[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Windows update via SCCM (SUP)

Posted on 2011-04-20
5
Medium Priority
?
1,912 Views
Last Modified: 2013-11-21
I have created a brand new wsus server but have not run the configuration wizard because I want sccm to manage the windows updates.

How do I go about configuring SCCM for windows updates?

At the moment I just want to be able to see how up to date the machines are while my old wsus server continues to apply windows updates through a gpo.

If I look at the update services role on the new wsus server only 13 machines are reporting back.  How do I check the updates status on the new wsus server or within scm?
0
Comment
Question by:WNottsC
  • 3
  • 2
5 Comments
 
LVL 31

Expert Comment

by:merowinger
ID: 35431642
As soon as you install a Software Update Point on top of the WSUS Server you have to deploy Updates with SCCM.
So i there's no possibility to get the Patch State in SCCM while deploying with native WSUS.
Also as soon as you deploy Updates with SCCM its important that no WSUS Policy is applying.
0
 

Author Comment

by:WNottsC
ID: 35431663
Ok just so I understand it.

Currently we have a WSUS server wsus1 which synchronises with Microsoft and is pushing out windows updates with all settings set in a GPO.

I have now created a new WSUS server wsusnew which also synchronises with Microsoft.

I have SCCM on a seperate server but have installed the SUP role on the remote wsus server wsusnew.

1. There is now way of seeing the update statuses within the new WSUS server or SCCM while the old WSUS server and GPO are active?

2. How do I go about switching from native WSUS to using SCCM?


0
 
LVL 31

Expert Comment

by:merowinger
ID: 35431729
1. Yes exaclty. You have to enable the SCCM Updates Agent to get the update compliance information. As soon as there's a WSUS Group Policy, the local SCCM Policy will be overwritten. The client just can report to one environment
2. You build a update deployment structure in SCCM, disable the WSUS Policy and enable the SCCM Updates Agent in your SCCM environment
0
 

Author Comment

by:WNottsC
ID: 35437466
Thanks for these points but I am having trouble configuring the SUP

Background of the SCCM setup-

I have a Primary site server with most roles on but not the Software update point.  I have a remote WSUS server which has the SUP role on.  WSUS Seems to be working fine and is synchronising with SCCM with no errors.

1.  I then installed a secondary site server which has the DP Role, PMP Role and SUP Role.

If I look at the Compnent Configuration on the PrimarySite Server, the SUP component settings are

General - Active Software update point on remote server
                 Active server name:  is remote WSUS server
Sync Settings - is synchronize from Microsoft Update
other tabs are fairly standard

If I look at the SUP Component settings on the secondary server I only get two tabs General and Sync settings.

On the General tab it is set to none
On the sync settings tab  the first option is greyed out but set as "Synchronize from an upstream update server"

I thought everything was ok but I am getting SMS_WSUS_CONTROL_MANAGER errors
message ID  4968
SMS Site Component manager failed to install this componnet, because it either can't find or configure WSUS

It is suggested in what I have read that this is because it can not find   "an active software update point on site server"

Does anyone have any idea about this
0
 
LVL 31

Accepted Solution

by:
merowinger earned 2000 total points
ID: 35505623
you need the WSUS Admin console on the Site Server
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The environment that this is running in is SCCM 2007 R2 running on a Windows 2008 R2 server. The PXE Distribution point is running on its own Windows 2008 R2 box. This is what Event viewer showed after trying to start the WDS service:  An erro…
Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question