Karin Bui
16 Apr 2024
Welcome to us Patrik Jonsson
1 min
Jörgen Nilsson
06 Mar 2020
2 min
A big ask and dream has been a Webbased admin portal for Configuration Manager for a long time. The new feature in Configuration Manager 2002.2 Technical Preview “Device sync and actions” is the first look at the feature promised and presented at Ignite in 2019. This new features is hopefully the start with more features to come. Right now it is limited to three actions:
Sync Machine Policy
Sync User Policy
App Evaluation Cycle
My hope is that in the future Servicedesk and technicians can use the DeviceManagement portal do to their daily tasks, no more need for them to learn and use the Admin Console. That would mean that we need many more features to achieve this but I hope we get there!
Testing out the new feature, there are some prerequisite like the user you use to log on to the DeviceManagement portal must be synced from AD to AAD and have permissions in the Admin Console. As it is a test environment I used of course Full Administrator permissions, all details on prerequisite can be found here: https://docs.microsoft.com/en-us/configmgr/core/get-started/2020/technical-preview-2002-2#bkmk_attach
So time to test out the new feature. in my environment I already had Co-Management configured, that is NOT a requirement though, the new feature will sync the devices to AAD so we can manage them there.
We start with enabling the new feature, it required a reboot after it was enabled or a restart of the SMS_EXECUTIVE would have been enough.
When that is complete we edit the properties of the Co-Management settings we have a shiny new option. “Configure upload” We can select which collection we want to upload, a good idea perhaps to exclude servers maybe, in my lab we are going all in!
It took a while for the devices to show up in the Device Management portal, you can track the progress in the CMGatewaySyncUploadWorker.log to see that devices are synced.
Once it is done we can now see all our devices in the DeviceManagement Portal as shown below. We can easily differentiate co-managed devices from non co-managed.
Now to the exciting part, how does it look? how fast is it?
When executing a task on a computer that is not Co-Managed we only have the three new actions as options. We get status back that the action is pending as soon as we initiate the task.
For a device that is co-managed we have many more options.
So how fast is it then.. Well checking the log files at the same time as initiating a “Sync Machine Policy” it takes maybe a second for the command to come down. Amazing!
This new feature is very very long awaited after Ignite and it shows some real promise fort the future of Microsoft Endpoint Manager where on-premise and cloud meet in a Hybrid match made in heaven. Really looking forward to follow the development of this new great feature!
Jörgen Nilsson
jorgen.nilsson@onevinn.se
