SCCM – Current Branch

What’s New and Why You Should Upgrade

Cass Drew
SCCM Architect
Dentons

Cass is an IT professional with over 17 years of experience who

specializes in systems management with an emphasis on System
Center Configuration Manager. He started working with the product
when it was known as Systems Management Server 2.0 and has
worked with environments from 500 to 150,000 Windows clients. Prior
to his current position as SCCM Architect at Dentons, Cass was a
Premier Field Engineer at Microsoft helping enterprise customers get
the most out of their SCCM environments and keeping them running
optimally.
 • Current Branch
– General Info
– New Features

• New ideas for task sequences

• Items that might help you

Overview manage your environment

• Questions
What Is SCCM Current Branch

• New model for delivering SCCM releases

• Introduced in December 2015
• Similar to the release model being used for Windows 10
• New features and improvements in each release
• Some features can be pre-release
• Multiple releases per year
Biggest Reason to Upgrade: Support
• SCCM 2007
– Out of mainstream support – Extended support ends 9/2019
• SCCM 2012
– Out of mainstream support – Extended support ends 7/2022
• New support model for current branch
– Security & Critical Updates Phase: available until next release
– Security Updates Phase: after new version releases
– CB versions are supported for one year after general availability
New Features
• Windows 10 Servicing
– View state of Windows 10
– Create servicing plans
– View versions near end of life
• Office 365 Updates
– Supports O365 channel model
– Enabled on client with COM object
• Improved Software Center
– Cleaner look
– More logical layout
 • Preferred Management Points
– Not necessarily new but good example of
user feedback
• Client cache management
– Part of Client Settings
• On demand switching of Software Update
Point
• Content Library Cleanup Tool
New Features – Command line tool to remove orphaned
content
Continued
– “What if” mode identifies content that
would be deleted
• Increased InTune Functionality
– Major focus of development moving
forward
Pre-release Feature: Peer Cache
• Allows clients to share content in cache with other local
clients
• Useful for locations with no server infrastructure available
for distribution points
• Not subnet limited like BranchCache
• Uses boundary groups for content locations
• Managed from Client Cache Settings
Pre-release Feature: Cloud Management
Gateway
• Provides management for internet based clients
• Removed the need for infrastructure in DMZ
• Uses Cloud Management Gateway Connection Point to
connect clients with on premise SCCM
• Requires Azure Subscription
• Another strategy for managing the “always remote” client
Upgrade Paths

• SCCM 2007: re-architect and implement

– Most organizations need only a single site
• SCCM 2012 : upgrade to version 1606 using “traditional”
method and then use the console to upgrade to 1702
• Server 2008/R2 is deprecated OS for SCCM site systems
– Do not implement any new systems with 2008/R2
– Make plans to remove current site systems from environment
Client Upgrades
• Client upgrade feature is preferred and easiest method
• Ability to designate new client version as pre-production and
deploy it to a test collection
• Ability to exclude collections from upgrade when new version
is promoted to production
• Increase the number of days the upgrade occurs across to
alleviate concerns about strain on the environment
 • Windows 10 Goal: reduce
imaging time
• Looked at different ways to
achieve this and retain flexibility
of thin WIM
• Investigated steps that took
Adding Efficiency longest
to Task Sequence – Applying the WIM
– Software Updates
– Driver Installation
New Driver • Create software package
Installation – No need to import
Method – Reduces storage space
• Driver Install Process
– PowerShell script reads xml and
WMI & determines package
– TS downloads drivers to the local
disk
– Use DISM to inject drivers into the
image
 New Driver Installation
Method
• Create software package
– No need to import
– Reduces storage space
• Driver Install Process
– PowerShell script reads xml and WMI & determines
package
– TS downloads drivers to the local disk
– Use DISM to inject drivers into the image
Advantages of New Driver Method
• Very quick – usually takes 2-3 minutes to complete
• Allows us to add new models quickly
• Eliminates the need to edit the task sequence whenever you
have a new model
• After implementing WMI filter, XML file is automatically
updated and sent to distribution points
• Reduces administrative overhead of importing drivers
 Used Same Method to
Perform BIOS Updates
• Create software package for BIOS
• BIOS Update Process
– PowerShell script reads xml and compares version in
file against local version
– TS downloads BIOS update to the local disk
– Copies Dell 64 bit flash utility
– Runs the BIOS update
– Restarts the system
 • Very underused feature
• Use Compliance
– Assess system readiness
– Security concerns (Bitlocker, unsafe plug-
ins)
– With scripts there are endless possibilities!
– Auto-remediation for some settings
Compliance • Create Configuration Items and bundle them
Items and into baselines

Baselines • Most admins immediately think inventory

when looking for data
• Do I really want inventory or do I just want to
know its compliant?
• Easy to create non/compliant collections
• Backbone of other features
PS App Deploy Toolkit
• Software deployment centric
• Powershell based
• Simplifies installations that may
need a wrapper
• User friendly
– Deferrals
– Closes applications
 • Get on current branch
• Keep up with client updates
• Remove Server 2008/R2 from
SCCM environment
• Use Windows 10 as an
opportunity to streamline TS
• Take another look at In Tune
Tips/Takeaways
• Submit feedback via User Voice
– Pipeline to developers
– Can access directly from console
Questions