What's new in version 2303 of Configuration Manager current branch
Applies to: Configuration Manager (current branch)
Update 2303 for Configuration Manager current branch is available as an in-console update. Apply this update on sites that run version 2111 or later. When installing a new site, this version of Configuration Manager will also be available as a baseline version soon after global availability of the in-console update. This article summarizes the changes and new features in Configuration Manager, version 2303.
Always review the latest checklist for installing this update. For more information, see Checklist for installing update 2303. After you update a site, also review the Post-update checklist.
To take full advantage of new Configuration Manager features, after you update the site, also update clients to the latest version. While new functionality appears in the Configuration Manager console when you update the site and console, the complete scenario isn't functional until the client version is also the latest.
Microsoft Configuration Manager product branding
Starting with Configuration Manager version 2303 Microsoft Endpoint Configuration Manager is now Microsoft Configuration Manager. Microsoft Configuration Manager is an integrated solution for managing all your devices. Microsoft brings together Configuration Manager and Intune, without a complex migration, and with simplified licensing. Continue to use your existing Configuration Manager investments, while taking advantage of the power of the Microsoft cloud at your own pace.
Tip
Support center tool and client must be upgraded to latest version to move program files path to new Microsoft configuration Manager start menu path.
For more information, see Microsoft Configuration Manager FAQ
Cloud-attached management
Improvements to Cloud Sync (Collections to Azure Active Directory Group Synchronization) feature
Starting with Configuration Manager version 2303 collection member sync status (Success, In Progress, Failed - with reason for failure) is available in the Collection Cloud Sync dashboard for the chosen collection on the bottom pane. Earlier with Configuration Manager version 2211, the scalability of this feature has been improved with better throttling and error handling. Additionally, dedicated dashboards for user collections and device collections are added in Monitoring workspace to show Cloud Sync status. The dashboard displays the Cloud Sync status per collection with the mapped Azure AD group, total member count, synced member count, status (success, failed, in progress) and last sync details.
For more information, see Synchronize collections to Azure Active Directory Group.
Endpoint Security reports in Intune admin center for Tenant Attached devices
Starting with Configuration Manager version 2303, you can now opt for Endpoint Security reports in Intune admin center for tenant attached devices. Once you opt in, Unhealthy endpoints and Active malware operational reports under Endpoint security node in Intune admin center will start showing data from tenant attached devices. Also, Antivirus agent status and Detected malware organizational reports under Microsoft Defender Antivirus in Reports section will show data from tenant attached devices.
For more information, see Tenant attach - Create and deploy Antivirus policies from the admin center.
Site infrastructure
Authorization failure message in admin service now shown in Status message viewer
We have introduced audit messages about authorization failure in admin service. You can now view request details and status messages. These messages are shown in “All Status Message” at “Status Message Queries” in “Monitoring” ribbon. Previously these failures were logged in log files.
With the new audit messages, we intend to avoid the inconvenience of log files rollback. Details about the user, resource access attempts and the number of attempts for all the authorized requests made by user in a day will now be available. We are also auditing read operations for HTTPS requests and for cloud-initiated operations. This helps admins to scope permission and roles of users while also determining if there are any malicious users. All unauthorized requests are aggregated for 24 hours before being sent to the status message viewer.
For more information, see Administration Service documentation.
SQL Server 2022 version support added for Configuration Manager
Starting with 2303, support is added for SQL server 2022 RTM version. You can use this version of SQL Server for the following sites:
- A central administration site
- A primary site
- A secondary site
The following table identifies the recommended compatibility levels for Configuration Manager site databases:
| SQL Server version | Supported compatibility levels | Recommended level |
|---|---|---|
| SQL Server 2022 | 150, 140, 130, 120, 110 | 150 |
For more information, see support-for-sql-server-versions.
Software updates
Unified update platform (UUP) GA release
The Unified Update Platform (UUP) servicing is finally here for all Windows 11, version 22H2 updates delivered via Windows Server Update Services (WSUS) and Configuration Manager! Starting March 28, on-premises Windows 11, version 22H2 devices will receive quality updates via the Unified Update Platform (UUP). For more information, see What’s UUP? New update style!. The Unified Update Platform (UUP) is a single publishing, hosting, scan, and download model for OS quality and feature updates. It offers improved delivery technologies in response to IT admin requests for more seamless updates, more control over installation time, more battery life, and lighter download size.
Note
A one-time 10-GB download to distribution points with your first UUP update. UUP is becoming the default and only way to download quality updates. This means that you should plan for an extra 10GB download to distribution points (not endpoint clients) with the March 28th update. That's a one-time 10GB download for updates for Windows 11, version 22H2 per architecture (AMD64 and ARM64).
Update to the default value of supersedence age in months for software updates
With Unified Update Platform (UUP) general availability release, the feature update and non-feature update supersedence should be greater than 3. For new software update role installations, we're updating this to 6, existing customers can review and update to 6. Update to the default value of supersedence age in months for software updates.
Known issue
Update to the default value of supersedence age in months for software updates will not impact existing configurations. Removing SUP role in Admin Console does not reset the supersedence age property in WMI. As a result, while reconfiguring the role, the previously configured value is shown in the configuration window.
Enable Windows features introduced via Windows servicing that are off by default
The Commercial control for continuous innovation in Windows is now integrated with Configuration Manager 2303 release. Commercial control for continuous innovation (Windows 11)
For more information, see client settings in Configuration Manager
Configuration Manager console
Dark theme extended to delete secondary site wizard
The Configuration Manager console now extends the dark theme for the delete secondary site wizard. This wizard will also have a new look for the normal theme. This is part of the ongoing effort to make dark theme and overall admin console experience better.
To use the theme, select the arrow from the top left of the ribbon, then choose the Switch console theme. Select Switch console theme again to return to the light theme. For more information, see Dark theme for the console.
Deprecated features
Removed Community hub service and integration with ConfigMgr
Removed Community Hub configuration from Hierarchy settings and Community Hub service integration. Learn about support changes before they're implemented in removed and deprecated items.
Other updates
Maintenance window schedules
Offset for recurring monthly maintenance window schedules. Based upon your feedback, you can now offset monthly maintenance window schedules to better align deployments with the release of monthly security updates. For example, using a maximum offset of seven days after the second Tuesday of the month, sets the maintenance window for next Monday.
Removing Microsoft Store for Business and Education new config capability
As part of Microsoft Store for Business deprecation, we are making these changes to the customer experience with using this feature:
Removing a user's ability to create new Microsoft Store for Business in Configuration Manager.
Display a warning message box when user triggers a sync from Microsoft Store for Business.
Display a warning in the Create Application Wizard when user attempts to create a new app from Store license information.
For more information, see removed and deprecated items.
Next steps
As of April 24, 2023, version 2303 is globally available for all customers to install.
When you're ready to install this version, see Installing updates for Configuration Manager and Checklist for installing update 2303.
Tip
To install a new site, use a baseline version of Configuration Manager.
Learn more about:
For known significant issues, see the Release notes.
After you update a site, also review the Post-update checklist.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for