In this article, we will look at the top 7 SCCM 2207 new features that can be used right away after upgrading to version 2207. The SCCM 2207 release includes many new features and improvements over the previous release.
The update 2207 for Microsoft Endpoint Configuration Manager current branch is now available. You are eligible to upgrade to version 2207 if you are running SCCM version 2103 or later. Refer to the following SCCM 2207 step-by-step upgrade guide that takes you through all the upgrade steps.
After you upgrade Configuration Manager to version 2207, you must update the client agents to the latest version to get new features. The new features of SCCM 2207 will work only when the client agents are at the latest version, which is 5.00.9088.1007.
You can use the automatic client upgrade, an option available in the Client Upgrade tab of the site hierarchy settings. By selecting this option, the client agents will be updated to the most recent version within the specified number of days.
SCCM 2207 New Features & Fixes
The SCCM current branch version 2207 also includes fixes and improvements in addition to a number of new features. Most of these new features were first introduced in the ConfigMgr technical preview versions.
In this article, I will cover the seven best new features in the Configuration Manager 2207 release. For official documentation on 2207 new features, check out what’s new in version 2207 of Configuration Manager current branch.
1. New Enhanced security for Configuration Manager administration service
When configuring Azure Services for Configuration Manager, a new option “Administration Service Management” has been added for enhanced security. Selecting this option allows administrators to segment their admin privileges between cloud management and administration service.
By enabling this option, access is restricted to only administration service endpoints. Configure Administration Service Management to enhance security of the Administrative Service Azure AD endpoints.
2. Simplified Application Deployment Approval
An administrator can now approve or deny the request for deploying an application on a device from anywhere they have internet access by selecting a link in the email notification. This new feature in Configuration Manager 2207 requires admins to manually add the CMG URL in the Azure Active Directory app as single page application redirect URI.
The application workflow can be approved through email. Manually add the CMG URL as the single page application redirect URI in the Azure Active Directory app for application approval by email.
3. Include and prefer a cloud source for a management point in a default boundary group
Starting in SCCM 2207, you can add options via PowerShell to include and prefer cloud sources. For instance, you can set the CMG as the preferred management point for the clients in the default boundary group.
Using PowerShell, you can now include and prefer CMG management points for the default site boundary group. You can use the Set-CMDefaultBoundaryGroup cmdlet to modify the properties of a default site boundary group.
The Set-CMDefaultBoundaryGroup command has the following syntax.
Set-CMDefaultBoundaryGroup [-IncludeCloudBasedSources ] [-PreferCloudBasedSources ]
- IncludeCloudBasedSources: Specify whether admin wants to include the cloud-based sources in the management point list for the clients in default site boundary group.
- PreferCloudBasedSources: Specify whether admin would like to prefer the cloud-based sources in the management point list for the clients in default site boundary group. On selecting this option, cloud-based servers will be given preference by the clients.
4. Organize ADRs with folders
Starting in Configuration Manager 2207, Microsoft has improved the manageability of automatic deployment rules (ADRs). You can now organize ADRs with folders.
Automatic Deployment Rules (ADRs) in Configuration Manager have the ability to automatically approve updates and deploy them. Learn how to create SCCM ADRs to deploy updates.
By organizing the ADRs into separate folders, it helps you with better categorization and management of ADRs across your organizational hierarchy by having a structured view across your phased deployments. Folders for ADRs in Configuration Manager can also be created with PowerShell cmdlets.
For example, you can create folders for different categories, such as Windows 10, Windows 11, and Windows Server ADRs.
5. Enhanced Control over Monthly Maintenance Windows
Starting in SCCM 2207, a new feature for ADR allows enhanced control over monthly maintenance windows. Microsoft has enhanced monthly maintenance windows scheduling. You can now set monthly maintenance window schedules to better align deployments with the release of monthly software updates by configuring offsets.
For example, when you define a maintenance schedule, you can define an offset of two days after the second Tuesday of the month, which sets the maintenance window for Thursday.
6. Configuration Manager console Improvements
One of the SCCM 2207 new features include improvements to the Configuration Manager console.
- When performing a search on any node in the console, the search bar will now include a Path criteria to show that subfolders in the node are included in the search. The path criteria are informational and can’t be edited.
- By default, all subfolders will be searched when you perform a search on any node that contains subfolders. You can narrow down the search by selecting the “Current Node” option from the search toolbar.
- The dark theme for Configuration Manager console has been available as a pre-release feature since 2203. In Configuration Manager 2207, Microsoft has extended the dark theme to additional components such as buttons, context menus, and hyperlinks. You must enable this pre-release feature to experience the dark theme.
7. Granular Control over Compliance Settings Evaluation
You can now define a Script Execution Timeout (seconds) when configuring client settings for compliance settings. The timeout value can be set from a minimum of 60 seconds to a maximum of 600 seconds. This new setting allows you more flexibility for configuration items when you need to run scripts that may exceed the default of 60 seconds.