Jump to content


Established Members
  • Content Count

  • Joined

  • Last visited

Community Reputation

1 Neutral

About siewjb

  • Rank
  1. We have a ConfigMgr setup where I work that was put in with a primary focus on patching servers, and for managing antivirus for both Clients and Servers. This is the way things are and ultimately I want to get our on-prem clients pulling OS updates from ConfigMrg, but we aren't there today. We do have the ConfigMrg client on all our Windows 10 machines so they are part of ConfigMgr inventory and we get Windows Defender reporting out of them. In order to keep the Windows clients patched we are using a standalone WSUS server (separate from the SUP) that is assigned via Group Policy. This seems to work for about 95% of our clients, but for some reason a small subset of machines seem to have attached themselves to the ConfigMgr SUP and naturally, are not being patched at all. There is no record of the machine on the WSUS console but if I point my WSUS administration console at the SUP and look at the computers I see the missing machines there with recent activity. Does anybody know how or why this happens? How do I prevent it from happening in the future? And how do I get the machines looking at the SUP for Windows Update to stop and get them pointed back at the standalone WSUS?
  2. Thanks for these guides! I've "inherited" a ConfigMgr setup already in production, and I've built a lab before from Johan's Hydration Kit, but I wanted to got through building everything step-by-step to get an good grasp on everything that's going on.
  • Create New...