March 26, Microsoft has announced that they have released SCCM version 1702 for Current Branch (CB) that includes some great new features and product enhancements. If you are running with SCCM environment version 1606 or 1610 the new update will be available as an in-console and can be directly upgraded to SCCM CB 1702. If for some reason it is not visible in our SCCM console, if yes? Please find the PowerShell script here to ensure that you are in the first wave of the customer to get the update.
SCCM 1702 updates include many new features and enhancement in Windows 10 management and new functionality using Configuration Manager connected with Microsoft Intune. Let’s discuss a few of the enhancement below:
- Support for Windows 10 Creators Update – This version of Configuration Manager now supports the release of upcoming Windows 10 Creators Update. You can upgrade Windows 10 ADK to the latest version for full OS imaging support.
- Express files support for Windows 10 Cumulative Update – Configuration Manager now supports Windows 10 Cumulative Update using Express files.
- Deploy Office 365 apps to clients – Beginning in version 1702, from Office 365 Client Management dashboard, you can start the Office 365 Installer that lets you configure Office 365 installation settings, download files from Office Content Delivery Networks (CDNs), and deploy the files as an application in Configuration Manager.
- Customize high-risk deployment warning – You can now customize the Software Center warning when running a high-risk deployment, such as a task sequence to install a new operating system.
- Close executable files at the deadline when they would block application installation – If executable files are listed on the Install Behavior tab for a deployment type and the application is deployed to a collection as required, then a more intrusive notification experience is provided to inform the user, and the specified executable files will be closed automatically at the deadline.
- Conditional access for PCs managed by System Center Configuration Manager – Now production ready in update 1702, with conditional access for PCs managed by Configuration Manager, you can restrict access to various applications (including but not limited to Exchange Online and SharePoint online) to PCs that are compliant with the compliance policies you set
Few enhancements included which connected with Microsoft Intune.
- Android for Work support – You can now enroll devices, approve and deploy apps, and configure policies for devices with Android for Work.
- Lookout threat details – You can view threat details as reported by Lookout on a device.
- Apple Volume Purchase Program (VPP) enhancements – You can now request a policy sync on an enrolled mobile device from the Configuration Manager console.
- Additional iOS configuration settings – We added support for 42 iOS device settings for configuration items.
Microsoft has removed and dropped support for following product with the new release of SCCM 1702.
- SQL Server 2008 R2, for site database servers. This version of SQL Server remains supported when you use a Configuration Manager version prior to version 1702.
- Windows Server 2008 R2, for site system servers and most site system roles. This version of Windows remains supported when you use a Configuration Manager version prior to version 1702.
- Windows Server 2008, for site system servers and most site system roles.
- Windows XP Embedded, as a client operating system. This version of Windows remains supported when you use a Configuration Manager version prior to version 1702.
Microsoft has made improvement in-console search as:
- Object Path:
Many objects now support a column named Object Path. When you search and include this column in your display results, you can view the path to each object. For example, if you run a search for apps in the Applications node and are also searching sub-nodes, the Object Path column in the results pane will show you the path to each object that is returned.
- Preservation of search text:
When you enter text into the search text box, and then switch between searching a sub-node and the current node, the text that you typed will now persist and remain available for a new search without having to re-enter it.
- Preservation of your decision to search sub-nodes:
The option that you choose for searching the current node or all sub-nodes now persists when you change the node you are working in. This new behavior means that you do not need to constantly reset this decision as you move around the console. By default, when you open the console the option is to search only the current node.
Send feedback from the Configuration Manager console
You can use the in-console feedback options to send feedback directly to the development team. You can find the Feedback option:
- In the ribbon, at the far left of the Home tab of each node.
- When you right-click on any object in the console.
Choosing Feedback opens your browser to the Configuration Manager UserVoice feedback website.
Peer Cache improvements
Beginning with version 1702, a peer cache source computer will reject a request for content when the peer cache source computer meets any of the following conditions:
- Is in low battery mode.
- CPU load exceeds 80% at the time the content is requested.
- Disk I/O has an AvgDiskQueueLength that exceeds 10.
- There are no more available connections to the computer.
Additionally, three new reports are added to your reporting point. You can use these reports to understand more details about rejected content requests, including which boundary group, computer, and content was involved.
Content library cleanup tool
Use the content library cleanup tool to remove content from distribution points when that content is no longer associated with an application.
Software update points are added to boundary groups
Beginning with version 1702, clients use boundary groups to find a new software update point, and to fall-back and find a new software update point if their current one is no longer accessible. You can add individual software update points to different boundary groups to control which servers a client can find. For more information, see software update points in the configuring boundary groups topic.
Windows 10 ADK tracked by build version
The Windows 10 ADK is now tracked by build version to ensure a more supported experience when customizing Windows 10 boot images. For example, if the site uses the Windows ADK for Windows 10, version 1607, only boot images with version 10.0.14393 can be customized in the console. For details about customizing WinPE versions, see Customize boot images.
Default boot image source path can no longer be changed
Default boot images are managed by Configuration Manager and the default boot image source path can no longer be changed in the Configuration Manager console or by using the Configuration Manager SDK. You can continue to configure a custom source path for custom boot images.
Deploy Office 365 apps to clients
Beginning in version 1702, from the Office 365 Client Management dashboard, you can start the Office 365 Installer that lets you configure Office 365 installation settings, download files from Office Content Delivery Networks (CDNs), and deploy the files as an application in Configuration Manager.
Android for Work support
Starting with 1702, Hybrid mobile device management with Microsoft Intune now supports Android for Work device enrollment and management.
Improvements to certificate profiles
You can now create a PFX certificate profile that supports S/MIME and deploy it to users. The certificate can then used for S/MIME encryption and signing on all iOS devices that the user has enrolled. Additionally, you can now specify multiple certification authorities (CAs) on multiple Certificate registration point site system roles and then assign which CAs process requests as part of the certificate profile.
Please find the complete doc here.