Update for Microsoft Endpoint Configuration Manager version 2006, early update ring

Applies to: Microsoft Endpoint Configuration Manager (current branch – version 2006)

Summary


An update is available to administrators who opted in through a PowerShell script to the early update ring deployment for Microsoft Endpoint Configuration Manager current branch, version 2006. You can access the update in the Updates and Servicing node of the Configuration Manager console.

This update addresses important, late-breaking issues that were resolved after version 2006 became available globally. This article summarizes the most significant changes.

This update does not apply to sites that downloaded version 2006 on August 21, 2020, or a later date. Therefore, it will not be listed in the Configuration Manager console for those sites.

Issues that are fixed


  • The SMS_CLOUDCONNECTION and SMS_SERVICE_CONNECTOR components of the SMS Executive service (smsexec.exe) experience a thread leak after completing the tenant attach process.
  • In an environment that is not onboarded to the Desktop Analytics service, the SMS_SERVICE_CONNECTOR component enters a critical state. Additionally, the M365AUploadWorker.log contains errors resembling the following.
  • Information for updated apps fails to write to the database after completing the tenant attach process. Errors resembling the following are recorded in the SMS_CloudConnection_AppInsights.log
  • Microsoft Defender Advanced Threat Protection (ATP) policies set using the Microsoft Endpoint Manager admin center may be overwritten by policies set from the Configuration Manager console.
  • Desktop analytics app usage data is not monitored for up to fifteen minutes when a computer resumes from standby.
  • Software Center may intermittently time out when connecting to a Cloud Management Gateway to retrieve user-available apps.
  • Clients fail to download policy data and status message ID 10803 is generated. This occurs in environments using HTTPS communication and non-operating system deployment task sequences in Software Center.
  • The resultant set of policy for endpoint security Antivirus policies may be incorrect when viewed in the admin center.
  • The Run Scripts functionality does not work on clients that are Azure Active Directory joined, and HTTPS communication is used in the environment. Errors resembling the following are recorded in the DataTransferService.log on the client.
  • Expanding the Reports node in the Configuration Manager console may take longer than expected, up to several minutes.
  • Incremental collection updates fail and collection membership is not updated. Errors resembling the following are recorded in the colleval.log file.
  • The client upgrade process may terminate unexpectedly on 32-bit Windows clients.
  • The collection properties window takes longer than expected on the Configuration Manager admin console.
  • Performance improvements were made to increase the overall speed of the tenant attach process.

     

Update information for Microsoft Endpoint Configuration Manager, version 2006 early update ring


This update is available in the Updates and Servicing node of the Configuration Manager console for environments that were installed by using the publicly available early update ring builds of version 2006. These builds were available for download between August 11, 2020 and August 21, 2020.

To verify which first wave build is installed, look for a package GUID by adding the Package GUID column to the details pane of the Updates and Servicing node in the console. This update applies to first wave installations of version 2006 from packages that have the following GUIDs:

E150700D-0C89-4D3A-A6D9-849C155810CF
68B5A14B-D9E7-4908-B076-7CB7C4453C28
34900584-46D4-4C8C-BDB6-41B4EE01244F

Restart information

You do not have to restart the computer after you apply this update.

Update replacement information

This update does not replace any previously released update.

Additional installation information

After you install this update on a primary site, pre-existing secondary sites must be manually updated. To update a secondary site in the Configuration Manager console, click Administration, click Site Configuration, click Sites, click Recover Secondary Site, and then select the secondary site. The primary site then reinstalls that secondary site by using the updated files. Configurations and settings for the secondary site are not affected by this reinstallation. The new, upgraded, and reinstalled secondary sites under that primary site automatically receive this update.

Run the following SQL Server command on the site database to check whether the update version of a secondary site matches that of its parent primary site:

select dbo.fnGetSecondarySiteCMUpdateStatus ('SiteCode_of_secondary_site')

If the value 1 is returned, the site is up-to-date, with all the hotfixes applied on its parent primary site.

If the value 0 is returned, the site has not installed all the fixes that are applied to the primary site, and you should use the Recover Secondary Site option to update the secondary site.

File information