Friday, April 8, 2022

Update 2203 for Microsoft Endpoint Configuration Manager current branch is now available

Update 2203 for Microsoft Endpoint Configuration Manager current branch is now available.  In this release we have focused on improvements to the way that you use Configuration Manager. One of the exciting new features is the content distribution status visualizer. With it you can now monitor content distribution path and status in a graphical format.



The graph shows distribution point type, distribution state, and associated status messages. This visualization allows you to more easily understand the status of your content package distribution. It helps you answer questions like:

  • Has the site successfully distributed the content?
  • Is the content distribution in progress?
  • Which distribution points have already processed the content?

For more information, see Visualize content distribution status.


This release also includes:


Cloud-attached management

Prefer cloud-based software update points - Clients now prefer to scan against a cloud management gateway (CMG) software update point (SUP) over an on-premises SUP when the boundary group uses the Prefer cloud based source over on-premises source option. To reduce the performance impact of this change, existing clients don't automatically switch to a cloud-based software update point.


Site infrastructure

Improvements to Power BI Report Server Integration - We've made the following improvements for Power BI Report Server integration:

  • You can now use Microsoft Power BI Desktop (Optimized for Power BI Report Server) versions that were released after January 2021

  • Configuration Manager now correctly handles Power BI reports saved by Power BI Desktop (optimized for Power BI Report Server) May 2021 or later.

Exclude data warehouse reporting tables from synchronization - When you install the data warehouse, it synchronizes a set of default tables from the site database. These tables are required for data warehouse reports. While troubleshooting issues, you may want to stop synchronizing these default tables. Starting in this release, you can exclude one or more of these required tables from synchronization.


Improvements to Management Insights – The following improvements have been made to management insights:

  • A new management insights group was added to Management Insights. The Deprecated and unsupported features group contains rules that will help you manage and remove deprecated features. The prerequisite checker will also check for deprecated and unsupported features during site installs and upgrades.

  • A new rule for detecting Windows Server 2012 and 2012 R2 was added to the Proactive Maintenance group.


Client management

Deployment Status client notification actions - You can now perform client notification actions, including Run Scripts, from the Deployment Status view.



Delete collection references - Previously, when you would delete a collection with dependent collections, you first had to delete the dependencies. The process of finding and deleting all of these collections could be difficult and time consuming. Now when you delete a collection, you can review and delete its dependent collections at the same time.


Software updates

LEDBAT support for software update points - You can now enable Windows Low Extra Delay Background Transport (LEDBAT) for your software update points. LEDBAT adjusts download speeds during client scans against WSUS to help control network congestion.


Pre-download content for available software updates - You can now pre-download content for software updates that are included in available deployments. Required deployments already pre-download content by default. Enabling this new setting reduces installation wait times for clients since installation notifications won't be visible in Software Center until the content has fully downloaded.


Customize maximum run time for other software update types - Previously, software updates that didn't belong to the following update categories defaulted to a maximum run time of 60 minutes (or 10 minutes prior to version 2103):

  • Windows feature updates

  • Windows non-feature updates

  • Office 365 updates

You can now customize the maximum run time for all other software updates, which includes third-party updates.


ADR scheduling improvements for deployments - The Software available time and Installation deadline for deployments created by an automatic deployment rule (ADR) are now calculated based on the time the ADR evaluation is scheduled and starts. Previously, these times were calculated based on when the ADR evaluation completed. This change makes the Software available time and Installation deadline consistent and predictable for deployments.


Added folder support for nodes in the Software Library - You can now organize software update groups and packages by using folders. This change allows for better categorization and management of software updates.


Alerts for orchestration groups - If an orchestration group fails, an alert is now displayed in in Monitoring > Alerts > Active Alerts.


Operating system deployment

Escrow BitLocker recovery password to the site during a task sequence - You can now configure the Enable BitLocker step of a task sequence to escrow the BitLocker recovery information for the OS volume to Configuration Manager. Previously, you had to escrow to Active Directory, or wait for the Configuration Manager client to receive BitLocker management policy after the task sequence. This new option makes sure that the device is fully protected by BitLocker when the task sequence completes, and that you can recover the OS volume immediately.


Custom icon support for task sequences and packages - Previously, task sequences and legacy packages would always display a default icon in Software Center. Based on your feedback, you can now add custom icons for task sequences and legacy packages. These icons appear in Software Center when you deploy these objects. Instead of a default icon, a custom icon can improve the user experience to better identify the software.


Application Management

Improvements to implicit uninstall - If you deploy an application or app group to a user collection that's based on a security group, and you enable implicit uninstall, changes to the security group are now honored. When the site discovers the change in group membership, Configuration Manager uninstalls the app for the user that you removed from the security group.


Community hub

Delete a contribution you made to Community hub - You can now delete contributions you've made to the Community hub.


Search filter list - The console now displays a list of filters you can use when searching the Community hub


Configuration Manager console

 Dark theme for the console - The Configuration Manager console now offers a dark theme.


 Improvements for sending feedback

  • You now have the ability to connect feedback you send to Microsoft through the Configuration Manager console to an authenticated Azure Active Directory (Azure AD) user account or Microsoft Account (MSA). User authentication will help Microsoft ensure the privacy of your feedback and diagnostic data.

  • The feedback button is now displayed in other console locations.


Improvements to Dashboards - Dashboards, such as the Windows Servicing and Microsoft Edge Management dashboards, now use the Microsoft Edge WebView2 Runtime. To use dashboards, install the WebView2 console extension, then reopen the console.


Console and user experience improvements - Based on your feedback, we’ve made a few improvements to the console and user experience.

  • When using temporary device nodes, device actions like Run Scripts are now available to make the experience in the console consistent.

  • Other management insights rules now have click-through actions

  • Copy/paste is available for more objects from details panes.

  • The Name property is added to the details pane for configuration items, configuration item related policies, and applications.

  • Software update search results and the search criteria are now cached when you navigate to another node. When you navigate back to the All Software Updates node, your search criteria and results are preserved from your last query.


Deprecated features

Learn about support changes before they're implemented in removed and deprecated items.

The following features are deprecated. You can still use them now, but Microsoft plans to end support in the future.

  • The Configuration Manager client for macOS and Mac client management. For more information, see Supported clients: Mac computers
  • The site system roles for on-premises MDM and macOS clients: enrollment proxy point and enrollment point

As previously announced, version 2203 drops support for the following features:

  • The ability to deploy a cloud management gateway (CMG) as a cloud service (classic). All CMG deployments should use a virtual machine scale set.
  • The following compliance settings for Company resource access:
    • Certificate profiles and the certificate registration point site system role
    • VPN profiles
    • Wi-Fi profiles
    • Windows Hello for Business settings
    • Email profiles
    • Co-management resource access workload

For more information, see Frequently asked questions about resource access deprecation.


Starting with this version, the following features are no longer pre-release:


For more information on changes to the Windows PowerShell cmdlets for Configuration Manager, see version 2203 release notes.

For more details and to view the full list of new features in this update, check out our What’s new in version 2203 of Microsoft Endpoint Configuration Manager documentation. 


Note: As the update is rolled out globally in the coming weeks, it will be automatically downloaded, and you’ll be notified when it’s ready to install from the “Updates and Servicing” node in your Configuration Manager console. If you can’t wait to try these new features, see these instructions on how to use the PowerShell script to ensure that you are in the first wave of customers getting the update. By running this script, you’ll see the update available in your console right away.


For assistance with the upgrade process, please post your questions in the Site and Client Deployment forum. Send us your Configuration Manager feedback through Feedback in the Configuration Manager console.  Continue to share and vote on ideas about new features in Configuration Manager.


Thank you, 

The Configuration Manager team 


Additional resources: 


Posted at