ConfigMgr 2203 Known Issues and Fixes

Let’s discuss the ConfigMgr 2203 known issues and fixes available. Microsoft has not shared any known issues with SCCM 2203 version. I have checked the release notes, where they normally highlight the known issues with each version of SCCM.

Most of the known issues documented in release notes are of the SCCM version 2107, and some are there for the 2111 version. So this is a piece of good news. It seems the ConfigMgr 2203 version is very stable! Microsoft released the KB14244456 – Update rollup for SCCM version 2203 on 24th June 2022.

I have checked the community forums and social media channels to find buzz around bugs or known issues with the 2203 version of Configuration Manager (aka MEMCM). Nothing to highlight from there as well.

Microsoft released a hotfix KB13953025 to fix 5 known issues with SCCM 2203 early ring version. So if you have installed the early ring version of 2203, you must install the KB mentioned above to fix the issues.

Patch My PC

Read More -> SCCM Deprecated Features | Removed Features

Known Issue References tab on an SCCM 2203 Task Sequence

Update July 21 by Scott WilliamsReferences tab on an SCCM 2203 Task Sequence.

“Click the References tab on a Task Sequence, view content status on a package entry, then hit the back arrow to go back to the Software Library node…. and it has “lost” the actual entries and replaced them with some other random TS.”

Software Update Group SUG Search Issues with SCCM 2203FIXED with KB14244456

Microsoft acknowledged the search issue with SCCM 2203 Software Update Group SUGs. Daniel Ratliff highlighted this on Twitter. It seems the SUG search is not working if you search with the full name of the search word but if you search with the first few letters of the first word the search might work.

Microsoft Customer Support Engineer Anthony J. Fontanez also confirmed it by sharing “It’s a known issue. The problem only appears if you also have folders existing elsewhere, such as under device collections. Create a subfolder under ADRs and use PowerShell to move all of your existing ADRs into that subfolder, and they’ll reappear.”

“I did find that it doesn’t find it yet if you type the whole first-word search, it finds it, and after that, it found all my Micro for Microsoft yet I then type Def for Defender it didn’t find it. Yes, something is wrong with the search” as per MS MVP Matthew Hudson.

Solution/FIX: Fixed with Rollup updateKB14244456. The fix is coming in the 2207 version of SCCM and the 2203 Rollup update.

Software Update Group SUG Search Issues with SCCM 2203 -Pic Credit to Daniel Ratliff
Software Update Group SUG Search Issues with SCCM 2203 -Pic Credit to Daniel Ratliff

List of Hotfixes Available for ConfigMgr 2203 Version

Let’s list the hotfixes, KB Articles, or Rollup updates available for the ConfigMgr 2203 version. I will keep updating the hotfix list whenever Microsoft releases new KB articles.

Microsoft released the first hotfix KB13953025 for ConfigMgr 2203 on 3rd May 2022. The rollup update for the Configuration Manager 2203 version is expected within 3 months of the initial release (June end or July first week). The MEMCM 2203 got released on 08th April 2022.

  1. KB13953025First Hotfix for ConfigMgr 2203 Applicable Only for the Fast Ring
  2. Hotfix KB14480034 – FIX SCCM PKI Client Registration Issue
  3. KB14244456 – Update rollup for SCCM version 2203
ConfigMgr 2203 Known Issues and Fixes 1
ConfigMgr 2203 Known Issues and Fixes 1

FIXes Released with KB14244456 Update rollup for SCCM version 2203

Let’s check how many issues of SCCM 2203 version are fixed with this rollup update or not. I have listed down the fixed list of issues in the below section.

  • Application approvals through email don’t work with a cloud management gateway due to a missing Azure Active Directory token.
  • Metadata revisions to previously published metadata-only updates aren’t synchronized to Windows Server Update Services (WSUS) as expected.

The Task Sequence Editor running on Windows Server 2022 fails to apply changes to a task sequence if the window is left open for several minutes. When this occurs the following message is displayed onscreen.

Error connecting to provider, smsprov.log may show more details.
  • BitLocker compliance status won’t be accurate for a brief period of time if the Client checking status frequency (minutes) value is set below 60.

The SMS_AZUREAD_DISCOVERY_AGENT thread of the SMS_Executive service incorrectly removes some users and their group memberships when the site server is configured with a non-US English locale. The removal happens when the discovery cycle runs after the 12th day of the month.

Errors resembling the following are recorded in the SMS_AZUREAD_DISCOVERY_AGENT.log file at different times during the discovery cycle.

ERROR: Encountered SqlException The conversion of a nvarchar data type to a datetime data type resulted in an out-of-range value.
ERROR: Exception message: [The conversion of a nvarchar data type to a datetime data type resulted in an out-of-range value.]
ERROR: Group full sync request failed. Exception: System.NullReferenceException: Object reference not set to an instance of an object.
  • When adding a CMPivot query as a favorite it is split into two lines and characters are removed.
  • The Name criteria aren’t available when searching Software Update Groups in the Configuration Manager console.
  • The Browse button for Content location in the properties for a deployment returns an empty location instead of the value previously shown.
  • An application that is targeted to a device collection but deployed in the context of the user won’t honor the implicit uninstall setting.
  • Typing a Name value in the Create Orchestration Group wizard is unexpectedly slow.

A misleading error message (false negative) is generated on a target distribution point that is co-located with a site server. This happens during content distribution from a parent site to a child site. The misleading error in distmgr.log resembles this entry:

~RDC:Failed to set access security on \\<SiteServerFQDN>\SMSSIG$\<PkgID>.1.tar for package <PkgID> signature file

Hotfixes Already Included in the Global Release of ConfigMgr 2203

The following is the list of hotfixes already Included in the Global Release of ConfigMgr 2203. This means all issues highlighted in those hotfixes are fixed with the release of 2203. This is great news!

  • KB10096997 Summary of changes in ConfigMgr 2111
  • KB12709700 Update for ConfigMgr 2111
  • KB12959506 Client update for ConfigMgr 2111
  • KB12819689 Connected cache update for ConfigMgr 2111
  • KB12896009 Update rollup for ConfigMgr 2111
ConfigMgr 2203 Known Issues and Fixes 2
ConfigMgr 2203 Known Issues and Fixes 2

The following table provides the list of improvements and fixed issues with the 2203 version of ConfigMgr. Spend some time understanding the issue highlighted in the table.

Let’s look at the improvement that Microsoft introduced into the 2203 version before looking into ConfigMgr 2203 Known Issues.

Some of the following are long pending issues, and even we can track back to previous versions of ConfigMgr. So, it’s always better to upgrade your ConfigMgr infrastructure to the latest version.

Issues Fixed with SCCM 2203 version
Collection Evaluation ImprovementsThe collection evaluation process is optimized during the startup of the SMS_Executive service (smsexec.exe) to reduce the overall time required to complete evaluations.
Pull DP Issue 500 threadsThe SMS Agent Host service (CCMExec.exe) hangs in a Stop Pending state on clients configured as pull-distribution points.
PowerShell CMDLets IssuesThe Get-CMSoftwareUpdateDeployment and Get-CMSoftwareUpdateDeploymentStatus PowerShell cmdlets do not run as expected under the context of an account with the Software Update Manager role.
vLog SQL Query Parsing IssuesSQL queries against the vLogs view can fail with an XML parsing error which delays data replication service troubleshooting efforts.
FailoverManager.log Ambiguous log EntriesThe FailoverManager.log file is improved to remove ambiguous log entries related to site certificates.
State message processing IssuesState message processing is now more resilient to intermittent SQL errors.
Client Health Dashboard IssuesThe Client Health Dashboard is updated to reduce false negatives related to status messages.
Package Distribution DelaysThe Distribution Manager component of the SMS_Executive service on a child site makes unnecessary network calls back to the parent site for package source details such as file size.
ADR Filter IssuesThe content size filter for an automated deployment rule does not return any results when an exact value is used instead of a comparison.
Company Portal IssuesUser available programs are incorrectly shown under the Featured section in the company portal.
High impact task sequence notification IssueOpening a software center notification from the system tray icon bypasses the high-impact task sequence notification.
SCCM Workgroup client’s Approval IssueStarting with SCCM 2107, newly installed workgroup clients are not automatically approved as expected in environments using PKI-issues certificates.
Co-Managed Clients IssueCo-managed clients no longer receive Intune Win32 content via the Microsoft Connected Cache feature.
Wmiprvse.exe exceeded handle quota limit IssueAutomated queries against the SMSCOMPONENTS WMI class may eventually fail. Event ID 5612 is generated
Microsoft .NET Framework Prerequisite CheckerThe Recommended version of Microsoft .NET Framework prerequisite checker warning is updated to clarify requirements.
CMG Error Error – 0x8020002c IssueFiles larger than 4GB fail to download from a CMG when the BranchCache feature is enabled.
Failed progress UI (0x80040154) ErrorDue to a timing issue, OSD task sequences may fail to put the SCCM client into provisioning mode.
UpdateDeployment & DCMAgent logs IssuesImprovements for readability are made to the UpdateDeployment and DCMAgent log files.
Statistic initialization failed 0x87d00217 IssueThe SMS Agent Host service (CCMExec.exe) takes up more memory than expected on an MP if there is a problem reading the {MP_installation_directory}\Statistic\CurrentData file.
Active Directory discovery IssuesLogging for Active Directory discovery methods is improved to include more precise troubleshooting information, such as specific error codes if domain names fail to resolve.
Microsoft Code Signing PCA 2011 IssuesYou can now export the certificate from a computer where you’ve installed a Configuration Manager version 2203 site server. View the certificate on SMSInstallDir\cd.latest\SMSSETUP\BIN\X64\CMPivot.ps1. More details here.
TPM certs cab – 0x8009310b ErrorsAfter updating to SCCM 2111, the hman.log file contains an error 0x8009310b. This error does not affect normal site operations.
Could not find stored procedure IssueThe Run summarization task for a software update deployment fails to run on the CAS. The statesys.log contains an error resembling the following: Could not find stored procedure ‘spTask_SUM_AssignmentComplianceEvaluator.’
ConfigMgr 2203 Known Issues and Fixes 5

ConfigMgr 2203 Known Issues

Let’s check the ConfigMgr 2203 known issues from the below list. I have collected the know issues from the community and the hotfixes released for the 2203 version of ConfigMgr.

#1 – One of the ConfigMgr 2203 known issues for me is with ConfigMgr Console Dark Theme. The various wizards of the console are not dark theme enabled. This feels a bit weird from an admin experience perspective. As you know, Dark Theme is a pre-release feature, so this is expected!

ConfigMgr 2203 Known Issues and Fixes 3
ConfigMgr 2203 Known Issues and Fixes 3

#2 – ConfigMgr 2203 Known Issues – Failed to Resolve Task Sequence Dependencies 0x80040104 is reported by one of the users. You might encounter a prompt message Failed to Run Task Sequence while performing Operating System Deployment with SCCM Task Sequence.

I don’t know whether this is a known issue with the 2203 version of ConfigMgr or not. I can’t confirm this for now but keep an eye on this issue and report if you also see this issue after the 2203 upgrade.

Read More FIX SCCM Failed To Resolve Selected Task Sequence Dependencies Code 0x80040104

ConfigMgr 2203 Known Issues and Fixes 4
ConfigMgr 2203 Known Issues and Fixes 4

#3 – Known Issue with ConfigMgr 2203 is Schedule updates of Windows 11 Operating System Images. Somehow, the Windows 11 Cumulative Updates are not listed on Schedule Updates Wizard.

Read MoreAdd New Patches to OS Images using SCCM Schedule Updates Option

ConfigMgr 2203 Known Issues and Fixes 6
ConfigMgr 2203 Known Issues and Fixes 6

ConfigMgr 2203 Known Issues Fixed with KB13953025

Let’s check the 5 known issues fixed with ConfigMgr 2203 KB13953025. This is applicable only for the fast ring version of ConfigMgr.

  • The number of clients reporting an unhealthy state increases unexpectedly after installing an early update release of ConfigMgr 2203.
  • Windows Feature Updates do not apply as expected due to a timing condition during the SMS Agent Host service (CCMExec.exe).
  • Administrators cannot offboard from the Azure US Government Cloud because the checkbox for Upload to Microsoft Endpoint Manager admin center is disabled.
  • The ConfigMgr Admin console terminates unexpectedly if you select the Community Hub node before the Documentation node finishes loading.
  • The Browse button on the collection picker for the Windows 10 servicing dashboard does not work. The SMSAdminUI.log contains errors resembling the following:
Webview: Win10ServicingHomePageScriptManager: An error occurred processing request type 'LaunchWizardCollectionPicker' error is InvalidOperationException : System.InvalidOperationException: The calling thread must be STA, because many UI components require this.

Author

7 thoughts on “ConfigMgr 2203 Known Issues and Fixes”

  1. 2203 bug confirmed by Microsoft 5/19/2022

    After updating to 2203 we noticed that our clients were ignoring client policy – specifically, software updates. Even though we have, delta download disabled, the agents are ignoring it.

    Before 2203
    DeltaDownloadStartup task is starting… DeltaDownload
    4/18/2022 6:06:05 PM 4052 (0x0FD4)
    CDeltaDownloadController::FinalConstruct entered DeltaDownload
    4/18/2022 6:06:05 PM 4052 (0x0FD4)
    Startup or config change event for DO data collection task. DeltaDownload
    4/18/2022 6:06:05 PM 4052 (0x0FD4)
    Software Updates enabled: 1; Express enabled: 0; Express port: 8005 DeltaDownload
    4/18/2022 6:06:05 PM 4052 (0x0FD4)
    Express version: 10.0.14393.953 DeltaDownload
    4/18/2022 6:06:05 PM 4052 (0x0FD4)
    Not starting Delta Download Agent since the client agent setting for Delta Download is disabled DeltaDownload
    4/18/2022 6:06:05 PM 4052 (0x0FD4)
    DeltaDownloadShutdownTask task is starting… DeltaDownload
    5/5/2022 8:28:06 PM 8400 (0x20D0)

    After 2203
    DeltaDownloadStartup task is starting… DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    CDeltaDownloadController::FinalConstruct entered DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    Startup or config change event for DO data collection task. DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    Software Updates enabled: 1; Express enabled: 0; Express port: 8005 DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    Always turn on delta download endpoint if OS version allows, regardless if express enabled or not. Set bIsDeltaDownloadEnabled to true. DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    Express version: 10.0.14393.953 DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    Allowed:1, HttpPort:8005 DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    http://localhost:8005 DeltaDownload 5/5/2022 8:31:24 PM 1136 (0x0470)
    Unable to read existing WUA Group Policy object. Error = 0x80070002. DeltaDownload 5/5/2022 8:31:24 PM 1136 (0x0470)
    DeltaDownloadController main thread has started. DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    Listening for requests on the following url: http://localhost:8005/ DeltaDownload 5/5/2022 8:31:24 PM 8228 (0x2024)
    Software Updates enabled: 1; Express enabled: 0; Express port: 8005 DeltaDownload 5/5/2022 8:31:24 PM 1136 (0x0470)
    Always turn on delta download endpoint if OS version allows, regardless if express enabled or not. Set bIsDeltaDownloadEnabled to true. DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    Express version: 10.0.14393.953 DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)
    Launching the timer task for DO data collection with value – 45 DeltaDownload 5/5/2022 8:31:24 PM 1136 (0x0470)
    Delta Download Controller has started DeltaDownload
    5/5/2022 8:31:24 PM 1136 (0x0470)

    Thought you should know

    Reply
  2. @Sean Pierce, we encounter the same issue with Delta Download. We disabled this settings in the client Policy but the client enable this settings anyway. Now we have the 8005 port that listening locally.

    Do you have some updates ?

    The KB14480034 seems not fix this issues.

    Reply
  3. Possibly seeing the same issue this week, new Tomcat Apache app crabbing about port 8005 despite delta download being set to off.

    Reply
  4. Opened a case with Microsoft, they told me that this was a not necessarily a bug or an issue but part of a ‘feature change’ introduced in 2203 and that there may be either an update or documentation noting this at later date. DeltaDownload.log results on our clients line up with the 2203 update having been installed, with the logs showing no listening on port 8005 prior to this.

    Reply
  5. So you are saying that since 2203 your clients are listening on port 8005? Bit silly that it’s enabling functionality that is explicitly disabled.

    Reply
  6. since upgrading to 2203, we can no longer import Dell Drivers if there are any exe files in the directories. Even directories we have previously imported fail to import. if the exe’s are removed then the drivers import fine. It gives an message about permissions, but permissions are fine.

    Configuration Manager cannot import the specified driver folder. Verify that the folder exists in the specified location, contains one or more drivers for supported platforms and that both the SMS Provider computer and the computer running the Configuration Manager console have Read permissions to the specified shared folder.

    found someone talking about the exact same thing back in 2010
    https://social.technet.microsoft.com/Forums/en-US/f222ec85-be4f-4cd0-88e1-42e1d628acd4/sccm-osd-cant-import-drivers-from-unc-location?forum=configmgrgeneral

    I have submitted feedback to MS, pending a response.

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.