Summary of changes in Microsoft Endpoint Configuration Manager current branch, version 2006

Applies to: Microsoft Endpoint Configuration Manager (current branch – version 2006)


Release version 2006 of Microsoft Endpoint Configuration Manager current branch contains fixes and feature improvements.

The "Issues that are fixed" list is not inclusive of all changes. Instead, it highlights the changes that the product development team believes are the most relevant to the broad customer base for Configuration Manager. Many of these changes were made in response to customer feedback about product issues and product improvement.


Issues that are fixed

Tenant attach and cloud services

  • The CMG connection analyzer tool fails when testing the CMG channel for a management point that uses a replica database.
    Errors resembling the following are recorded in the CCM_STS.log
  • Policy status information fails to update for devices onboarded to Microsoft Defender Advanced Threat Protection (ATP). This only affects customers updating to Configuration Manager version 2006 from the early update release of version 2002 that did not apply KB 4553501 before updating to 2006.
  • Tenant-attach Endpoint Security policies, such as those for Microsoft Defender Advanced Threat Protection (ATP), are now enforced outside maintenance windows.

Operating System Deployment and Task Sequences

  • Content downloaded to the client for a program to run from a task sequence is not used when the option "Install software packages according to dynamic variable list" is selected. This leads to content downloading twice on the client; once to the client cache and again from the distribution point.
  • The Install Application and Install Software Updates task sequence steps fail when clients are installed using the PROVISIONTS parameter. This occurs when the task sequence runs after the initial client installation process in environments where the management point is configured to use HTTPS. Errors resembling the following sequence are recorded in the DataTransferService.log
  • After a computer reboot, variables updated in a parent or child task sequence do not show updated in child task sequence.


  • The New-CMApplicationDeployment PowerShell cmdlet does not allow you to set a deadline for available deployments with the supersedence option.
    • The SMSTSPreserveContent task sequence variable does not maintain package version information. This results in content re-downloading after task sequence package versions change.


    • Configuration Manager clients installed while using a metered internet connection are unable to register. Errors resembling the following are recorded in the ClientIDManagerStartup.log file.
    • When a domain-joined client is connected to the corporate network via the internet, Software Center does not display applications deployed to users. Errors resembling the following are recorded in the SCClient.
    • Clients are unable to download third party updates from a cloud management gateway or cloud-based distribution point if the fully qualified domain name of Windows Server Updates Services (WSUS) ends with ".net".

    Site Systems

    • The Distribution Manager component of the SMS Executive service (smsexec.exe) can hang when trying to communicate with an unresponsive distribution point. This leads to delays in processing of packages and notification files, resulting in an overall slowdown in content distribution.
    • The Discovery Data Manager component does not correctly process domain information from discovery data record (DDR) files. After a discovery cycle, the client domain data is null. A message resmbling the following is recorded in the ddm.log file if verbose logging is enabled.
    • Distribution Point Configuration Status may erroneously show the warning message "Failed to retrieve the package list on the distribution point"; the warning is not consistently cleared after updated status messages are processed. The last status message time in the message details may also be out of date.
    • Enabling the Track remediation history when supported checkbox for a configuration item results in the Always apply this baseline for co-managed clients setting being ignored.
    • Updating a passive site server to a new version of Configuration Manager results in the SMS Provider reinstalling if it was previously removed or not installed.

    Hotfixes that are included in this update

    • KB 4560496: Update Rollup for Microsoft Endpoint Configuration Manager version 2002
    • KB 4575339: Devices appear twice in Microsoft Endpoint Configuration Manager admin center
    • KB 4575774: New-CMTSStepPrestartCheck cmdlet fails in Configuration Manager, version 2002
    • KB 4576782: Application blade times out in Microsoft Endpoint Manager admin center

    Dependency changes

    The following dependent components that are included with Configuration Manager version 2006 are updated to the specified versions:

    • Microsoft.ApplicationInsights to version 2.14.0
    • System.Diagnostics.DiagnosticSource to version 4.7.0
    • Newtonsoft.Json to version 6.0.8