- Ability to streamline the enrollment of iOS devices purchased directly from Apple or an authorized reseller with the Device Enrollment Program (DEP)
- Ability to restrict access to SharePoint Online and OneDrive for Business based upon device enrollment and compliance policies
- Management of OneDrive apps for iOS and Android devices
- Ability to deploy .appx files to Windows Phone 8.1 devices
- Ability to restrict the number of devices a user can enroll in Intune
As part of our monthly release cadence, we will be making available the next service update for Microsoft Intune between March 4, 2015 and March 7, 2015. New Intune standalone (cloud only) features that will be released as part of this service update include:
Additionally, as part of this service update, we will be providing hybrid customers with the ability to create custom WiFi profiles with pre-shared keys (PSK) for Android devices. Delivering new features to our hybrid customers using System Center Configuration Manager integrated with Intune remains a top priority for our team, and you can expect additional hybrid features to be made available soon. Make sure to bookmark this blog and the ConfigMgr blog to keep up-to-date as we continue to release new features on a monthly basis.
- Management of the Office Mobile app (access, view, and edit Word, Excel, and PowerPoint documents) for Android phones
- Management of the OneNote app for iOS devices. Management of Office mobile apps (Word, Excel, and PowerPoint) on iOS devices made available in December 2014
- Ability to browse and install apps on Windows Phone 8.1 devices using Intune Company Portal website
- Deployment of WiFi profiles for Windows devices using XML import and Windows Phone devices using OMA-URI (deployment of WiFi profiles currently supported for iOS and Android devices)
- Support for Cisco AnyConnect per-app VPN configurations for iOS devices
- Ability to require encryption on Windows 8.1 (x86) devices
- Ability to set minimum classification of platform updates to be installed automatically on Windows 8.1 (x86) devices
Here is just a quick SQL query you can use to show how many of each model you have in your environment. I’ve got a Manufacturer filter on it, but you could remove that or modify as necessary.
2015 Is off to a great start, received my Microsoft MVP award for the 5th time.
Congratulations! We are pleased to present you with the 2015 Microsoft® MVP Award! This award is given to exceptional technical community leaders who actively share their high quality, real world expertise with others. We appreciate your outstanding contributions in Enterprise Client Management technical communities during the past year.
Recently was standing up a new site and decided to use SQL 2014. According to the support page, SQL 2014 is supported. It is supported to upgrade from SQL 2012 to SQL 2014, but not for new site installs.
However, if you use SQL 2014, you will encounter an error during the install process.
Additionally attempting to restore a site against SQL 2014 will cause errors as well, so another thing to take into consideration.
Also, WSUS isn’t fully supported on SQL 2014 with Server 2008 R2. So there’s another gotcha you’ll run into.
Couple key notes from that blog posting:
It is not supported to install a new Configuration Manager site with SQL Server 2014 installed.
The following software updates are required to use SQL Server 2014 to host the site database:
Cumulative Update 1 for System Center 2012 R2 Configuration Manager - http://support.microsoft.com/kb/2938441
System Center 2012 Configuration Manager SP1 – http://support.microsoft.com/kb/2923078. To apply this hotfix, you must have Cumulative Update 4 (http://support.microsoft.com/kb/2922875) for System Center 2012 Configuration Manager SP1 installed.
Windows Server Update Services (WSUS) 3.2 Server cannot be installed on Windows Server 2008 R2 SP1 and Windows Server 2008 SP2 with SQL Server 2014 installed. With this configuration, the Configuration Manager Software updates feature will not work correctly.
An update was released to stand alone Intune a few days ago. Here are the features there were updated/added to the November release. By now most accounts should be upgraded.
New Intune standalone features that will be released as part of this service update include:
- Enhanced user interface for Intune administration console
- Ability to restrict access to Exchange on-premises email based upon device enrollment
- Bulk enrollment of devices using a single service account
- Lockdown of Supervised iOS devices and devices using Samsung KNOX with Kiosk mode
- Targeting of policies and apps by device groups
- Ability to report on and allow or block a specific set of applications
- Enforcement of application install or uninstall
- Deployment of certificates, email, VPN and WiFi profiles
- Ability to push free store apps to iOS devices
- More convenient access to internal corporate resources using per-app VPN configurations for iOS devices
- Remote pin reset for Windows Phone 8.1 devices
- Multi-factor authentication at enrollment for Windows 8.1 and Windows Phone 8.1 devices
- Ability to restrict administrator access to a specific set of user and device groups
- Updated Intune Company Portal apps to support customizable terms and conditions
- Enhanced user interface for Intune Company Portal website
Recently had an issue with my lab where my HTTPS Software Update Point was throwing some errors.
The SMS_WSUS_Control_Manager was show that it was failing to monitor the WSUS Server.
WSUS Control Manager failed to monitor WSUS Server "CM04.LAB.LOCAL".
Possible cause: WSUS Server version 3.0 SP2 or above is not installed or cannot be contacted.
Solution: Verify that the WSUS Server version 3.0 SP2 or greater is installed. Verify that the IIS ports configured in the site are same as those configured on the WSUS IIS website.
On the actual server hosting the SUP, the WSUSCtrl.log was showing the following error: "…the request failed with HTTP status 401: Unauthorized"
The following Microsoft KB help me resolve the issue:
I used Method 2 since it was just my lab. Disabling the Loopback check. After making the necessary registry change, after restarting the server, everything was reporting correctly and the WSUSCtrl.log was coming up clean.
Issues that are fixed
- The Continue on error check box is not selected under Task Sequences when an Install Software step and a Virtual Application package are defined as the source. This affects only task sequences that are migrated from Configuration Manager 2007 to System Center 2012 Configuration Manager.
- The Task Sequence Agent (TSAgent) does not use the logging-related values that are set in the following registry subkey on a client computer:
- 2961924 A command-line action that has a linked package doesn’t start in System Center 2012 Configuration Manager
- 2923078 Reporting Services installation fails on System Center 2012 Configuration Manager Service Pack 1 that has SQL Server 2014 installed
- 2931044 Discovery Data Manager slows when it rebuilds .ncf files on startup in System Center 2012 Configuration Manager Service Pack 1
- Applications cannot be changed or copied after they are migrated from one System Center 2012 Configuration Manager site to another site. Messages that resemble the following are logged in the Distmgr.log file after you try to make changes:
Package <PkgID> is in Pending state and will not be processed
- 2952686 You cannot install an application by using stand-alone media in System Center 2012 Configuration Manager Service Pack 1
Configuration Manager client
- The SMS Agent Host service may stop unexpectedly in an environment that uses multiple overlapping boundary groups that are configured for automatic site assignment. The ScanAgent.log file contains an entry that resembles the following:
[FATAL ERROR] Invalid params exception was raised.
- When you view the Primary Device that is associated with a user, you may see other devices that have the same name, even if they are associated with a different user.
Recently caught some emails going around about recommended backup and maintenance plans as it relates to ConfigMgr. Also plenty of discussions around whether or not addition index optimization is required beyond the built-in Rebuild Indexes task that can be configured as part of the built-in Site Maintenance task.
As far as what I recommend and configure for the clients I work with. I use the recommendations from Steve Thompson a fellow MVP and former SQL MVP.
I would highly recommend you read through the above linked posts. The maintenance plan is what I use for backing up the CM database and supporting databases. I do not use the built-in backup task with ConfigMgr 2012.
If you are having issues with indexing or slow performance, then it’s a good idea to look into the index optimization recommendations as well.
2 Great articles by Aaron Czechowski that explain what’s changed in the new ADK update and how it relates to MDT and ConfigMgr.