Release notes for Configuration Manager

Applies to: System Center Configuration Manager (Current Branch)

With Configuration Manager, product release notes are limited to urgent issues. These issues aren't yet fixed in the product, or detailed in a Microsoft Support knowledge base article.

Feature-specific documentation includes information about known issues that affect core scenarios.


This topic contains release notes for the current branch of Configuration Manager. For information on the technical preview branch, see Technical Preview

For information about the new features introduced with different versions, see the following articles:

Set up and upgrade

When using redistributable files from the CD.Latest folder, setup fails with a manifest verification error

When you run setup from the CD.Latest folder created for version 1606, and use the redistributable files included with that CD.Latest folder, setup fails with the following errors in the Configuration Manager Setup log:

ERROR: File hash check failed for defaultcategories.dll
ERROR: Manifest verification failed. Wrong version of manifest?


Use one of the following options:

  • During Setup, choose to download the most current redistributable files from Microsoft. Use the latest redistributable files instead of the files included in the CD.Latest folder.
  • Manually delete the cd.latest\redist\languagepack\zhh folder, and then run Setup again.

Setup command-line option JoinCEIP must be specified

Applies to: Configuration Manager version 1802

Starting in Configuration Manager version 1802, the Customer Experience Improvement Program (CEIP) feature is removed from the product. When automating installation of a new site from a command-line or unattended script, setup returns an error that a required parameter is missing.


While it has no effect on the outcome of the setup process, include the JoinCEIP parameter in your setup command line.


The EnableSQM parameter for console setup is not required.

Cloud service manager component stopped on site server in passive mode

Applies to: Configuration Manager version 1806

If the service connection point is colocated with a site server in passive mode, then deployment and monitoring of a cloud management gateway doesn't start. The cloud service manager component (SMS_CLOUD_SERVICES_MANAGER) is in a stopped state.


Move the service connection point role to another server.

Software updates

Security roles are missing for phased deployments

Applies to: Configuration Manager version 1810

The OS Deployment Manager built-in security role has permissions to phased deployments. The following roles are missing these permissions:

  • Application Administrator
  • Application Deployment Manager
  • Software Update Manager

The App Author role may appear to have some permissions to phased deployments, but shouldn't be able to create deployments.

A user with one these roles can start the Create Phased Deployment wizard, and can see phased deployments for an application or software update. They can't complete the wizard, or make any changes to an existing deployment.


Create a custom security role. Copy an existing security role, and add the following permissions on the Phased Deployment object class:

  • Create
  • Delete
  • Modify
  • Read

For more information, see Create custom security roles

Changing Office 365 client setting doesn’t apply

Applies to: Configuration Manager version 1802

Deploy a client setting with Enable Management of the Office 365 Client Agent configured to Yes. Then change that setting to No or Not Configured. After updating policy on targeted clients, Office 365 updates are still managed by Configuration Manager.


Change the following registry value to 0 and restart the Microsoft Office Click-to-Run Service (ClickToRunSvc):


Mobile device management

You can no longer deploy Windows Phone 8.1 VPN profiles to Windows 10

Applies to: Configuration Manager version 1710

You can't create a VPN profile, using the Windows Phone 8.1 workflow, which is also applicable to Windows 10 devices. For these profiles, the creation wizard no longer shows the Supported Platforms page. Windows Phone 8.1 is automatically selected on the back-end. The Supported Platforms page is available in the profile properties, but it doesn't display the Windows 10 options.


Use the Windows 10 VPN profile workflow for Windows 10 devices. If this option isn't feasible for your environment, contact support. Support can help you add the Windows 10 targeting.