I have stumbled upon what I think is an interesting problem with Office 365 updates delivered though Configmgr.
We have found that updates fail to download and install on clients that are not part of a boundary that is assigned to a DP.
For other types of updates that are delivered via Configmgr, clients will fall back to the defined site fallback DPs, but for O365 updates this appears to not work.
I had a small number of clients that were receiving updates and deployments correctly, but were not getting O365 update. After investigating I could see in the SCCM related update logs that they were pulling locations for the default site DPs that are used when the clients are not part of a defined IP boundary. However the clients were stalling out when it came to C2R actually grabbing the update components via CMBits.
As I looked into the clients that were not updating correctly, I noticed that many of the clients were on similar address ranges. I added a boundary definition for one of those subnets and assigned it to a boundary group that had a DP assigned. The client almost immediately corrected itself and was applying the missing update even before I could get client center open to check on it.
I am unable to tell if there is a setting that lets O365 C2R updates fall back to the defined site default boundary group DPs that I have just neglected to set. I do have the O365 patch deployments configured for fallback to the site default boundary group in the "When software updates are not available on any DP in current..." I see there is a check box to tell the deployment to reach out to Microsoft (I assume CDN) if it cannot locate the source on premise. But even that text mentions the site boundary groups DPs. I think maybe C2R update system is just not built to gather site default boundary group DPs as sources.
My plan is to discover clients that are not assigned to any boundary, make boundary definitions for them, and assign them to a boundary group for the fallback DPs. My problem, and I am sure I am not alone here, is that the network changes frequently and our change management process is not 100%. So new areas are brought on line that I dont find out about. These clients work with Configmgr in all other respects - Windows patching, software deployment, etc... but they start failing to grab O365 C2R updates.
Does anyone have additional information or insight they could add to this discussion?