SCCM KB4500571 current branch 1902

SCCM KB4500571 current branch 1902.

Issues that are fixed:

• The Download Package Content task sequence action fails and the OsdDownload.exe process terminates unexpectedly. When this occurs, the following exit code is recorded in the Smsts.log on the client:

Process completed with exit code 3221225477

• Screenshots that are submitted through the Send a Smile or Send a Frown product feedback options cannot be deleted until the Configuration Manager console is closed.
• Hardware inventory data that relies on the MSFT_PhysicalDisk class reports incomplete information on computers that have multiple drives. This is because the ObjectId property is not correctly defined as a key field.
• Client installation fails on workgroup computers in an HTTPS-only environment. Communication with the management point fails, indicating that a client certificate is required even after one has been provisioned and imported.
• A “success” return code of 0 is incorrectly reported as an error condition when you monitor the deployment status in the Configuration Manager console.
• When the option to show a dialog window is selected for app deployments that require a computer restart, that window is not displayed again if it is closed before the restart deadline. Instead, a temporary (toast) notification is displayed. This can cause unexpected computer restarts.
• If it is previously selected, the “When software changes are required, show a dialog window to the user instead of a toast notification” check box is cleared after you make property changes to the required application deployment.
• Expired Enhanced HTTPS certificates that are used for distribution points are not updated automatically as expected. When this occurs, clients cannot retrieve content from the distribution points. This can cause increased network traffic or failure to download content. Errors that resemble the following are recorded in the Smsdpprov.log:

Begin to select client certificate
 Using certificate selection criteria 'CertHashCode:<HASH>'.
 There are no certificate(s) that meet the criteria.
 Failed in GetCertificate(...): 0x87d00281
 Failed to find certificate '<THUMBPRINT>' from store 'MY'. Error 0x87d00281
 UpdateIISBinding failed with error - 0x87d00281

The distribution points certificates are valid when you view them in the Security\Certificates node of the Configuration Manager console, but the SMS Issuing certificate will appear to be expired.

Renewing the certificate from the console has no effect. After you apply this update, the SMS Issuing certificate and any distribution point certificates will automatically renew as required.

• A management point may return an HTTP Error 500 in response to client user policy requests. This can occur if Active Directory User Discovery is not enabled. The instance of Dllhost.exe that hosts the Notification Server role on the management point may also continue to consume memory as more user policy requests arrive.
• Content downloads from a cloud-based distribution point fail if the filename contains the percent sign (%) or other special characters. An error entry that resembles the following is recorded in the DataTransferService.log file on the client:

AddUntransferredFilesToBITS : PathFileExists returned unexpected error 0x8007007b

• The DataTransferService.log may also record error code 0x80190194 when it tries to download the source file. One or both errors may be present depending on the characters in the filename.
• After you update to Configuration Manager current branch, version 1902, the Data Warehouse Synchronization Service (Data_Warehouse_Service_Point) records the error status message ID 11202. An error entry that resembles the following is recorded in the Microsoft.ConfigMgrDataWarehouse.log file:

View or function 'v_UpdateCIs' has more column names specified than  columns defined.<br />Could not use view or function  'vSMS_Update_ComplianceStatus' because of binding errors.

• User collections may appear to be empty after you update to Configuration Manager current branch, version 1902. This can occur if the collection membership rules query user discovery data that contains Unicode characters, such as ä.
• The Delete Aged Log Data maintenance task fails if it is run on a Central Administration Site (CAS). Errors that resemble the following are recorded in the Smsdbmon.log file on the server.

TOP is not allowed in an UPDATE or DELETE statement against a partitioned view. : spDeleteAgedLogData
An error occurred while aging out DRS log data.

• When you select the option to save PowerShell script output to a task sequence variable, the output is incorrectly appended instead of replaced.
• The SMS Executive service on a site server may terminate unexpectedly after a change in operating system machine keys or after a site recovery to a different server. The Crash.log file on the server contains entries that resemble the following.
  

Note Multiple components may be listed, such as SMS_DISTRIBUTION_MANAGER, SMS_CERTIFICATE_MANAGER, or SMS_FAILOVERMANAGER. The following Crash.log entries are truncated for readability.

EXCEPTION INFORMATION
Service name = SMS_EXECUTIVE
Thread name = SMS_FAILOVER_MANAGER
Exception = c00000fd (EXCEPTION_STACK_OVERFLOW)

Description = "The thread used up its stack." 

• Old status messages may be overwritten by new messages after promoting a passive site server to active.
• User-targeted software installations do not start from Software Center after you update to Configuration Manager current branch, version 1902. The client displays an “Unable to make changes to your software” error message. Errors entries that resemble the following are recorded in the ServicePortalWebSitev3.log:

:GetDeviceIdentity - Could not convert 1.0,GUID:{guid} to device identity because the deviceId string is either null or larger than the allowed max size of input
:System.ArgumentException: DeviceId
    at  Microsoft.ConfigurationManager.SoftwareCatalog.Website.PortalClasses.PortalContextUtilities.GetDeviceIdentity(String  deviceId)
    at  Microsoft.ConfigurationManager.SoftwareCatalog.Website.PortalClasses.Connection.ServiceProxy.InstallApplication(UserContext  user, String deviceId, String applicationId)
    at  Microsoft.ConfigurationManager.SoftwareCatalog.Website.ApplicationViewService.InstallApplication(String  applicationID, String deviceID, String reserved) 

This issue occurs if the PKI certificates that are used have a key length that is greater than 2,048 bits.

• Audit status messages are not transmitted to the site server in an environment with a remote SMS provider.
• The Management Insights rule “Enable the software updates product category for Windows 10, version 1809 and later” does not work as expected for Windows 10, version 1903.

Additional changes

• This update rollup is required to enable interaction with Configuration Manager and the Microsoft Desktop Analytics service.
   
• Multiple improvements are made to support devices that are managed by using both Configuration Manager and a thirty-party MDM service.
• Client computers that use IPv6 over UDP (Teredo tunneling) may generate excessive traffic to management points. This, in turn, can also increase the load on the site database.

This traffic occurs because of the frequent network changes that are associated with the Teredo refresh interval. After you apply this update, this data is filtered by default and is no longer passed to the notification server on the management point. This filtering can be customized by creating the following registry string under HKEY_LOCAL_MACHINE\Software\Microsoft\CCM:

Type: String
Name: IPv6IFTypeFilterList
Value: If the string is created without any data (blank), the pre-update behavior applies and no filtering occurs.

The default behavior of filtering Teredo tunnel data (interface type IF_TYPE_TUNNEL, 131) is overwritten if new values are entered. Multiple values should be separated by semicolons.

• The Configuration Manager client now handles a return code of 0x800f081f (CBS_E_SOURCE_MISSING) from the Windows Update Agent as a retriable condition. The result will be the same as the retry for return code 0x8024200D (WU_E_UH_NEEDANOTHERDOWNLOAD).
• The SMSTSRebootDelayNext task sequence variable is now available.
• SQL database performance is improved for operations that involve a configuration item (CI) that has associated file content by the addition of a new index on the CI_ContentFilesEx table.