System Center 2012 R2 CU1 Configuration Manager hotfix available

Introduction

Microsoft has released a new hotfix (Cumulative Update 1) that contains bugfixes and updates for System Center 2012 R2 Configuration Manager. This describes the issues that are fixed and the functionality that is updated in Cumulative Update 1 (CU1) for Microsoft System Center 2012 R2 Configuration Manager.

Details

The following issues have been fixed:

Administrator Console

  • The wrong software update for an operating system image may be selected in the list of items that are returned in the Schedule Updates Wizard after the list is sorted.
  • Adding a new computer association for an existing computer causes the following error message in the Administrator Console:
    Description: “Unable to save changes”
    ErrorCode: 2152205056
    File = ‘e:\\qfe\\nts\\sms\\siteserver\\sdk_provider\\smsprov\\sspsite.cpp”:
    Line = 1344
    Operation = “ExecMethod”
    ParameterInfo = “SMS_Site”:
    ProviderNamre = “WinMgmt”
    StatusCode = 2147749889
  • Downloads of extensions by using the Windows Intune Connector role fail because of a message signature verification error. Entries that resemble the following are logged in the dmpdownloader.log file:
    ERROR: SignData failed with exception: [Invalid algorithm specified.~~]

Mobile Device Management

  • Enrolling an Android device in both Exchange Active Sync (EAS) and Mobile Device Management causes a duplicate device to be created in the Administrator Console.

Reporting

  • The “Computers with a specific application installed” report lists a computer two times if that computer is in two collections and if the user who is running the report has permission to both collections.

Application Virtualization

This cumulative update adds support for Microsoft Application Virtualization (App-V) 5.0 Service Pack 2 (SP2). The following issues are seen only in App-V 5.0 SP2 environments earlier than CU1:

  • With App-V 5.0 SP2, when a new version of an App-V package supersedes an earlier version, and when that earlier version is being used, the package is listed as not published. Errors that resemble the following are logged in the AppEnforce.log and the AppDiscovery.log files.AppEnforce.log
    Publish-AppvClientPackage : A publish operation has been scheduled, pending
    the shutdown of all applications in the package or the connection group.

    Publishing Package is successful but one one of the Virtual Package is currently in use. Close this Virtual Package to get the changes into effect
    Performing detection of app deployment type TestApp – Microsoft Application Virtualization 5(ScopeId_0C7279F0-1490-4A0E-A7A3-32A000CEF76D/DeploymentType_d1adf427-ac14-4ee1-9e51-415af7675383, revision 2) for system.

    AppDiscovery.log

    Required component [{AppVPackageRoot}]\TestApp.exe is not published
  • With App-V 5.0 SP2, App-V packages that are being used cannot be uninstalled. Errors that resemble the following are logged in the AppEnforce.log file:
    CVEWorker::UninstallConnectionGroup() failed

Internet-based clients

  • Internet-based clients cannot download content from an Internet-facing distribution point after they first encounter a failure to reach Windows Update. Additionally, the DataTransferService.log file on the client logs errors that resemble the following:
    Failed to set proxy to bits job for url ‘https:// site.configmgr.com:443/SMS_DP_SMSPKG$/{pkg_id}’. Error 0x87d00215
    All proxy types and no proxy have been tried for times but failed.

 

Software Center

  • The business hours setting in the Software Center is not honored for mandatory assignments for programs and task sequences that can run independently of assignment. Instead, the programs and task sequences run immediately. The full text of this setting is “Automatically install or uninstall required software and restart the computer only outside of the specified business hours.”
  • The Uninstall option may not be available in Software Center for applications that are made available through multiple deployment types. For example, if two deployment types for an application apply to a client, and if both have an Uninstall action, the Uninstall button is unavailable.
  • The “Available After” date for applications in Software Center may display a date of 1998. This problem occurs for applications that are made available through task sequences.

 

Operating system deployment

  • External drives, such as some USB thumb drives, are displayed as fixed disks instead of removable media. Attempts to start and install an OS image result in error messages that resemble the following in the Smsts.log file:
    Booted from fixed disk
    !sVolumeID.empty(), HRESULT=80004005 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,465)
    !sVolumeID.empty(), HRESULT=80004005 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,465)
    !sTSMDataPath.empty(), HRESULT=80070002 (e:\qfe\nts\sms\framework\tscore\resolvesource.cpp,1425)
    TS::Utility::GetTSMDataPath(rsPath), HRESULT=80070002 (e:\qfe\nts\sms\client\tasksequence\bootshell\configpath.cpp,352)
    Failed to find the current TS configuration path
    ConfigPath::FindConfigPath(sConfigPath), HRESULT=80070002 (e:\qfe\nts\sms\client\tasksequence\bootshell\bootshell.cpp,545)
    Failed to find the configuration path.
    The system cannot find the file specified. (Error: 80070002; Source: Windows)
    Execution failed with error 80070002.
  • Client computers that are started from Dynamic Boot Media fail to retrieve policy data if the first Management Point refuses an HTTPS connection with error code 80072efd. This does not apply to HTTP connections. This problem occurs even when there are other Management Points available. The smsts.log file contains entries that resemble the following.Note These entries are truncated for readability.
    3 https and 1 http locations are returned from MP https://MP1.contoso.com.
    ‘https://MP2.contoso.com’ sute may be accessible and beused for redirection
    ‘https://MP1.contoso.com’ sute may be accessible and beused for redirection
    ‘https://MP3.contoso.com’ sute may be accessible and beused for redirection
    ‘http://MP4.contoso.com’ may be accessible and be used for redirection
    New settings:
    site=PS1,PS1, MP=https://MP2.contoso.com, ports: http=80,https=443
    certificates are received from MP.

    CLibSMSMessageWinHttpTransport::Send: URL: MP2.contoso.com:443 CCM_POST /ccm_system_AltAuth/request
    In SSL, but with no client cert
    Error. Received 0x80072efd from WinHttpSendRequest.
    sending with winhttp failed; 80072efd
    Will retry in 5 second(s)
    Retrying…

    socket ‘connect’ failed; 8007274d
    sending with winhttp failed; 80072efd
    End of retriesFailed to read client identity (Code 0x80072efd)
    Failed to get client identity.
    Exiting TSMediaWizardControl::GetPolicy.
    Setting wizard error: An error occurred while retrieving policy for this computer (0x80072EFD). For more information, contact your system administrator or helpdesk operator.
  • Child sites do not process the content for a task sequence that was changed after migration from another site. The Distmgr.log file on the child site contain entries that resemble the following, and the package state does not change:
    Package {Package_ID} is in Pending state and will not be processed…

    Note This fix applies only to task sequences that are not yet migrated. Task sequences that were migrated before you applied CU1 should be deleted and then migrated again.

  • Applications that are deployed by using a task sequence cannot be installed if the following conditions are true:
    • The deployment purpose is defined as “Required.”
    • The assignment Schedule is “As soon as possible.”
    • The Download all contents locally before starting task sequence option is selected.

    The Execmgr.log file on the client contains errors that resemble the following:

    ContentProgressEx invalid request GUID handle
    OnContentAvailable invalid request GUID handle
  • Task sequences that are migrated from Configuration Manager 2007 environments and that use Virtual Applications for Install Software package source fail to run. Errors that resemble the following are logged in the Smsts.log file:
    Executing command line: smsappinstall.exe /app:ScopeId_{GUID}/Application_{GUID} /basevar: /continueOnError:
    [ smsinstallapp.exe ]
    ContinueOnError flag is null
    Failed to parse command line arguments, hr=0x80070057
    Process completed with exit code 2147942487
  • Task sequences may fail on a UEFI-based client if the “Format and Partition” task sequence step runs two times. A dialog box appears that contains the following text during the second “Format and Partition” operation:
    OsdDiskPart.exe – Application Error
    The instruction at {offset} referenced memory at {address}. The memory could not be read.
  • The following fixes are also included in this cumulative update for Operating System Deployment.
    KB number Title
    2928122 Application contents are duplicated in stand-alone media in System Center 2012 R2 Configuration Manager
    2905002 An update is available for the “Operating System Deployment” feature of System Center 2012 R2 Configuration Manager
    2910552 You cannot stage a Windows PE 3.1 boot image to a Windows XP-based computer in System Center 2012 R2 Configuration Manager
    2907566 Per-computer variables for imported computers are not read in System Center 2012 R2 Configuration Manager

Endpoint Protection

 

Application management

  • Automated Deployment Rules do not download updates when a proxy server that uses a specific user account is defined. The PatchDownloader.log file on the software update point contains entries that resemble the following:
    Downloading content for ContentID = 16777361, FileName = windows8.1-kb1234567-x64.cab.
    Try username DOMAIN\Proxy_User_Account
    Proxy enabled proxy server 192.168.1.1:8080
    HttpSendRequest failed HTTP_STATUS_PROXY_AUTH_REQ
    Download http://windows8.1-kb1234567-x64_36d2001d0935b254ff87ab33e46545057ec78514.cab to C:\windows\TEMP\CABC023.tmp returns 407
    ERROR: DownloadContentFiles() failed with hr=0x80070197
  • Users who are accessing the company portal cannot install or request an application that is targeted to a security group. A message that resembles the following is displayed:
    Error loading details
    An error occurred while attempting to load the app details.
  • The following fix is also included in this cumulative update for Application Management.
    KB number Title
    2913703 Applications that use dynamic variable lists are not installed in System Center 2012 Configuration Manager SP1

 

Supported operating systems

  • The following fix is also included in this cumulative update for supported operating systems.
    KB number Title
    2918997 A hotfix is available to update the Software Requirements user interface for the Mac software distribution operating system in System Center 2012 Configuration Manager

 

Site systems

  • The Application Catalog website displays the error “Cannot connect to the application server” after an SSL-enabled Application Catalog is running under load for a long time (usually several days). Additionally, errors that resemble the following are logged in the ServicePortalWebSite.log file:
    [127, PID:8992][02/18/2014 02:47:10] :ValidateServerCert – Validating certificate 3C8063A10002000A70DC
    [127, PID:8992][02/18/2014 02:47:10] :System.TimeoutException: The request channel timed out while waiting for a reply after 00:00:59.9830000. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.Server stack trace:
    at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)

 

Windows PowerShell

  • The following article describes the changes that are also included in this cumulative update for Windows PowerShell.
    KB number Title
    2932274 Description of Windows PowerShell changes in Cumulative Update 1 for System Center 2012 R2 Configuration Manager

 

Wake-up proxy

  • This cumulative update includes an update to the wake-up proxy feature. These changes reduce the chances of false detection of a client computer as asleep and reduce the network traffic that is generated by the proxy.

 

How to obtain Cumulative Update 1 for System Center 2012 R2 Configuration Manager

A supported update is available from Microsoft Support. However, this update is intended to correct only the problems that are described in this article. Apply this update only to systems that are experiencing the problems described in this article. This update might receive additional testing. Therefore, if you are not severely affected by these problems, we recommend that you wait for the next service pack that contains this update.

If the update is available for download, there is a “Hotfix download available” section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the update.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific update. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, go to the following Microsoft website:

Note The “Hotfix download available” form displays the languages for which this update is available. If you do not see your language, it is because an update is not available for that language.

More information about this cumulative update

After this cumulative update is installed on site servers, any operating system boot image should be updated. To update boot images after the hotfix is applied, follow these steps:

  1. In the Configuration Manager console, click Software Library.
  2. In the Software Library workspace, expand Operating Systems, and then click Boot Images.
  3. Select the boot image that you want to update.
  4. Right-click and then select the Update Distribution Points action.Note This action updates all distribution points and may have an adverse effect on an environment that contains many distribution points.
  5. Repeat steps 3 and 4 for all boot images that were previously distributed.

Learn about how to update boot images in the How to Manage Boot Images in Configuration Manager topic on the Microsoft TechNet website.

Restart information

You do not have to restart the computer after you apply this update.

Note We recommend that you close the Configuration Manager Administrator Console before you install this update.

Update replacement information

This cumulative update does not replace any previously released update.

How to determine the installation status of this cumulative update

This cumulative update changes the following Configuration Manager version numbers and installation properties.

Site systems

The CULevel value is located under the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Setup

Note The CULevel value is set to 1 for Cumulative Update 1.

Administrator Console

The version that is displayed in the About System Center Configuration Manager dialog is 5.0.7958.1203.

Client

The version that is displayed on the General tab of the Configuration Manager Control Panel item or the Client Version field of device properties in the Administrator Console is 5.00.7958.1203.

Endpoint Protection Client

This update brings the anti-malware client version to 4.5.0216.0. You can find the version information by clicking About on the Help menu of the Endpoint Protection client UI.

Download

You can download the hotfix from Microsoft here and you can read a blog post from Microsoft discussing Cumulative Updates here.

 

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.