Clients with a broken Configuration Manager Client is the worst. You lose management of the client, and it drags down compliance. I have even seen some broken clients report back as compliant while they are not. I’m aware about other community solutions to reinstall the client if broken, and they are all great solutions but I one of my customers had two specific issues with their clients that caused about 10% of the computers to not receive patches, and none of those solutions would fix their problem.

I needed a way to consistently check the health sccm client and automatically attempt to fix known errors. ConfigMgr Client Health was born.

ConfigMgr Client Health is a PowerShell script that detects and automatically fixes broken SCCM clients. It is designed to run as a start-up script and I recommend to do this with Group Policy or a logon script to enforce that all devices have their ConfigMgr client validated and fixed each time their computer starts. The script reads its configuration from a XML file that can be stored centrally on a share to easily update the configuration on all your clients.

Info about the latest version and full documentation is always available at this page: https://www.andersrodland.com/configmgr-client-health/

Download latest version of ConfigMgr Client Health here: Microsoft Technet Galleries

ConfigMgr Client Health Features

ConfigMgr Client Health validates and fixes the following client issues

0x80004005 error in WUAHandler.log cause client to not receive software updates.

Admin$ share on client.

Client stuck in provisioning mode.

Client not receiving state messages.

Corrupt WMI cause client not working.

Enforce necessary services are running.

Reinstall ConfigMgr client if necessary to fix detected issues.

Reinstallation of client from ConfigMgr server share to make sure newest version of client is installed.

Set MaxLogSize on SCCM client.

How to use

Place ConfigMgr-ClientHealth.ps1 and config.xml on a share that all computers have access to. Make sure to protect the share so users cannot edit the files.

Make sure the clients run “ Powershell.exe -Executionpolicy Bypass -NoLogo -NonInteractive -File \\server\share\ConfigMgr-ClientHealth.ps1 -Config \\server\share\config.xml “, either by GPO or a logon script.

“, either by GPO or a logon script. The script need to run under SYSTEM context. Local administrator rights is not sufficient to change and enforce the service Remote Procedure Calls..

All features are tested on several different environments, running Windows 7, Windows 8.1 and Windows 10, and I have several customers who run ConfigMgr Client Health in their production environment. Still, you run it at your own risk and I take no responsibility. Feel free to comment if you have any questions or

Download the ConfigMgr Client Health script from Microsoft Technet Gallery: https://gallery.technet.microsoft.com/ConfigMgr-Client-Health-ccd00bd7