MS ConfigMgr - Client Health - Configuration Guide

Overview

The Microsoft Endpoint Manager - Client Health pack allows you to track, detect and remediate devices whose Configuration Manager client has reported health or communication problems between the client and the server-side infrastructure.

The two dashboards are primarily fed data from four remote actions that can be scheduled to run regularly.

L1/2 Support teams can access these dashboards to drill down quickly and understand the health status of non-compliant devices. They will also see where client installations are required or perform deeper investigations into those devices not responding to their management point or unable to receive deployment-related content.

Use this pack to run a healthy and compliant MEMCM/SCCM environment and prevent unnecessary support overheads.

Pre-Requisites

None

Change log

V1.0.0.0 - Initial Release

Configuration

Pack Structure

The pack comprises four Remote Actions, three investigations, and some metrics that relate to the dashboards.

No configuration is required for the metrics or dashboards, with one exception:

The Operational Health dashboard has a section entitled “Network connectivity quality”. The three widgets in this section will show any clients that are having difficulty communicating with their assigned Management Point. Device communications falling below 80% are shown, and these should be investigated.

The Management Points are defined in the included category ConfigMgr Client Health - Operate - BackEnd Systems. This category contains keywords for four geographical regions. For each region relevant to your organization, the server details for each of your Management Points should be entered.

There are two types of remote action, data gathering, and remediation. All the remote actions should be scheduled to run at a time decided by the IT department. The data gathering remote actions will supply the current status of the devices as targeted by the investigations. In contrast, the remediation remote actions will attempt to repair any issues discovered, such as stopped services or even try an agent repair.

Library Pack Setup Detailed Steps

The investigations and remote actions require some configuration to get the most accurate data and enable the remediation to occur.

Investigations

• MS ConfigMgr - Client Health - All devices

  • This investigation is used within the Get SCCM Client Status and Get MEMCM Agent Health remote actions. The investigation returns all devices within the estate based on the defined criteria within the investigation.

• 

  MS ConfigMgr - Client Health - Client and services status

  • This investigation is used within the Restore SCCM Client remote action. The investigation checks that any service that makes up the Configuration Manager on the device is not in a ‘Stopped’ or ‘StopPending’ status. If it is, the Restore SCCM Client remote action will attempt to start the affected service.

• 

  MS ConfigMgr - Client Health - Auto SCCM client repair

  • This investigation is used within the Invoke SCCM Client Auto-repair remote action. The investigation checks if the agent status is stopped even after the Restore SCCM Client remote action attempted to start it again. If it is still stopped, then a repair of the agent will be initiated.

Remote Actions - data gathering

• Get SCCM Client Status

  • This remote action can be run either ad-hoc or on a schedule as defined by the IT department. The remote action uses the MS ConfigMgr - Client Health - All devices investigation to interrogate the devices defined within the investigation. Details of the remote action can be found here: https://www.nexthink.com/library/microsoft-endpoint-manager-configuration-manager-remote-actions/#get-sccm-client-status

• 

  Get MEMCM Agent Health

  • This remote action can be run either ad-hoc or on a schedule as defined by the IT department. The remote action uses the MS ConfigMgr - Client Health - All devices investigation to interrogate the devices defined within the investigation.

  • Last execution time

    • The date and time of when the remote action was last executed

  • Target status

    • Whether the execution of the remote action had completed or is waiting for the device

  • Execution status

    • Whether the execution of the remote action was a success, failed, or has no status ( - )

  • Execution status details

    • Whether the PowerShell script had completed and exited successfully

  • Client Assigned to Site

    • Indicates whether the device has a site assigned to it. True, false or has no status ( - )

  • Client Cache Size

    • The size of the cache that is assigned to the configuration manager client. The default is 5Gb.

  • Days Since Last Received Deployment

    • Displays how many since the agent received content from the management point

  • Days Since Management Point Last Update Successfully

    • Indicates that the client has successfully contacted the management point (this happens regularly)

  • WMI Healthy

    • Checks the consistency of the WMI repository. True is returned if the repository has no issues.

Remote Actions - remediation

• Restore SCCM Client

  • This remote action can be run either ad-hoc or on a schedule as defined by the IT department. The remote action uses the MS ConfigMgr - Client Health - Client and services status investigation, which checks for any service that makes up the Configuration Manager environment on the device is not in a ‘Stopped’ or ‘StopPending’ status. If it is, the Restore SCCM Client remote action will attempt to start the affected service.

• 

  Invoke SCCM Client Auto-repair

  • This remote action can be run either ad-hoc or on a schedule as defined by the IT department. The remote action uses the MS ConfigMgr - Client Health - Auto SCCM client repair investigation, which checks if the agent status is stopped even after an attempt by the Restore SCCM Client remote action to start it again. If it is still stopped, then a repair of the agent will be initiated.

• Invoke MEMCM Client Policy Actions

  • This remote action should be run whenever a device or devices have fallen out of scope with regards to its assigned policies and is used to trigger the execution of the desired MEMCM execution policy on the device. More information regarding the remote action and its configuration can be found here. https://www.nexthink.com/library/microsoft-endpoint-manager-remote-actions/#invoke-memcm-client-policy-actions .

Usage / FAQ

How do I know if all my devices have the Configuration Manager installed?

From the Operational Health dashboard, check that the Devices without a client are showing 0. Anything else indicates devices with a missing client and should be investigated via the dashboard details or drilling down via the Nexthink Finder.

How often should I run the remote actions?

The data gathering remote actions, Get SCCM Client Status and Get MEMCM Agent Health, should be run daily but preferably twice a day. This is to make sure that any new updates or possible issues can be reported promptly.

The remediation remote actions, Restore SCCM Client and Invoke SCCM Client Auto-repair, are recommended to be run at the end of the day when the user is no longer logged on to the pc. A schedule can be set up within the remote action to trigger an operation out of hours and target those devices that have reported issues with the Configuration Manager client.

I do not want the remote actions to run automatically. Can I switch this function off?

Yes, edit the remote action and untick the box labeled “Automatically run the remote action on the following devices…” (example below):