- Management of the Office Mobile app (access, view, and edit Word, Excel, and PowerPoint documents) for Android phones
- Management of the OneNote app for iOS devices. Management of Office mobile apps (Word, Excel, and PowerPoint) on iOS devices made available in December 2014
- Ability to browse and install apps on Windows Phone 8.1 devices using Intune Company Portal website
- Deployment of WiFi profiles for Windows devices using XML import and Windows Phone devices using OMA-URI (deployment of WiFi profiles currently supported for iOS and Android devices)
- Support for Cisco AnyConnect per-app VPN configurations for iOS devices
- Ability to require encryption on Windows 8.1 (x86) devices
- Ability to set minimum classification of platform updates to be installed automatically on Windows 8.1 (x86) devices
Here is just a quick SQL query you can use to show how many of each model you have in your environment. I’ve got a Manufacturer filter on it, but you could remove that or modify as necessary.
2015 Is off to a great start, received my Microsoft MVP award for the 5th time.
Congratulations! We are pleased to present you with the 2015 Microsoft® MVP Award! This award is given to exceptional technical community leaders who actively share their high quality, real world expertise with others. We appreciate your outstanding contributions in Enterprise Client Management technical communities during the past year.
Recently was standing up a new site and decided to use SQL 2014. According to the support page, SQL 2014 is supported. It is supported to upgrade from SQL 2012 to SQL 2014, but not for new site installs.
However, if you use SQL 2014, you will encounter an error during the install process.
Additionally attempting to restore a site against SQL 2014 will cause errors as well, so another thing to take into consideration.
Also, WSUS isn’t fully supported on SQL 2014 with Server 2008 R2. So there’s another gotcha you’ll run into.
Couple key notes from that blog posting:
It is not supported to install a new Configuration Manager site with SQL Server 2014 installed.
The following software updates are required to use SQL Server 2014 to host the site database:
Cumulative Update 1 for System Center 2012 R2 Configuration Manager - http://support.microsoft.com/kb/2938441
System Center 2012 Configuration Manager SP1 – http://support.microsoft.com/kb/2923078. To apply this hotfix, you must have Cumulative Update 4 (http://support.microsoft.com/kb/2922875) for System Center 2012 Configuration Manager SP1 installed.
Windows Server Update Services (WSUS) 3.2 Server cannot be installed on Windows Server 2008 R2 SP1 and Windows Server 2008 SP2 with SQL Server 2014 installed. With this configuration, the Configuration Manager Software updates feature will not work correctly.
An update was released to stand alone Intune a few days ago. Here are the features there were updated/added to the November release. By now most accounts should be upgraded.
New Intune standalone features that will be released as part of this service update include:
- Enhanced user interface for Intune administration console
- Ability to restrict access to Exchange on-premises email based upon device enrollment
- Bulk enrollment of devices using a single service account
- Lockdown of Supervised iOS devices and devices using Samsung KNOX with Kiosk mode
- Targeting of policies and apps by device groups
- Ability to report on and allow or block a specific set of applications
- Enforcement of application install or uninstall
- Deployment of certificates, email, VPN and WiFi profiles
- Ability to push free store apps to iOS devices
- More convenient access to internal corporate resources using per-app VPN configurations for iOS devices
- Remote pin reset for Windows Phone 8.1 devices
- Multi-factor authentication at enrollment for Windows 8.1 and Windows Phone 8.1 devices
- Ability to restrict administrator access to a specific set of user and device groups
- Updated Intune Company Portal apps to support customizable terms and conditions
- Enhanced user interface for Intune Company Portal website
Recently had an issue with my lab where my HTTPS Software Update Point was throwing some errors.
The SMS_WSUS_Control_Manager was show that it was failing to monitor the WSUS Server.
WSUS Control Manager failed to monitor WSUS Server "CM04.LAB.LOCAL".
Possible cause: WSUS Server version 3.0 SP2 or above is not installed or cannot be contacted.
Solution: Verify that the WSUS Server version 3.0 SP2 or greater is installed. Verify that the IIS ports configured in the site are same as those configured on the WSUS IIS website.
On the actual server hosting the SUP, the WSUSCtrl.log was showing the following error: "…the request failed with HTTP status 401: Unauthorized"
The following Microsoft KB help me resolve the issue:
I used Method 2 since it was just my lab. Disabling the Loopback check. After making the necessary registry change, after restarting the server, everything was reporting correctly and the WSUSCtrl.log was coming up clean.
Issues that are fixed
- The Continue on error check box is not selected under Task Sequences when an Install Software step and a Virtual Application package are defined as the source. This affects only task sequences that are migrated from Configuration Manager 2007 to System Center 2012 Configuration Manager.
- The Task Sequence Agent (TSAgent) does not use the logging-related values that are set in the following registry subkey on a client computer:
- 2961924 A command-line action that has a linked package doesn’t start in System Center 2012 Configuration Manager
- 2923078 Reporting Services installation fails on System Center 2012 Configuration Manager Service Pack 1 that has SQL Server 2014 installed
- 2931044 Discovery Data Manager slows when it rebuilds .ncf files on startup in System Center 2012 Configuration Manager Service Pack 1
- Applications cannot be changed or copied after they are migrated from one System Center 2012 Configuration Manager site to another site. Messages that resemble the following are logged in the Distmgr.log file after you try to make changes:
Package <PkgID> is in Pending state and will not be processed
- 2952686 You cannot install an application by using stand-alone media in System Center 2012 Configuration Manager Service Pack 1
Configuration Manager client
- The SMS Agent Host service may stop unexpectedly in an environment that uses multiple overlapping boundary groups that are configured for automatic site assignment. The ScanAgent.log file contains an entry that resembles the following:
[FATAL ERROR] Invalid params exception was raised.
- When you view the Primary Device that is associated with a user, you may see other devices that have the same name, even if they are associated with a different user.
Recently caught some emails going around about recommended backup and maintenance plans as it relates to ConfigMgr. Also plenty of discussions around whether or not addition index optimization is required beyond the built-in Rebuild Indexes task that can be configured as part of the built-in Site Maintenance task.
As far as what I recommend and configure for the clients I work with. I use the recommendations from Steve Thompson a fellow MVP and former SQL MVP.
I would highly recommend you read through the above linked posts. The maintenance plan is what I use for backing up the CM database and supporting databases. I do not use the built-in backup task with ConfigMgr 2012.
If you are having issues with indexing or slow performance, then it’s a good idea to look into the index optimization recommendations as well.
2 Great articles by Aaron Czechowski that explain what’s changed in the new ADK update and how it relates to MDT and ConfigMgr.
Here are just a couple of issues I’ve encountered doing R2 upgrades. I wanted to post the solutions for anyone that might also run into these issues.
This post was last updated on 3/13/2014.
KB’s that have been released to address R2 issues to date:
An update is available for the "Operating System Deployment" feature of System Center 2012 R2 Configuration Manager
You cannot stage a Windows PE 3.1 boot image to a Windows XP-based computer in System Center 2012 R2 Configuration Manager
Per-computer variables for imported computers are not read in System Center 2012 R2 Configuration Manager
If you have a ConfigMgr client installed on a site system hosting a MP, the MP upgrade will fail. If this happens, then you will need remove the MP, remove the ConfigMgr client. Reinstall the MP, and then install the new R2 ConfigMgr client.
If you have a secondary site, you won’t be able to uninstall the client or MP, you’ll need use the old school ccmclean (using the /all switch) to remove the MP and client. Once that is removed, the MP will automatically reinstall, then you can proceed to install the new client.
Easy solution for all, is to simply remove the ConfigMgr client prior to the upgrade
Take a screenshot of your drivers added to your boot images. Once you upgrade the ADK to 8.1, and you will have new boot images in R2, you won’t be able to see what drivers are on your old boot images. ConfigMgr supports legacy boot images, but you can’t modify the drivers and they have removed the tab so you can’t see what you had added either.
Better yet, get in the habit of categorizing your drives. I always create a WinPE_x64 and WinPE_x86 category and any time I add a driver to the boot image, I also add it to that category so I can see what is in use easily.
Keep in mind with ConfigMgr 2012 R2, your boot images are now WinPE 5.0, which is Windows 8.1 based, so the network/storage drivers you are adding will be need to be Windows 8.1, regardless of the OS you are deploying (Windows 7, Windows 8, etc).
I’ve seen a few times where the SRS doesn’t get upgraded properly. When attempting to run reports I’ve seen "cannot read from the next data row for the dataset.."
This can be resolved by recompiling the mof using the following command:
mofcomp "C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqlmgmproviderxpsp2up.mof"
I’ve also seen permission issues, which can be resolved by granted the Execute permission to the account configured as the SRS service account.
It’s been already reported that some people will experience issues with the NAA credentials being lost. So if you fail to download files during WinPE, you can try adding a new NAA and removing your old one. If you want to add your original one back, you need to add a new one, remove the original, then re-add the original and remove the 2nd one, confused yet?
In general it’s a good idea to recreate new MDT 2013 Task Sequences as well, your old MDT 2012 Update 1 TS’s should work as long as you still have the old toolkit package available, however it’s a good idea to create new ones and move your custom steps over into the new Task Sequence.
I’ve also ran into issues where the OS Image download is slow. In addition, in combination with this, I’ve seen where the Task Sequence will apply the OS, install the ConfigMgr client and then reboot and suddenly fail. Reviewing the logs you’ll see a 80072ee2 error (system cannot find the file specified).
If you encounter this, you will need to add two new R2 variables to beginning of your Task Sequence.
- SMSTSDownloadRetryCount: Use this variable to specify the number of times that Configuration Manager attempts to download content from a distribution point.
- SMSTSDownloadRetryDelay: Use this variable to specify the number of seconds that Configuration Manager waits before it retries to download content from a distribution point.