Microsoft Endpoint Configuration Manager version 2111 was recently released; the goal of this article is to provide an overall overview of the main innovations introduced in this latest release in order to better manage the updating of your Configuration Manager infrastructure.
With a view to a constant process of product improvement, starting from this release, interesting new features have been released, including the production release of two important features previously in pre-release: Orchestration Group and Application Group.
The first feature allows you to control in the best way the updating of those environments (often critical) that require sequential updating of the systems and require the execution of certain activities before and / or after the update procedure.
Through the use of Application Groups, IT Admins are able to distribute a set of applications on a user or device collection; this feature allows you to reduce the number of Task Sequences and custom scripts to perform the chain installation of multiple applications.
At the time of writing this article, the update appears to be available through the Early update ring channel; in order to add your infrastructure within this channel, you need to run the Powershell script available at the following link.
Implicit uninstallation on user collection
In release 2107, the application uninstallation functionality was released after the device was removed from the reference collection; starting from this release, this operation has also been made possible on User collections. In this regard, when a user is removed from the collection on which the deployment is active, the reference application will be automatically removed.
Script approval for Orchestration group
With the introduction into production of the Orchestration Groups, the scripts invoked by this feature require the approval of an IT Admin in order to be recalled during the update procedures. Within the Details tab in the Orchestration Group section, you can view the following information:
- Summary: provides information relating to the selected Orchestration Group, including the approval status of the scripts;
- Scripts: provides the necessary information on scripts, including the approval status of the individual script and any approver;
Improvements on the search criteria of the ASR rule
The following time ranges have been entered for the Date Released or Revised search criterion:
- Older than 30 days
- Older than 60 days
- Older than 90 days
- Older than 6 months
- Older than 1 year
Enable notifications for updates related to Microsoft 365 Apps
It is now possible to configure notifications relating to Microsoft 365 Apps updates in order to customize the user experience; through the Enable update notifications from Microsoft 365 Apps option (found in the Software Updates section of the Client Settings), it is possible to inhibit (default) or view notifications from the Software Center regarding updates to the Microsoft 365 Apps suite.
Simplified Cloud-Attach configuration procedure
Starting with release 2111, the configuration process of the Cloud-Attach functionality has been simplified; it is possible to select a predefined set of configurations or proceed with a custom configuration. By selecting the default option, the systems will be:
- Connect directly to Intune in co-management mode (if compliant);
- Configured to send data to Endpoint Analytics;
- Configured for Tenant-Attach functionality;
In this release, Configuration Manager requires the installation of the .NET Framework version 4.6.2 as a requirement for some components; in this regard, starting from this release, an error status will be reported during the prerequisite check in the absence of this component.
Improvements in External notifications functionality
One of the most interesting innovations introduced in the 2107 release was certainly the possibility of sending notifications related to Configuration Manager to external systems/applications; this feature allows you to automate any actions not natively present on Configuration Manager in the face of a specific event (eg: status message filter rules).
In release 2111, support has been added to create or modify a subscription directly from the Configuration Manager console.
Improvements in the identification of VPN boundaries
With this latest release, improvements have been introduced in the identification of network locations with regard to VPN boundaries; in fact, it is now possible to use the Start with option to detect a connection that typically contains a unique identifier within the name / description.
Improvements related to the Client Health dashboard
The Client Health dashboard allows you to view the health status of the Configuration Manager client on the various systems on which it is present; this dashboard has been revised in the 2111 release for easier identification of the health status of your systems; below are some of the improvements introduced:
- Ability to select a default collection to filter systems;
- Ability to configure a period of time to assess the health of the clients;
- Introduction of new tiles such as Clients with any failure and Health trends by scenario;
Display logo in notifications
Starting with this latest release, it is possible to allow the display of a logo in the face of notifications related to the Software Center; this will allow to provide a better user experience to the end user in the face of activities on the device by the company.
Check for the presence of TPM 2.0
In order to help companies in the deployment of Windows 11, within the Check Readiness step, the check on the presence of TPM 2.0 (a requirement for the new operating system) was introduced.
Improvements in the Windows Servicing dashboard
Within the Windows Servicing dashboard, a new section called Windows 11 Latest Feature Updates has been introduced which allows you to view the number of Windows 11 systems that are updated at the latest Feature Update.
Custom properties for devices directly from the console
In release 2111, Microsoft has further improved what was introduced in the previous release regarding the iteration between Configuration Manager and external sources. With regard to this issue, a novelty introduced in the previous version is the possibility of setting custom properties on the devices that come from other data sources; these properties and their value are saved in a new class called Device Custom Properties in the Configuration Manager database and can then be used to create queries, collections and reports.
In this latest release, you can set these custom properties directly from the Configuration Manager console.
Export content in CSV
You can now export the contents of a Configuration Manager console view in CSV format; to export the information, click on the Export to CSV file option from the ribbon at the top and then select one of the following options:
- Export selected items: to export only the previously selected objects;
- Export all items: to export all objects;
Improvements in the Configuration Manager console
As already done for the 2107 release, also in this release, Microsoft has tried to further improve the user-experience linked to the product; the most important updates are:
- Ability to request the installation of a specific console extension before connecting to the site;
- Introduction of an icon in the various configuration wizards to allow sending feedback directly to Microsoft;
- Independent software vendors (ISVs) can create applications that extend Configuration Manager;
- Introduction of a new native collection called Co-management Eligible Devices containing all the systems that can be managed jointly by Configuration Manager and Intune;