SCCM 2002 Technical Preview

SCCM 2002 Technical Preview.

In this technical preview added the following improvements to Orchestration Groups:

• Clear the state, such as *Complete or Failed, for an Orchestration Group member so you can rerun the orchestration.
  • Right-click on the Orchestration Group member and select Reset Orchestration Group Member.
• Start some basic operations like Resource Explorer and Enable Verbose Logging for selected members.
• Updates requiring restarts now work with orchestration.

This preview release also includes:

Evaluate software updates after a servicing stack update

Configuration Manager now detects if a servicing stack update (SSU) is part of an installation for multiple updates. When an SSU is detected, it’s installed first. After install of the SSU, a software update evaluation cycle runs to install the remaining updates. This change allows a dependent cumulative update to be installed after the servicing stack update.

Disconnected WSUS support for Office 365 updates

You can use a new tool to import Office 365 updates from an internet connected WSUS server into a disconnected Configuration Manager environment.

Improvements to Microsoft Edge management

You can now create a Microsoft Edge application that’s set up to receive automatic updates rather than having automatic updates disabled. This change allows you to choose to manage updates for Microsoft Edge with Configuration Manager or allow Microsoft Edge to automatically update.

Proxy support for Azure Active Directory discovery and group sync

The site system’s proxy settings, including authentication, are now used by:

• Azure Active Directory (Azure AD) user discovery
• Azure AD user group discovery
• Synchronizing collection membership results to Azure Active Directory groups

Log files

• SMS_AZUREAD_DISCOVERY_AGENT.log

Improvements to BitLocker management

The BitLocker management policy now includes additional settings, including policies for fixed and removable drives:

• Global policy settings on the Setup page:
  • Prevent memory overwrite on restart
  • Validate smart card certificate usage rule compliance
  • Organization unique identifiers
• OS drive settings:
  • Allow enhanced PINS for startup
  • Operating system drive password policy
  • Reset platform validation data after BitLocker recovery
  • Pre-boot recovery message and URL
  • Encryption policy enforcement settings
• Fixed drive settings:
  • Fixed data drive encryption
  • Deny write access to fixed drives not protected by BitLocker
  • Allow access to BitLocker fixed data drives from earlier versions of Windows
  • Fixed data drive password policy
  • Encryption policy enforcement settings
• Removable drive settings:
  • Removable drive data encryption
  • Deny write access to removable drives not protected by BitLocker
  • Allow access to BitLocker protected removable drives not protected by BitLocker
  • Removable drive password policy
• Client management settings:
  • User exemption policy
  • Customer experience improvement program

BitLocker management known issues

• The following new settings don’t work in this technical preview version:
  • Fixed drive settings: Deny write access to fixed drives not protected by BitLocker
  • Removable drive settings: Deny write access to removable drives not protected by BitLocker
  • Client management policy: Customer experience improvement program
• BitLocker reports don’t work in this release

Additional improvements to task sequence progress

Based on continued feedback from the community, this release includes further improvements to task sequence progress. Now the count of total steps doesn’t include the following items in the task sequence:

• Groups. This item is a container for other steps, not a step itself.
• Instances of the Run task sequence step. This step is a container for other steps, so are no longer counted.
• Steps that you explicitly disable. A disabled step doesn’t run during the task sequence, so is no longer counted.

Improvements to the ConfigMgr PXE Responder

The ConfigMgr PXE Responder now sends status messages to the site server. This change makes troubleshooting operating system deployments easier.

Token-based authentication for cloud management gateway

This feature appears in the What’s New workspace of the Configuration Manager console for the technical preview branch version 2002, but it released with version 2001.2.

General known issues

Can’t delete collections

In this version of the technical preview branch, you can’t delete collections.

To work around this issue, use the following Configuration Manager PowerShell cmdlet to delete collections:

• Remove-CMCollection