皆さん、こんにちは。
今回も、Microsoft Endpoint Configuration Manager (MECM, SCCM, Configuration Manager) Current Branch 2002 向けの更新プログラム (ロールアップ) について紹介したいと思います。
今回の更新プログラムは、ロールアップであるため、複数の不具合を修正したものとなります。
<更新プログラム (ロールアップ) の詳細>
KB4560496 (https://support.microsoft.com/help/4560496)
- The option to schedule updates is unavailable when applying software updates to an image (offline servicing) for Windows Server, version 2004.
- Hybrid Azure Active Directory domain joined clients are detected as Intranet clients when communicating with the Cloud Management Gateway. User based deployments are blocked as a result.
- Users are unable to submit feedback from the Configuration Manager console when using a Japanese version of the operating system.
- The value for dynamic task sequence variables are still displayed even after selecting the option Do not display this value in the Configuration Manager console.
- After changing Enable third party software updates to “Yes” in client settings, clients perform an extra group policy update on startup resulting in increased load on domain controllers.
- The SetupComplete.cmd window is now hidden during Windows 10 upgrade task sequences.
- The Configuration Manager console may terminate unexpectedly after entering Microsoft Azure login credentials in the Co-Management Configuration Wizard.
- After deleting a setting from the Co-management node in the Configuration Manager console, the Configure co-management option is unexpectedly grayed out and unavailable. This blocks you from re-enabling co-management and is a variation of the issue first resolved in KB 4540794.
- After updating to Configuration Manager version 2002, content download for updates may fail when Allow clients to download delta content when available is enabled in client software update settings.
- When multiple pilot groups are selected for co-management, the Automatic enrollment into Intune process may take longer than expected.
- The co-management pilot process generates extraneous policy updates on Configuration Manager clients.
- After clearing the Use a boot image option from the properties of a task sequence the reference is not removed as expected. This results in the boot image being referenced in the deployment and download of the task sequence.
- The SMS Agent Host service (ccmexec.exe) may sporadically cause high CPU utilization on client computers if the local time zone setting is changed. This CPU utilization typically only persists until the client computer restarts, or for the delta between the old and new time zones.
- The Configuration Manager console hangs when opening automatic deployment rules (ADR) when multiple languages are selected.
- After updating to Configuration Manager current branch, version 2002, client policy data may fail to apply. Messages resembling the following are recorded in the PolicyEvaluator.log file.
A newer version of policy {policy_guid}:98.00 is already in queue. Ignoring the older version 101.00
A newer version of policy {policy_guid}:98.00 is already in queue. Ignoring the older version 102.00- Group policy updates are incorrectly triggered if Configuration Manager is set to manage Delivery Optimization (DO) settings on a client but DO is not yet implemented in the environment.
- Co-managed device data, such as the operating system version, may be missing when viewed in the Intune portal. This occurs if the data was unavailable (null) when the device was first synchronized during the onboarding process, even if it was added later.
- The Configurations tab of the client control panel applet may hang on Windows 10 ARM64 devices.
- Client computers do not restart as required after a software update installation. This occurs when a software update group contains both an update that can install within the maintenance window, and one that cannot install within the maintenance window.
- Expected subscriptions are not listed in the Create Cloud Management Gateway Wizard after signing in with the correct subscription admin account.
- After updating to Configuration Manager current branch, version 2002, management points do not process domain data from client heartbeat discover data records (DDR). This leaves client records without domain data until Active Directory System Discovery runs.
- Collections with the option Make this collection available to assign Microsoft Defender ATP policies in Intune enabled can no longer be deleted from the Configuration Manager console; that option must be disabled before deletion is available.
- An operating system upgrade task sequence does not resume after the target computer restarts. This occurs when the task sequence incorrectly tries to take the client out of provisioning mode. Errors resembling the following are recorded in the TSAgent.log file.
Could not execute WMI method SMS_Client.SetClientProvisioningMode
Failed to put client out of provisioning mode (0x800706BE)- The BytesDownloaded property of instances in the CCM_CTM_DownloadHistory class does not record values larger than 4GB, leading to potential inaccuracies in reporting.
- The Co-management Configuration Wizard may terminate unexpectedly when selecting a collection to upload.
- The installation or removal of Office updates may fail. This occurs when the SMS Agent Host (ccmexec.exe) incorrectly holds a lock on Office add-in files, such as Visual Studio Tools for Office (VSTO) add-ins, after hardware inventory runs. Office updates fail to install via Configuration Manager in this scenario.
Additionally, users that install or uninstall Office updates manually in these environments may encounter errors resembling the following.Something went wrong
Error Code: 30010-4- Operating system deployment task sequences may fail in an environment with a mix of management points using HTTP and HTTPS for communications. This is most common with a HTTPS management points used for a cloud management gateway, and operating system boot images are not configured to use client authentication certificates.
- After updating to Configuration Manager current branch, version 2002, delta hardware inventory files may be rejected at a primary site and copied to the \BADMIFS folder. Errors resembling the following are recorded in the dataldr.log on the primary site.
Violation of PRIMARY KEY constraint ‘BROWSER_USAGE_HIST_PK’. Cannot insert duplicate key in object ‘dbo.BROWSER_USAGE_HIST’. The duplicate key value is (38284100, 1). : dbo.dBROWSER_USAGE_DATA
ERROR – is NOT retyrable.
Rollback transaction: Machine={client_name}GUID:{smsid}
<更新プログラム (ロールアップ) のインストール>
対象環境の Configuration Manager コンソールには、下記のように KB4560496 が表示されています。特段理由がない場合は早期にアップデートすることをお勧めいたします。