?
Solved

Remove Uninstall Status from WSUS/SCCM

Posted on 2010-11-17
5
Medium Priority
?
1,129 Views
Last Modified: 2013-11-21
Before synchronizing our WSUS and SCCM services, we had a Vista update in SCCM with an approval of "Approved for Removal."  Now that the synchronization has been setup and complete, the clients are successfully reporting and pulling updates through SCCM.  I've gone into WSUS and changed the approval for that update tp "Install."  I also deployed the update through SCCM.  The problem I am having is that the update is being removed afterword and is showing in the clients recent update list as "(Uninstall)."  I am guessing that the clients did not receive the approval status change in WSUS because they now report to SCCM instead.  Is there anyway to fix this?
0
Comment
Question by:abyss0208
  • 3
5 Comments
 
LVL 31

Expert Comment

by:merowinger
ID: 34162275
Why do you use SCCM and WSUS at the same time?!
0
 

Author Comment

by:abyss0208
ID: 34163245
We only manage our patches now through SCCM.  The WSUS is still required to pull the updates from Microsoft and get synched to the WSUS.
0
 
LVL 4

Expert Comment

by:fr0nk
ID: 34211519
Don't even open the WSUS console when you're using SCCM to handle your updates. It is almost impossible not to screw something when using both (SCCM and WSUS console) at the same time.

The behaviour of your client entirely depends on the policy the client gets.

When you enable the appropriate software update client component the client will create a LOCAL GPO and tries to apply it. However, if there's any GPO in your domain that is applying any different setting, the client will complain about it in the WUAHandler.log with the string:
Group policy settings were overwritten by a higher authority (Domain Controller)

So there's no way the local policy from the agent can win when a different GPO is coming from your domain.
When you enable software updates, the WSUS client is only being used for reporting the patch level, not for installing the patches.

Do the following:
- Reinstall the Software Updates Point. During the installation the SUP will configure the WSUS. Don't touch the WSUS afterwards.
- On that particular client, uninstall the agent (ccmsetup.exe /uninstall -> ccmsetup.exe is located on your Site server in the shared installation directory of SCCM inside a "Client" directory).
- Try to manually remove this particular patch on the client
- Reinstall the client agent and observe WUAhandler.log


Hope this helps
0
 

Accepted Solution

by:
abyss0208 earned 0 total points
ID: 34217099
It turns out the WSUS IIS settings had been screwed up during hardening of the settings.  Once it was fixed the clients started reporting to WSUS again and it received the reversal of the approval for that particular update.  Clients are continuing to receive new Microsoft Updates from SCCM.

Thanks for suggestions.
0
 

Author Closing Comment

by:abyss0208
ID: 34246243
Problem corrected itself after resetting permissions in IIS.
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous article  (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html)detailed one possible method to get SCCM 2007 installed an…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Enter Foreign and Special Characters Enter characters you can't find on a keyboard using its ASCII code ... and learn how to make a handy reference for yourself using Excel ~ Use these codes in any Windows application! ... whether it is a Micr…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question