCCM 1906 New Features - Maximum Run Time
SCCM 1906 New Features – Maximum Run Time 15

SCCM Folder RBAC

Role-based access for folders (SCCM Folder RBAC options)- You can now set security scopes on folders. If you have access to an object in the folder but don’t have access to the folder, you’ll be unable to see the thing.

SCCM 1906 New Features RBAC Folder Options
SCCM 1906 New Features RBAC Folder Options 16

Administration service support for security nodes

Administration service support for security nodes – You can now enable some nodes of the SCCM console to use the administration service.

SCCM 1906 New Features Administrative Services
SCCM 1906 New Features Administrative Services 17

New Site server maintenance task improvements

Site server maintenance task improvements – Site server maintenance tasks can now be viewed and edited from their tab on the details view of a site server.

  • In the Administration node, expand Site Configuration, then click on Sites.
  • Select a site from your list, then click on the Maintenance Tasks tab in the detail panel.
  • Right-click one of the maintenance tasks and select one of the following options: Enable – Turn on the task.
  • Disable – Turn off the task.
  • Edit – Edit the task schedule or its properties.
SCCM 1906 New Features Maintenance Tasks
SCCM 1906 New Features Maintenance Tasks 18

Desktop Analytics

Desktop analytics is not new to SCCM 1906 version. It was available for SCCM 1902 with the latest KB. You can refer to the following blog posts to get more details about Desktop Analytics.

SCCM 1906 - Desktop Analytics
SCCM 1906 – Desktop Analytics 19

CMPivot Standalone

You can run CMPivot outside of the Configuration Manager console to view the real-time state of devices in your environment.

This change in SCCM 1906 enables us to use CMPivot on a device without first installing the SCCM console.

What is New in SCCM 1906 New Features a Walkthrough 1
What is New in SCCM 1906 New Features a Walkthrough 20

You can install CMPivot.MSI from the following path C:\Program Files\Microsoft Configuration Manager\tools\CMPivot\CMPivot.MSI. The CMPivot would be a standalone tool for real-time analysis for your helpdesk and security teams.

SCCM 1906 CMPivot.MSI A Standalone tool for helpdesk and security teams
SCCM 1906 CMPivot.MSI A Standalone tool for helpdesk and security teams 21

SCCM 1906 WVD Support

Windows Virtual Desktop is the new multi-session (concurrent users on Windows 10 virtual machine). The WVD is similar to a terminal server running on Windows 10 machine from an SCCM perspective.

In SCCM 1906 version, Microsoft included the support for managing the Azure WVD virtual machines. The best option is to deploy applications to devices instead of users.

The previous post, ” SCCM/Intune VDI and WVD support,” explains more thoughts on SCCM Intune Support for VDI Devices Persistent Non-Persistent.”

SCCM 1906 PowerShell Cmdlet Changes

Let’s check out the PowerShell changes/updates/enhancements available with SCCM 1906 production release.

Cmdlet Library changes for version 1906. More details available https://docs.microsoft.com/en-us/powershell/sccm/1906-release-notes?view=sccm-ps

Get-CMTSStepRunTaskSequence
New-CMSoftwareCenterTabItem
New-CMTSStepRunTaskSequence
Remove-CMTSStepRunTaskSequence
Set-CMScript
Set-CMTSStepRunTaskSequence

Video SCCM 1906

What is New in SCCM 1906 New Features a Walkthrough 22

Resources – SCCM 1906 New Features

1 thought on “What is New in SCCM 1906 New Features a Walkthrough”

  1. My SCCM v1810 database is hosted by SQL AlwaysOn availability group. My upgrade to v1906 is failing -even after running the prerequisites check with no issues- saying that the \ConfigMgr_DViewAccess user account already exists pointing to a different login. If I change this user settings pointing to the current SQL node and retry the upgrade, it fails again when the upgrade task fails over to the secondary cluster node with the same error message:

    *** IF NOT EXISTS (SELECT * FROM sys.database_principals WHERE name=’\ConfigMgr_DViewAccess’) BEGIN CREATE USER [\ConfigMgr_DViewAccess] FROM LOGIN [\ConfigMgr_DViewAccess] END

    *** [42000][15063][Microsoft][SQL Server Native Client 11.0][SQL Server]The login already has an account under a different user name.

    Any clues?

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.