21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager

Module 2 – Analyzing Data Using

Queries, Reports, and CMPivot
Ce
do
cu
me
n te
st
T la
ou DE pro
Module Overview
te
co PO prié
pie LO8 té d
no 1 e
n a @YA ERN
uto Manager
The Microsoft Endpoint Configuration HO Edatabase stores a huge amount of data related to the resources in your
ris O. ST P
environment. You may not always wishéto FR allOthe management tasks on all the resources simultaneously.
e eperform L
s
AF
Therefore, to help you locate user objects ort indevices
ter in your
OKenvironment which meet the specific criteria, you can create
d O.
queries. You can then use these queries to createitecollections
 ! or
to get additional information about certain resources. In
this module, you will learn about queries and methods of creating and running them.

In addition, you can run reports to access various types of information relating to your Configuration Manager
environment. To run a Configuration Manager report, you need to install and configure a reporting services point. You will
know more asC you progress through the module.
ed
oc
um
This module also covers en CMPivot that allows you to collect and view real-time data on all devices connected within your
te
environment. You will be able st to make real-time decisions.
To la
ute DEP prop
co O ri
pie LO8 été d
Objectives no 1
n a @YA ERN
e
uto HO ES
ris
ée O.FR T PO
After completing this module, the learnereshould st
be ableLA to:
int FO
erd KO
ite
Generate and compose data and status message  ! queries..

Construct and handle Microsoft SQL Server Reporting Services (SSRS) and the reporting services point.

Use CMPivot to query and view the real-time state of the devices connected in your environment.

Ce
do
cu
me
Lesson 1 – Introduction to Queries
To
n
st
te
la
DE pro
u te
co POL priét
pie O é
no 81@ de E
n a the RN
In a database query, you can define uto YAH information
O EST
which you wish to extract from the database in the form of a query
ris the
statement. Using this query statement, ée O query
.FR enginePO can search the database for items matching your criteria. The
es LA

criteria.
query result displays the data which matches t in your FO
ter KO
dit .

e !
The queries in Configuration Manager also operate in same manner. The queries in Configuration Manager comprise of
optional and required components which are configured in various ways to produce desired results. In this lesson, you will
know more details about queries.

C
Lessone doObjectives
cu
m en
te
st
To la
u
At the end of the lesson, DE shouldpro be able to:
te you
co POL priét
pie O éd
no its8features.
1 e
Define a query along with n a @YA ERN
uto HO ES
ris TP
Explain the concept of database objects ée O.FandR attributes.
OL
es
ti
AF
Explain the required and optional query elements.

Demonstrate how to create and run queries.

Explain how to manage query results.

What is a Query?
A query is a defined set of instructions which extract information about a specific set of objects. A query in Configuration
Manager can yield almost all the information from site database. This includes various items such as specific types of
computers, sites, user groups, applications, and collections. This means, you can also query your database for complex
information such as the number of clients that have free space less than 50 gigabytes (GB) or the number of clients in a
specific site. To make sure you are getting the latest information about your environment, you need to keep the database
inventory information to the latest as the last inventory cycle. For example, consider you want to locate a computer which
may have changed since the last inventory. Your query might not give you any results as the computer no longer meets
the criteria of the query.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 1/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
To build queries dinocConfiguration
um Manager, you need to use the WMI Query Language (WQL), that is based on Windows
en
Management Instrumentation (WMI). WMI is similar to Structured Query Language (SQL). You can create custom queries
te
st
on your own or use la
To preconfigured queries to search the site database. With the custom queries created in Configuration
ute DEP prop
Manager, you can choose ri
co theOcomponents of your query using the query statement properties in the Create Query Wizard
pie LO8 été d
in design mode. You can alsonotype 1@ own e E WQL queries using the query statement properties in the query language
n a your Y R
mode. uto AHO NES
ris
ée O.FR T PO
es
LA
Even though design mode provides you with t ian
nte interface Fwhile
OK creating queries, you cannot create all the queries by
rdi O.
using design mode. For example, while using aggregation te  commands

in WQL, you can view and manage a query only in
!
query language mode.

Note: To find more information about WQL, refer to Querying with WQL: https://aka.ms/xt617i

Ce Manager, you can execute two types of queries:

In Configuration
do
cu
me
Data queries: These nt can be used for extracting information relating to resource discovery or inventory data. Usually,
es
t la
the main purpose
To ofDdata queries is to build collections.
ute E pro
co POL priét
Status message queries:pie This O type é of query is used for very specific reasons. The Component Status and Site Status
no 81@ de E
nodes in the Configurationn Manager
au YAHconsole RN show the status messages relating to a specific component or site
tor OO EST
iséoptions,
system. Despite of some filtering e e .FR theyPmay
OL not be sufficient while troubleshooting an issue. Therefore, it’s
advisable to use status message queries st for
creating
A F custom queries which return status messages, including those
int OK
erd O.
from the clients. The main purpose of statusitmessage e ! queries

is to locate the stored status messages.

Objects and Attributes

You can search the site database for any object using the queries in Configuration Manager. All objects have values and
C
attributes that eyou
do can query. Yet, not all objects have the same values or attributes. For example, both user and system
cu
resources have a name; me but the user resources do not have an installed software.
nt
es
t la
To
ute DEP prop
co O ri
pie LO8 été d
no 1 e
n a @YA ERN
uto HO ES
ris
ée O.FR T PO
es LA
ti
F

Every object type is defined by a set of attribute classes, which are again further defined by individual attributes. For
example, the System Resource object type is defined by attribute classes like hard drive, processor, and installed
software. Together, these characterize the inventory data and discovery data of a system resource. These classes have
their own unique attributes. These attributes define the values stored in the database, like partitions for hard drives or
the current clock speed for processors.

Most object types, like the Site object type, have only one attribute class and few attributes, whereas the System
Resource object type has more than 200 attribute classes and thousands of attributes. Attribute classes are related
directly to SQL Server tables and Web-Based Enterprise Management (WBEM) classes. In terms of database, an attribute
class represents a table, wherein the attributes represent the column headers, and the actual data that is collected is
stored in rows.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 2/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
Queries search only against one object type at a time. The Configuration Manager queries the System Resource object
type by default.

Configuration Manager has total 29 object types, which are shown in the following table.

Configuration Manager Object Types

Application Conflicts Application Dependency

Ce Application Deployment Asset Details
Data do Data
cu
me
n
Application Deploymentt es Application Deployment
t la Application Deployment Requirement Not Met Asset Details
To
Error Asset Details pro Status
ute DEPError
co OL priét
pi O8 é d
Application Deployment e nApplication eE
on 1@Y Requirement
Status NotaMet AH RNE
uto Status
Application Requirements Data
ris O S
ée O.FR T PO
es LA
Conditional Accesst in
FO
Collection Data Point ter Deployment
KO
Management Profilesite d .

 !
Deployment Asset Deployment Summary
Endpoint Protection Dash Board Data Point
Details Per Collection

Failed VE Data IP Network Package

Ce
d oc
um Program Deployment
Program en Program Deployment Status
t e Asset Details
st
To l a
ute DEPSecuritypro
Security Roles co O pri Scopes Site
pie LO8 été d
no 1@ e E
Software Metering Rule na
System Resource R Unknown Computer
uto YAHO NES
ris
ée O.FR T PO
User Group Resource User Resource es LA
t in
FO
ter KO
dit .

e !
In addition, there is an Unknown Computer object for All Unknown Computers collection which is used in operating
system deployment. You can create queries by using the Unknown Computer object type, however, you need to write the
query in WQL.

Query Elements
Ce
do
cu
me
nt following elements:
A valid query includes the es
t la
To
ute DEP prop
A unique query nameco which ri
O identifies the query
pie LO8 été d
no 1 e
An object type n a @YA ERN
uto HO ES
ris
ée O.FR T PO
An attribute class es LA
t in
FO
ter KO
An attribute d ite .

 !

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
ti
F

The only requirement while creating a query is that you need to specify a unique name for your query. By default, the
object type is set to the System Resource object type, while all the attribute classes and attributes have default values.
However, you need to ensure you do not have an overly large number of results that can be unwieldy. You can do so by
including specific object types, attribute classes, and attributes.

If you use the default values and your default query returns a large number of attributes, you can limit the number of
attributes that appear. To do this, perform the following steps:

1. In the query properties dialog box, click Edit Query Statement.

2. In the query statement properties dialog box, on the General tab, configure the attributes you want to view in the
results. Remember, if you edit the attributes on the General tab, the results which are returned are not affected. Only
the fields that display from these results are affected.

If you want to restrict the results that are returned, to only the attributes with certain values, use the Criteria tab to
specify the attribute and attribute class, along with the value you want to search. You need not use the same attributes
which you specify on the General tab. For instance, on the General tab, you might include attributes like Computer Name

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 3/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
or IP Address, to identify specific computers. However, you can also set your criteria to restrict the results to a specific
driver version.

If your query includes the attributes from more than one attribute class, you can link or join the attribute classes so that
the data that is displayed relates accurately to each other. If you select an attribute on either the General tab or the
Criteria tab, the Configuration Manager automatically creates a suitable join for the attribute class. For instance, if you
build a query to display all computers with 4 gigabytes (GB) of random-access memory (RAM) with the Microsoft Office
installed, the data is joined automatically as both tables have a key field identifying the device from which the data is
Ce
gathered. You can do use the Joins tab for advanced queries to manually link attributes from various attribute classes.
cu
me
nt
The following table describes es the optional query elements.
t la
To
ute DEP prop
Internal Management cop OLO riété
ie
no 81@ de E
na R
uto YAHO NES
Query element ris Description
ée O.FR T PO
es LA
t in

When you click New ter on the Fquery’s

OK Criteria tab, the Criterion Properties dialog box opens.
dit O
The criterion type that e !you specify.
on the General tab of this dialog box identifies the form
of the query expression. When you create a query expression by using a criterion type, you
compare an attribute that you specify with a value that you select.
You can choose from the following six criteria types:
Null value: This compares the query attribute to a null value.
Ce
do Simple value: This compares the query attribute to a constant value, such as a
cu
me
nt numerical, string, or date and time value. You need to supply a value that matches
es
t la the type of data that is stored for that attribute.
To D p ro
ute E
co POL priét
pie é
O Prompted value: This compares the query attribute to a constant value. You will
no 81@ de E
n a receive RN
uto YAHOa prompt ES
for a value when the query runs. However, you must supply a value
ris matches T P type of data that is stored for that attribute.
that ée O.FR the OL
es
t in
AF
ter
Attribute reference:
dit ThisOcompares
KO the query attribute to another attribute. You need
e ! .
to specify the query attribute.

Subselected values: This compares the query attribute to the results that another
query returns. You need to specify an existing query.

List of values: This compares the query attribute to a list of constant values. However,
Ce
do you need to supply the list of values. You can specify multiple numerical, string, or
cu
me date and time values.
n te
st
To la
u DE For proeach criterion type, you receive a prompt to limit the query by entering an attribute
te pri
co POclass,
pie LO8 éattribute,
té
de
relational operator, and additional information.
1
noA relational
Criterion types n a @YA operator
ER
NE
is a query condition, such as is equal to, which defines how the
uto HO of S expression compares the attribute class and attribute that you
criterion
ris value the
ée O.FR T PO
specify. Theestypes LA
t in
of relational operators that are available for you to use depend on the
FO
data type of thetattribute.
erd KO
ite .

The additional information  ! that you must supply depends on the criterion type that you
select for the query. For the simple value criterion type, Configuration Manager uses four
data types: numerical, string, date and time, and parameterized. Each query attribute
uses one of these data types to store data:
Numerical values: You must specify a number that the query uses to evaluate the
Ce
do expression. If you specify a value that is not numerical, the query fails.
cu
me
n te String values: You must specify the exact string that the query will use to evaluate the
st
To la
u DE pro expression. Do not use quotation marks unless they are part of the string. For
te
co POL prelational
rié
té operators that perform is like or is not like comparisons, you do not need to
pie O de
no 81provide
n a @YA Ethe RNexact string. You can use wildcard characters within the string.
uto HO ES
ris TP
Date éeandOtime
.FR values:
OL You must enter a date that the query can use to evaluate the
es
AF
expression. t i You must enter this value according to the units that the date and time
operator specifies. For example, if you use the year is after operator, you would enter
the year by using four digits, such as 2002. When you write queries by using
Configuration Manager Query Builder, you can express the date and time in any valid
SQL format.

Parameterized values: The Configuration Manager console prompts you for the actual
value to use when the query runs.

Note: Parametrized values can’t be used within a Collection query.

You can broaden or narrow the scope of a query by using multiple criteria. The logical
operators link together two criteria or grouped criteria. The AND operator is the default
operator when adding criteria. Logical operators include the following:
AND. This operator finds all objects that satisfy both the search criteria that AND
joins. You can use this operator to narrow the list of objects that you want to find. For
example, you can use Configuration Manager to search for all computers that have
Windows 8 Professional and Office 2013 installed.
Logical operators OR. This operator finds all objects that satisfy either of the two criteria. You can use
this operator to assemble a set of objects. For example, you can use Configuration
Manager to search for all computers that have either Office 2010 or Office 2013
installed.

NOT. This operator finds all objects that do not satisfy a criterion. You can use this
operator to narrow the list of objects that you want to find. For example, you can
search for all computers that do not have Windows 8 Professional installed.

Group parentheses You can group a set of expressions by using group parentheses to force a certain order of

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 4/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
evaluation. For example, when you use both the AND and OR operators in an expression,
you can use parentheses to control the order in which the expressions are evaluated.

Join operations are complex operations in which you specify how to combine data from
two different attribute classes. With the resulting expression, you specify how objects from
these classes are related.
Attribute class join
Important: Join operations are an advanced function of SQL Server. Before configuring or
modifying a join operation, you must have a good working knowledge of the SQL syntax
Ce
do that you use to create various types of table joins.
cu
me
te n
Query Evaluation T st
la
ou DE pro
te
co POL priét
pie
Configuration Manager evaluates é
O expressions by using a specific operator precedence, that can affect the results. The
no 81@ de E
statements are evaluated from ntop
au to Ybottom
A RNon the Criteria tab in the query statement properties dialog box, except for
to HO ES
the expressions in parentheses, thatrisalways
ée Ocome T P In WQL, expressions are evaluated in the following order:
.FR first.
es OL
t in
AF
1. Expressions set inside parentheses. terd OK
ite O.
 !

2. Expressions joined by AND.

3. Expressions joined by OR.

4. Expressions preceded by NOT.

Ce
do
cu
me
Managing Query nt
es
Results
t la
To
ute D EP prop
When you run a status cmessage
op OLOquery rié or data query, Configuration Manager searches the site database for objects which
ie té
match the query criteria. Thenoresults 81 of dthe
e data query are displayed in the results pane of the Configuration Manager
n a @YA ERN
u ori HOOqueries
console, and the results for statustmessage ES are displayed in the Configuration Manager Status Message Viewer.
s T
You need to have Query Read rights toérun .FR Pmessage
e e a status OL query or data query. In addition, the query results are limited
st
AF
to the security objects for which you have theintQuery OK
erd Read permissions.
ite O .

 !

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
cu
me
te n
st
To la
ute DEP prop
Modifying the Results layout
co of ri Query
O a Data
pie LO8 été d
no 1 e
n a @YA ERN
While running a data query, you can uto define
HO howESthe results should display by using the options available on the General
ris O T
tab of the query statement properties édialog F ToPO
e e .box. modify the query properties, you need to have Modify permissions for
st R
LA
F
the Query Security object class. i

On the General tab of query statement properties dialog box, you can:

Modify the display order for query results by moving the query attributes up or down in the Results box. The order of
the attributes, from top to bottom, and left to right, is the order that they display in within the query results columns.
To be specific, the first attribute in the results table displays in the first column to the left, and the last attribute in
the table displays in the last column to the right.

Modify how query results are sorted. The sort order determines the order that the Configuration Manager displays
the results in within the columns. You can choose from the options such as ascending, descending, or unsorted. To
modify the sort order, you need to select a query attribute, and then click Properties.

You can also reorganize the result columns in the results pane after a query is run. Configuration Manager saves the
reorganized order as a user preference across sessions.

Note: Some invalid queries do not generate errors. Therefore, a query that does not return data, might be invalid. For
instance, you should review a query to ensure that it is not querying a resource for a value which it is not associated
with.

Using the Configuration Manager Status Message Viewer

The Configuration Manager Status Message Viewer is the principal tool for viewing status messages stored by a site
database. You can carry out the following tasks using the Configuration Manager Status Message Viewer:

Export and print status messages.

Start multiple viewers to compare troubleshooting messages.

Select multiple rows of messages for creating your own grouping.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 5/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
Copy messages to the Clipboard with tab-delimited columns for supporting pasting to applications like Microsoft
Word and Microsoft Excel.

Delete status messages, if you have the required permissions.

Find, filter, and sort each column.

Specify the columns that display the results along with their order and width.
Cefont for the Configuration Manager Status Message Viewer.
Select the do
cu
m
Select additional estartup
nt
es and refresh options, that Configuration Manager automatically saves when you exit the
ConfigurationToManager t Status
la Message Viewer.
ute D E pro
co POL priét
pie O8 é d
no 1 e
Lab A n a @YA ERN
uto HO ES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
cu
me
nt
Question: Which operator es would you use for the query to return either the Sales users or the Research users?
t la
To
Question: Why would DE usepra
ute you o subselect query in your work environment?
co POL priét
Question: Why would you pie import
O8 ané existing
de query to create a new query?
no 1
n a @YA ERN
uto HO ES
ris
ée O.FR T PO
es LA
t in
FO
Lesson 2 – Configuring SQL Server ter
dit
e !
KO
.

Reporting Services
Ce
do
Configuration Manager
cu uses the features of SQL Server Reporting Services (SSRS) for report generation. SQL Server
me
Reporting Services (SSRS)
nt consists of a set of on-premises tools and services which create, deploy, and manage mobile
e
and paginated reports.
To Youstcan
la either use the built-in Configuration Manager reports, or you can create custom reports
ute D
on your own. This lesson E prop you in configuring SSRS for use with your Configuration Manager implementation.
co Pguide
will O ri
pie LO8 été d
no 1 e
n a @YA ERN
uto HO ES
Lesson Objectives ris
ée O.FR T PO
es
ti

LA
F

At the end of the lesson, you should be able to:

Explain what SSRS is.

List the prerequisites for Configuration Manager reporting.

Describe how to configure SSRS.

Describe how to configure the reporting services point.

Demonstrate how to install a reporting services point.

Describe how to configure report subscriptions.

Describe how to configure report security.

Overview of SSRS

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 6/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
Configuration Manager
cu provides report definitions for over 400 reports in over 50 report folders. During the reporting
me
nt process, it copies them to the root report folder in SQL Server Reporting Services. The
services point installation es
Configuration Manager t la shows the reports and organizes them in subfolders based on the report category.
console
To
ute DEP prop
co O rié
Reports don't propagate up pie or Ldown
O té
no 81@thedConfiguration
e Manager hierarchy. They run only against the database of the site
in which you create them. Because
na YA ERN Manager replicates global data throughout the hierarchy, you have
utoConfiguration
HO ES
ris O. When T
access to hierarchy-wide information inéereports. FR PO a report retrieves data from a site database, it has access to site
es
L
data for the current site and child sites, and t iglobal
nte dataAfor
FOevery site in the hierarchy.
rdi KO
te  .

!
Like other Configuration Manager objects, an administrative user must have the appropriate permissions to run or modify
reports. To run a report, an administrative user must have the Run Report permission for the object. To create or modify a
report, an administrative user must have the Modify Report permission for the object.

Create and modify reports

Ce
do
cu
For Reporting Services-based reports, Configuration Manager uses Microsoft SQL Server Report Builder as the exclusive
me
authoring and editing toolnt for model-based and SQL-based reports. When you create or edit a report in the Configuration
es
t la
Manager console,ToReport
ute DBuilder
E pro
opens.
co POL priét
pie O8 é d
Starting in version 2002, to ncreate
on 1or @ edite Power
E BI reports, the console integrates with Power BI Desktop.
au YAH RNE
tor O S T
Run reports isé O
e e .FR POL
st
AF
int OK
When you run a Reporting Services-based report erd in the Configuration
O. Manager console, Report Viewer opens and
ite

 !
connects to Reporting Services. After you specify any required report parameters, Reporting Services then retrieves the
data and displays the results in the viewer. You can also connect to the SQL Services Reporting Services, connect to the
data source for the site, and run reports.

Starting in version 2002, when you run a Power BI-based report, it opens in the web browser.
Ce
d
Add to Favorites ocum
en
te
Configuration Manager st with several hundred reports by default, and you might add more to that list. Instead of
ships
To la
ute DEP prop
continually searching for co reports
O you ri commonly use, starting in version 2103 you can make a report a favorite. This action
pie LO8 été d
allows you to quickly access nito from1@the Favorites node.
eE
na R
uto YAHO NES
Report prompts r i sé O T
e e .FR POL
st
AF
i
You can configure a report prompt or parameter when you create or modify a report. Create report prompts to limit or
target the data that a report retrieves. A report can contain more than one prompt. Make sure the prompt names are
unique and contain only alphanumeric characters that conform to the SQL Server rules for identifiers.

When you run a report, the prompt requests a value for a required parameter. Based on the parameter value, it retrieves
the report data. For example, the Computer information for a specific computer report prompts for a computer name.
Reporting Services passes the specified value to a variable defined in the report's SQL statement.

Report links

Report links in Configuration Manager are used in a source report to provide easy access to other data. For example, it
can link to more detailed information about each of the items in the source report. If the destination report requires one
or more prompts to run, the source report must contain a column with the appropriate values for each prompt.

The link needs to specify the column number with the value for the prompt. For example:

There's one report that lists computers that the site recently discovered.

You link from it to another report that lists the last messages that the site receives for a specific computer.

You create the link, and specify that column 2 in the source report contains the computer name. This value is a
required prompt for the destination report.

You run the source report, and a link icon appears to the left of each row of data.

You select the icon on a row, and Report Viewer passes the value in the specified column for that row as the prompt
value for the destination report.

You can only configure one link for a report, and that link can only connect to a single destination report.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 7/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager

Warning: If you move a destination report to a different report folder, the location for the destination report changes.
Configuration Manager doesn't automatically update the report link in the source report with the new location, and
the link won't work in the source report.

Report folders

Report folders provide a method to sort and filter reports that Configuration Manager stores in Reporting Services. Report
Ce when you have many reports to manage. When you install a reporting services point, it copies reports
folders are useful
do
cu and organizes them into more than 50 report folders. The report folders are read-only. You can't
to Reporting Servicesme
nt
modify them in the Configuration
es Manager console.
t la
To
ute DEP prop
Report subscriptions co O ri
pie LO8 été d
no 1 e
n a @YA ERN
A report subscription in ReportingutServices is a recurring request to deliver a report at a specific time or in response to an
ori HOO EST
event. You specify in the subscriptionsan ée application
.FR PO file format. Subscriptions provide an alternative to running a report
es
LA
on demand. On-demand reporting requirestthat int you actively FO select the report each time you want to view the report. In
erd KO
contrast, subscriptions can be used to schedule and ite then automate.
the delivery of a report.
 !

You can manage report subscriptions in the Configuration Manager console. The report server processes the
subscriptions. It distributes them by using delivery extensions that are deployed on the server. By default, you can create
subscriptions that send reports to a shared folder or to an email address.
Ce
Report Builder d oc
um
en
t e reports, Configuration Manager uses Microsoft SQL Server Report Builder as the exclusive
For Reporting Services-based st
To toolDforlaboth
authoring and editing model-based and SQL-based reports. If you create or edit a report in the Configuration
ute EP prop
Manager console, Report O
co Builder rié
pie LO8opens. té When you create or modify a report for the first time, Report Builder installs
de
automatically. The version ofnoReport1
n a @Builder ERassociated with the installed version of SQL Server opens when you run or
edit reports. uto YAHO NES
ris
ée O.FR T PO
es L
The Report Builder installation adds support t infor
over 20A languages.
FO When you run Report Builder, it displays data in the
ter KO
dit .

language of the local computer's OS. If Report Builder e ! doesn't support the language, it displays the data in English.
Report Builder supports the full capabilities of SQL Server Reporting Services, which includes the following capabilities:

Delivers an intuitive report authoring environment with an appearance similar to Microsoft 365 Apps.

Offers the flexible report layout of SQL Server report definition language (RDL).
Ce
do
cu forms of data visualization including charts and gauges.
Provides various me
nt
es
Provides richly formatted t latext boxes.
To
ute DEP prop
c o O rié
ie Lformat.
Exports to MicrosoftpWord O té
no 81@ de E
na R
uto YAHO NES
You can also open Report Builder directly ris from SQL Server Reporting Services.
ée O.FR T PO
es LA
t in
FO
Report models in SQL Server Reporting Services ter KO
dit .

e !
SQL Server Reporting Services uses report models to help you select items from the Configuration Manager database to
include in model-based reports. When you build a report, report models expose only specified views and items to choose
from. To create model-based reports, at least one report model has to be available.

Report models have the following features:

Ce
do
cu
Give logical business
me names to database fields and views. To produce reports, you don't require knowledge of the
nt
Configuration Manager es database structure.
t la
To
ute DEP prop
Group items logically.
co O ri
pie LO8 été d
no 1@ e E
Define relationships between n Y
au items. RN
tor AHO EST
isé O.
e FR PO
Secure model elements so that administrative es LA can see only the data that they have permission to see.
t i
usersF

Although Configuration Manager provides sample report models, you can also define report models to meet your own
business requirements.

Prerequisites for Configuration Manager Reporting

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 8/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
Before you can use reporting in Configuration Manager, install and configure SQL Server Reporting Services.

Install the Reporting Services database on either the default instance or a named instance of a 64-bit SQL Server
installation. Colocate the SQL Server instance with the site system server, or configure it on a remote computer.

Configuration Manager supports the same versions of SQL Server for reporting as it does for the site database.

SQL Server 2022

Ce
SQL Server d2019
oc
um
en
SQL Server 2017 t est
To la
ute DEP prop
SQL Server 2016 co O ri
pie LO8 été d
no 1@ e E
SQL Server 2014 n au YAH RNE
tor
isé OO. ST P
SQL Server 2012 with Service Packe e2s(SP2) FR or newer OL
t in
AF
ter OK
dit O.
Reporting services point e  !

Before you can use reporting in Configuration Manager, configure the reporting services point site system role.

There are certain prerequisites before you install SSRS:

Ce
The user account
do which you use to run the setup should be a member of the local Administrators group, and needs
cu
to have rights to mcreate
en databases on the server running SQL Server, that is hosting the SSRS databases.
te
st
The computer Toaccount la the Configuration Manager server, too, must be in the local Administrators group on the
for
ute DEP pro
co
SSRS server. Configuration O priét
pie LOManager é d connects to SSRS and helps configure security rights for users. You should not
no 81rights e E integrating Configuration Manager reports with SSRS.
configure SQL Server security n a @YA while R
uto HO NES
ris O.a SQL T
While installing SSRS, you need toéehave FR PServer
OL database engine installed in the same instance.
es
t in
AF
t O
You also need to check for interoperabilityeissues. rdi K
te  To useOthe
.

default configuration for SSRS Native Mode, the setup

should be able to use these default settings: !
Port 80

Virtual directory names: ReportServer_instance_name and Reports_instance_name

Default
Ce databases named ReportServer and ReportServerTempDB
do
cu
me
After installing SSRS, you nt can configure a reporting services point.
es
t la
To
ute DEP prop
co O ri
Configuring SSRS pie LO8 été d
no 1 e
n a @YA ERN
uto HO ES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
ti
F

Before you can create, modify, and run reports in the Configuration Manager console, there are several configuration
tasks to complete. Use this article to help you configure reporting in your Configuration Manager hierarchy.

SQL Server Reporting Services

SQL Server Reporting Services is a server-based reporting platform that provides comprehensive reporting functionality
for different kinds of data sources. The reporting services point in Configuration Manager communicates with SQL Server
Reporting Services to:

Copy Configuration Manager reports to a specified report folder

Configure Reporting Services settings

Configure Reporting Services security settings

When you run a report, the Reporting Services component connects to the Configuration Manager site database to
retrieve data.

Before you can install the reporting services point in a Configuration Manager site, install and configure SQL Server
Reporting Services on the target site system.

Verify SQL Server Reporting Services installation

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 9/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
Use the following procedure to verify that SQL Server Reporting Services is installed and running correctly.

1. Go to the Start menu on the site system, and open Report Server Configuration Manager. You may find it in
the Configuration Tools section of the Microsoft SQL Server group.

2. In the Reporting Services Configuration Connection window, enter the name of the server that hosts SQL Server
Reporting Services. Select the instance of SQL Server on which you installed SQL Server Reporting Services. Then
select Connect to open Reporting Services Configuration Manager.
Ce
do Server Status page, verify that Report Service Status is Started. If it's not in this state, select Start.
3. On the Report cu
me
nt
es
4. On the Web Service URL page, select the URL in Report Service Web Service URLs. This action tests the connection
t la
To pro
DE browser
ute The
to the report folder. might prompt you for credentials. Verify that the webpage opens successfully.
co POL priét
pie O8 é d
5. On the Database page, verifyn 1
on that eE
@ the Report Server Mode is set to Native.
au YAH RNE
tor OO S T
6. On the Report Manager URL page, isé select
e e FR POLin Report Manager Site Identification. This action tests the
. the URL
connection to the virtual directory for sReportt in
Manager. A F The browser might prompt you for credentials. Verify that the
ter OK
webpage opens successfully. dit O.
e !

Note: Reporting in Configuration Manager doesn't require Reporting Services Report Manager. You only need it if you
want to run reports in the browser or manage reports by using Report Manager.

1. Select Exit to close Reporting Services Configuration Manager.

Ce
do
cu
Configure reporting tomeuse Report Builder 3.0
nt
es
t la
To running pro Configuration Manager console, open the Windows Registry Editor.
1. On the computer ute DEP the
co O pri
pie LO8 été d
no 1 e
2. Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ConfigMgr10\AdminUI\Reporting.
n a @YA ERN
uto HO ES
r isé
3. Open the ReportBuilderApplicationManifestName keyO T to edit the value data.
e e .FR POL
st
AF
int O
4. Change the value to ReportBuilder_3_0_0_0.application,erd KOand then select OK to save.
ite .

 !
5. Close the Windows Registry Editor.

Install a reporting services point

To manage reports
Ce
at the site, install the reporting services point. The reporting services point:
do
cu
me and reports to SQL Server Reporting Services
Copies report folders
nt
es
t la
Applies the security
To policy for the reports and folders
ute DEP prop
co O rié
pie LOin8 Reporting
Sets configuration settings té
de Services
no 1
n a @YA ERN
uto HO ES
ris
Requirements and limitations ée O.FR T PO
es LA
t in
FO
Before you can view or manage reports in the tConfigurationerd
ite
KManager
O. console, you need a reporting services point.
 !

Configure this site system role on a server with Microsoft SQL Server Reporting Services.

When you select a site to install the reporting services point, users who will access the reports must be in the same
security scope as the site where you install the role.

After youCinstall a reporting services point on a site system, don't change the URL for the report server.
ed
oc
um
For example, you create en the reporting services point. You then modify the URL for the report server in Reporting Services
te
s
Configuration Manager.
To Thet Configuration
la Manager console continues to use the old URL. You can't run, edit, or create
ute DEP prop
reports from the console. co OL riét
pie O é
no 81@ de E
n aserver RN remove the existing reporting services point. Change the URL, and then
If you need to change the report uto YAURL,
HO first
ES
reinstall the reporting services point.risée O.F T PO
es R LA
ti
F
When you install a reporting services point, specify a Reporting services point account. For users from a different
domain to run a report, create a two-way trust between domains. Otherwise the report fails to run.

Configuring the Reporting Services Point

In order to create and configure a reporting services point, you must follow the same process as for creating and
configuring other site roles. You need to select the Site Configuration folder, and then in the results pane, select or create
a site system. Then you need to use the Add Site System Role Wizard to add the reporting services point to the system.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 10/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do reporting services point role, you must configure the following settings.
When you add the cu
me
nt
es
t la
Setting
To Description
ute DEP prop
co O ri
pie LO8 été d
no 1@ eThis ER setting refers to the name of the server that hosts the Configuration
n
Site database server name auto YAHManager N
ris OO EST site database. Typically, the wizard automatically retrieves the fully
ée qualified
.FR domainPO
es LA name (FQDN) for the server.
t in
FO
ter K
d
This setting ite refers toOthe
.
Configuration Manager site database name. You can
 !
Database name click Verify to confirm that the Add Site System Role Wizard has access to the
site database.

This setting refers to the folder name that you create and use to host the
Folder name
Configuration Manager reports on the reporting services point.
Ce
do
cu This setting allows you to select the SQL Server instance that SSRS uses. If
Reporting Services m en instance
server
te
st there is only one instance, it is selected by default.
To la
ute DEP prop
co O ri Click Set to specify the account and password that SSRS uses to connect to the
pie LO8 été d
no 1 eConfiguration Manager site database. You can select one of the following:
n a @YA ERN
uto HO Existing
ES account. This option allows you to specify a Windows user account
ris TP
ée O.Fthat R
has OLexisting Configuration Manager rights.
es AF
t in
User name ter O
New dit account. KThis
O. option enables you to specify a Windows user account
e !

that does not currently have rights in Configuration Manager.

Configuration Manager automatically grants the specified user account
appropriate rights to access the site database.

Ce
do
Note: The Windows cu User Account dialog box does not validate the password which you specify, therefore it is wise to
me
nt
check this prior to continuing to save time and effort of looking at log files.
es
t la
To
ute DEP prop
Modify reporting services co point ri
O settings
pie LO8 été d
no 1 e
n a @YA ERN
After you install this role, you canumodifytor Hthe site
E database connection and authentication settings in the reporting
isé OO. ST P
services point properties. e e FR OL
st
AF
i
1. In the Configuration Manager console, go to the Administration workspace, expand Site Configuration, and then
select the Servers and Site System Roles node.

 Tip

To list only site systems that host the reporting services point, right-click the Servers and Site System Roles node, and
select Reporting services point.

1. Select the site system that hosts the reporting services point. Then select the Reporting service point site system
roles in the details pane.

2. On the Site Role tab of the ribbon, in the Properties group, select Properties.

3. You can modify the following settings in the Reporting Services Point Properties:
Site database server name

Database name

User account

4. Select OK to save the changes and close the properties.

Configuring Report Subscriptions

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 11/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do in SQL Server Reporting Services let you configure the automatic delivery of specified reports by
Report subscriptionscu
m
email or to a file shareeat
nt scheduled intervals. To configure report subscriptions, use the Create Subscription Wizard in
es
Configuration Manager. t la
To
ute DEP prop
co O rié
Create a report subscriptionpie toLdeliver
O té
no 81@ adreport eE to a file share
na R
uto YAHO NES
When you create a report subscription r O. aT report
iséto deliver to a file share, Reporting Services copies the report in the
e F PO
specified format to the file share that youespecify. st R
You Lcan A F subscribe to and request delivery for only one report at a time.
int OK
erd O.
ite

When you create a subscription that uses a file share,  ! specify an existing shared folder as the destination. The report
server doesn't create the folder or network share. When you specify the destination folder in a subscription, use a UNC
path and don't include trailing backslashes (\) in the folder path. The following example is a valid UNC path for the
destination folder: \\server\reportfiles\operations\2001.

Ce
Note: When you do create the subscription, you specify a user name and password. This account needs access to this
cu
me
share with Write permissions to the destination folder.
nt
es
t la
To DE pro
Reporting Services ucante render
co POLreports pri in different file formats. For example, MHTML or Excel. You select the format when
p été
you create the subscription. O
ie Although de can select any supported rendering format, some formats work better than
no 81@ you E
na
others when rendering to a file. ut YAH RNE
ori S
sé OO.F T P
ee R
OL
Limitations for report subscriptions to a file st share AF
int OK
erd O.
ite

 !
The following list includes the limitations of report subscriptions to a file share:

Unlike reports that you host and manage on a report server, Reporting Services delivers reports to a shared folder as
static files.

Interactive
Ce features of the report don't work for reports stored as files. The report represents any interactive features
do
as static elements.
cu
me
nt
If the report includes echarts,
st it uses the default presentation.
To la
ute DEP prop
If the report links through
co ri
O to another report, it renders the link as static text.
pie LO8 été d
no 1 e
n a @YA ERN
Process to create a report subscription uto for
HOa fileESshare
ris
ée O.FR T PO
es
LA
Use the following procedure to create a report t i subscription
F to deliver a report to a file share.

1. In the Configuration Manager console, go to the Monitoring workspace, expand Reporting, and select

the Reports node.

2. Select a report folder, then select the report to which you want to subscribe. On the Home tab of the ribbon, in
the Report Group section, select Create Subscription. This action opens the Create Subscription Wizard.

3. On the Subscription Delivery page, configure the following settings:

Report delivered by: Select Windows File Share.

File Name: Specify the file name for the report. By default, the report file doesn't include a file name extension.
Select Add file extension when created to automatically add a file name extension based on the format.

Path: Specify a UNC path to an existing folder where you want to deliver this report. For
example, \\server\reportfiles\operations.

Render Format: Select one of the following formats for the report file:
XML file with report data

CSV (comma delimited)

TIFF file

Acrobat (PDF) file

HTML 4.0

Note: If your report has images, the HTML 4.0 format doesn't include them.

1. MHTML (web archive)

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 12/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
RPL Renderer (Report Page Layout)

Excel

Word

User Name: Specify a Windows user account with write permissions to the specified Path.

Password: Specify the password for the above Windows user account.
Ce
do option: Select one of the following options to configure the behavior when a file of the same name
Overwrite cu
me
nt
exists in the destination folder:
es
t la
To anDexisting
Overwrite p ro file with a newer version
ute E
co POL priét
pie O éd
81
Do not overwritenoan existing efile
n a @YA ERN
uto HO ES
Increment file names asisnewer r T
ée Oversions
.FR POare added: This option appends a number to the new report's file
name to distinguish it from earlier es
LA
t in versions. FO
ter KO
dit .about
Description: Optionally, specify additional einformation  !
this report subscription.

2. On the Subscription Schedule page, select one of the following delivery schedule options for the report subscription:
Use shared schedule: A shared schedule is a previously defined schedule that can be used by other report
subscriptions. When you select this option, also select a shared schedule. If there are no shared schedules,
Cethe option to create a new schedule.
select
do
cu
Create new m en
schedule:
te Configure the schedule on which this report runs. The schedule includes the interval, start
time andTdate, andst thela end date for this subscription. By default, a new subscription creates a new schedule to
ou DE pro
te starting
run every hour co POL atpthe rié current date and time.
té
pie O
no 81@ de E
na
3. On the Subscription Parameters page, specify any parameters that this report requires to run unattended. If the
R
uto YAHO NES
report has no parameters, the wizard ris
ée doesn't
O.
FR PO
T display this page.
es LA
t in
FO
4. Complete the wizard. ter KO
dit .

e !
5. Verify that Configuration Manager successfully created the report subscription. Select the Subscriptions node to view
and modify report subscriptions.

Create a report subscription to deliver a report by email

Ce
When you create doa report subscription to deliver a report by email, Reporting Services sends an email to the recipients
cu
that you configure. Theme email includes the report as an attachment. The report server doesn't validate email addresses or
nt
es
get them from an email server. t la You can email reports to any valid email account within or outside of your organization.
To
ute DEP prop
co O ri
pie LO8 été d option, you need to configure the email settings in Reporting Services.
Note: To enable the Email subscription
no 1 e
n a @YA ERN
uto HO ES
ris O. TP
You can select one or both of the following ée email FR delivery
OL options:
es
t in
AF
ter O
Send a notification with a link to the generated dit report. KO.
e !

Send an embedded or attached report. The rendering format and browser determine whether it embeds or attaches
the report.
If your browser supports HTML 4.0 and MHTML, and you select the MHTML (web archive) format, the email
embeds the report in the message.
Ce
do
cu
All other formats
me deliver reports as attachments.
nt
es
Reporting t doesn't
ToServices la check the size of the attachment or message before it sends the report. If the
ute DEP prop
attachment orcmessage
op OLOexceeds rié the maximum limit allowed by your mail server, the report isn't delivered.
ie té
no 81@ de E
na R
Use the following procedure to create uto YaAreport
HO NE subscription
S to deliver a report by using email.
ris
ée O.FR T PO
es
LA
1. In the Configuration Manager console,t go i to the Monitoring workspace,
F expand Reporting, and select
the Reports node.

2. Select a report folder, then select the report to which you want to subscribe. On the Home tab of the ribbon, in
the Report Group section, select Create Subscription. This action opens the Create Subscription Wizard.

3. On the Subscription Delivery page, configure the following settings:

Report delivered by: Select E-mail.

To: Specify a valid email address as the recipient.

Note: To enter multiple recipients, separate each email address with a semicolon (;).

1. Cc: Optionally, specify an email address to receive a copy of this report.

Bcc: Optionally, specify an email address to receive a blind copy of this report.

Reply To: Specify the reply address. If the recipient replies to the email message, the reply goes to this address.

Subject: Specify a subject line for the subscription email message.

Priority: Select the priority flag for this email message: Low, Normal, or High. Microsoft Exchange uses this flag to
indicate the importance of the email message.

Comment: Specify text for the body of the subscription email message.

Description: Optionally, specify additional information about this report subscription.

Include Link: Include the URL for this report in the body of the email message.

Include Report: Attach the report to the email message. Use the Render Format option to specify the report
format to attach.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 13/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
Render Format: Select one of the following formats for the attached report file:
XML file with report data

CSV (comma delimited)

TIFF file

Acrobat (PDF) file

Ce
MHTML
do (web archive)
cu
me
Excel nt
es
t la
To
ute DEP prop
Word co O ri
pie LO8 été d
no 1 eE
n a @YA select
2. On the Subscription Schedule page, R one of the following delivery schedule options for the report subscription:
uto HO NES
ris O. T a previously defined schedule that can be used by other report
Use shared schedule: A shared ée schedule
FR isPO
es
LA
subscriptions. When you select this t inoption, also Fselect
ter OK a shared schedule. If there are no shared schedules,
select the option to create a new schedule. d ite O.
 !

Create new schedule: Configure the schedule on which this report runs. The schedule includes the interval, start
time and date, and the end date for this subscription. By default, a new subscription creates a new schedule to
run every hour starting at the current date and time.

Ce
3. On the Subscription Parameters page, specify any parameters that this report requires to run unattended. If the
d
report has noocparameters,
um the wizard doesn't display this page.
en
te
4. Complete theT wizard. t las
ou DE pro
te pri
co POManager
pie LO8 été successfully
5. Verify that Configuration de created the report subscription. Select the Subscriptions node to view
no 1
n a @YA ERN
and modify report subscriptions.
uto HO ES
ris
ée O.FR T PO
es LA
Favorites t in
FO
ter KO
dit .

Configuration Manager ships with several hundredereports  ! by default, and you may have added more to that list. Instead
of continually searching for reports you commonly use, starting in version 2103, you can make a report a favorite. This
action allows you to quickly access it from the new Favorites node.

The list of favorites is per user, not per site or hierarchy.

Ce
Prerequisites fordreport
oc favorites
um
en
t
The version of SQL ServereReporting
st
la
Services on the site's reporting service point needs to be SQL Server 2017 or later.
To
ute DEP prop
co OL riét
Note: All instances of SQL pie Server éd
O Reporting
no 81@ e E Services on the server need to be version 2017 or later.
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in

Add a favorite ter

dit
e !
FO
KO
.

1. In the Configuration Manager console, go to the Monitoring workspace. Expand the Reporting node, and select either
the Reports or Power BI Reports node.

2. Select a Creport that you frequently use. Then in the ribbon, select Add to Favorites. The report's icon changes to a
e
yellow star, dwhich
oc indicates that it's a favorite.
um
en
te
st
To la
ute DEP prop
co O ri
pie LO8 été d
no 1 e
n a @YA ERN
uto HO ES
ris
ée O.FR T PO
es LA
ti
F

Tip: You can select more than one report to add them all as favorites.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 14/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
To remove a report from the list of favorites, select it, and then select Remove from Favorites. When you remove a
favorite, Configuration Manager doesn't delete the report.

1. Under the Reporting node, expand the new Favorites node. To view your list of favorites, select either
the Reports or Power BI Reports node.

Tip: You can directly connect to your favorite reports in your browser. For
example, https://rsp.contoso.com/Reports/favorites.
Ce
do
You can manage the cu reports the same from the list of favorites.
me
nt
es
t la
To
ute DEP prop
Configuring Report co O Security
pie LO8 été d
ri
no 1 e
n a @YA ERN
How Configuration Manager manages uto security
HO Efor S reports is different than how it does for other objects. The default
ris
ée O.FR T PO
security settings are a combination of Configuration
es Manager
LA security settings and SSRS. At every 10 minutes interval,
t in
FO
Configuration Manager applies security to all the ter SSRS reports KO and folders. After a user is assigned to a single report or a
dit .

Configuration Manager security role, it can take around e ! 10 minutes before the Configuration Manager applies these
rights to your SSRS site. In addition, when a report is run, role-based administration, (covered in module 12), restricts
what reports a viewer can see in the objects like users and devices.

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
You should not set the security directly through
es the SSRS LA website as the Configuration Manager resets the security at
t in
FO
every 10 minutes interval, based on the security ter permissions KOthat are stored in the Configuration Manager database. All
dit .

the built-in Configuration Manager security roles, except e  ! Remote Tools Operators, can view all or some of the reports
within Configuration Manager. To assign users the access to reports, it's a best practice to use an existing Configuration
Manager role or create a new Configuration Manager security role.

The minimum permissions for viewing different reports may vary. However, most reports which leverage inventory data
need to haveCthe
e d following permissions:
oc
um
e
Objectnt es Permissions
t la
To
ute DEP prop
Collection co O ri Read, Read Resource
pie LO8 été d
no 1 e
n a @YA ERN
Inventory Reports uto HO RunESReport
ris
ée O.FR T PO
es Read, LA
Site t i
Run Report
F

To assign a user or a group the access to reports, you need to create a Configuration Manager security role with the
required permissions, add the group or the user to Configuration Manager administrative users, assign the user or group
the Configuration Manager security role, and then finally assign them the security scope.

Lab B

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 15/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
c
Question: What is uthe
me difference between a WQL query and an SQL query?
nt
Question: What account eshould
st you use for the SSRS service account?
To la
ute DEP proManager
Question: Which Configuration p security role do users need to view reports on the SQL Server Reporting
co O ri
Services website? pie LO8 été d
no 1@ e E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
Lesson 3 – Analyzing the Real-time State ter
dit
e !
KO
.

of a Device by Using CMPivot

Ce
do
Configuration Managercu always provides a large centralized store of device data, like installed software and software
me
updates, that customers nt use for reporting purposes. Configuration Manager version 1806 first introduced CMPivot. It
es
allows access to the t lastate of the devices in your environment. It runs a query instantly on online devices present
To real-time
DE pro
ute and
in the target collection pri
co thenPO returns the results. This helps you provide real-time data from the online clients, and
pie LO8 été d
enable you to perform real-time no troubleshooting
1@ e E and respond to security incidents.
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in

Lesson Objectives ter

dit
FO
KO
e ! .

At the end of the lesson, you should be able to:

Explain what CMPivot is.

Ce CMPivot interacts with devices.
Explain how
do
cu
m
Compare CMPivotentot Compliance Settings, Run Script, and Inventory.
es
t la
T
Describe howoCMPivot
ute DEP canpbe ro used for data analysis.
co O pri
pie LO8 été d
no
Describe how to troubleshoot 1@ e E
n a CMPivot. R
uto YAHO NES
ris
ée O.FR T PO
Overview of CMPivot est i
LA F

Configuration Manager has always provided a large centralized store of device data, which customers use for reporting
purposes. The site typically collects this data on a weekly basis. Starting in version 1806, CMPivot is a new in-console
utility that now provides access to real-time state of devices in your environment. It immediately runs a query on all
currently connected devices in the target collection and returns the results. Then filter and group this data in the tool. By

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 16/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
providing real-time data from online clients, you can more quickly answer business questions, troubleshoot issues, and
respond to security incidents.

For example, in mitigating speculative execution side channel vulnerabilities, one of the requirements is to update the
system BIOS. You can use CMPivot to quickly query on system BIOS information, and find clients that aren't in
compliance.

Important C
e
Some securitydsoftware
oc may block scripts running from c:\windows\ccm\scriptstore. This can prevent successful
um
execution of CMPivotenqueries.
te Some security software may also generate audit events or alerts when running CMPivot
st
PowerShell. T la
ou DE pro
te software pri inadvertently trigger events against the Configuration Manager Run Scripts or
Certain anti-malware co POL may été
pie O
no 81@ dto
CMPivot features. It is recommended eEexclude %windir%\CCM\ScriptStore so that the anti-malware software
na R
uto YAinterference.
permits those features to run without HO NES
ris
ée O.FR T PO
es LA
t in
FO
Prerequisites ter KO
dit .

e !
The following components are required to use CMPivot:

Upgrade the target devices to the latest version of the Configuration Manager client.

Target clients require a minimum of PowerShell version 4.

Ce
do for the following entities, target clients require PowerShell version 5.0:
To gather data cu
me
Administratorsnt es
t la
To D pr
Connectionute c EPO oprié
op
ie LO81 té de
no
IPConfig n a @YA ERN
uto HO ES
ris
SMBConfig ée O.FR T PO
es LA
t in
FO
ter KO
CMPivot and the Microsoft Edge installer areitcurrently d signed
.
with the Microsoft Code Signing PCA 2011 certificate.
e !
If you set PowerShell execution policy to AllSigned, then you need to make sure that devices trust this signing
certificate. You can export the certificate from a computer where you've installed the Configuration Manager console.
View the certificate on "C:\Program Files (x86)\Microsoft Endpoint Manager\AdminConsole\bin\CMPivot.exe", and
then export the code signing certificate from the certification path. Then import it to the machine's Trusted
Publishers store
Ce on managed devices.
do
cu
me
Permissions nt
es
t la
To pro
ute DE
The following permissions are needed for CMPivot:
co POL priét
pie O8 é d
n 1 @ eE
Run CMPivot permissionoon n athe Collection R
uto YAHO NES
ris
Read permission on Inventory Reports ée O.FR T PO
es LA
t in
FO
ter KO
Read permission on the SMS Scripts object dit .

e !
Read for SMS Scripts isn't required starting in version 2107

CMPivot doesn't need Read for SMS Scripts for it's primary scenario starting in version 2107. However, if the
administration service is down and the permission has been removed, then when the administration service falls
back, CMPivot will fail. The SMS Provider still requires Read permission on SMS Scripts if the administration
Ce
service falls
do back to it due to a 503 (Service Unavailable) error, as seen in the CMPivot.log.
cu
me
The default scope.nt es
t la
To D pro
The default utscope isn't
e c EPO required pri starting in version 2107
op é
ie LO81 té de
no
n a @YManager
CMPivot permissions by Configuration ER version
uto AHO NES
ris
ée O.FR T PO
1902 and earlier es
Versions
LA
t i 1906 through
F 2103 2107 or later

Run Script permission on Run CMPivot permission on

Run CMPivot permission on the Collection
the Collection the Collection

Read permission on Inventory Read permission on Inventory

Read permission on Inventory Reports
Reports Reports

N/A

Read permission on SMS
Read permission on SMS Scripts The SMS Provider still requires Read permission on SMS Scripts if
Scripts
the administration service falls back to it due to a 503 (Service Unavailable)
error, as seen in the CMPivot.log.

Default scope permission Default scope permission N/A

Limitations

CMPivot only returns data for clients connected to the current site unless it's run from the central administration site
(CAS).
If a collection contains devices from another site, CMPivot results are only from devices in the current site unless
CMPivot is run from the CAS.

In some environments, additional permissions are needed for CMPivot to run on the CAS.

You can't customize entity properties, columns for results, or actions on devices.

Only one instance of CMPivot can run at the same time on a computer that is running the Configuration Manager
console.

In CMPivot standalone, you're not able to access CMPivot queries stored in the Community hub.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 17/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
When single sign on with multifactor authentication is used, you may not be able to sign into Community hub from
CMPivot when using Configuration Manager 2103 and earlier.

Start CMPivot

1. In the Configuration Manager console, connect to the primary site or the CAS. Go to the Assets and
Compliance workspace, and select the Device Collections node. Select a target collection, and select Start
CMPivot in the ribbon to launch the tool. If you don't see this option, check the following configurations:
Ce
Confirmdowith
cu a site administrator that your account has the required permissions.
me
nt
2. The interface provides esfurther information about using the tool.
t la
To DE pro
ute query
Manually enter co POstrings pri at the top, or select the links in the in-line documentation.
pie LO8 été d
no 1 eE
n a @add
Select one of the Entities to it to
R the query string.
uto YAHO NES
ris O. T
é e e FR PFunctions,
The links for Table Operators, Aggregation OL and Scalar Functions open language reference
st
AF
documentation in the web browser. iCMPivot nte
rdi uses Othe Kusto
KO Query Language (KQL).
te  .

!
3. Keep the CMPivot window open to view results from clients. When you close the CMPivot window, the session is
complete.
If the query has been sent, then clients still send a state message response to the server.

How to use CMPivot

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
e
LA
The CMPivot window contains the followingstelements:
int FO
erd KO
ite .

 !
1. The collection that CMPivot currently targets is in the title bar at the top, and the status bar at the bottom of the
window. For example, "PM_Team_Machines" in the above screenshot.

2. The pane on the left lists the Entities that are available on clients. Some entities rely upon WMI while others use
PowerShell to get data from clients.
Ce
Right-click
do an entity for the following actions:
cu
me the entity to the query at the current cursor position. The query doesn't automatically run. This
Insert: Add nt
es
action t la when you double-click an entity. Use this action when building a query.
To theDdefault
is
ute EP prop
c o OL riét
Query all: Run piea query
O foréthis entity including all properties. Use this action to quickly query for a single
no 81@ de E
entity. na R
uto YAHO NES
ris O. TP
é
Query by device: Run a querye for Fthis
e OL and group the results. For example, Disk | summarize dcount(
entity
st R
AF
Device ) by Name i

Expand an entity to see specific properties available for each entity. Double-click a property to add it to the query
at the current cursor position.

3. The Home tab shows general information about CMPivot, including links to sample queries and supporting
documentation.

4. The Query tab displays the query pane, results pane, and status bar. The query tab is selected in the above
screenshot example.

5. The query pane is where you build or type a query to run on clients in the collection.
CMPivot uses a subset of the Kusto Query Language (KQL).

Cut, copy, or paste content in the query pane.

By default, this pane uses IntelliSense. For example, if you start typing D, IntelliSense suggests all of the entities
that start with that letter. Select an option and press Tab to insert it. Type a pipe character and a space | , and
then IntelliSense suggests all of the table operators. Insert summarize and type a space, and IntelliSense
suggests all of the aggregation functions. For more information on these operators and functions, select
the Home tab in CMPivot.

The query pane also provides the following options:

Run the query.
To rerun your current CMPivot query on the clients, hold Ctrl while clicking Run.

Move backwards and forwards in the history list of queries.

Create a direct membership collection.

Export the query results to CSV or the clipboard.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 18/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
6. The results pane displays the data returned by active clients for the query.
The available columns vary based upon the entity and the query.

The color saturation of the data in the results table or chart indicates if the data is live or from the last hardware
inventory scan stored in the site database. For example, black is real-time data from an online client whereas
grey is cached data.

Select a column name to sort the results by that property.

Ce
do
Right-clickcuon any column name to group the results by the same information in that column, or sort the results.
me
nt
es
Right-click on a devicet la name to take the following additional actions on the device:
To
ute DEP prop
Pivot to: Query
co for O another
ri entity on this device.
pie LO8 été d
no
Starting in version eE
12006, Pivot
na @ R to was replaced by Device Pivot.
uto YAHO NES
ris T
O. wizard
Run Script: Launch the Run ée Script FR PO to run an existing PowerShell script on this device.
es LA
t in
FO
Remote Control: Launch a Configuration terd KO Remote Control session on this device.
Manager
ite .

 !
Resource Explorer: Launch Configuration Manager Resource Explorer for this device.

Right-click on any non-device cell to take the following additional actions:

Copy: Copy the text of the cell to the clipboard.
Ce
Showdo devices with: Query for devices with this value for this property. For example, from the results of
cu
me
the OS query,
nt select this option on a cell in the Version row: OS | summarize countif( (Version ==
e
'10.0.17134') s) tbyla Device | where (countif_ > 0)
To
ute DEP prop
c
Show devices o OL rQuery
iét
piewithout:
O é d for devices without this value for this property. For example, from the results of
no 8this
1 option eE
the OS query, select n a @Y Ron a cell in the Version row: OS | summarize countif( (Version ==
uto AHO NES
'10.0.17134') ) by Device ris | where (countif_ == 0) | project Device
ée O.FR T PO
es
LA
t
Bing it: Launch the default web ibrowser nte FO
to https://www.bing.com with this value as the query string.
rdi KO
te  .

!
Select any hyperlinked text to pivot the view on that specific information.

The results pane doesn't show more than 20,000 rows. Either adjust the query to further filter the data, or
restart CMPivot on a smaller collection.

7. The status
Ce bar shows the following information (from left to right):
do
The statuscuof
methe current query to the target collection. This status includes:
n
The numbert of es active clients that completed the query (3)
t la
To
ute DEP prop
The number co of total ri
O clients (5)
pie LO8 été d
no 1@ e E
The number of offline n Y
au clients RN
(2)
tor AHO EST
isé O. PO
e e (0) F
Any clients that returned failure st R
LA
FO
int
erd KO
ite .

For example: Query completed on 3 of 5 clients (2 clients  ! offline and 0 failure)

The ID of the client operation. For example: id(16780221)

The current collection. For example: PM_Team_Machines

Ce
The total
donumber of rows in the results pane. For example, 1 objects
cu
me
nt
es
t la
How CMPivot To
ute Interacts
DE pro with Devices
co POL priét
pie O8 é d
1
no interacts eE
Let’s now find out how CMPivot n a @YA with R the devices. In the CMPivot Overview topic, you learned that it queries
u H NES
devices using the fast channel. Thetorqueries
isé OOas well
T as results are in the form of plain text. The client devices return
e e .FR POL
results using a state message system which
quick,
st is also A F as the fast channel used by CMPivot. State messages are
i
stored temporarily on the database.

A query usually times out in an hour. Let’s check out an example: A Configuration Manager admin uses CMPivot to run a
query at 5 AM. The query is run on a collection having 750 devices, out of which 150 devices are currently online. Those
150 active devices receive the query and return the results almost instantly. The admin then leaves the CMPivot window
open, and in the next hour, more 50 devices come online. These 50 devices also receive the query and return the results.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 19/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
By 6 AM, the query returns the results for these 200 devices that were online during that hour. If the results have a URL
style link with count queries, then you can dive deeper in the results to obtain more details.

The results of a CMPivot query can be used to create a direct membership collection. You can then work with this
collection just like any other collection. Additionally, you can export the results of a CMPivot query to a comma-separated
values (CSV) file or to the Clipboard. This will let you email the results or work on the results by using Excel.

Troubleshooting
Ce
d
CMPivot
oc
um
en
te
CMPivot is a tool that provides
st access to a real-time state of the devices in your environment. CMPivot runs a query on all
T la
o D in pthe target collection and returns the results.
currently connectedutdevices
e c EPO ropri
op é
ie LO81 té de
Occasionally, you might neednoto n atroubleshoot
@ ER CMPivot. For example, if a state message from a client to CMPivot gets
uto YAthe
corrupted, the site server can't process
NE
HO message.S This article helps you understand the flow of information for
ris
ée O.FR T PO
CMPivot. es LA
t in
FO
ter KO
dit .

Troubleshoot CMPivot in version 1902 and later e !

In Configuration Manager versions 1902 and later, you can run CMPivot from the central administration site (CAS) in a
hierarchy. The primary site still handles the communication to the client.

When you run CMPivot from CAS, it uses the high-speed message subscription channel to communicate with the primary
Ce
site. CMPivot doesn't
do use standard SQL Server replication between sites. If your SQL Server instance or your SMS provider
cu
me a SQL Server Always On availability group, you'll have a "double hop scenario" for CMPivot.
is remote, or if you use
nt
es
t la
To DE pro
Important: When utroubleshooting
te CMPivot, enable verbose logging on your management points (MPs) and on the site
co POL priét
pie O
server's SMS_MESSAGE_PROCESSING_ENGINE é to get more information. Also, if the client's output is larger than 80
no 81@ de E
n athe MP RN
KB, enable verbose logging on uto YAHand OO EST
the site server's SMS_STATE_SYSTEM component.
ris
ée .FR PO
es LA
Get information from the site server t in
FO
ter KO
dit .

e !
By default, the site server log files are located in C:\Program Files\Microsoft Configuration Manager\logs. This location
might be different if you specified a non-default installation directory or offloaded items like the SMS Provider to another
server. If you run CMPivot from the CAS, the logs are on the primary site server.

Look in smsprov.log for these lines:

Ce
do
ConfigurationcManager
um version 1906:
en
te
st
To la
Auditing: User <username> pro client operation 145 to collection <CollectionId>.
ute DEPinitiated
co O pri
pie LO8 été d
Configuration Manager nversion
on 1@ 1902:eE
au YAH RNE
tor
isé OO. ST P
Type parameter is 135. e e FR OL
st
AF
int OK
erd O.
Auditing: User <username> ran script 7DC6B6F1-E7F6-43C1-96E0-E1D16BC25C14
ite
with hash
 !
dc6c2ad05f1bfda88d880c54121c8b5cea6a394282425a88dd4d8714547dc4a2 on collection <CollectionId>.

7DC6B6F1-E7F6-43C1-96E0-E1D16BC25C14 is the Script-Guid for CMPivot. You can also see this GUID in CMPivot audit
status messages.

Next, find theCID

e din the CMPivot window. This ID is the ClientOperationID.
oc
um
en
Find the TaskID from the t ClientAction
es table. The TaskID corresponds to the UniqueID in the ClientAction table.
t la
To DE pro
u te
select * from ClientAction pri
co where
PO ClientOperationId=<id>
pie LO8 été d
no 1 eE
n a @YA gathered
In BgbServer.log, look for the TaskID you R from SQL Server and note the PushID. The TaskID is labeled TaskGUID.
uto HO NES
For example: r i sé O T
e e .FR POL
st
AF
i
Starting to send push task (PushID: 9 TaskID: 12 TaskGUID: 9A4E59D2-2F5B-4067-A9FA-B99602A3A4A0 TaskType: 15
TaskParam: PFNjcmlwdENvbnRlbnQgU2NyaXB0R3VpZD0nN0RDNkI2RjEtRTdGNi00M0MxL (truncated log entry)

Finished sending push task (PushID: 9 TaskID: 12) to 2 clients

Client logs

After you have the information from the site server, check the client logs. By default, the client logs are located
in C:\Windows\CCM\Logs.

In CcmNotificationAgent.log, look for log entries that look like the following lines:

Receive task from server with pushid=9, taskid=12, taskguid=9A4E59D2-2F5B-4067-A9FA-B99602A3A4A0,

tasktype=15 and taskParam=PFNjcmlwdEhhc2ggU2NyaXB0SGF (truncated log entry)

Send Task response message <BgbResponseMessage TimeStamp="2019-09-13T17:29:09Z"><PushID>5</PushID>

<TaskID>4</TaskID><ReturnCode>1</ReturnCode></BgbResponseMessage> successfuly.

Check Scripts.log for the TaskID. In the following example, you see Task ID {9A4E59D2-2F5B-4067-A9FA-

B99602A3A4A0}:

Sending script state message (fast): {9A4E59D2-2F5B-4067-A9FA-B99602A3A4A0}

Result are sent for ScriptGuid: 7DC6B6F1-E7F6-43C1-96E0-E1D16BC25C14 and TaskID: {9A4E59D2-2F5B-4067-A9FA-

B99602A3A4A0}

Note: If you don't see "(fast)" in the Scripts.log, then the data is likely over 80 KB. In this case, the information is sent
to the site server as a state message. Use client's StateMessage.log and the site server's Statesys.log.

Review messages on the site server

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 20/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
When verbose logging is enabled on the management point, you can see how incoming client messages are handled.
In MP_RelayMsgMgr.log, look for the TaskID.

In the MP_RelayMsgMgr.log example, you can see the client's ID (GUID:83F67728-2E6D-4E4F-8075-

ED035C31B783) and the Task ID {9A4E59D2-2F5B-4067-A9FA-B99602A3A4A0}. A message ID gets assigned to the
client's response before it's sent to the message processing engine:

MessageKey: GUID:83F67728-2E6D-4E4F-8075-ED035C31B783{9A4E59D2-2F5B-4067-A9FA-B99602A3A4A0}
Ce
do
cu
Create message succeeded for message id 22f00adf-181e-4bad-b35e-d18912f39f89
me
nt
es
Add message payload t la
To succeeded for message id 22f00adf-181e-4bad-b35e-d18912f39f89
ute DEP prop
co OL riét
Put message succeeded pfor O
ie message éid 22f00adf-181e-4bad-b35e-d18912f39f89
no 81@ de E
na R
uto YAHO NES
CRelayMsgMgrHandler::HandleMessage(): ris ExecuteTask() succeeded
ée O.FR T PO
es LA
t in
FO
When verbose logging is enabled on SMS_MESSAGE_PROCESSING_ENGINE.log,
ter KO the client results are processed. Use the
dit .

message ID you found from the MP_RelayMsgMgr.log. e ! The processing log entries are similar to the following example:

Processing 2 messages with type Instant and IDs 22f00adf-181e-4bad-b35e-d18912f39f89[19], 434d80ae-09d4-4d84-

aebf-28a4a29a9852[20]...

Processed 2 C messages with type Instant. Failed to process 0 messages. All message IDs 22f00adf-181e-4bad-b35e-
ed
d18912f39f89[19], oc 434d80ae-09d4-4d84-aebf-28a4a29a9852[20]
um
en
te
st
Tip: If you get an
Toexception laduring processing, you can review it by running the following SQL query and looking at the
ute DEP prop
Exception column. Afterco theOmessage ri is processed, it will no longer be in the MPE_RequestMessages_Instant table.
pie LO8 été d
no 1 e
n a @YA ERN
uto
select * from MPE_RequestMessages_Instant HO Ewhere S MessageID=<ID from SMS_MESSAGE_PROCESSING_ENGINE.log>
ris
ée O.FR T PO
es
LA
In BgbServer.log, look for the PushID to see the t int number of FOclients that reported or failed.
erd KO
ite .

 !
Generated BGB task status report c:\ConfigMgr\inboxes\bgb.box\Bgb5c1db.BTS at 09/16/2019 16:46:39. (PushID: 9
ReportedClients: 2 FailedClients: 0)

Check the monitoring view for CMPivot from SQL Server by using the TaskID.

select * fromCvSMS_CMPivotStatus
ed where TaskID='{9A4E59D2-2F5B-4067-A9FA-B99602A3A4A0}'
oc
um
e
Troubleshoot CMPivot innt1810 and earlier
es
t la
To
E pro 1810 and earlier, your site server handles the communication to the client.
ute Dversions
In Configuration Manager
co POL priét
pie O8 é d
n 1 e
Get information from the site oservern a @YA ERN
uto HO ES
ris
ée O.FR T PO
By default, the site server log files are located es in C:\Program LA Files\Microsoft Configuration Manager\logs. This location
t in
FO
might be different if you specified a non-default ter installation Kdirectory or offloaded items like the SMS Provider to another
dit O.
server. e !

Look in smsprov.log for this line:

Auditing: User <username> initiated client operation 135 to collection <CollectionId>.

Ce
Find the ID in the
doCMPivot window. This ID is the ClientOperationID.
cu
me
nt
es
t la
To
ute DEP prop
co O ri
pie LO8 été d
no 1 e
n a @YA ERN
uto HO ES
ris
ée O.FR T PO
es LA
ti
F

Find the TaskID from the ClientAction table. The TaskID corresponds to the UniqueID in the ClientAction table.

select * from ClientAction where ClientOperationId=<id>

In BgbServer.log, look for the TaskID you gathered from SQL. It's labeled TaskGUID. For example:

Starting to send push task (PushID: 260 TaskID: 258 TaskGUID: F8C7C37F-B42B-4C0A-B050-2BB44DF1098A TaskType:
15

TaskParam: PFNjcmlwdEhhc2ggU2NyaXB0SGF...truncated...to 5 clients with throttling (strategy: 1 param: 42)

Finished sending push task (PushID: 260 TaskID: 258) to 5 clients

Client logs

After you have the information from the site server, check the client logs. By default, the client logs are located
in C:\Windows\CCM\Logs.

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 21/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
In CcmNotificationAgent.log, look for logs that are similar to the following entry:

Error! Bookmark not

defined.+PFNjcmlwdEhhc2ggU2NyaXB0SGFzaEFsZz0nU0hBMjU2Jz42YzZmNDY0OGYzZjU3M2MyNTQyNWZiNT

g2ZDVjYTIwNzRjNmViZmQ1NTg5MDZlMWI5NDRmYTEzNmFiMDE0ZGNjPC9TY3JpcHRIYXNoPjxTY3Jp (truncated log entry)

Look in Scripts.log for the TaskID. In the following example, we see Task ID {F8C7C37F-B42B-4C0A-B050-

2BB44DF1098A}:
Ce
do
cu
me
Sending script state message:
nt 7DC6B6F1-E7F6-43C1-96E0-E1D16BC25C14
es
t la
To
State message: Task D E pro
uteId {F8C7C37F-B42B-4C0A-B050-2BB44DF1098A}
co POL priét
pie O8 é d
Look in StateMessage.log. Innothe 1@ e Eexample, you see that TaskID is near the bottom of the message next
n a following R
uto YAHO NES
to <Param>: ris
ée O.FR T PO
es LA
t in
FO
StateMessage body: <?xml version="1.0" encoding="UTF-16"?>ter KO
dit .

e !
<Report><ReportHeader><Identification><Machine><ClientInstalled>1</ClientInstalled><ClientType>1

</ClientType><ClientID>GUID:DBAC52C9-57E6-47D7-A8D6-E0A5A64B57E6</ClientID>
<ClientVersion>5.00.8670.1000</ClientVersion>
Ce
<NetBIOSName>R613924</NetBIOSName><CodePage>437</CodePage>
do
cu
me
nt
<SystemDefaultLCID>1033</SystemDefaultLCID><Priority>0</Priority></Machine></Identification>
es
t la
To
ute DEP prop
<ReportDetails><ReportContent>State
co O ri Message Data</ReportContent><ReportType>Full</ReportType>
pie LO8 été d
no 1@ e E
n Y RN
<Date>20180703184447.673000+000</Date><Version>1.0</Version><Format>1.0</Format>
au
tor AHO EST
isé O.
e e FR POL
</ReportDetails></ReportHeader><ReportBody><StateMessage
st
AF MessageTime="20180703184447.517000+000">
int OK
<Topic ID="7DC6B6F1-E7F6-43C1-96E0-E1D16BC25C14" erd Type="9003"
O. IDType="0" User="" UserSID=""/><State ID="1"
ite

 !
Criticality="0"/>

<StateDetails Type="1"><!
[CDATA["PAA/AHgAbQBsACAAdgBlAHIAcwBpAG8AbgA9ACIAMQAuADAAIgAgAGUAbgBjAG8AZABpAG4AZwA9ACIAdQB0AGYALQAxADYAIgA/AD4APAByAGUAcwB1A
</StateDetails><UserParameters Flags="0" Count="2">
Ce
do
cu
<Param>{F8C7C37F-B42B-4C0A-B050-2BB44DF1098A}</Param><Param>0</Param></UserParameters>
me
nt
</StateMessage></ReportBody></Report>
es
t la
To
ute DEP prop
co O ri
pie LO8 été d
no 1@ e E
n
Successfully forwarded State Messages au YAH RN MP StateMessage 7/3/2018 11:44:47 AM 5036 (0x13AC)
to the
tor E
isé OO. ST P
e e FR OL
Review messages on the site server st
AF
int OK
erd O.
ite

Open statesys.log to see if the message is received and  ! processed. In the following example, you see TaskID near the
bottom of the message next to <Param>. Enable verbose logging on the SMS_STATE_SYSTEM component to see these
log entries.

CMessageProcessor - the cmdline to DB exec dbo.spProcessStateReport N'?<?xml version="1.0" encoding="UTF-

Ce
do
16"?>~~<Report><ReportHeader><Identification><Machine><ClientInstalled>1</ClientInstalled><ClientType>1
cu
me
nt
es
</ClientType><ClientID>GUID:DBAC52C9-57E6-47D7-A8D6-E0A5A64B57E6</ClientID>
t la
To DE pro
u
<ClientVersion>5.00.8670.1000</ClientVersion>
te
co POL priét
pie O é
no 81@ de E
<NetBIOSName>R613924</NetBIOSName><CodePage>437</CodePage>
na R
uto YAHO NES
ris O. T
é e FR PO
<SystemDefaultLCID>1033</SystemDefaultLCID><Priority>0</Priority></Machine></Identification>
es LA
ti
F
<ReportDetails><ReportContent>State Message Data</ReportContent><ReportType>Full</ReportType>

<Date>20180703184447.673000+000</Date><Version>1.0</Version><Format>1.0</Format>

</ReportDetails></ReportHeader><ReportBody><StateMessage MessageTime="20180703184447.517000+000">
<Topic ID="7DC6B6F1-E7F6-43C1-96E0-E1D16BC25C14" Type="9003" IDType="0" User="" UserSID=""/><State ID="1"
Criticality="0"/>

<StateDetails Type="1"><!
[CDATA["PAA/AHgAbQBsACAAdgBlAHIAcwBpAG8AbgA9ACIAMQAuADAAIgAgAGUAbgBjAG8AZABpAG4AZwA9ACIAdQB0AGYALQAxADYAIgA/AD4APAByAGUAcwB1A
</StateDetails><UserParameters Flags="0" Count="2">

<Param>{F8C7C37F-B42B-4C0A-B050-2BB44DF1098A}</Param><Param>0</Param></UserParameters>
</StateMessage></ReportBody></Report>~~'

If the message hasn't been processed, check the state message inbox. The default inbox location is C:\Program
Files\Microsoft Configuration Manager\inboxes\auth\statesys.box\. Look for the files in these locations:

Incoming

Corrupted

Process

Check the monitoring view for CMPivot via the following SQL query using the TaskID:

select * from vSMS_CMPivotStatus where TaskID='{F8C7C37F-B42B-4C0A-B050-2BB44DF1098A}'

Note: For clients that are using version 1810 or higher, state messaging isn't used unless the output is larger than 80
KB. When troubleshooting CMPivot in these cases, you can get more information when you enable verbose logging on

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 22/23
21/10/2022 11:35 Administering Microsoft Endpoint Configuration Manager
your MPs and the site server's SMS_MESSAGE_PROCESSING_ENGINE.

To troubleshoot, refer to the following logs:

MP_Relay.log

SMS_MESSAGE_PROCESSING_ENGINE.log

Ce
Lab C do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
t in
FO
ter KO
dit .

e !

Module Review and Takeaways

Ce
do
cu
me
n te
Review QuestionsT st
la
ou DE pro
te
co POL priét
pie O éd
no 81between
Question: What is the difference e attributes and attribute values?
n a @YA ERN
Question: What is the difference utobetweenHO a E data query and a status message query?
ris O. ST P
ée points
Question: How many reporting services FR canO you have in your hierarchy? How many should you have in your
es LA
t in
FO
hierarchy? ter
dit KO
e ! .

Ce
do
cu
me
n te
st
To la
u DE pro
te
co POL priét
pie O é
no 81@ de E
na R
uto YAHO NES
ris
ée O.FR T PO
es LA
ti
F

https://www.skillpipe.com/#/reader/urn:uuid:e8aa97a0-980c-51f6-b764-9a9b51e18bc2@2022-07-19T15:06:45Z/content 23/23