на конечном DP ?

Да

да вроде нет криминала

Нет уж, там будет

Dear sirs,

Please find the enclosed summary of your call.

Issue definition:
On the 14/02 you've found your Configmgr 2010 standalone site infra to be FUBAR

Solution:
We've given you a poorly educated indian guy to spend 30h+ with you for useless calls and remote sessions.
Then he escalated the case to the senior engineer who recovered your site from the valid backup in 30 minutes.

Recommendations:
Please have your disaster recovery plan handy at all times.

Thanks again for your call! Please complete the survey that you may receive in 2-3 days.
We value your feedback and opinion!

Sincerely yours,
MS Support

думал мож антивирус, вроде все исключения делал, но на всякий случай удалил с серверов

Да, вроде всё прососалось. PkgXferMgr потом должен прийти и собрать успешный статус с этой PDP, если не получится его нормальным путём обработать

подожду, спасибо

Не за что, ну лучше будет, если ты и на @microsoftrus подпишешься

Если кому нужно делюсь скриптом для форсирования экшенов клиента

Для одного комьютера

.\RunSCCM.ps1 -ComputerName "PC1"

Для нескольких компьютеров

.\RunSCCM.ps1 -ArrayComputers "PC1", "PC2"

Для нескольких компьютеров перечисленных в файле:

.\RunSCCM.ps1 -ArrayComputers (Get-Content "C:\computers.txt")

такой скрипт есть в инетике)

Так и не доехало,  запулил тестовое приложение, тоже не едет, в логе DataTransferService и PullDP движения нет с 14:20

Microsoft подтвердила утечку исходного кода Azure, Exchange и Intune при атаке на SolarWinds
https://habr.com/ru/news/t/543214/

* ушёл засекуривать свой лаптоп

Да но он не корректно работает, если нужно выполнить все экшены. Этот доработанный .

Azure.iso скачать бесплатно

Я снова скажу: читайте первоисточник.
https://msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update/

There was no case where all repositories related to any single product or service was accessed. There was no access to the vast majority of source code. For nearly all of code repositories accessed, only a few individual files were viewed as a result of a repository search.

For a small number of repositories, there was additional access, including in some cases, downloading component source code. These repositories contained code for:

a small subset of Azure components (subsets of service, security, identity)
a small subset of Intune components
a small subset of Exchange components
The search terms used by the actor indicate the expected focus on attempting to find secrets. Our development policy prohibits secrets in code and we run automated tools to verify compliance. Because of the detected activity, we immediately initiated a verification process for current and historical branches of the repositories. We have confirmed that the repositories complied and did not contain any live, production credentials.

Configuration Manager news:

Microsoft Azure vs. SharePoint: What Are the Differences? https://www.windowsmanagementexperts.com/microsoft-azure-vs-sharepoint-what-are-the-differences/microsoft-azure-vs-sharepoint-what-are-the-differences.htm

Cloud attach – Endpoint Managers silver lining – part 4 Enabling co-management https://www.niallbrady.com/2021/02/20/cloud-attach-endpoint-managers-silver-lining-part-4-enabling-co-management/

Running x64 on Windows 10 ARM64: How the heck does that work? https://oofhours.com/2021/02/19/running-x64-on-windows-10-arm64-how-the-heck-does-that-work/

Microsoft подтвердила утечку исходного кода Azure, Exchange и Intune при атаке на SolarWinds
https://habr.com/ru/news/t/543214/