Менеджер конфігурації System Center Current Branch Update 1710.
One of the key features in the 1710 release is co-management:
Starting with the Anniversary Update (червень 2016), a вікна 10 device can be joined to on-premises Active Directory (AD) and cloud-based Azure AD at the same time. Co-management takes advantage of this improvement and enables the device to be managed by both the ConfigMgr agent and Intune MDM. This allows organizations to move specific workloads of their management to the cloud – making the transition in manageable chunks. Наприклад, customers can transition device compliance checks, resource access policies, або вікна 10 update management from ConfigMgr to Intune while continuing to use ConfigMgr for other workloads such as software distribution and deep device security configuration.
Some of the enhancements that are available in this update:
Microsoft 365 Adoption
- OS Deployment support for вікна 10 version 1709 – You can now upgrade to the latest вікна 10 ADK version 1709 to deploy the latest вікна 10 будувати.
- Configure and deploy вікна Defender Application Guard policies – You can now create and deploy вікна Defender Application Guard policies to вікна 10 clients that help protect your users by opening untrusted websites in a virtualized browser.
- Improvements to policies for вікна Defender Application Control – You can now authorize software that is trusted by the Intelligent Security Graph as part of вікна Defender Application Control (previously Device Guard).
- вікна Defender Exploit Guard – You can now configure the вікна Defender Exploit Guard policy that provides intrusion prevention rules and policies that make vulnerabilities more difficult to exploit in вікна 10.
Streamlined Infrastructure
- Support for next-generation certificates – Most client-facing site roles can now use next-generation certificates (or CNG from version 3 templates).
Modern Management
- Co-management – You can now enable co-management which helps you to streamline the journey to modern management in a controlled and iterative way. вікна 10 devices can be concurrently managed by Менеджер конфігурації and Intune as well as joined to Active Directory (AD) and Azure Active Directory (Azure AD). This enables a practical way for you to transition the management to Intune and Azure AD over time.
- Check compliance for co-managed devices from Центр програмного забезпечення when device compliance is managed by Intune – Users can now use Центр програмного забезпечення to check the compliance of their co-managed вікна 10 devices when device compliance is enforced by Intune.
Configuration Manager connected with Microsoft Intune
- Device Health Attestation assessment for compliance policies for conditional access – Use Device Health Attestation status as a compliance policy rule for conditional access to company resources.
- New compliance policy actions – You can now configure actions for compliance policies. These actions include setting a grace period for devices that are noncompliant before they lose access to company resources and creating emails to be sent to users with noncompliant devices.
- App Protection settings to block printing and contact Sync – Additional settings have been added to block printing and contact sync on applications enlightened with Intune App Protection.
- Improved VPN profile experience in Консоль Configuration Manager – VPN profile settings are now filtered according to the platform. When creating new VPN profiles, each supported platform workflow contains only the settings appropriate for the platform. Existing VPN profiles are not affected.
- Mobile device management support for ARM64 devices running вікна 10 – вікна 10 MDM scenarios will be supported for ATM64 devices once these devices are available.
Customer Feedback
- Run Task Sequence step – This is a new step in the task sequence to run another task sequence, which creates a parent-child relationship between two task sequences.
- Allow up to 512×512 pixel icons for application in Центр програмного забезпечення – You can now deploy apps with up to 512×512 pixels icons to display in Центр програмного забезпечення.
- Центр програмного забезпечення customization – You can now add enterprise branding elements and specify the visibility of tabs in Центр програмного забезпечення. You can add a Software Center-specific company name, set a color theme, set a company logo, and set the visibility of tabs for client devices
- Improved descriptions for pending computer restarts – The reason for a pending computer restart is posted.
- Create and run PowerShell scripts – You can now create and run scripts with optional parameters, configure security scopes, and monitor script results.