Summary of changes in Configuration Manager current branch, version 2103

Applies to: Configuration Manager (current branch, version 2103)

Summary of KB9210721

Release version 2103 of Microsoft Endpoint Configuration Manager current branch contains fixes and feature improvements. The "Issues that are fixed" list isn't inclusive of all changes. Instead, it highlights changes the product development team believes are most relevant to the broad Configuration Manager customer base. Many of these changes were made in response to customer feedback about product issues and improvements.


Issues that are fixed

  • A command defined in the SMSTSPostAction task sequence variable runs twice after a device restart.
  • Various custom client settings may fail to apply if an operating system deployment task sequence fails to remove WMI instances in \root\ccm\policy\defaultmachine\RequestedConfig.
  • Multiple changes were made to the Collection Evaluator (colleval) component of the SMS Executive service to improve overall performance.
  • The CMPivot feature incorrectly requires access to the default security scope for operations.
  • Computers randomly don't receive policy data based on computer variables (SMS_MachineVariable). This issue occurs because of differences in replication speed between database tables.
  • Non-zero success codes, such as 3010 (restart pending), aren't recognized as successful if customer Client Cache settings are defined for clients. A message resembling the following is recorded in the execmgr.log file.
    Execution is complete for program Full Installation. The exit code is 3010, the execution status is FailureNonRetry
  • Clients may be unable to download content from a cloud distribution point (cloud DP). This issue occurs if the clients are powered off and the authentication token used for communication with the cloud DP expires. Errors resembling the following are recorded in the DataTransferService.log file.
    CDTSJob::JobError: DTS Job ID='{DTS_job_GUID}' BITS Job ID='{BITS_job_GUID}' ErrorCode=0x80190193 
  • If a client computer performs multiple software update scans in one pass, and one of the scans fails, overall compliance is incorrectly reported as 'Unknown'.
  • The Windows 10 version 1909 Feature Update fails to download on Windows 10 version 1803 or 1809 clients. This issue occurs if the Feature Update is downloaded via a BITS delta download. Either of the following errors are recorded in the WUAHandler.log
    Unexpected HRESULT for downloading complete: 0x80246002
    Unexpected HRESULT for downloading complete: 0x80240031
  • The synchronization process fails on a remote software update point (SUP) that is in a different domain from the primary SUP, and the primary is configured to use a proxy for internet communication. An error resembling the following is recorded in the WCM.log on the remote SUP.
    Remote connection failed with exception 'System.Net.WebException: 
    The remote server returned an error: (403) Forbidden.~~
        at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)~~...
    Attempting to bypass proxy
  • Multiple improvements were made to the content library move and cleanup processes when the library is split across multiple drives.
  • The upload of more than 10 packages at one time to a cloud distribution point fails with errors resembling the following in the PkgXferMgr.log.
    WARNING: Warning - returning null/empty download address from content upload CCB0001A~~
    UploadPackageToCloud() failed. Error = 0x80131500
    Failed to distribution content to the cloud DP
  • Clients may fail to download content from a cloud distribution point when the package contains thousands of individual files, and the BranchCache feature is enabled on both the site server and the client. The download may be stuck in a resume state for hours, and an error resembling the following is recorded in the DataTransferService.log on the client. Clients also do not retry the download as expected.
    DTS job {DTS_job_GUID} BITS job {BIT_job_GUID} failed to download source file https://{source_URL} with error 0x80190195
    Additionally, the ContentTransferManager.log records an error resembling the following.
    CTM job {CTM_job_GUID} (corresponding DTS job {DTS_job_GUID}) started download from 'https://{source_URL}' for full content download
    CRemoveJobFromGlobalState::Execute failed with code 0x87d00215
    Note that code 0x80190193 may also be returned.
  • Task sequences may fail or take longer than expected to run following a computer restart. This issue occurs in environments with multiple management points for a site and clients that rely on a VPN connection.
  • Configuration Manager hotfixes that only update the Configuration Manager console will no longer require a site reset.
  • Client user policy namespaces are created on multi-user terminal servers even when explicitly disabled.
  • Co-management workloads may be unexpectedly deployed to newly installed Configuration Manager clients.
  • Improvements were made to the SQL Server change tracking cleanup task.
  • Orphaned content may be left after deleting application revisions in larger environments with multiple distribution points offline or unavailable due to network issues.
  • In environments with a data warehouse service point in use for multiple years, the SQL Server TempDB may grow unexpectedly. The Microsoft.ConfigMgrDataWarehouse.log contains entries resembling the following.
    Processing summarization data: ContentDistribution_Summ.
    Arithmetic overflow error converting expression to data type int.
    The statement has been terminated.
  • The Compliance 4 - Updates by vendor month year report terminates unexpectedly if duplicated product names are chosen when running the report.
  • Clients do not download package content over a metered connection even with the “Allow clients on a metered Internet connection to download content...” option is selected. Messages resembling the following are recorded in the DataTransferService.log.
    Sending PROPFIND request using URL https://{Distribution_point_package_URL}
    mapResources.end() != it, HRESULT=87d00215
    Request to https://{Distribution_point_package_URL} cannot be fulfilled since use of metered network is not allowed.
  • The ExtendMigrateToAzure tool fails to add accounts to the local administrators' group when used in an environment with a disjointed DNS namespace.
  • The Configuration.mof used with hardware inventory is not created on a primary site as expected after removing a central administration site (CAS).
  • The SMS Agent Host (ccmexec.exe) incorrectly tries to resolve a site code when used in a standalone media operating system deployment scenario. This delays the overall deployment process by adding 5 minutes for each application to be installed via the standalone media.
  • State messages generated by the on-premises Microsoft Defender for Endpoint monitoring feature may fail to process on the site server. Errors resembling the following are recorded in the StateMessage.log
    SQL MESSAGE: spProcessStateReport - Error: Record 1 returned an 'invalid record' return code and failed processing with error 6260: ERROR 6260, Level 16, State 1, Procedure spProcessATPHealthStatusMessage, Line 1, Message: An error occurred while getting new row from user defined Table Valued Function : ~~System.IndexOutOfRangeException: Index was outside the bounds of the array...
    CMessageProcessor - Non-fatal error while processing {Filename}.SMX
    Thread "State Message Processing Thread #0" id:28072 was unable to process file "F:\Program Files\Microsoft Configuration Manager\inboxes\auth\\process\{Filename}.SMX", moving to corrupt directory.
  • The Format and Partition Disk task sequence step fails when more than 99 disks are present, for example in a storage area network (SAN) scenario. Errors resembling the following are recorded in the smsts.log file.
    The task sequence execution engine failed executing the action (Partition OS Disk - UEFI) in the group (Install Operating System) with the error code 2147942487
    Disk index 108 should not be larger than 99.
  • Operating system deployments from boot media fail to retrieve content from a cloud distribution point if custom ports are defined for HTTP and HTTPS communication.
  • Processing of Automatic Deployment Rules fails on servers that do not have internet access after updating to Configuration Manager version 2010. The Last Error Description reads "Auto Deployment Rule download failed". This issue occurs due to zero-byte temporary files left in the Windows\Temp folder during the download process.
  • Adding a new distribution point (DP) to a package triggers redistribution of that package to all DP’s after the removal of a central administration site (CAS).
  • Failover from an active to a passive site server may stop responding if the database of the active site contains orphaned package status data.

Hotfixes that are included in this update

  • KB 4600089: Update rollup for Microsoft Endpoint Configuration Manager current branch, version 2010
  • KB 5001600: Microsoft Connected Cache component fails to install on Configuration Manager current branch
  • KB 5001670: Devices do not report app usage data in Configuration Manager current branch, version 2010

Dependency changes

The following dependent components that are included with Configuration Manager version 2010 are added or updated to the specified versions:

  • Microsoft Edge WebView2 Redistributable to version 87.0.664.41
  • DOINC (Microsoft Connected Cache) to version