With Configuration Manager technical preview build, a bunch of Tenant attach features were released which will help you to take actions from the devices blade in the Admin center.
One of the coolest feature in this preview release is, we can now initiate an application install in real time for a tenant attached device from the Microsoft Endpoint Management admin center.
What do we need to do to install the application in Realtime from the admin center?
You'll need to meet all of the prerequisites for Tenant attach: ConfigMgr client details:
- An environment that's tenant attached with uploaded devices.
- One of the following browsers:
- Microsoft Edge, version 77 and later
- Google Chrome
- The user account has been discovered with both Azure Active Directory (Azure AD) user discovery and Active Directory user discovery.
- Meaning the user account needs to be a synced user object in Azure.
The following prereq are newly added, Inorder to initiate the application install from the admin center.
- Enable the optional feature Approve application requests for users per device. For more information, see Enable optional features from updates.
- At least one application deployed to a device collection with the An administrator must approve a request for this application on the device option set on the deployment. For more information, see Approve applications.
- User targeted applications or applications without the approval option set don't appear in the application list.
As you can in the application deployment settings, the deployment must be targeted to a device collection with purpose available and check ‘an administrator must approve a request for this application on the device’
You can now review the log for data upload.
When an admin runs an action from Microsoft Endpoint Manager admin center (intune console), the notification request is forwarded to Configuration Manager site, and from the site to the client.
- Open CMGatewaySyncUploadWorker.log from <ConfigMgr install directory>\Logs.
- The next sync time is noted by log entries similar to
Next run time will be at approximately: 30/05/2020 16:35:31.
- For device uploads, look for log entries similar to
Batching N records. N is the number of devices uploaded to the cloud.
- The upload occurs every 15 minutes for changes. Once changes are uploaded, it may take an additional 5 to 10 minutes for client changes to appear in Microsoft Endpoint Manager admin center.
In Technical preview, to install the app, we must right click on the device and choose admin center preview and initiate it from there.
When this feature release in current branch, we can directly open the MEM admin center portal (https://endpoint.microsoft.com) and perform the device actions.
For now, we need to open the admin center from the device tenant attached. From the configuration manager console, right click on tenant attached device, start and choose Admin center preview
If the Admin center preview is grayed out, then the device is not part of the tenant attach collection in co-management settings.
You will be prompted for authentication and you will see the following screen.
Click on applications to see the available apps that are ready to install on the device.
we have published an application to the device collection which can be initiated from the MEM admin center
Now go back to your configuration manager installation directory and open log CMGatewayNotificationWorker.log to see the status of the application install.
When an action is initiated from the Microsoft Endpoint Manager admin center on Configmgr client, CMGatewayNotificationWorker.log processes the request.
You will see the information about sending application request and also create approved request and more details about the request in the log.
Sending AdminService request with URL: https://sg-cmtp01.domain/AdminService/wmi/SMS_ApplicationRequest.CreateApprovedRequest
After a while, if you look at the client appenforce.log, the application installation is completed.
we can now go back to admin center and refresh the page to see the updated status as ‘Installed’.
After some days, if user uninstall the application, the status will be updated in the admin center with status ‘Install requested’ and you will get an option to Retry installation. By clicking on Retry installation, the app will get install on the device.
With this feature, we can now act on the user application deployment request from anywhere with 1 click using mobile without touching the Configuration manager console.