Inactive clients = offline clients + unhealthy clients.
That’s something I’ve said in words many times in the past, but the formula is a powerful way to articulate it. We all did at least basic algebra in high school and thus understand that if you know 2 variables in such an equation then you can solve for the third variable. So if we know two of the client health values confidently then we know the third one confidently – that’s a breakthrough!
To recap, those of us that do computer management client health know that fully unhealthy clients and offline clients share a key trait: they don’t report any data to the servers. Offline clients are ‘good’ in the sense that they can’t do anything bad to other computers (like infecting them with viruses), and they can’t be managed, so they should be removed from the denominator when calculating computer management success (such as patch management success). But fully unhealthy clients do the same thing (don’t report data to the servers). Therefore we can’t directly distinguish between offline clients and fully unhealthy clients.
If we have a small number of inactive clients then the whole issue is insignificant. But if we have too many of them then we do care about this issue. For example, if we do a patch (software update) management deployment and 96% of the clients are reporting as compliant after 3 weeks while our SLA is 98% then we would be worried. If we checked the status and found that 2.3% are reporting “Enforcement state unknown”, 1.5% failed to install the patches (for the usual patch installation issues), and all other ‘buckets’ are very small, then obviously the '”Enforcement state unknown” clients are the important ones. As client health administrators we have to explain what that bucket means.
"Enforcement state unknown” brings us back to the formula. These are generally inactive clients, which is easily demonstrated with a simply query or report. But are they offline or unhealthy? If we could reliably distinguish the offline clients (‘O’ in the formula) then we could take them out of the patch management success calculation. Or we could focus on the unhealthy clients and fix them. In a future post I’ll discuss the offline client problem but for now let’s agree that there is no good solution for it at this time.
The good news is that with ConfigMgr 2012 we should be able to reliably identify the unhealthy clients (‘U’ in the formula). We know ‘I’ and “U’ and therefore can calculate ‘O’! The unhealthy clients are determined by the ConfigMgr 2012 “ccmeval.exe” program, which has few dependencies and runs on the clients themselves, and therefore should be very reliable. We already have ‘I’ from the server-side data. Therefore the formula allows us to know ‘U’ with great accuracy. In my case I found that 7% of the ‘Enforcement state unknown’ clients were unhealthy and therefore the the SUM administrator could be confident that most of the “Enforcement state unknown” clients were simply offline. He could adjust his compliance calculation accordingly and know that he had more than 98% compliance, meaning that he had indeed achieved his SLA.
p.s. Credit goes to Josh Pointer (Principal PM, ConfigMgr product team) for emphasizing this concept to me. He didn’t word it this way but the concept is the same.