Jump to content


bterhune

Problems with clients going to Microsoft Update for updates instead of SCCM

Recommended Posts

I have some automatic deployment rules set on SCCM 2012 that indicate to about 2,000 or so workstations to get their updates from the SCCM server and an additional distribution once a month. For the last two times that deadline rolled around I've saturated our Internet bandwidth with client calls out to Microsoft Update. I'm trying to figure out why these machines won't get them from the server?

 

Here's a snippet of data from a locationservices.log on a malfunctioning client:

<![LOG[successfully sent location services HTTP failure message.]LOG]!><time="08:41:05.452+300" date="10-20-2015" component="LocationServices" context="" type="1" thread="4328" file="ccmhttperror.cpp:396">

<![LOG[Error sending HEAD request. HTTP code 600, status '']LOG]!><time="08:41:05.452+300" date="10-20-2015" component="LocationServices" context="" type="3" thread="4328" file="util.cpp:2568">

<![LOG[Workgroup client is in Unknown location]LOG]!><time="08:41:05.452+300" date="10-20-2015" component="LocationServices" context="" type="1" thread="4328" file="lsad.cpp:1078">

<![LOG[Failed to send request to at host sccm2012.uthsc.tennessee.edu, error 0x2ee7]LOG]!><time="08:41:05.452+300" date="10-20-2015" component="LocationServices" context="" type="2" thread="4328" file="ccmhttpget.cpp:1871">

<![LOG[[CCMHTTP] ERROR: URL=http://sccm2012.uthsc.tennessee.edu, Port=80, Options=192, Code=12007, Text=ERROR_WINHTTP_NAME_NOT_RESOLVED]LOG]!><time="08:41:05.452+300" date="10-20-2015" component="LocationServices" context="" type="1" thread="4328" file="ccmhttperror.cpp:297">

<![LOG[Raising event:

 

instance of CCM_CcmHttp_Status

{

ClientID = "GUID:1D5B6303-F62C-4655-87BB-60679730B062";

DateTime = "20151020134105.452000+000";

HostName = "sccm2012.uthsc.tennessee.edu";

HRESULT = "0x80072ee7";

ProcessID = 4932;

StatusCode = 600;

ThreadID = 4328;

};

]LOG]!><time="08:41:05.452+300" date="10-20-2015" component="LocationServices" context="" type="1" thread="4328" file="event.cpp:715">

<![LOG[successfully sent location services HTTP failure message.]LOG]!><time="08:41:05.468+300" date="10-20-2015" component="LocationServices" context="" type="1" thread="4328" file="ccmhttperror.cpp:396">

 

On that same client here's some data from the WUAHandler.log:

 

 

<![LOG[Enabling WUA Managed server policy to use server: http://sccm2012.uthsc.tennessee.edu:8530]LOG]!><time="21:48:00.434+300" date="10-16-2015" component="WUAHandler" context="" type="1" thread="2052" file="sourcemanager.cpp:948">

<![LOG[Waiting for 2 mins for Group Policy to notify of WUA policy change...]LOG]!><time="21:48:00.449+300" date="10-16-2015" component="WUAHandler" context="" type="1" thread="2052" file="sourcemanager.cpp:954">

<![LOG[Timed out waiting for Group Policy notification.]LOG]!><time="21:50:00.459+300" date="10-16-2015" component="WUAHandler" context="" type="1" thread="2052" file="sourcemanager.cpp:95">

<![LOG[unable to read existing WUA resultant policy. Error = 0x80070002.]LOG]!><time="21:50:00.459+300" date="10-16-2015" component="WUAHandler" context="" type="2" thread="2052" file="sourcemanager.cpp:958">

<![LOG[Group policy settings were overwritten by a higher authority (Domain Controller) to: Server and Policy NOT CONFIGURED]LOG]!><time="21:50:00.459+300" date="10-16-2015" component="WUAHandler" context="" type="3" thread="2052" file="sourcemanager.cpp:1013">

<![LOG[Failed to Add Update Source for WUAgent of type (2) and id ({EFF83188-7CB0-4536-8889-386EEA1D851E}). Error = 0x87d00692.]LOG]!><time="21:50:00.459+300" date="10-16-2015" component="WUAHandler" context="" type="3" thread="2052" file="cwuahandler.cpp:2325">

<![LOG[CWuaHandler::SetCategoriesForStateReportingExclusion called with E0789628-CE08-4437-BE74-2495B842F43B;E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for leaves and E0789628-CE08-4437-BE74-2495B842F43B,A38C835C-2950-4E87-86CC-6911A52C34A3; for bundles]LOG]!><time="03:53:45.056+300" date="10-17-2015" component="WUAHandler" context="" type="1" thread="2208" file="cwuahandler.cpp:2527">

<![LOG[its a WSUS Update Source type ({EFF83188-7CB0-4536-8889-386EEA1D851E}), adding it.]LOG]!><time="07:50:58.996+300" date="10-19-2015" component="WUAHandler" context="" type="1" thread="4712" file="sourcemanager.cpp:1232">

 

Does anyone have advice regarding what I might look at? I'd love any direction that you all could provide. Cause I have no idea how to resolve it at this point.

Brad Terhune

Share this post


Link to post
Share on other sites

So you are deploying these as "Required"

 

Once the machines pulls the policy for required updates it will kick off a background download of the updates to have them locally to install at the deadline time. I found this out the hard way as well by testing it and saturating our networks as well. I can't find any documentation on this though anywhere but with watching my Meraki traffic and clients traffic I can see it clearly downloading even though the deadlines aren't reached yet.

 

What I've done to solve it is make the deployment available time later in the day so that most of the machines kick off the downloading portion after hours so that network saturation doesn't affect my sites during the day. I started making them available Friday nights at like 7:00pm for the deployments so that all weekend things can download even if someone is on there home network. The machines that come in on Monday that were off the entire weekend will kick off at that time but I find it is far less disruptive to everything so I don't have saturation occurring anymore.

Share this post


Link to post
Share on other sites

It sounds like you're saying this is a behavior on the client side that I'm not going to be able to disable through group policy or some other rule? I have maintenance windows set on the collections but that doesn't matter.

 

I have evaluations set to occur on a schedule and deployment happens ASAP for various groups. I changed the evaluation times to a different time- later in the evening/early morning.

 

Hopefully that will help.

 

Anyone experience this problem and figured out how to get the clients to not cache local files ahead of deployment time? I really want all the updates to come from SCCM.

Brad

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...