Install Hotfix KB14480034 for SCCM 2203

Prajwal Desai
Posted by Prajwal Desai
Hotfix KB14480034 for SCCM 2203
Hotfix KB14480034 for SCCM 2203

A new hotfix KB14480034 has been released for SCCM 2203 to address the issue where registration fails for PKI clients after updating to Configuration Manager version 2203.

After KB13953025 hotfix, KB14480034 is the second hotfix released for SCCM version 2203 and is available for everyone. Customers using the early update ring version for SCCM 2203 must first install the KB13953025 first before installing this new hotfix.

The SCCM 2203 hotfix KB14480034 is available for installation in the Updates and Servicing node of the Configuration Manager console. If you don’t see this KB 14480034 update, click Check for Updates to get the latest updates available for Configuration Manager.

To install the hotfix KB14480034, you must first upgrade your SCCM to version 2203. More details about the KB14480034 are available on Microsoft Hotfix documentation.

Summary of KB14480034

After updating to Configuration Manager current branch, version 2203, the registration process fails for clients using public key infrastructure (PKI) for client authentication if they are unable to authenticate against the domain. This affects the following scenarios:

  • Newly installed workgroup clients using PKI.
  • Clients that are joining an AD or Azure AD domain for the first time, generating a new device identity.
  • Existing clients that are trying to renew their client authentication certificate.

When this issue happens, the following error is logged in the DDM.log file on the site server for each affected client.

ClientIdentity is not a hex string
The registration record is not valid. Bad RDR

The .RDR file(s) will be moved to ..\auth\ddm.box\regreq\bad_ddrs on the site server.

To resolve the above issues, you must install KB14480034 update on your ConfigMgr 2203 production server.

Install Hotfix KB14480034

Perform the following steps to install the KB14480034 hotfix for SCCM 2203:

  • Launch the Configuration Manager console.
  • Navigate to Administration > Overview > Updates and Servicing.
  • Right-click Configuration Manager 2203 Hotfix KB14480034 and select Install Update Pack.
Hotfix KB14480034 for SCCM 2203
Hotfix KB14480034 for SCCM 2203

The Configuration Manager 2203 hotfix KB14480034 includes only site server updates. There are no console updates or client updates included with this hotfix. Click Next to continue.

You may also run a prerequisite check before installing the hotfix KB14480034 to eliminate potential errors or warnings. Typically, hotfixes shouldn’t cause any major issues.

Hotfix KB14480034 for SCCM 2203
Hotfix KB14480034 for SCCM 2203

On the License Terms page, review and click I accept these license terms and privacy statement for the update pack. Click Next.

Hotfix KB14480034 for SCCM 2203
Hotfix KB14480034 for SCCM 2203

Review the settings on Summary page and on Completion window, click Close. The hotfix installation begins now.

SCCM 2203 Hotfix KB14480034
SCCM 2203 Hotfix KB14480034

You can monitor the hotfix installation progress by reviewing the cmupdate.log on the site server. Alternatively, even Monitoring workspace provides the progress of hotfix installation.

The total installation time for hotfix KB14480034 was only 10 minutes and there were no errors encountered during the installation of this update.

The hotfix update KB14480034 does not require a computer restart or a site reset after installation. Although you may restart the server if you’d like to.

As mentioned earlier, there is no console upgrade after you install the hotfix KB14480034. The console version will remain 5.2203.1063.1500.

Similarly, there will be no client agent upgrade required and the client agents will remain at version 5.00.9078.1006. For more information, read about the updated SCCM build numbers, console version numbers.

Updating the Secondary Site with Hotfix KB14480034

After you install SCCM 2203 hotfix KB14480034 update on a primary site, pre-existing secondary sites must be manually updated. Read more about secondary site installation in SCCM.

To update a secondary site in the Configuration Manager console, select Administration > Site ConfigurationSites > Recover Secondary Site, and then select the secondary site.

Run the following SQL Server command on the site database to check whether the update version of a secondary site matches that of its parent primary site:

select dbo.fnGetSecondarySiteCMUpdateStatus ('SiteCode_of_secondary_site')
  • If the value 1 is returned, the site is up-to-date, with all the hotfixes applied on its parent primary site.
  • If the value 0 is returned, the site has not installed all the fixes that are applied to the primary site, and you should use the Recover Secondary Site option to update the secondary site.

Share This Article
Prajwal Desai
Posted by Prajwal Desai
Follow:
Prajwal Desai is a Microsoft MVP in Intune and SCCM. He writes articles on SCCM, Intune, Windows 365, Windows Server, Windows 11, WordPress and other topics, with the goal of providing people with useful information.
5 Comments

PatchMyPC Sponsored AD

Recast Sponsored AD

Popular Articles

step by step
SCCM 2012 R2 Step by Step Guide
SCCM
windows updates
How To Deploy Software Updates Using SCCM ConfigMgr
SCCM
How to Install WSUS for SCCM
How to Install WSUS for SCCM | SUP Role | ConfigMgr
SCCM WSUS
Fix Skype for Business (Lync) Recording Shows Pending Status
Fix Skype for Business Recording Shows Pending Status
Lync

Recent Articles

Renew Apple MDM Push Certificate in Intune
Renew Apple MDM Push Certificate in Intune
Intune
How to Deploy Cisco Jabber using SCCM
How to Deploy Cisco Jabber Using SCCM (ConfigMgr)
SCCM
Canonical Names of Control Panel Items
List of Canonical Names of Control Panel Items
Windows 11
Turn On or Off Spell Check in Notepad on Windows 11
Enable Spell Check and Autocorrect in Notepad on Windows 11
Windows 11