Jump to content


anyweb

using System Center 2012 Configuration Manager - Part 9. Deploying Monthly Updates

Recommended Posts

Can anyone pls help me with this. I am having trouble to run the script to create folders and collections

 

 

 

PS E:\> dir SCCMTools\powershellscripts\createfoldersandcollections.ps1> Set-ExecutionPolicy RemoteSigned

Get-ChildItem : A positional parameter cannot be found that accepts argument 'RemoteSigned'.

At line:1 char:4

+ dir <<<< SCCMTools\powershellscripts\createfoldersandcollections.ps1> Set-ExecutionPolicy RemoteSigned

+ CategoryInfo : InvalidArgument: ( :) [Get-ChildItem], ParameterBindingException

+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand

PS E:\>

 

----

I think the issue with the .ps1 but I am not sure what will be the work around.

When I run this without .ps1, it gives me the below error

 

 

PS E:\SCCMTools> dir powershellscripts\CreateFoldersAndCollections

Get-ChildItem : Cannot find path 'E:\SCCMTools\powershellscripts\CreateFoldersAndCollections' because it does not exist

.

At line:1 char:4

+ dir <<<< powershellscripts\CreateFoldersAndCollections

+ CategoryInfo : ObjectNotFound: (E:\SCCMTools\po...sAndCollections:String) [Get-ChildItem], ItemNotFound

Exception

+ FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetChildItemCommand

Share this post


Link to post
Share on other sites

First of all, great job this is definitely the best SCCM blog I've found.

 

I am having trouble with deploying updates, the clients deployment status shows this:

 

Status: Failed to install update(s)

Error Code:0x80070005

Error Description:Access is denied.

 

Last Enforcement State: Failed to install update(s)

Last Enforcement Error Code:0x80070005

 

http://ioan.in/N2EG

 

I have a permission problem somewhere :(

 

On the clients I get:

 

Failed to download contents for update 1a571c03-31b3-440e-87ee-d4952f090d03.

 

Bundle update "20b340d0-2c5e-4600-8095-f7a5e403f1a2" failed to get content for update "cb2c36a8-437a-4be5-9780-571301b7e53f". Please check the enforcement status of update "cb2c36a8-437a-4be5-9780-571301b7e53f" to get further details.

 

Updates advance download job completed with failure for assignment {d1325882-d2d1-49c8-9e18-127f7cf51176}.

 

Any hints on this are greatly apreciated :D

 

 

Hi everyone, I've solved the problem and wanted to share maybe it will help someone.

 

On the client DataTransferService.log i got the error:

 

Successfully sent location services HTTP failure message.

Error sending DAV request. HTTP code 401, status 'Unauthorized'

GetDirectoryList_HTTP('http://DCM-SRV-SCCM-01.ulbsibiu.local:80/SMS_DP_SMSPKG$/e1dc20b6-5536-4bd0-9b3b-e26fc09287d0') failed with code 0x80070005.

 

The workaround is to check Allow clients to connect anonymously on the Distribution point Properties.

 

Thank you all, especially anyweb for his amazing blog, keep up the good work.

Share this post


Link to post
Share on other sites

In Step 1 how do I get Vista and 2008 R2 in the OS list? In my current SCCM setup, those are the only machines I have.

 

just edit the XML files and include (or remove) the os's you want/don't want.

Share this post


Link to post
Share on other sites

Niall,

 

First off great post. I hope you can help me out by expanding on it a bit. I’ve got three ADRs set up that are totally identical in terms of the updates they download and push out. The only thing that differentiates them is the week in which they push out updates (each is staggered out 1 week after the other) and (of course) the collections they point to. Here's what I have in the console:

 

post-8347-0-25041000-1361939723_thumb.png

 

Basically they work in this fashion:

 

Week 1 - Alpha Push

Week 2 - Beta Push

Week 3 - Production Push

 

Key point- Since the updates being pushed were identical I just created one deployment package with one package source folder and pointed all three at it.

 

So far all three have been running without any apparent issues. Now I'm hearing that pointing multiple ADRs to the same package is (in fact) a bad idea and I should separate them out. Further complicating matters, I have integrated Office 2007-2013 updates into these ADRs and I now understand that is a bad idea too (because of the 1000 update max) and I need to separate those out into their own ADR! Now I'm totally confused about how to proceed. What I need is the aforementioned three week update process with Windows Updates and Office Updates going out on the same day and time. If I have to use different software update groups for the Office Updates and Windows Updates, I'd like to somehow "tie" the two together so from my end user's perspective they just appear as single updates (with the same deadlines and restart window). Can that be done by just scheduling them to go out on the same date and time? I'd also really like to do this in the most "disk efficient" manner possible. it just seems like a waste to make three ADRs that download the same exact updates every month, only in different package folders. Whats the problem with pointing these at the same package if al the updates are the same?

 

So far I have yet to find a guide that covers anything beyond "this is how you make an ADR for Windows 7 and WIndows XP", but surely people are doing more than that. Can you please elaborate more on how you structure your Software Update ADRs, Packages, Groups and Source Folders when you start to add other products into the mix like Office, SQL Server, etc?

Share this post


Link to post
Share on other sites

Hi Niall! And nice work as always!

 

When i create the rule i dont have the same options as you do when i crate the Deployment rule, se screenshot. I would guess "All messages" represents "Normal" in your screenshot?

 

 

 

 

post-12125-0-58609600-1362126091_thumb.png

Share this post


Link to post
Share on other sites

yup that's correct, certain things were re-worded from RTM to SP1, but it should all make sense, if not i can post additional screenshots.

  • Like 1

Share this post


Link to post
Share on other sites

Hello Gentlemen;

I'm a newbie and studying SCCM2012. I am a bit confused.

 

Without WSUS or SUP, when we trigger windows update, "windows update" updates windows itself and installed MS products. That's good.

...but in a system there are many servers and each server has different bunch of ms products installed.

Server1 - Win2012 - Exch2013

Server2 - Win2003 - Exch2007

Server3 -Win2008, SQL Express 2005, capicom, silverlight

Server4 - Win2008, SQL Srv 2008R2, OpMgr2007

Server5 - Win2003, SharePoint2007, SQL Srv 2005

..etc.

Additionally when someone else add a new server which has ms products installed to the system, should I create new software update group and deployment(s) in SCCM?

 

Should I create different deployment groups and deployment definitions for each MS product in SCCM 2012? If yes, is this automation? Just for SQL Server, there are many different releases; sql express 2005, sql express 2008, sql srv 2005, r2 , cd, cdi, diesel, hybrid ...

 

Thanks

Share this post


Link to post
Share on other sites

Hi, thanks for the tutorial. i do have a few questions regarding scan cycle vs evaluation cycle vs re-evaluation cycle vs machine policy

 

so ive read the definition of each but am still confused as to what does what exactly and how it relates to manual (actions tab) vs client settings

 

so the software scan seems pretty straight forward, it seems to be only for inventory purposes and will not "install" anything.

the software Updates Deployment evaluation Cycle installs ALL updates (new or uninstalled)

 

what does the machine policy retrieval do in regards to software updates? i read it updates the policy but does that actually do anything for software updates? will it actually push a patch out?

 

in client settings is there a direct relation from Schedule Deployment Re-evaluation and software Updates Deployment evaluation Cycle (in Actions), if there is and this is set to every 7 days does it mean patches ONLY install every 7 days? or is patch "connects" occurring every 60 mins (default of client policy polling interval)

 

i really appreciate any help.. wrapping my head around when patches will be deployed and how often is driving me crazy! THANKS!

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.