Jump to content

Search the Community

Showing results for tags 'WSUS'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Cloud
    • Azure
    • Microsoft Intune
    • Office 365
  • General Stuff
    • General Chat
    • Events
    • Site News
    • Windows News
    • Suggestion box
    • Jobs
  • MDT, SMS, SCCM, Current Branch &Technical Preview
    • How do I ?
    • Microsoft Deployment Toolkit (MDT)
    • Official Forum Supporters
    • SMS 2003
    • Configuration Manager 2007
    • Configuration Manager 2012
    • System Center Configuration Manager (Current Branch)
    • Packaging
    • scripting
    • Endpoint Protection
  • Windows Client
    • how do I ?
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows Vista
    • Windows XP
    • windows screenshots
  • Windows Server
    • Active Directory
    • Microsoft SQL Server
    • System Center Operations Manager
    • KMS
    • Windows Deployment Services
    • NAP
    • Failover Clustering
    • PKI
    • Windows Server 2008
    • Windows Server 2012
    • Windows Server 2016
    • Windows Server 2019
    • Hyper V
    • Exchange
    • IIS/apache/web server
    • System Center Data Protection Manager
    • System Center Service Manager
    • System Center App Controller
    • System Center Virtual Machine Manager
    • System Center Orchestrator
    • Lync
    • Application Virtualization
    • Sharepoint
    • WSUS

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 90 results

  1. Dear Team, Please advise on an Windows Updates issue. Installed a 1606 sccm standalone site on W2012 R2 server, with WSUS and WDS roles. I have configured a SUP role. Have succesfully synchronised with Windows Updates online, and have download +- 35 Windows 10 Critical updates. These are visible in console, I have created a Software Update Group, and deployed this to a W10 workstation with new sccm client. Problem is updates never show up on client. Content doesnt get copied to ccmcache directory. I have viewed most of the client logs relating to Updates. Few things i see: -Failed to attach update to the automation wrapper, error = 0x87d00215 -EnumerateUpdates for action (UpdateActionInstall) - Total actionable updates = 0 -Received User delta policy update with 0 assignments -Exception System.Management.ManagementException: Generic failure (Microsoft.SoftwareCenter.Client.Data.WmiConnectionManager at ExecuteQuery) But I think problem is not on client, but on server. I have succesfully distributed other software applications to client. But updates dont come. Firewall ports 8530, 8531 are open. Windows Updates Automaticly is disabled at client via policy. Client recoginises SUP, I see my SUP in logs. and can ping via FQDN. Alle site-roles and component status are green in SCCM logs. Any help is appreciated.
  2. Hey Guys - I have one more issue currently that I need advice on, please. When SCCM was first introduced and clients deployed in our environment, there was a single server local to the primary which had the SUP role & WSUS installed. We soon realized that shortly after client deployments to remote sites that them simply evaluating updates needed against the remote (to them) WSUS server caused havoc with WAN bandwidth. Since then, I have installed & configured the SUP role / WSUS at both secondary sites which many clients are local to and are in the same boundaries with. They were automatically configured to be upsteam to the WSUS local to the primary. I've also verified in the console + log files that synchronization between the primary and secondaries from a software updates perspective is green across the board. When checking WindowsUpdate.log on many clients, though, all remote ones I've checked are still pointing to the SUP local to the primary - not their local one on the secondary. I also checked local policy on these clients and it shows the same is configured and no GPOs currently exist that set WSUS settings. I was under the impression that SUP / WSUS server would be assigned based on the boundary each client is in then default back to the primary's if none existing. Is this not correct? The new SUPs were added 2-3 days ago and I have forced all policies on selected clients with no change. We are running SCCM 2012 R2 SP1 CU3 on Windows Server 2012 R2 What am I missing? Thanks!
  3. Guys I am trying to figure out something that has happened in the last week that's never happened before. A bunch of our laptops received windows updates this past Tuesday out of the blue. When I go search in programs and features and look at the updates that were installed I can see these were patches we pushed out months ago. I know for a fact even on my own machine that I had a successful deployment (at least according to deployment monitoring) for the particular software update group. Is it possible for a client to get out of sync and send the wrong message to WSUS kicking off a reinstall? I've never seen anything like this. Any ideas would be appreciated.
  4. Hi everyone, Currently, our company has 2 sites(Site A, site B)in different locations, and we already setup 1 SCCM 2012 R2 server in site A which as a primary server to deploy software, OS, patches to all PCs in 2 site. So my boss wanna build one more server to reduce its resource requirements and improve its performance as well as to load balance the potentially significant network traffic generated by clients downloading package source files. I found out 2 solutions: Solution 1. Setup one distribution point in Site B, so boundary group in site B will get applications, patches content from this new DP, and boundary group in site A still get a content from old one. So if I distribute 1 application contents from DP A to DP B, will PCs in site A will get software content from DP B? For example: In SCCMconsole, I select Winzip, click distribute content, then select DP B, so the PCs in site B can be deploy Winzip quickly right now, but how about PCs in site A, it will deploy from DP B as well, make it slowly, how can I get rid of this issue? Solution 2. Setup 1 secondary SCCM server in Site B, but with this solution, do I need to build 1 more server for central administration site(CAS), thus need 3 servers for SCCM(1 CAS, 1 primary, 1 secondary), is it possible if I just create secondary site without CAS? Actually we just have 400 PCs , no need to build hierarchy with CAS. I'm new in SCCM, so I don't know how to fulfill the requirement, pls advise Thanks so much.
  5. I recently found out the WSUS cleanup had never been run in our environment and during the cleanup and reindexing, it continues to fail. I exhausted all the solutions I have come across for cleanup, and it looks as if I will need to rebuild my WSUS database. That being said, WSUS is integrated into SCCM, currently on build 1511. I am hoping someone may have some knowledge on how to remove everything and build fresh. I would like to minimize the outage and would need to complete relatively quickly. Thank you!
  6. Greetings ! i am excited to be part of this! i am new to SCCM 2007! I have machines that are failing to update, i get the following error [with this error status id: 11751] from the WUHandler log: Unable to read existing WUA resultant policy. Error = 0x80070002.... Group policy settings were overwritten by a higher authority (Domain Controller) to: Server and Policy NOT CONFIGURED.... Failed to Add Update Source for WUAgent of type (2) and id ({F306B350-CE5E-4686-8309-2585E44AF6E0}). Error = 0x80040692. Many thanks!
  7. Hello everyone I have wsus connection problem. When I'm trying to run Windows Sever Update Service from server manager I am getting this error: I have copyed Error to Clipboard and here is detailed error: The WSUS administration console was unable to connect to the WSUS Server via the remote API. Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service. The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists, Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\. System.IO.IOException -- The handshake failed due to an unexpected packet format. Source System Stack Trace: at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) ** this exception was nested inside of the following exception ** System.Net.WebException -- The underlying connection was closed: An unexpected error occurred on a send. Source Microsoft.UpdateServices.Administration Stack Trace: at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args) at Microsoft.UpdateServices.UI.AdminApiAccess.AdminApiTools.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber) at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServer() at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.get_ServerTools() Any suggestions?
  8. Hallo everyone, After MDT have been running the first Windows Update of eighth it returns in Windows to continue the TS it fails because the NIC gets an IP to slow. After 2. sec the LAN icon change and we're able to press retry and it will continue. <![LOG[Error searching for updates: ERROR_INTERNET_TIMEOUT: Retry! (-2147012894)]LOG]!><time="16:06:12.000+000" date="01-29-2016" component="ZTIWindowsUpdate" context="" type="1" thread="" file="ZTIWindowsUpdate"> This is the same for all our computermodels. Anyone have an idea what it can be or how to fix it? Server Setup: Windows 2012 R2 MDT 6.3.8298.1000 ADK 10.0.26624 Default Windows Update Script: NIC Status from Windows (2-4 sec.): MDT Error message: (If I click "forsøg igen/Try again" it continues.)
  9. Hi All, We are going to start to patch our servers using SCCM I have created software update groups for Server 2003, 2008 and 2012 which contains all important and critical updates for the server up until DEC 2014.However I have a problem some servers that require a manual reboot so I advertise my updates like the below: Type of deployment : Required installation deadline : As soon as possible Suppress system restarts : Servers The problem is that after the reboot I check SCCM and the client is compliant the I then go to work the next day check the SCCM console and the client shows as in progress requires reboot because it has installed more updates. I know the problem is that some updates aren't required until a pre-req is install however is there a way to ensure that the client automatically checks SCCM server for updates every 15 minute so that I can confirm that all updates are installed. Also from the SCCM client logs how can I confirm that there is no software updates left to install on the machine if I run the software scan cycle manually Thanks
  10. I have been running MDT 2013 for over 1 year now and its worked great. A few months back, I went to deploy an image to my lab and none of the computers would get windows updates from the WSUS. SO I tried to create a new image and the same result. I get the 0x80244010 in the windows update log. I don't have access to the WSUS to check settings. I am at a loss on how I can create a brand new computer from Windows 7 SP1 ISO and not be able to get any updates. A second question is what do I need to do to remove all traces of the WSUS before I capture the image.
  11. Hi, I've noticed something odd about my Windows Updates. I have ADRs which run on Patch Tuesday, one for Windows 7, 8, Office 2010 and 2013. The updates are placed in four respective Software Update Groups. It seems like older updates are removed from those SUGs. The rules have been in place since the beginning of January. Right now there should be a few dozen updates in this SUG but there are only two. If I filter all my updates like below (to double check that the updates aren't expired/superseded) it finds 24 updates. Why aren't these in my SUG above? The ADR is set to add updates to an existing SUG. Here are the filters. I can't figure out what's happening. My goal was to not really have to pay updates any attention but it seems like I now have to spend time double-checking that all my updates are deployed correctly.
  12. Hi there I have a problem that's causing some heartache at the moment. We have a CAS and a number of child Primary Sites. The CAS is set as the "parent" SUP/WSUS server with the Primary Sites set to synchronize with the CAS. This was all working just fine until about a week ago. What's happening now is that client machines are failing their Software Update Scans (0x80072ee2) across the board. In addition IIS is pegging the Primary Sites CPU at 100% constantly. What i have tried so far is a removal of WSUS and the SUP Role from the Primary Sites and a re-install of same. Once re-installed the Primary does appear to sync correctly with the CAS (wsyncmgr.log) but the above issues just re-appear again. I'm leaning towards some kind of corruption in the CAS WSUS DB, but am open to correction. What i was thinking to try next was a complete removal of WSUS and SUP Roles across the whole hierarchy and start again but the fear i have with this is that i will lose all my Software Update Groups and "approved" updates at the CAS, and therefore, also at the Primary Sites. Obviously i'd like to avoid this at all costs. Does anyone have any advice? If i remove WSUS and the SUP Role from the CAS, will i indeed lose all of the "metadata" from a SUG/update approval perspective? Many Thanks
  13. Hello All, I am trying to sync my WSUS Version: 3.2.7600.226 with SCCM 2012 R2 Version 5.0.7958.1000 but I am getting sync failures and I am not sure how to resolve these failures. BTW the WSUS server was installed in the environment long before the SCCM server and they are on separate servers. wsyncmgr.log Found 1 SUPs $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.483+240><thread=4424 (0x1148)> Found active SUP computer.abc.local from SCF File.~ $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.488+240><thread=4424 (0x1148)> DB Server not detected for SUP computer.abc.local from SCF File. skipping.~ $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.493+240><thread=4424 (0x1148)> Sync failed: WSUS update source not found on site XXX. Please refer to WCM.log for configuration error details.. Source: getSiteUpdateSource $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.498+240><thread=4424 (0x1148)> STATMSG: ID=6703 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_WSUS_SYNC_MANAGER" SYS= computer.abc.local SITE=XXX PID=2092 TID=4424 GMTDATE=Sat Oct 10 23:00:00.502 2015 ISTR0="getSiteUpdateSource" ISTR1="WSUS update source not found on site XXX. Please refer to WCM.log for configuration error details." ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.504+240><thread=4424 (0x1148)> Sync failed. Will retry in 60 minutes $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.511+240><thread=4424 (0x1148)> Setting sync alert to active state on site XXX $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.516+240><thread=4424 (0x1148)> Sync time: 0d00h00m00s $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:00:00.525+240><thread=4424 (0x1148)> Wakeup by SCF change $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:11:55.891+240><thread=4424 (0x1148)> Next scheduled sync is a regular sync at 10/10/2015 8:00:00 PM $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:12:01.015+240><thread=4424 (0x1148)> Wakeup by SCF change $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:12:10.988+240><thread=4424 (0x1148)> Next scheduled sync is a regular sync at 10/10/2015 8:00:00 PM $$<SMS_WSUS_SYNC_MANAGER><10-10-2015 19:12:16.024+240><thread=4424 (0x1148)> WCM.log 19:12:01.015+240><thread=4420 (0x1144)> Updating active SUP groups...~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.024+240><thread=4420 (0x1144)> Updating Group Info for WSUS.~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.035+240><thread=4420 (0x1144)> Set UseParentWSUS property in SCF to 1 on this site forcomputer.abc.local.~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.051+240><thread=4420 (0x1144)> user(NT AUTHORITY\SYSTEM) runing application(SMS_WSUS_CONFIGURATION_MANAGER) from machine (computer.abc.local) is submitting SDK changes from site(XXX) $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.060+240><thread=4420 (0x1144)> Checking for supported version of WSUS (min WSUS 3.0 SP2 + KB2720211 + KB2734608)~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.105+240><thread=4420 (0x1144)> Checking runtime v2.0.50727...~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.115+240><thread=4420 (0x1144)> Did not find supported version of assembly Microsoft.UpdateServices.Administration.~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.126+240><thread=4420 (0x1144)> Checking runtime v4.0.30319...~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.137+240><thread=4420 (0x1144)> Did not find supported version of assembly Microsoft.UpdateServices.Administration.~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.147+240><thread=4420 (0x1144)> Supported WSUS version not found~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.156+240><thread=4420 (0x1144)> STATMSG: ID=6607 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_WSUS_CONFIGURATION_MANAGER" SYS=computer.abc.local SITE=XXX PID=2092 TID=4420 GMTDATE=Sat Oct 10 23:12:01.165 2015 ISTR0="computer.abc.local" ISTR1="" ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.369+240><thread=4420 (0x1144)> Remote configuration failed on WSUS Server.~ $$<SMS_WSUS_CONFIGURATION_MANAGER><10-10-2015 19:12:01.382+240><thread=4420 (0x1144)> My questions are: Do I need to install WSUS on the server that SCCM is on even though I will not be using it? WSUS is using port 80 do I need to change that port to get sync working? Why am I getting a "Support version not found when the minimum supported is 3.0 and I am at 3.2? regards Thanks in advance for your help
  14. Hello everyone I have one question and if you know please answer I want to configure Software update Point in SCCM. As you know, in Software Update Point Settings there is one section called "Synchronization Source" In this section there is three options and one of them is Synchronize from Microsoft Update As I know this option will download updates directly from Microsoft. And if this option is downloading updates from Microsoft then why I need to install WSUS? Is there any difference?
  15. Hey everyone, especially Niall, thank you so much for this community. It's been a great help! I am standing up a new SCCM 2012 R2 server and am setting it up with the plan to deploy SUS updates from SCCM (currently using a standalone WSUS server in our environment). We are running the SQL server DB for SCCM on its own server, using the default instance. I have not installed the SUS role yet on the new SCCM server. My DBA is asking me if it's OK for the SCCM and WSUS databases to share the same instance. My instinct tells me I shouldn't, but the DBA says it that if it were possible, it would save a lot of maintenance overhead. Any SCCM/SQL gurus willing to weigh in on this? I found one link on TechNet that seemed to suggest best practices for this: use the default instance for SCCM, and a named instance for WSUS. But is it necessary? Or recommended just because it's easier to determine resource utilization? Thanks everyone!
  16. I'm having some problems with downstream servers syncing with the upstream server. All WSUS Servers are WSUS Server Version: 3.2.7600.256 and I have installed KB2720211 and KB2734608. The Database is held in the Windows Internal Database The Upstream server is synchronising with Windows Update absolutely fine, and downloading updates OK. The three downstream servers however are not. They are reporting as failed with the below message = Result = An error occurred with the server’s data store. Clicking Details shows the below detailed message = SqlException: Timeout expired. The timeout period elapsed prior to completion of the operation or the server is not responding. at System.Data.SqlClient.SqlConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection) at System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj) at System.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at System.Data.SqlClient.SqlDataReader.ReadInternal(Boolean setTimeout) at System.Data.SqlClient.SqlDataReader.Read() at Microsoft.UpdateServices.DatabaseAccess.DBConnection.ReadOneRow() at Microsoft.UpdateServices.Internal.DataAccess.HideUpdatesForReplicaSync(String xmlUpdateIds) at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.ProcessHiddenUpdates(Guid[] hiddenUpdates) at Microsoft.UpdateServices.ServerSync.CatalogSyncAgentCore.ReplicaSync() at Microsoft.UpdateServic Whats also weird is the computer status is being sync’d to the upstream server and the downstream servers are downloading new updates, yet the sync is still failing? Can anyone shed some light? The upstream server = Server 2003 1 Downstream server = Server 2008 R2 2 Downstream Servers = Server 2003
  17. Hello I am looking to install WSUS onto our SCCM 2012 R2 server for the first time, however I am getting some errors in the wsyncmgr.log and wcm.log files. To install WSUS I did the following: Installed WSUS with default settings and port 8530 Installed KB2720211 Rebooted the server Installed KB2734608 Rebooted the server Installed SUP role in SCCM with critical updates for server 2012 r2 only Triggered catalogue sync I am getting errors as follows: It's strange as the wcm.log file shows that it connects to the WSUS on the server fine, but the wsyncmgr.log file states it can't find a WSUS server. I have tried removing everything and starting from scratch, without any success. Any idea where I am going wrong? I am running SCCM 2012 R2 with the latest SP1, on a Server 2008 R2 OS, with WSUS 3.0 SP2 installed on the same server. Thanks in advance
  18. HI just check the WSUS server and low and behold .................
  19. WSUS is installed on Server 2012 R2 as a Role with SQL Server 2012. we have corporate Proxy Server to connect to Internet which we have to specify in web browser as a automatic configuration script in LAN settings. When I try to connect to Upstream Server on WSUS wizard using Proxy Server settings, getting an HTTP Error with Synchronization - WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it.. also getting Event Error 10022. I tried using Port 8530 & 8531, each time these issues were related to proxy settings. need help!
  20. Hi, I will do my best to explain the issue i am having but it is a weird issue. We have a collection set up that shows us any client that is not on R2 CU4, Upon monitoring this i have noticed that i have a lot of workstations sat in this collection that have recently been re-imaged with a task sequence that uses CU4 in the wizard. i have checked the client manually and it seems to have built correctly, it has all the right software all the actions and it reports to have the correct client version. (5.00.7958.1501). Yet when i check in configuration manager on the properties of that client, the version is 5.00.7958.1000. These workstations have been stuck in this collection and like this for about a month. I checked and most of these workstations have had a heartbeat update within the last 2 days. I also believe this issue is related to why in my recent batch of updates they are reporting as unknown even though i have checked on the Clients themselves and they seem to have installed the updates. Any ideas will be appreciated. Thanks.
  21. Hello, How can I get the Software Center "Reboot pending" balloon to popup in the task bar multiple times? I want to harass our users with the "Reboot pending" notification until they reboot the computer. I don't see a location to set how often the user is notified that a reboot is pending. Any help would be great! Thanks
  22. Hello, first of all i'd like to thank this website, it's helped me out a lot recently. I've recently been working with SCCM and WSUS, this part works great, i can deploy automatic, static updates to collections, the files download successfully. However there is something i would like to apply, clients getting the updates from WSUS directly through the packages downloaded from SCCM. let me explain : automatic collection deployement is very good for deploying the windows updates to computers already discovered, with the SCCM client installed. However when i format a pc, one of the first things to do is a windows update, the registry is correctly configured, to point to the IIS content\Selfupdate\cab file, which points to the WSUScontent folder, i assume. ( in this folder are only packages approuved by the WSUS console) and i suppose that the list of avaible updates are given based on what is downloaded into this folder. 1)Therefore why not download the new updates from sccm automatic rules directly into this WSUScontent folder? 2)I have tried this but the client doesn't seem to detect any new updates when i start a manual scan of windows updates from a pc linked to WSUS server(without the update installed of course). 3)How exactly does the client know where to find the available patches, is there a link between, WSUScontent folder and the database SUSDB necessary in order to "detect" it's presence in this folder? or is it just because of the format of the folder? because the contents of the folder for one patch downloaded by sccm and by WSUS are the same. 4)I understand that there are other ways in doing this, like creating a collection of new installed sccm clients and deploying updates to this collection, or installing the necessary updates directly from the WSUS console(what i am doing at the moment), however i would like to save as much disk space as possible and therefore not have duplicate files for the same Windows update. 5)I am also aware of the unique law of folders when deploying a SUP package, so does WSUScontent take into account subdirectories? could he read WSUScontent\Win7\00FAhjdhfsd\ "file contents" ? 5)while i'm talking about saving disk space, is there any way to directly save a package to a DP folder, i suppose not. 6)So in short my question: is it possible to stock folders into this WSUScontent when downloading the WSUS updates from SCCM, so that when a client pc without sccm client installed scans for available Windows updates, he detects the updates downloaded and distributed by sccm which are contained in the WSUScontent folder? hope i made myself clear, thank you for your futur help.
  23. Hi I have a 2012 R2 set-up with a SUP running on one of my servers, managed by SCCM, can I use this repository for MDT or do I need a separate WSUS instance for MDT as the update won't be authorized for MDT to use(for building reference images with updates). Ideally I don't want to maintain 2 as its a pain authorizing/ downloading 2 lots. What am I missing here. Thanks Guys
  24. Hi all, In multiple environments we experience the same issue; Silverlight is checked in the "Software update Point" as required product. When WSUS runs it's synchronization schedule it is detecting and downloading Silverlight updates as it should. But somehow the updates are not available within SCCM 2012, so I cannot add them to a software update package or software update group. Version: SCCM 2012 R2 5.0.7958.1000 on a Windows Server 2008 R2, Left the SCCM 2012 R2 console, right the WSUS search result on that same server. - Tried to remove the SUP - Cleaned up WSUS (cleanup wizard) Now I've rolled out Silverlight updates manually but this needs to be done automatically via SCCM. Other software updates are loaded in SCCM from WSUS, only Silverlight security updates are not coming through. Has anyone an idea why SCCM does not show any Silverlight security updates?
  25. Hi all, SCCM 2012 r2 and WSUS are becomming my enemy. I followed the steps posted by "anyweb" is his "Using System Center 2012 Configuration Manager - part 5" First things first when you add the SUP, the option to choose http and https is greyed out during the wizard. I have found other posts where users have the problem. So I guess thats not Isolated to me. So I go to SSCM console -> Administration -> Site Configuration -> Sites. bring the properties of the primary site and set "HTTPS or HTTP". I have also checked that iis 8.5 doesn't have https for wsus. I have setup everything on one server, we are small site. Windows 2012 r2, SCCM 2012, SQL 2012. After some tinkering I finally got WSUS to to work. the clients now have the Configuration Manager Client (5.00.7804.1000) availble in Windows update. But it keeps failing to install. I traced the error and discovered it was access denied. So I setup CMtrace on the client and discovered this: ============================================================================================ <![LOG[MapNLMCostDataToCCMCost() returning Cost 0x1]LOG]!><time="07:42:01.130-120" date="01-30-2015" component="ccmsetup" context="" type="1" thread="4944" file="ccmutillib.cpp:5377"> <![LOG[Client is not allowed to use PKI issued certificate thus it can not talk to HTTPS server.]LOG]!><time="07:42:01.132-120" date="01-30-2015" component="ccmsetup" context="" type="3" thread="4944" file="httphelper.cpp:800"> <![LOG[GetHttpRequestObjects failed for verb: 'GET', url: 'https://SENTINAL.NORTHRIDGE.LOCAL/CCM_Client/ccmsetup.cab]LOG]!><time="07:42:01.133-120" date="01-30-2015" component="ccmsetup" context="" type="3" thread="4944" file="httphelper.cpp:947"> <![LOG[DownloadFileByWinHTTP failed with error 0x80004005]LOG]!><time="07:42:01.133-120" date="01-30-2015" component="ccmsetup" context="" type="3" thread="4944" file="httphelper.cpp:1081"> <![LOG[CcmSetup failed with error code 0x80004005]LOG]!><time="07:42:01.138-120" date="01-30-2015" component="ccmsetup" context="" type="1" thread="4944" file="ccmsetup.cpp:10544"> =========================================================================================== error 0x80004005 - according to ther posts I have read via google, this means access denied. and it due to the system looking for a valid PKI cert and the URL is https? Why is the system still trying to use https? How to i fix this?
  • Create New...