Clients with a broken Configuration Manager Client is the worst. You lose management of the client, and it drags down compliance. I have even seen some broken clients report back as compliant while they are not. I’m aware about other community solutions to reinstall the client if broken, and they are all great solutions but I one of my customers had two specific issues with their clients that caused about 10% of the computers to not receive patches, and none of those solutions would fix their problem.
I needed a way to consistently check the health sccm client and automatically attempt to fix known errors. ConfigMgr Client Health was born.
ConfigMgr Client Health is a PowerShell script that detects and automatically fixes broken SCCM clients. It is designed to run as a start-up script and I recommend to do this with Group Policy or a logon script to enforce that all devices have their ConfigMgr client validated and fixed each time their computer starts. The script reads its configuration from a XML file that can be stored centrally on a share to easily update the configuration on all your clients.
Info about the latest version and full documentation is always available at this page: https://www.andersrodland.com/configmgr-client-health/
Download latest version of ConfigMgr Client Health here: Microsoft Technet Galleries
ConfigMgr Client Health Features
ConfigMgr Client Health validates and fixes the following client issues
- 0x80004005 error in WUAHandler.log cause client to not receive software updates.
- Admin$ share on client.
- Client stuck in provisioning mode.
- Client not receiving state messages.
- Corrupt WMI cause client not working.
- Enforce necessary services are running.
- Reinstall ConfigMgr client if necessary to fix detected issues.
- Reinstallation of client from ConfigMgr server share to make sure newest version of client is installed.
- Set MaxLogSize on SCCM client.
How to use
- Place ConfigMgr-ClientHealth.ps1 and config.xml on a share that all computers have access to. Make sure to protect the share so users cannot edit the files.
- Make sure the clients run “Powershell.exe -Executionpolicy Bypass -NoLogo -NonInteractive -File \\server\share\ConfigMgr-ClientHealth.ps1 -Config \\server\share\config.xml“, either by GPO or a logon script.
- The script need to run under SYSTEM context. Local administrator rights is not sufficient to change and enforce the service Remote Procedure Calls..
All features are tested on several different environments, running Windows 7, Windows 8.1 and Windows 10, and I have several customers who run ConfigMgr Client Health in their production environment. Still, you run it at your own risk and I take no responsibility. Feel free to comment if you have any questions or
Download the ConfigMgr Client Health script from Microsoft Technet Gallery: https://gallery.technet.microsoft.com/ConfigMgr-Client-Health-ccd00bd7
Great idea.
Great script. Is there anyway we can run this without having to do so via startup/login script? I’d like to run this via PSEXEC on a remote system, without having to make the user logoff or reboot. Is that possible? If so, what command would I use with PSEXEC to launch this properly on a remote system?
i have configured this ClientHealth.cmd file in group policy startup script and also i have copied all the files in a shared folder that has all the permission including for system account. To check if this is working or not, i am trying to run in command prompt windows and still it is not working and giving error: “The input object cannot be bound to any parameters for the command either because the command does not take pipeline input or the input and its properties do not match any of the parameters that take pipeline input.” https://uploads.disquscdn.com/images/b2b8d3fb14a038ef402e8055d996f417d9049b0e0501328f4f2f6be72fd7411d.png