Starting in version Microsoft Endpoint Configuration Manager current branch 1910, we can use the optional feature called BitLocker management to manage BitLocker Drive Encryption (BDE) for on-premises Windows clients. It provides full BitLocker lifecycle management that can replace the use of Microsoft BitLocker Administration and Monitoring (MBAM). Configuration Manager doesn't enable this optional feature by default. You must enable this feature before using it. For more information, see Enable optional features from updates. Prerequisites to plan BitLocker management: · In version 1910, to create a BitLocker management policy, you need the Full Administrator role in Configuration Manager. · To integrate…
Author: Eswar Koneti
Use boundary groups in Configuration Manager to logically organize related network locations (boundaries) to make it easier to manage your infrastructure. You must Assign boundaries to boundary groups before using the boundary group. Clients use a boundary group for: Automatic site assignment To find a site system server that can provide a service, including: Distribution points for content location Software update points State migration points Preferred management points Cloud management gateway (starting in version 1902) Boundary group caching was introduced with the first version of Configuration Manager (ConfigMgr) Current Branch (CB): version 1511. For more information about boundary group caching…
Few months ago i blogged about How to install SCCM client using win32 apps in Intune for co-management and CMG .when you create a win32 app for ConfigMgr client with the command line switches as said in the blog post, ccmsetup.exe will always get the source files from CMG. The download of the client files from CMG happens due to the parameter /mp. This parameter will help client to download the content from the nearest distribution point. we want to avoid client to download client files from CMG and always use local source files (win32 app) that was downloaded from…
Microsoft Intune offers a policy-based protected browser which are intuned Managed Browser (retire soon) and Microsoft Edge mobile browser. Microsoft Edge delivers more compare to Intune managed browser and Edge is the future secure mobile browser for Microsoft Intune. The following are the feature comparison between Intune managed browser and Microsoft Edge. Microsoft Edge mobile browser does provide the additional security controls such as: Control In-Private browsing, Control personal accounts and browsing for allowed accounts only. Microsoft has announced the depreciation of Intune managed browser at the Ignite 2019 with the following deadlines. Retirement announcement: 6th Nov 2019 Intune will…
Microsoft has released update 1910 for SCCM which is now termed as Microsoft Endpoint Configuration Manager (#MEMCM) and is available as in-console update ONLY. You can apply this update on sites that runs on 1810 and later. For more information, please read If you want to install a new Configuration Manager site, you can download 1902 as a baseline from the volume licensing portal.For more information about how to perform in-console update for configuration manager update 1910, please refer hereAfter the in-console update, you need to manually upgrade any secondary sites by right click on the site and choose upgrade.You…
Microsoft released an update 1910 for Configuration Manager. This update is available as an in-console update and not a baseline version. You can apply this update on sites that run version 1806 (Min version 5.00.8692.0000) or later. If you want to install a new Configuration Manager, then you must use the baseline version which is 1902 and then perform an in-console update to receive update 1910. Recently, at Ignite 2019, Microsoft announced ,that they are integrating Microsoft Intune, Configuration Manager, and more into a single solution called Microsoft Endpoint Manager. For more information about Microsoft Endpoint Manager, please read here…
The Microsoft Store for Business (wsfb) is where you find and acquire Windows apps for your organization. When you connect the store to Configuration Manager, you then synchronize the list of apps you've acquired. View these apps in the Configuration Manager console, and deploy them like you deploy any other app. More information about Microsoft Store for Business, please read here Our users were trying to install some apps from the Microsoft store. when users try to install the apps from the store, it failed because of proxy issues. Microsoft Store on Windows 10 sign-in page goes through login.live and…
About an year ago, Microsoft announced Windows (Win32) app deployment using Intune, since then it has been improving with new additions/features. Intune standalone allows greater Win32 app management capabilities. While it is possible for cloud-connected customers to use Configuration Manager for Win32 app management, Intune-only customers will have greater management capabilities for their Win32 line-of-business (LOB) apps. For more information about Win32 App management, please read https://docs.microsoft.com/en-us/intune/apps/apps-win32-app-management A few days ago, I was troubleshooting an issue on the autopilot device for win32 apps and some of the apps will not install for various reasons. On windows, if app install is…