“The Documentation Library for System Center 2012 Configuration Manager and Configuration Manager 2007 Documentation Library have been updated on the web and the latest content has Updated: November 1, 2012 at the top of the topic.
These updates include prerelease documentation to support System Center 2012 Configuration Manager SP1, updates for the release version of System Center 2012 Configuration Manager, and updates for Configuration Manager 2007.
This month sees three particularly important doc updates:
- The initial publication of the Windows PowerShell cmdlets for System Center 2012 Configuration Manager SP1. Expect more to follow.
- Information about upgrading System Center 2012 Configuration Manager to Service Pack 1 and interoperability information. Upgrade remains unsupported until Service Pack 1 releases, but we’ve included information now to help you plan.
- Some planning information for the “Bring Your Own Device” (BYOD) scenario that you’ve been hearing about for Service Pack 1, by using Windows Intune with Configuration Manager. Expect more “how to” information for this in our next publication. This functionality also remains unsupported until Service Pack 1 releases.
As always with our documentation, we write for the intended release version of the product, which might not match a prerelease version of Configuration Manager that you have for testing.
If you have questions or feedback about the documentation, you can contact us by using our usual email address of SMSDocs@Microsoft.com.
What’s New in the Documentation Library for System Center 2012 Configuration Manager, November 2012
The following information lists the topics that contain significant changes since the October 2012 update.
- Updated for the following information:
- A new section for site system role prerequisites on Windows Server 2012, supported in Configuration Manager SP1: Prerequisites for Site System Roles on Windows Server 2012.
- A list of web browsers that are supported for the Application Catalog.
- Clarification that secondary site servers are not supported on domain controllers.
- The maximum supported number of packages on a distribution point is 10,000.
- Clarified that a reporting services point can use an instance of SQL Server that hosts other processes, including the site database.
- Removed BITS server extensions as a prerequisite for distribution points.
- Tips for installing the Configuration Manager client with a reduced footprint, which is often required for Windows Embedded devices.
- Supported maximum numbers of Mac computers and Windows Embedded devices for a primary site.
- Mobile devices that can be enrolled by using the Windows Intune connector.
- Updated throughout for most sections.
- Updated for Configuration Manager SP1 information, for example, site expansion if you install a stand-alone primary site and later decide that you need additional primary sites.
- New topic to help you plan to upgrade System Center 2012 Configuration Manager to Configuration Manager SP1. This topic includes an upgrade checklist and information about the automatic actions taken by Configuration Manager during an upgrade, and those that you must do yourself after upgrading a site.
- Updated for a new entry for a SQL Server cluster (specific certificate requirements) and information about the PKI certificates that Windows Intune automatically generates in Configuration Manager SP1 for the Windows Intune connector and mobile devices.
- Updated for the new best practice to not run Active Directory Forest Discovery at multiple sites when you plan to automatically create boundaries from the discovery data, because this can create duplicate boundary objects.
- Updated for the information that when you use cloud-based distribution points in Configuration Manager SP1, clients on the Internet that are given content locations that include Internet-based distribution points do not fall back to use a cloud-based distribution point if the Internet-based distribution points are not accessible.
- Updated for the information that you must not install a System Center 2012 Configuration Manager management point on a computer that runs the Configuration Manager 2007 client.
- Updated for the following information:
- In Configuration Manager SP1, you must disable distributed views for all primary sites before you uninstall from the hierarchy a primary site that uses distributed views.
- You can configure the SQL Server service port to be a non-default TCP port in Configuration Manager SP1.
- The required permissions to run Setup for several of the site installation procedures.
- For the unattended installation of a central administration site or primary site:
- Clarification that some switches for modifying client and server languages at the site are valid only when you modify an existing site, and not when installing a new site.
- Corrections for some switches that were listed as required but are optional.
- Updated for new information about refreshing the Kerberos tickets for computers when you install a site system on a computer other than the site server when the site server is on a domain controller. In this scenario, the new site system role doesn’t complete installation until either the Kerberos ticket refreshes, or the computer with the site system role reboots (which refreshes the Kerberos ticket).
- Added a new section for uninstalling a database replica. In addition:
- Added the information that after you restore a site database that was configured for database replicas, you must reconfigure those database replicas.
- Updated the “Configuring the Database Replica Server” section to include information that the SQL Server service on the replica database server must run as the System account.
- New topic that contains information about how to upgrade from System Center 2012 Configuration Manager with no service pack to Configuration Manager Service Pack 1.
- New topic that contains information (previously published in a different topic) about interoperability between System Center 2012 Configuration Manager and Configuration Manager 2007. The topic also contains new information about interoperability between sites with different service pack versions in System Center 2012 Configuration Manager – for example, running a System Center 2012 Configuration Manager hierarchy that contains sites with no service pack and one or more sites with Service Pack 1.
- Updated to add a new section, “Using Data Protection Manager to Back up Your Site Database” and updated the “Recover a Secondary Site” section.
- Updated to add the section “Supported SQL Server Versions for the Reporting Services Point”.
- Updated to add the section “Reporting Services Security Roles for Configuration Manager”.
- Updated for Configuration Manager SP1.
- Updated for cloud-based distribution points and the Windows Intune connector in Configuration Manager SP1.
- Updated for log files related to Mac computers and for Linux and UNIX servers.
- Updated for the latest privacy information for Configuration Manager SP1.
- Updated for the following clarifications:
- Software metering rules that you migrate lose their association to clients at a site in System Center 2012 Configuration Manager, and must be reapplied to clients after migration.
- Boot images you migrate from Configuration Manager 2007 that are on shared distribution points cannot be accessed by clients in the System Center 2012 Configuration Manager hierarchy.
- Updated for the exact version of Silverlight 5 that is used in Configuration Manager SP1, and a warning that the .NET Framework 4 installation might require a computer restart before installation completes.
- Updated the client push procedures that support supplying some CCMSetup properties in Configuration Manager SP1, in addition to the Client.msi properties.
- Updated to include the new UI changes for Configuration Manager SP1.
- Updated to clarify that the new Configuration Manager SP1 options for Retire are only for mobile devices that are enrolled by Windows Intune.
- Updated for the following:
- Added information for the Background Intelligent Transfer group settings.
- Updated the Client Policy: Enable user policy polling on clients for the new restriction in Configuration Manager SP1 that if this setting is not enabled, users cannot install applications from the Application Catalog.
- Added important note to the Metered Internet Connections settings that software installations are always permitted when a user initiates them from Software Center or the Application Catalog.
- Added the section for the Enrollment group settings for Configuration Manager SP1, which replaces theMobile Devices group settings in Configuration Manager with no service pack.
- Corrected the information for the SMSCACHESIZE value that previously said you couldn’t specify a value lower than the default of 5120 MB. On a newly installed client, you can specify a value as low as 1 MB. However, on a reinstalled client, you can’t specify a value lower than the previously specified value.
- Updated for Configuration Manager SP1, which includes information about automatic client upgrade, Windows Embedded devices, Mac computers, and mobile devices that are enrolled by Windows Intune.
- Updated for cloud-based distribution points in Configuration Manager SP1.
- Clarified that the Configuration Manager client on Mac computers and on Linux and UNIX servers do not support the Application Catalog or Software Center.
- New topic for Configuration Manager SP1 that contains planning information to help you deploy Windows 8 apps to computers in your hierarchy.
- New topic that contains planning information to help you deploy virtual applications by using Configuration Manager.
- Updated to clarify that for Configuration Manager SP1, users must have a valid Windows Store account to install an App from the Windows Store. This information is also added to How to Create Deployment Types in Configuration Manager.
– Updated for information about the new Configuration Manager SP1 option Allow clients on a metered Internet connection to download content after the installation deadline, which might occur additional costs.
- Updated with the information that if the Windows Event Log rolls over, automatically generated user device affinities might not work.
- Updated with the information that in Configuration Manager SP1, users from another domain can, by default, access the Application Catalog. In Configuration Manager with no service pack, you have to explicitly grant permissions for these users.
- Updated for the following:
- The security best practice to select applications in the virtual environment that have the same trust level when you configure App-V virtual environments.
- The security best practice to secure the location of the .cmmac file and the communication channel when you import this file into Configuration Manager for application deployment to Mac computers.
- Privacy information for the Application Catalog approval information.
- Security issues that App-V pacakges are not signed and published App-V applications can be installed by all users on the computer.
- Updated to add information about the new software update point functionality in Configuration Manager SP1.
- Updated to add a new section, “Software Update Points in Configuration Manager SP1”.
- Updated with a new structure that supports both Configuration Manager with no service pack and Configuration Manager SP1.
- Updated the “Dependencies External to Configuration Manager” section to include new dependencies for Configuration Manager SP1.
- Updated the section “Windows Deployment Service and Dynamic Host Configuration Protocol (DHCP)” to add that the UDP port 68 might be required if DHCP authorization is required on the server.
- Added information about a new setting that allows you to configure the Windows PE scratch space.
- New topic that provides information about deploying operating systems when you have different versions of Configuration Manager running on sites in your hierarchy.
- Updated to change the OSDDomainName and OSDDomainOUName action variables to OSDJoinDomainName and OSDJoinDomainOUName in the “Join Domain or Workgroup Task Sequence Action Variables” section.
- Updated to add the SMSTSAssignmentsDownloadInterval and MSTSAssignmentsDownloadRetry variables.
- Updated for the following security improvements in Configuration Manager SP1:
- The state migration point now authenticates clients by using a Configuration Manager token that is issued by the management point.
- To help protect bootable media, the content is now hashed and must be used with the original policy. If the content hash fails or the check that the content matches the policy fails, the client will not use the bootable media.
- Updated to add a link to the new Microsoft Configuration Pack for System Center 2012 Configuration Manager.
- Updated for the following security best practices:
- Do not configure compliance rules that use data that can be modified by end users.
- Secure the communication channel when you browse to a reference computer.
- New topic that contains information about how to configure update sources for Endpoint Protection definitions.
- Updated for the clarification that the Percentage of computers with malware detected count excludes computers that do not have the Configuration Manager client installed. It does include computers that do not have the Endpoint Protection client installed.
- Updated for new information about exclusion settings that you can use to prevent folders from being scanned by Endpoint Protection.
- Updated for new information about the available management tasks to remediate detected malware.
- Added a new section called “Malware Alert Levels”, which contains a description of the various malware alert levels that you might see in the console and reports.
- Updated for an entry about the risks and implications of users having local administrative privileges when their computers run the Endpoint Protection client.
- Updated for Configuration Manager SP1 terms.
- New section in the Technical Publications node that contains the Windows PowerShell topics for Configuration Manager cmdlets and about topics for the Configuration Manager cmdlets. Note that although the Configuration Manager SP1 Cmdlet Reference topic itself is blank, expand it in the table of contents to see a list of the cmdlets currently published.
- Updated questions and answers include:
- How can I create a collection that contains only Mac computers, or only Linux servers?
- Why might there be differences between a client’s assigned, installed, and resident site values when I look at the client properties in the Configuration Manager console?
- Can I install the Configuration Manager client on my Windows Embedded devices that have very small disks?
- Where is the documentation for the Configuration Manager client for Mac Computers?
- Where is the documentation for the Configuration Manager client for Linux and UNIX?
- If the same application is deployed to a user and a device, which one takes priority?
- Why do I see an error message about insufficient permissions from a Windows Embedded device when I try to install software from Software Center?
What’s New in the Configuration Manager 2007 Documentation Library for November 2012
The following information lists the topics that contain significant changes since the September 2012 update.
- Updated for support for Windows 8 (Pro and Enterprise editions) and Windows Server 2012 (Standard and Datacenter editions) as Configuration Manager clients. This information was previously published on theConfiguration Manager team blog.
Note the following:
- Neither Windows 8 nor Windows Server 2012 is supported to host a site system role.
- There is an optional hotfix available for download that adds support for these operating systems to the supported platforms list for several features.
- Updated to correct the number mapping for the compliance severity levels.
This posting is provided “AS IS” with no warranties and confers no rights.“