Category: Console

Console is not updating Operating System Build

Console is not updating Operating System Build

Operating System Build is collected by Heartbeat discovery, which, by default, takes place every 7 days.

To configure heartbeat discovery frequency, you can check this by going to Administration – Hierarchy Configuration – Discovery Methods – Heartbeat Discovery. The default value is 7 days. You can change the frequency per your needs, for example every 1 or 2 days.

To resolve the issue, you can manually trigger a heartbeat discovery.

You can trigger heartbeat discovery from client side by clicking Control panel – Configuration Manager – Actions – Discovery data collection Cycle.

Alternatively, you can send a notification to your machines via Console: right click the device collection – Client NotificationCollect Discovery Data.

Actions for heartbeat discovery are logged on the client in the InventoryAgent.log file in the %Windir%\CCM\Logs folder.

If you have enabled xml retaining of hardware inventory, You can get the xml report from C:\windows\CCM\Inventory\Temp. The report will show you something like:

<Instance ParentClass="CCM_OperatingSystem" Class="CCM_OperatingSystem" Namespace="\\CONTOSO-CLIENT1\root\ccm\invagt" Content="New">
  <CCM_OperatingSystem>
    <AADDeviceID/>
    <AADTenantID/>
    <AgentEdition>0</AgentEdition>
    <Build>10.0.19044</Build>
    <BuildExt>10.0.19044.2728</BuildExt>
    <IsAOACCapable>0</IsAOACCapable>
    <IsPortableOS>0</IsPortableOS>
    <IsWriteFilterCapable>0</IsWriteFilterCapable>
    <OSBranch>0</OSBranch>
    </CCM_OperatingSystem>
</Instance>

Reference

How to connect to Configuration Manager site with PowerShell

How to connect to Configuration Manager site with PowerShell

There are two ways to connect to Configuration Manager site:

  • From Configuration Manager console
  • From PowerShell

To connect from PowerShell, you can just click on the top-left arrow icon pointing downward to expand the menu and then select Connect via Windows PowerShell or Connect via Windows PowerShell ISE.

Alternatively, you can also just launch PowerShell as the currently logged-in user and then run the following script, which, you can get when click on Connect via Windows PowerShell ISE from SCCM console above.

# Site configuration
$SiteCode = "CON" # <-- Site code. Replace CON with the actual site code.
$ProviderMachineName = "contoso.test.com" # <-- Replace contoso.test.com with the actual FQDN of the machine name
 
# Customizations
$initParams = @{}
 
# Do not change anything below this line
 
# Import the ConfigurationManager.psd1 module 
if((Get-Module ConfigurationManager) -eq $null) {
    Import-Module "$($ENV:SMS_ADMIN_UI_PATH)\..\ConfigurationManager.psd1" @initParams 
}
 
# Connect to the site's drive if it is not already present
if((Get-PSDrive -Name $SiteCode -PSProvider CMSite -ErrorAction SilentlyContinue) -eq $null) {
    New-PSDrive -Name $SiteCode -PSProvider CMSite -Root $ProviderMachineName @initParams
}
 
# Set the current location to be the site code.
Set-Location "$($SiteCode):\" @initParams

References

Client icon shows question mark in SCCM console

Client icon shows question mark in SCCM console with “Failed to receive buffer from server with err=0x80090304.”

ISSUE

Client icon shows question mark in SCCM console with Client Yes

A number of client computers turn offline show question mark icon in SCCM console while they have sccm client installed actually.

CcmNotificationAgent.log

07-07-2021 23:45:31.111    BgbAgent    6608 (0x19d0)    Critical Battery: [FALSE]

07-07-2021 23:45:31.111    BgbAgent    6608 (0x19d0)    Connection Standy: [FALSE]

07-07-2021 23:45:31.111    BgbAgent    6608 (0x19d0)    Network allowed to use: [TRUE]

07-07-2021 23:45:31.111    BgbAgent    6608 (0x19d0)    Access point is contosomp.com. (SSLEnabled = 0)

07-07-2021 23:45:31.111    BgbAgent    6608 (0x19d0)    CRL Checking is Enabled.

07-07-2021 23:45:31.111    BgbAgent    6608 (0x19d0)    Both TCP and http are enabled, let's try TCP connection first.

07-07-2021 23:45:31.111    BgbAgent    6608 (0x19d0)    Connecting to server with IP: 10.221.108.12 Port: 10123

07-07-2021 23:45:31.127    BgbAgent    6608 (0x19d0)    Handshake was successful

07-07-2021 23:45:31.127    BgbAgent    6608 (0x19d0)    Pass verification on server certificate.

07-07-2021 23:45:31.142    BgbAgent    6608 (0x19d0)    NetworkInfo: IPAddress 10.221.123.26,fe80::ecd4:75f7:bc84:8bf

07-07-2021 23:45:31.142    BgbAgent    6608 (0x19d0)    NetworkInfo: IPSubnet 255.255.255.0,64

07-07-2021 23:45:31.142    BgbAgent    6608 (0x19d0)    NetworkInfo: AccessMP contosomp.com

07-07-2021 23:45:31.142    BgbAgent    6608 (0x19d0)    NetworkInfo: IsClientOnInternet 0

07-07-2021 23:45:31.142    BgbAgent    6608 (0x19d0)    Sent all 429 byte(s) to server.

07-07-2021 23:45:31.142    BgbAgent    6608 (0x19d0)    Update the timeout to 900 second(s)

07-07-2021 23:45:31.158    BgbAgent    6608 (0x19d0)    Connection is reset

07-07-2021 23:45:31.158    BgbAgent    6608 (0x19d0)    Failed to receive buffer from server with err=0x80090304.

07-07-2021 23:45:31.158    BgbAgent    6608 (0x19d0)    Failed to signin bgb client with error = 80090304.

07-07-2021 23:46:31.169    BgbAgent    6608 (0x19d0)    Connecting to server with IP: 10.221.108.12 Port: 10123

07-07-2021 23:46:31.169    BgbAgent    6608 (0x19d0)    Handshake was successful

07-07-2021 23:46:31.169    BgbAgent    6608 (0x19d0)    Pass verification on server certificate.

07-07-2021 23:46:31.184    BgbAgent    6608 (0x19d0)    NetworkInfo: IPAddress 10.221.123.26,fe80::ecd4:75f7:bc84:8bf

07-07-2021 23:46:31.184    BgbAgent    6608 (0x19d0)    NetworkInfo: IPSubnet 255.255.255.0,64

07-07-2021 23:46:31.184    BgbAgent    6608 (0x19d0)    NetworkInfo: AccessMP contosomp.com

07-07-2021 23:46:31.184    BgbAgent    6608 (0x19d0)    NetworkInfo: IsClientOnInternet 0

07-07-2021 23:46:31.184    BgbAgent    6608 (0x19d0)    Sent all 429 byte(s) to server.

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Connection is reset

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Failed to receive buffer from server with err=0x80090304.

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Failed to signin bgb client with error = 80090304.

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Fallback to HTTP connection.

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Client is not on internet

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Client is not set to use any webproxy.

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    ccmhttp: Host=contosomp.com, Path=/bgb/handler.ashx?RequestType=LogIn, Port=80, Protocol=http, CcmTokenAuth=0, Flags=0x1, Options=0xe0

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Created connection on port 80

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Raising event:

 

instance of CCM_CcmHttp_Status

{

                    ClientID = "GUID:A8CD789C-44CD-472B-8631-E685CE2A53D9";

                    DateTime = "20210707154631.200000+000";

                    HostName = "contosomp.com";

                    HRESULT = "0x00000000";

                    ProcessID = 6272;

                    StatusCode = 0;

                    ThreadID = 6608;

};

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Successfully submitted event to the Status Agent.

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Session ID size is 72 byte(s).

07-07-2021 23:46:31.200    BgbAgent    6608 (0x19d0)    Session ID is 5129e3ed-25d4-439a-b409-90f39524c05e

07-07-2021 23:46:31.215    BgbAgent    6608 (0x19d0)    NetworkInfo: IPAddress 10.221.123.26,fe80::ecd4:75f7:bc84:8bf

07-07-2021 23:46:31.215    BgbAgent    6608 (0x19d0)    NetworkInfo: IPSubnet 255.255.255.0,64

07-07-2021 23:46:31.215    BgbAgent    6608 (0x19d0)    NetworkInfo: AccessMP contosomp.com

07-07-2021 23:46:31.215    BgbAgent    6608 (0x19d0)    NetworkInfo: IsClientOnInternet 0

07-07-2021 23:46:31.231    BgbAgent    6608 (0x19d0)    Sending buffer size = 1002.

07-07-2021 23:46:31.231    BgbAgent    6608 (0x19d0)    Client is not on internet

07-07-2021 23:46:31.231    BgbAgent    6608 (0x19d0)    Client is not set to use any webproxy.

07-07-2021 23:46:31.231    BgbAgent    6608 (0x19d0)    ccmhttp: Host=contosomp.com, Path=/bgb/handler.ashx?RequestType=Continue, Port=80, Protocol=http, CcmTokenAuth=0, Flags=0x1, Options=0xe0

07-07-2021 23:46:31.231    BgbAgent    6608 (0x19d0)    Created connection on port 80

07-07-2021 23:46:31.231    BgbAgent    6608 (0x19d0)    [CCMHTTP] ERROR: URL=http://contosomp.com/bgb/handler.ashx?RequestType=Continue, Port=80, Options=224, Code=0, Text=CCM_E_BAD_HTTP_STATUS_CODE

07-07-2021 23:46:31.231    BgbAgent    6608 (0x19d0)    [CCMHTTP] ERROR INFO: StatusCode=990 StatusText=BGB Session Ended

07-07-2021 23:46:31.247    BgbAgent    6608 (0x19d0)    Raising event:

 

instance of CCM_CcmHttp_Status

{

                    ClientID = "GUID:A8CD789C-44CD-472B-8631-E685CE2A53D9";

                    DateTime = "20210707154631.247000+000";

                    HostName = "contosomp.com";

                    HRESULT = "0x87d0027e";

                    ProcessID = 6272;

                    StatusCode = 990;

                    ThreadID = 6608;

};

07-07-2021 23:46:31.247    BgbAgent    6608 (0x19d0)    Successfully submitted event to the Status Agent.

07-07-2021 23:46:31.247    BgbAgent    6608 (0x19d0)    Successfully queued event on HTTP/HTTPS failure for server 'contosomp.com'.

07-07-2021 23:46:31.247    BgbAgent    6608 (0x19d0)    Failed to post continue request with error code 87d0027e.

07-07-2021 23:46:31.247    BgbAgent    6608 (0x19d0)    Failed to signin bgb client with error = 87d0027e.

bgbserver.log 

07-13-2021 10:09:25.944    SMS_NOTIFICATION_SERVER    3316 (0xcf4)    Failed to process SignIn message from client [::ffff:10.221.123.26]:52155.~~

07-13-2021 10:09:25.989    SMS_NOTIFICATION_SERVER    3316 (0xcf4)    ERROR: The message timestamp is older or newer than 1 hour. 2021-07-13T11:06:47Z~~

07-13-2021 10:09:25.989    SMS_NOTIFICATION_SERVER    3316 (0xcf4)    ERROR: The message body is invalid.~~

07-13-2021 10:09:25.989    SMS_NOTIFICATION_SERVER    3316 (0xcf4)    Failed to process SignIn message from client 10.221.123.26:52156.~~

REASON

The time between the client computer and the management point is greater than 1 hour

SOLUTION

Make sure the time between the client computer and the management point it reports to is less than 1 hour

Attempting to view co-management properties (under \Administration\Overview\Cloud Services\Co-management\) causes the MEM console to crash

Attempting to view co-management properties (under \Administration\Overview\Cloud Services\Co-management\) causes the MEM console to crash

When trying to see the existing Co-management settings in Configuration Manager console by right click, the console crashed.

SmsAdminUI.log shows – 

03-12-2021 01:30:00.000    1 (0x1)    System.Management.ManagementException
Generic failure
   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementObject.InvokeMethod(String methodName, ManagementBaseObject inParameters, InvokeMethodOptions options)
   at Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlConnectionManager.ExecuteMethod(String methodClass, String methodName, Dictionary`2 methodParameters, Boolean traceParameters)
ManagementException details:
instance of SMS_ExtendedStatus
{
               CauseInfo = "";
               Description = "SQL command failed: ";
               ErrorCode = 3242789122;
               File = "..\\sspconsoledashboards.cpp";
               Line = 72;
               ObjectInfo = "Please check SMS Provider log file for details of the SQL errors";
               Operation = "ExecMethod";
               ParameterInfo = "SMS_ConsoleDashboards";
               ProviderName = "WinMgmt";
               SQLMessage = "[42000][15517][Microsoft][SQL Server Native Client 11.0][SQL Server]Cannot execute as the database principal because the principal \"smsdbuser_ReadOnly\" does not exist, this type of principal cannot be impersonated, or you do not have permission. : spDashboardsGetChartData";
               SQLSeverity = 16;
               SQLStatus = 15517;
               StatusCode = 2147749889;
};
03-12-2021 01:30:00.000    1 (0x1)    Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlQueryException: The SMS Provider reported an error.
   ---> System.Management.ManagementException: Generic failure
   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementObject.InvokeMethod(String methodName, ManagementBaseObject inParameters, InvokeMethodOptions options)
   at Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlConnectionManager.ExecuteMethod(String methodClass, String methodName, Dictionary`2 methodParameters, Boolean traceParameters)
   --- End of inner exception stack trace ---
   at Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlConnectionManager.ExecuteMethod(String methodClass, String methodName, Dictionary`2 methodParameters, Boolean traceParameters)
   at Microsoft.ConfigurationManagement.ManagementProvider.WqlQueryEngine.WqlConnectionManager.ExecuteMethod(String methodClass, String methodName, Dictionary`2 methodParameters)
   at Microsoft.ConfigurationManagement.AdminConsole.CoManagement.CoManagementUtility.GetChartDataResultObject(ConnectionManagerBase connectionMgr, String configData, String chartGuidValue)
   at Microsoft.ConfigurationManagement.AdminConsole.CoManagement.EnablementPageControlEx.EnablementPageControl_Load(Object sender, EventArgs e)
   at System.Windows.Forms.UserControl.OnLoad(EventArgs e)
   at System.Windows.Forms.UserControl.OnCreateControl()
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl()
   at System.Windows.Forms.Control.ControlCollection.Add(Control value)
   at System.Windows.Forms.TabControl.ControlCollection.Add(Control value)
   at System.Windows.Forms.TabControl.TabPageCollection.Add(TabPage value)
   at Microsoft.EnterpriseManagement.ConsoleFramework.SheetFramework.AddTabs()
   at Microsoft.EnterpriseManagement.ConsoleFramework.SheetFramework.OnLoad(EventArgs e)
   at Microsoft.ConfigurationManagement.AdminConsole.DialogFramework.Forms.SmsPropertySheet.OnLoad(EventArgs e)
   at System.Windows.Forms.Form.OnCreateControl()
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl()
   at System.Windows.Forms.Control.WmShowWindow(Message& m)
   at System.Windows.Forms.Control.WndProc(Message& m)
   at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
   at System.Windows.Forms.Form.WmShowWindow(Message& m)
   at System.Windows.Forms.Form.WndProc(Message& m)
   at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
   at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
   at System.Windows.Forms.NativeWindow.DebuggableCallback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

Solution

Run in the site database to create the missing smsdbuser_Readonly and grant permissions:

/****** Object:  User [smsdbuser_ReadOnly]    Script Date: 4/9/2021 3:42:21 PM ******/
CREATE USER [smsdbuser_ReadOnly] WITHOUT LOGIN WITH DEFAULT_SCHEMA=[dbo]
GO
GRANT EXECUTE ON [dbo].[spGetTopNonComplianceReasons] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetDHAClientTypeCounts] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPerformanceCounterStateMessages] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetDeviceIdsByComplianceStatus] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthScenarioHealth] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPerformanceCounterRegistration] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthCombinedScenarioHealthDrillThrough] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPerformanceCounterHinvMgr] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthAllScenarioHealth] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spCoManagementClientCommandLine] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthClientOSVersion] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spDTPGetIOSDeviceCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetCMGStatistics] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetModelType] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOSDistribution] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthPercentage] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthClientVersion] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetM365UpgradeDecisionData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetBGBStatistics] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetPerformanceCounter] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spDTPGetDevicesByClassification] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetM365ConnectedDevicesData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthScenarioHealthDrillThrough] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeMacroHealthSummary] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetUAComputerCounts] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthPercentageDrillThrough] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetUATelemetryCounts] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeTopAddinVersionCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetM365ProdReadinessData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spDTPGetTopClassifications] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetVersion] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetO365ClientCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetEnrollmentErrors] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetEdgeDeviceCounts] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetDHAUsage] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetEdgeInstalledBrowsers] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetDHASettingsCounts] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetEdgeVersions] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPODGetPhaseDeploymentData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetCoMgmtEnrollmentStatus] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthClientOSVersionDrillThrough] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetAADStatistics] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthAllScenarioHealthDrillThrough] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spDTPGetAndroidDevices] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetM365ConnectionHealthData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetMostRecentCloudServiceHistRecordID] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetM365ConnectionData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeDevicesNotMeetingHealthGoalsCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeDevicesReadyToDeploy] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeMacroAdvisoryCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetEdgeBrowserUsage] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetRecommendedPilotDevices] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthDashboard] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetUpdatesComplianceCounts] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeAddinReadinessCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetMDMWorkloadEnabledCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetM365TopConfigErrors] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spDTPGetAndroidDeviceCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeDevicesWithMacrosCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeAddinSupportCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetO365Languages] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthClientVersionDrillThrough] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spDTPGetIOSDevices] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spDTPGetDeviceThreatLevel] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spDTPGetDevicesByComplianceStatus] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeDevicesWithProPlusCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPerformanceCounterGetPolicy] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeDevicesSendingHealthData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPerformanceCounterDDRMgr] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeAddinHealthSummary] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPerformanceCounterTotalClients] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeReadinessCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetM365PilotReadinessData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetEdgeDefaultBrowsers] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetDevicesFromNonComplianceReason] TO[smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPODGetSuccessCriteriaData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOfficeMacroReadinessCount] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetPODMetadata] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetDHAComplianceCounts] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetCoManagementStatus] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthErrors] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetTopMissingUpdates] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetFirmwareVersion] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetO365Channels] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spPerformanceCounterSinvMgr] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetOverallDeviceCompliance] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetM365DeploymentPlanData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetO365Versions] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetDHAUnknownIDs] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetClientHealthCombinedScenarioHealth] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGetUpdateCategoriesData] TO [smsdbuser_ReadOnly]
GRANT EXECUTE ON [dbo].[spGet365Data] TO [smsdbuser_ReadOnly]

How do I get the grant permission queries? Refer to – View all securables for roles in SQL Server database? – Stack Overflow

You just need to add one Where condition to the query to get grant permissions for smsdbuser_ReadOnly

SELECT (case when state_desc like 'GRANT%' then 'GRANT' else state_desc end)
' ' + database_permissions.permission_name
CASE database_permissions.class_desc
WHEN 'SCHEMA' THEN ' ON SCHEMA::[' + schema_name(major_id) + ']'
WHEN 'OBJECT_OR_COLUMN' THEN ' ON '
+ isnull('[' + schema_name(objects.schema_id) + '].', '') + '['
+ (CASE WHEN minor_id = 0 THEN object_name(major_id) + ']' COLLATE Latin1_General_CI_AS_KS_WS
ELSE (SELECT object_name(object_id) + '] (['+ name + '])'
FROM sys.columns
WHERE object_id = database_permissions.major_id
AND column_id = database_permissions.minor_id) end)
WHEN 'DATABASE_PRINCIPAL' THEN ' ON USER::[' + USER_NAME(major_id) + ']'
WHEN 'DATABASE' Then ''
WHEN 'SERVICE_CONTRACT' then ' ON CONTRACT::['
+ (select name
from sys.service_contracts
where service_contract_id = major_id)
+ ']'
ELSE ' <<' + database_permissions.class_desc + '>>'
END
' TO [' + database_principals.name + ']'
(case when state_desc = 'GRANT_WITH_GRANT_OPTION' then ' WITH GRANT OPTION' else '' end)
COLLATE Latin1_General_CI_AS_KS_WS
FROM sys.database_permissions
inner JOIN sys.database_principals
ON database_permissions.grantee_principal_id = database_principals.principal_id
LEFT JOIN sys.objects
ON objects.object_id = database_permissions.major_id
WHERE database_permissions.major_id > 0 and database_principals.name = 'smsdbuser_ReadOnly'

SCCM console crashed during Create Microsoft Edge Application

SCCM console crashed during Create Microsoft Edge Application

One of my customers reported that their sccm console crashed while they were creating Microsoft edge application: Nothing happens after Create Microsoft Edge is clicked and the console crashes after a few seconds.

SMSAdminUI.log has the following – 

[1, PID:1812][11/26/2020 13:51:43] :System.AggregateException: One or more errors occurred. ---> System.Runtime.Serialization.SerializationException: There was an error deserializing the object of type System.Collections.Generic.List`1[[Microsoft.ConfigurationManagement.AdminConsole.EdgeInstallWizard.EdgeJsonObject, AdminUI.EdgeInstallWizard, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]. Encountered unexpected character '<'. ---> System.Xml.XmlException: Encountered unexpected character '<'.at System.Xml.XmlExceptionHelper.ThrowXmlException(XmlDictionaryReader reader, XmlException exception)at System.Runtime.Serialization.Json.XmlJsonReader.ReadAttributes()at System.Runtime.Serialization.Json.XmlJsonReader.ReadNonExistentElementName(StringHandleConstStringType elementName)at System.Runtime.Serialization.Json.XmlJsonReader.Read()at System.Xml.XmlBaseReader.IsStartElement()at System.Xml.XmlBaseReader.IsStartElement(XmlDictionaryString localName, XmlDictionaryString namespaceUri)at System.Runtime.Serialization.XmlReaderDelegator.IsStartElement(XmlDictionaryString localname, XmlDictionaryString ns)at System.Runtime.Serialization.XmlObjectSerializer.IsRootElement(XmlReaderDelegator reader, DataContract contract, XmlDictionaryString name, XmlDictionaryString ns)at System.Runtime.Serialization.Json.DataContractJsonSerializer.InternalIsStartObject(XmlReaderDelegator reader)at System.Runtime.Serialization.Json.DataContractJsonSerializer.InternalReadObject(XmlReaderDelegator xmlReader, Boolean verifyObjectName)at System.Runtime.Serialization.XmlObjectSerializer.InternalReadObject(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)--- End of inner exception stack trace ---at System.Runtime.Serialization.XmlObjectSerializer.ReadObjectHandleExceptions(XmlReaderDelegator reader, Boolean verifyObjectName, DataContractResolver dataContractResolver)at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(XmlDictionaryReader reader)at System.Runtime.Serialization.Json.DataContractJsonSerializer.ReadObject(Stream stream)at Microsoft.ConfigurationManagement.AdminConsole.EdgeInstallWizard.EdgeResponseDeserializer.Deserialize[T](String jsonResponse)at Microsoft.ConfigurationManagement.AdminConsole.EdgeInstallWizard.EdgeClient.<GetProductJson>d__7.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)at Microsoft.ConfigurationManagement.AdminConsole.EdgeInstallWizard.EdgeClient.<GetProductJson>d__6.MoveNext()--- End of inner exception stack trace ---at System.AggregateException.Handle(Func`2 predicate)at Microsoft.ConfigurationManagement.AdminConsole.EdgeInstallWizard.ApplicationSettingsPageControl.CreateErrorDialog(AggregateException ex)at Microsoft.ConfigurationManagement.AdminConsole.EdgeInstallWizard.ApplicationSettingsPageControl.GetJson()at Microsoft.ConfigurationManagement.AdminConsole.EdgeInstallWizard.ApplicationSettingsPageControl.InitializePageControl()at Microsoft.ConfigurationManagement.AdminConsole.SmsWizardPage.Initialize()at Microsoft.ConfigurationManagement.AdminConsole.SmsWizardPage.OnActivate()at Microsoft.ConfigurationManagement.AdminConsole.WizardFramework.WizardPage.Activate()at Microsoft.ConfigurationManagement.AdminConsole.WizardFramework.WizardForm.OnCreateControl()at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)at System.Windows.Forms.Control.CreateControl()at System.Windows.Forms.Control.WmShowWindow(Message& m)

Before I was planning to get a dump to analyse why that happened, I came across the official explanation from Deploy and update Microsoft Edge, version 77 and later – Configuration Manager | Microsoft Docs

The device running the Configuration Manager console needs access to the following endpoints for deploying Microsoft Edge:

LocationUse
https://aka.ms/cmedgeapiInformation about releases of Microsoft Edge
https://edgeupdates.microsoft.com/api/products?view=enterpriseInformation about releases of Microsoft Edge
http://dl.delivery.mp.microsoft.comContent for Microsoft Edge releases

Having verified this is true in my lab. Then I asked the customer if his sccm console could connect to the internet and he said no. So, I asked him to grant internet access to the computer where sccm console is located. He got back to me shortly with the news that the issue was gone after he gave internet access to the computer with sccm console intalled.

So, you know how to fix the issue now? The solution is quite simple:

Give the client where sccm is installed the access to the listed internet locations.

Design a site like this with WordPress.com
Get started