Configuration Manager Current Branch 2010 向けロールアップ リリース (KB4600089)

皆さん、こんにちは。

今回は、Microsoft Endpoint Configuration Manager (MECM, SCCM, Configuration Manager) Current Branch 2010 向けの更新プログラム (ロールアップ) について紹介したいと思います。

Configuration Manager CB 2010 向けの初めてのロールアップです。時期的には、もうすぐ CB 2103 がリリースされる頃ですね。

ロールアップのため、今回の修正プログラムは複数の不具合を修正したものになります。

<更新プログラム (ロールアップ) の詳細>

KB4600089 (https://support.microsoft.com/help/4600089)

Configuration Manager console exceptions
The console terminates or generates an exception under any of the following conditions.

  • If the process to update boot images on distribution points takes longer than eight minutes exception details resembling the following are shown.

Exception type:   System.ArgumentOutOfRangeException
Message:          Value of ‘101’ is not valid for ‘Value’. ‘Value’ should be between ‘minimum’ and ‘maximum’.

  • If the tenant onboarding process is completed and device uploads are limited to a specific collection, the user cannot modify the limiting collection as the console terminates. This occurs if the user is denied access to  if they are denied access to the parent of the limiting collection.
  • When editing an application deployment type that did not previously contain a content path.
  • The console issue detailed in the following article.
    KB 4599924 Console terminates unexpectedly in Configuration Manager current branch, version 2010

SMS_Executive (smsexec.exe) service exceptions
The SMS_Executive service terminates under any of the following conditions.

  • On Windows Server 2012 R2 site servers after updating to Configuration Manager version 2010. This occurs if Internet Information Services (IIS) was never previously installed on the server.
  • If the client installation lock file has an invalid file date.
  • If the software update point has the “Use a proxy server when downloading content by using automatic deployment rules” setting enabled.

Other issues

  • The Run PowerShell Script task sequence step does not honor the SMSTSDisableStatusRetry variable. This results in multiple attempts to send status messages even when a machine is offline, leading to increasing delays in task sequence completion.
  • Firewall policies assigned through the Microsoft Endpoint Manager admin center do not apply on Windows 10, version 20H1 and later clients.
  • Configuration Manager clients that update their BIOS may be listed in twice in multiple locations in the Configuration Manager console.
  • Multiple client log files, such as CoManagementHandler.log and execmgr.log, contain the following false negative log entry. This results in potentially valuable troubleshooting information being overwritten.

    Failed to GetDeviceManagementConfigInfo, honor MEM authority. Error (0x00000000).

  • If you delete downloaded content from the Community Hub, the content isn’t deleted from the Community hub > Your downloads page and you’re unable to download the content again.
  • The Push Update button is not enabled for revised Community Hub content.
  • Temporary content is not always deleted after a task sequence runs.
  • The Set custom schedule checkbox is cleared and any custom schedule settings removed when the list of partner software update catalogs is refreshed.
  • Hybrid Azure Active Directory joined clients may appear duplicated in the Configuration Manager console, but with different GUID’s (SMSID). This occurs during an operating system deployment to the client where the management point is configured for HTTPS communication.
  • The CCMDEBUGLOGGING client installation property does not work when passed in during the Setup Windows and ConfigMgr task sequence step.
  • The Office 365 Client Management Dashboard displays all client channels as Other.
  • Client hardware inventory data is not replicated from a primary site to the central administration site (CAS) when reporting is enabled for the CCM_SoftwareDistributionClientConfig class in the ROOT\ccm\Policy\Machine\ActualConfig namespace. Errors resembling the following are recorded in the dataldr.log file on the primary site.

    Column names in each view or function must be unique. Column name ‘ADV_RebootLogoffNotification0’ in view or function ‘v_GS_CCM_SOFTWAREDISTRIBUTIONCLIENTCONFIG’ is specified more than once.

  • Software updates deployed via task sequence during a maintenance window may not restart the computer as expected. The Update Deployment.log file contains an error resembling the following.

    InstallTargetedUpdates failed, error 87d00708

  • A user with read-only access to applications is unable to copy or scroll down through script content in the Script Editor window.
  • Processing of Automatic Deployment Rules fails after updating to Configuration Manager version 2010. The Last Error Description reads “Auto Deployment Rule download failed”. This occurs due to zero-byte temporary files left in the Windows\Temp folder during the download process.
  • Software Center fails to open on some Configuration Manager current branch, version 2010 clients. The SCClient_<domain>@<username>_1.log contains errors resembling the following. Note the line number may differ from the example below.

    Call to ExecuteQuery failed, Query: “Select * From CCM_Application WHERE UserUIExperience = TRUE”
    Exception caught in ExecuteQuery, line 465…
    (Microsoft.SoftwareCenter.Client.Data.WmiConnectionManager at ExecuteQuery)

    The DCMAgent.log also contains an error resembling the following, recorded at the same time as the SCClient log entry.  The 0x87d00315 error code translates to “The CI version info data is not available.”

    ExecuteApplicationQuery – Failed to get machine targeted applications (0x87d00315).

  • Client computers may unexpectedly receive a software update deployment if the target collection is changed from “All Systems” to another collection.
  • Package content beyond the first package is not cached locally on the client when the Save path as a variable setting is enabled for the Download Package Content task sequence step.
  • Computers incorrectly report non-compliance with a BitLocker fixed data drive encryption policy. This occurs for computers with only a single drive and partition, even when encrypted with BitLocker.
  • Surface driver synchronization fails if the Software Update Point is in a separate untrusted domain from the site server. And error resembling the following is recorded in the wsyncmgr.log file.

    Sync failed: The request failed with HTTP status 401: Unauthorized. Source: Microsoft.UpdateServices.Internal.ApiRemoting.ExecuteSPSearchUpdates

  • The Deployment Options and Allow clients to use distribution points from the default site boundary group settings on the Content tab of deployment properties may unexpectedly revert to default after saving changes.

  • Existing co-management policies do not apply to Windows Virtual Desktop.

Hotfixes that are included in this update

KB 4594177 Client notifications sent to all collection members in Configuration Manager current branch, version 2010

今回の修正の中には、一部クライアントでソフトウェア センターがエラーで起動できない問題の修正も行われています。

<更新プログラム (ロールアップ) のインストール>

対象環境の Configuration Manager コンソールには、下記のように KB4600089 が表示されています。特段理由がない場合は早期にアップデートすることをお勧めいたします。