Getting Started with the Microsoft Endpoint Manager On-Demand Assessment
The Microsoft Endpoint Manager Assessment assesses the site servers, site database servers, and site system servers in your Microsoft Endpoint Manager environment. It also collects and analyzes client heath data that is available from Configuration Manager site servers. The analysis generates a list of issues to address with remediation guidance and best practices to improve the performance of Configuration Manager infrastructure and features such as deploying applications, software updates, and operating systems. Assessments are available through the Services Hub to help you optimize the availability, security, and performance of your Microsoft technology investments. These assessments use Microsoft Azure Log Analytics, which is designed to give you simplified IT and security management across your environment.
Running the Microsoft Endpoint Manager Assessment
Prerequisites
In order to take full advantage of the On-Demand Assessments available through Services Hub, you must:
Have linked an active Azure Subscription to Services Hub and added the Microsoft Endpoint Manager Assessment. For more information please see the Getting Started with On-Demand Assessments document or watch the how to link video.
Have a domain account (User or Managed Service Account) with the following rights: a) Admin access to every server (Site System) in the Configuration Manager hierarchy. Single user account if Site Systems are in Multi-Domain Environment b) Unrestricted network access to every server (Site System) in the Configuration Manager hierarchy c) Administrator permissions to all SQL servers used by the Configuration Manager Sites or Software Update Points d) Full access rights to all the Configuration Manager Site objects in all Primary Sites e) SysAdmin permission to all SQL Instances used by Configuration Manager Sites or Software Update Points
Review the Pre-Requisites document for the Microsoft Endpoint Manager Assessment. This document explains the detailed technical documentation of the Microsoft Endpoint Manager Assessment and the server preparation needed to run the assessment. It also documents the different types of data collected by the assessment.
Note
On average, it takes two hours to initially configure your environment to run an On-Demand Assessment. After you run an assessment you can review the data in Azure Log Analytics. This will provide you with a prioritized list of recommendations, categorized across six focus areas. This allows you and your team to quickly understand risk levels, the health of your environments, act to decrease risk, and improve your overall IT health.
Setup the Microsoft Endpoint Manager Assessment on the data collection machine
Note
You will only be able to successfully setup the assessment once you have linked your Azure Subscription to Services Hub and added the Microsoft Endpoint Manager Assessment from Health -> Assessments in Services Hub.
On the data collection machine create the following folder: C:\OMS\SCCM (or any other folder besides C:\ODA which is reserved by the system)
Open regular Powershell (not ISE) in Administrator mode and run the below cmdlet:
Add-SCCMAssessmentTask -ServerName <YourServerName> -WorkingDirectory <Directory> command
where YourServerName is the FQDN or NetBIOS name of one of the Management Servers that’s topmost in the hierarchy (Central or Primary Site)
<Directory> is the path to an existing directory used to store the files created while collecting and analyzing the data from the environment.
<WorkspaceId> – provide id for the Log Analytics workspace that will be used to store the uploaded data
Provide the required user account credentials that satisfy the requirements mentioned in this article earlier.
Data collection is triggered by the scheduled task named SCCMAssessment within an hour of running the previous script and then every 7 days. The task can be modified to run on a different date/time or even forced to run immediately from the task scheduler library -> Microsoft -> Operations Management Suite -> AOI*** -> Assessments -> SCCMAssessment
During collection and analysis, data is temporarily stored under the Working Directory folder that was configured during setup
After a few hours, your assessment results will be available on your Log Analytics and Services Hub Dashboard. You can navigate to see the results by going into Services Hub -> IT Health -> On-Demand Assessments and then clicking on "View all recommendations" against the active assessment
If you wish to get a Microsoft Accredited Engineer to go over the issues about your Microsoft Endpoint Manager Environment with you, you can contact your Microsoft Representative and ask them about the Remote or Onsite CSA Led Delivery
agreement Remote Engineer Onsite Engineer Premier Microsoft Endpoint Manager Remote Datasheet Microsoft Endpoint Manager Onsite Datasheet Unified Microsoft Endpoint Manager Remote Datasheet Microsoft Endpoint Manager Onsite Datasheet
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for