Skip to main content

Enterprise deployment of Windows 10 Deployment via System Center configuration Manager and Office 365

By
Enterprise deployment of Windows 10 Deployment via System Center configuration Manager and Office 365

In this blog I will discuss Windows 10 deployment as well as what has changed in System Center Configuration Manager. In addition servicing models for Windows 10, SCCM, and Office 365.

The latest version of SCCM has re-branded itself without a year designation i.e. SCCM 2012 R2.  It has rather adopted the SaaS model of Windows 10 and updates will flow down more frequently rendering the year in the title obselete. The new name is System Center Configuration Manager 1511 (current branch).  The 1511 designation implies that the the current branch is 2015 November.

Within the Configuration Manager console updates synchronise when the 'Service Connection Point' role is configured.  This role supports In-console updates for Configuration Manager infrastructure and clients, and replaces the following separate update methods previously understood within SCCM:
Service packs
Cumulative updates
Extensions for Microsoft Intune
Individual fixes

Office 365 servicing model is similar to Windows 10 in the fact that there is a Current Branch and Current Branch for Business release of updates.  Within SCCM it is possible to deploy these branches via SCCM + WSUS as a normal Windows update deployment package, making use of Distribution Points rather than clients directly connecting to the Internet.  Unfortunately the process to synchronize the update with WSUS is manual however, the effort is minimal. The link referenced below refers to the Technical release however,




References
Finding documentation is now a little harder since the year has been dropped. Please see useful links below.

ConfigMgr 1511 Supported Configurations
https://technet.microsoft.com/en-us/library/mt589499.aspx

Supported client counts and site system scale
https://technet.microsoft.com/en-us/library/mt589738.aspx

SQL requirements (CU requirements, collation requirements, etc)
https://technet.microsoft.com/en-us/library/mt589592.aspx

Recommended hardware specs for ConfigMgr
https://technet.microsoft.com/en-us/library/mt589500.aspx

SCCM 1511 – Step by Step Installation Guide
http://sccmentor.com/2015/12/27/sccm-1511-step-by-step-installation-guide/

Upgrade to Windows 10 with System Center Configuration Manager
https://technet.microsoft.com/en-us/library/mt426642(v=vs.85).aspx

Manage Office 365 client updates with System Center Configuration Manager
https://technet.microsoft.com/library/mt628083.aspx#BKMK_ImportUpdates


Labels:

Comments

Post a Comment

Popular posts from this blog

SCCM Unknown computer not able to see Task Sequences after installing Current Branch 1702

By
Soon after installing SCCM CB 1702 we were unable to see Task Sequences deployed to the unknown collection. This issue was identified as a random system taking the GUID of the 'x64 Unknown Computer (x64 Unknown Computer)' record. As a result it was now a known GUID; as we were only deploying Task Sequences to the Unknown collection none were made available. 'x64 Unknown Computer (x64 Unknown Computer)' record 'x86 Unknown Computer (x86 Unknown Computer)' record To get the GUID of your unknown systems open SQL management studio and run the following command: --Sql Command to list the name and GUID for UnknownSystems record data select ItemKey, Name0,SMS_Unique_Identifier0 from UnknownSystem_DISC Using the returned GUID (SMS_Unique_Identifier0) we can find the hostname that has been assigned the 'x64 Unknown Computer (x64 Unknown Computer)' GUID by running the query below. --x64 Unknown Computers select Name0,SMS_Unique_Identifier0,Decommissioned0 from Sys...
167 comments
Read more

KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932

By
This article outlines the protection against the publicly disclosed Secure Boot security feature bypass involving the BlackLotus UEFI bootkit (CVE-2023-24932). It includes steps to enable the necessary mitigations and provides guidance on creating bootable media. I will provide: - An overview of the CVE issue. - Pre-requisite actions within ADK. - Detection and remediation scripts for CVE-2023-24932. - Instructions for creating a WinPE Boot.wim file to support systems that have undergone remediation. - A breakdown of the files changed and how to boot WinPE to support systems before remediation. 1. Secure Boot Security Feature Bypass Vulnerability CVE-2023-24932 see MSRC CVE-2023-24932 is a security vulnerability involving the BlackLotus UEFI bootkit, which allows attackers to bypass Secure Boot protections. This vulnerability enables the execution of malicious code at the UEFI level, potentially leading to persistent and evasive threats. Mitigations for this issue include updates to th...
Post a Comment
Read more

Java 7 update 21 (1.7.0_21) Enterprise Repackaged Security Medium Deployment with SCCM

By
------------------------------------------------------------------------------------------------- Java 7 update 45 Enterprise deployment complete walk through http://www.syswow64.co.uk/2013/10/java-7-update-45-enterprise-deployment.html -------------------------------------------------------------------------------------------------- The issue on many blogs and articles is around creating the 'deployment.config' and 'deployment.properties' files for an enterprise deployment.  In my case i wanted to set the security level to 'Medium', but everytime I open the Java control panel it was set to the default HIGH setting. Solution 1 Create the following directory path 'C:\Windows\sun\java\deployment' 2 Create a file called 'deployment.config' in this directory and open with Notepad. Copy the two line below #################### deployment.system.config = file\:\\C\:\\WINDOWS\\Sun\\Java\\Deployment\\deployment.properties deployment.system...
15 comments
Read more