Friday, May 20, 2016

SCCM 1602 New Features

Upgrade to 1602 done with great ease in the new Upgrade model in Configmgr, first time actually since the new plattform 1511

New features in version 1602 are:

  • In-place upgrade the operating system of site servers that run Windows Server 2008 R2
  • SQL Server AlwaysOn availability groups
  • Windows 10 servicing
  • iOS app configuration policies
  • Manage volume-purchased iOS apps
  • Automatic creation of Office mobile apps
  • Manage Office 365 client updates
  • Compliance settings for devices running Windows 10 team
  • Kiosk mode settings for Android Samsung KNOX devices
  • Conditional access for PCs managed by System Center Configuration Manager
  • Restricting access based on device Health Attestation status
  • New compliance policy rules
  • Make sure enrolled and compliant devices always have access to Exchange On-Premises
  • Client online status
  • Refresh PC machine and user policy from Software Center
  • Software Center branding changes
  • Health Attestation
  • Improvements to Endpoint Protection antimalware settings
  • iOS Activation Lock
  • Monitor terms and conditions deployments


Versioning in Configmgr is new.
The 1511 build is the first base build of the new Configuration Manager platform. Microsoft will not brand it 2016 version, because it will be continuously updated over the years with new builds. Indicating the first two digits the year and the second two the month it's released.

1511 is the latest full version you can install when setting up a new Configmgr hierarchy in your business. From there you can upgrade within the console very easy to the next version that is in the writing moment 1602. Meaning it was released in February 2016.

Precheck flight and Upgrade done within the Console

And Status after the Upgrade

Task Sequence Deployment Status with Action Output

Some of the new features I say very welcome to are that we can now see Action Output on the Task Sequences viewed in Monitoring - Deployments

And the New Production Client Deployment status is very Welcome. This came actually in version 1511

Endpoint Protection has a new Feature called "Potentially Unwanted Applications"

That captures application files that contains program code that you most likely dont want on your machine, that possibly someone other than the vendor put there.
Like unwanted toolbars, adware, malware, password stealers and so on.
This is a very welcome new feature as we face more and more treats these days.

This feature is enabled by default in the Endpoint Protection Policy, so its active once you have upgraded Configmgr and Clients to 1602. And the Scanning is in Real-Time.

You can monitor what it has found on both local drives and network file shares in the Endpoint Protection Status view - Malware Detected

More Client Notification Options

No comments:

Post a Comment