皆さん、こんにちは。
今回は、Configuration Manager (Microsoft Configuration Manager (MCM), Microsoft Endpoint Configuration Manager (MECM), SCCM) Current Branch 2211 向けの初めてのロールアップ リリースについてお伝えします。
今回のロールアップについては、PowerShell を用いて早期に CB 2211 を適用した環境と、一般リリースされた後に CB 2211 を適用した環境の両方に適用されます。
<修正プログラムの詳細>
KB16643863 (https://aka.ms/KB16643863)
- When the content lookup process for a task sequence fails with error 0x8000000a (E_PENDING), it fails to recover. Errors resembling the following are recorded in the smsts.log file.
CAppMgmtSDK::GetEvaluationState <applicationID> = DownloadFailed Installation job completed with exit code 0x00000000 Execution status received: 24 (Application download failed ) App install failed. Setting TSEnv variable '_TSAppInstallStatus'='Error' Setting TSEnv variable 'SMSTSInstallApplicationJobID__<applicationID>'='' Completed installation job. Step 3 out of 5 complete Install application action failed: 'Application name'. Error Code 0x80004005The task sequence installation now retries if this error happens. To support this behavior three new variables are added with this update rollup.
- _SMSTSAppInstallNeedsRetry is used internally by the executable to check if the application installation needs to be retried.
- OSDAppInstallRetries specifies the number of times the installation needs to be retried.
- OSDAppInstallRetryTimeout specifies the timeout period between retries.
- SQL configuration items fail to evaluate correctly when deployed to non-English versions of Windows Server 2022. Instead of a “compliant” or “not compliant” result, the affected configuration items instead return “WMI provider error Invalid parameter [0X80041008]”.
- Group membership data is incorrectly removed if the Active Directory User Group Discover process returns error 0x8007202B (ERROR_DS_REFERRAL).
- The Monitor service state rule for a cloud management gateway updates the Azure_Service table unnecessarily. The rule leads to unexpected growth of the SCCM_Audit table in the site database.
- In large environments, it’s possible for IIS logging on a cloud management gateway (CMG) to fill the C:\ drive. To prevent the drive from filling, a new scheduled task, CleanIISLogs, is created on the Virtual Machine Scale Set used for a CMG. This task deletes the Internet Information Services (IIS) logs older than 30 days, and runs every Sunday at 12:00 AM.
- In the recurrence schedule for a maintenance window, the Offset (days) value can now be set to a maximum value of seven days instead of the previous maximum of four. This allows for greater flexibility when configuring the offset.
- Older cipher suites that may be considered less secure, such as TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, are now disabled on cloud management gateway Virtual Machine Scale Sets. Existing Virtual Machine Scale Sets need to be manually updated for changes to take effect, such as by using the Synchronize Configuration button in the ribbon.
- Windows Server Update Services (WSUS) synchronization fails in environments that require strong-name verification for .NET assemblies. The wsyncmgr.log contains the following entry.
Sync failed: Could not load file or assembly 'updmgrclr, Version=5.0.9096.1000, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. Strong name validation failed. (Exception from HRESULT: 0x8013141A). Source: wsyncactStrong-name verification is required when the AllowStrongNameBypass registry value is set to zero. Refer to How to: Disable the strong-name bypass feature for additional information.
<修正プログラムのインストール>
対象環境の Configuration Manager コンソールには、下記のように、KB16643863 が表示されます。上記に記載されている不具合を修正するプログラムなので、早期にアップデートすることをお勧めいたします。
<既知の不具合、アップデート後の Configuration Manager コンソールが起動しない問題>
リリース ノートにも記載がありますが、CB 2207 の KB15152495 でも発生した問題ですが、英語以外の日本語を含む、ローカライズされた言語のコンソールの場合、KB16643863 適用後にコンソールが起動しなくなる可能性があります。
今回はメインの自宅検証環境では下記の問題は発生しませんでした。
もし発生した場合は、以前の記事の [追記] の部分を参考に対処してみてください。
- Localized (non-English) versions of the Configuration Manager console may fail to install this update. The following error message is recorded in the ConfigMgrAdminUISetup.log
Installation failed with error code 1638Note the text of error code 1638 is “Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.”
To work around this issue, first uninstall the localized version of the Configuration Manager console, then install it again using the version from this update rollup.
https://learn.microsoft.com/en-us/mem/configmgr/hotfix/2211/16643863#known-issues-in-this-release