Summary of changes in Configuration Manager current branch, version 2111

Applies to: Configuration Manager (current branch, version 2111)

Summary of KB11052354

Release version 2111 of Microsoft Endpoint Configuration Manager current branch contains fixes and feature improvements. The "Issues that are fixed" list isn't inclusive of all changes. Instead, it highlights changes the product development team believes are most relevant to the broad Configuration Manager customer base. Many of these changes were made in response to customer feedback about product issues and improvements. Note There is no additional update for customers that installed the publicly available early update ring version of Configuration Manager 2111. The early update ring and globally available release are the same.

Notes

• Version 2111 is available as an in-console update that can be installed at the top-tier site in a hierarchy.

• For installation information, see Checklist for installing update 2111 for System Center Configuration Manager.

• For more information about the changes that are included in version 2111, see What's new in version 2111 of Configuration Manager current branch.

• This globally available release contains all of the fixes summarized in the following article.

  KB 11121541: Update rollup for Microsoft Endpoint Configuration Manager current branch, version 2107

Issues that are fixed

• The secondary site upgrade process may fail if the maximum SQL Express database size (10GB) is exceeded due to replication of unnecessary data.

• Installation of BitLocker management portals fails under either of the following conditions.
  1. A localized non-English version of SQL Server Reporting Services is installed on the site server.
  2. SQL Server and SQL Server Reporting Services are installed on a remote server and running under the context of a domain service account.

• Client push installation fails under the following conditions.
  • The Allow connection fallback to NTLM option is not selected in Client Push Installation properties.
  • The site server machine account is not in the local admin group on the client.
  • The Restrict NTLM: Incoming NTLM traffic group policy is set to Deny all domain accounts.

Under these conditions, client push fails with errors resembling the following in the ccm.log file.

Unable to connect to remote machine "{Client_name}" using Kerberos with machine account, error - 0x80070005

• The download of installation files by CCMSetup is now randomized across available distribution points within a boundary group.

• Orchestration group post-installation scripts may run prior to a computer reboot, causing unexpected results during deployments. After the computer reboot, the scripts may not run until the next maintenance window.

• In large environments the process of uploading Endpoint Analytics data may block database reindexing tasks, leading to further performance issues.

• State message processing may fail when the messages contain failure codes for Windows Feature Updates, such as error 0xC1900208. When this happens errors resembling the following are recorded in the statesys.log file.

  SQL MESSAGE: spProcessStateReport - Error: Record 1 returned an 'invalid record' return code and failed processing with error 8114: ERROR 8114, Level 16, State 5, Procedure spProcessSUMEnforcementMsg, Line 5, Message: Error converting data type nvarchar to bigint.
  

• The Endpoint Protection and software updates compliance - Historical report can contain inaccurate data where compliant devices are recorded as non-compliant.

• The issue described in the following article could still happen if the management point was unable to process a client discovery data record (DDR); this is now fully resolved.

  A client computer can steal the Configuration Manager GUID of an Unknown Computer object during imaging

• The Active Directory Forest Discovery method fails if it receives a "The server is not operational" exception during the discovery process, leading to incomplete discovery results. An error resembling the following is recorded in the ADForestDisc.log file.

  ERROR: [ForestDiscoveryAgent]: Discovery is being aborted due to an unexpected exception.
  

• The availability of a service window is incorrectly checked when a dependent/ nested task sequence runs for a user. This leads to application deployment failures if a computer restart happens after the initial top-level task sequence runs.

• Full database reinitialization may happen for a primary site during the update process because of a timing issue.

• The management point role fails to install on a server if the Visual C++ runtime is newer than version 14.28.

• Configuration manager clients generate Event ID 4662 entries in the security event log every 30 seconds when the Audit Other Object Access Events policy is configured.

• The client registration process for Microsoft Entra joined clients is improved to increase efficiency and reduce the likelihood of state message processing backlogs.

• Logging associated with state message processing is improved to include filenames by default, improving the ability to troubleshoot processing issues.

• Remote Configuration Manager consoles may display a connection error when returning after a period of inactivity. The connection error typically happens when trying to open a property window from a list view in the console but could also happen in other scenarios. Errors may include variations on any of the following:
  • Microsoft.ConfigurationManagement.ManagementProvider.SmsConnectionException The object invoked has disconnected from its clients. (Exception from HRESULT: 0x80010108 (RPC_E_DISCONNECTED))
  • One or more errors occurred, results may be incomplete Microsoft.ConfigurationManagement.ManagementProvider.SmsConnectionException The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
  • Microsoft.ConfigurationManagement.ManagementProvider.SmsException The underlying connection was closed: An unexpected error occurred on a receive.
  • Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlQueryException The SMS Provider reported an error.
  • Microsoft.ConfigurationManagement.ManagementProvider.SmsMultipleResultException Failed to update one or more result object(s)

• A task sequence that installs a Windows feature update may fail on slower computers. The feature update does install correctly, but the task sequence fails after a computer restart.

• The Move button is disabled in the console if you previously moved the content library to a network share and attempt to move it to a new share.

Hotfixes that are included in this update

• KB 11121541: Update rollup for Microsoft Endpoint Configuration Manager current branch, version 2107
• KB 12636660: Client Update for Microsoft Endpoint Configuration Manager version 2107

Dependency changes

The following dependent components that are included with Configuration Manager version 2111 are added or updated to the specified versions:

• Microsoft Edge WebView2 Redistributable to version 94.0.992.37
• MBAM support files to version 2.5.1152.0
• AppInsights SDK components to version 4.6.28619.01