sobrsu
asked on
SCCM 2012 Not deploying all updates
Hello everyone, I am having an issue getting SCCM 2012 sp1 to deploy all updates to our managed computers. I have been working with Microsoft Support for over a week and this issue is not getting resolved. We are using Automatic Deployment rules and running them, and they will not pick up and deploy all updates. I see them in the catalog, I'm seeing that it's registering that clients require them, but they are neither downloaded, or deployed. We've triple checked the rule is setup to pick these updates up, and deploy them, but it's just not happening.
It is deploying some updates however so I know the communication, and deployment packages are working. It's just after I receive the notification that my machine has installed updates, I go to; "Check for Windows Updates online" and it will come back with tons of critical updates.
I am attaching some screen shots of how the rule is setup. Any suggestions would be greatly appreciated.
Thanks or your time
general.PNG
deployment-settings.PNG
software-updates.PNG
download-settings.PNG
It is deploying some updates however so I know the communication, and deployment packages are working. It's just after I receive the notification that my machine has installed updates, I go to; "Check for Windows Updates online" and it will come back with tons of critical updates.
I am attaching some screen shots of how the rule is setup. Any suggestions would be greatly appreciated.
Thanks or your time
general.PNG
deployment-settings.PNG
software-updates.PNG
download-settings.PNG
Agree with the WOL setting, but not only within SCCM but the client-side, as well.
ASKER
I have not tried the WOL setting, but one of the clients I am trying to run these updates on does not sleep, and does not get certain updates (kb2783534, kb2727528, etc..) Our WSUS server is on the same machine as our SCCM server, and there is no defined policy in GP to set updates.
Again my machines are getting updates, just not all of them. It seems to be skipping over some "Critical Updates" here and there. Any other ideas, or tips on where to look? Could it be something to do with the fact the product still hasn't been activated?
Again my machines are getting updates, just not all of them. It seems to be skipping over some "Critical Updates" here and there. Any other ideas, or tips on where to look? Could it be something to do with the fact the product still hasn't been activated?
Not being activated could play a role into it because once it is past the activation grace period the OS shuts down some features.
Make sure those KBs are part of your ADR specifications as well.
Make sure those KBs are part of your ADR specifications as well.
ASKER
Okay I will activate, and try it out.
Thank you
Thank you
Hi
Activating the OS is definitely going to affect things.
I recently set SUP up and had issues with nothing new installing because WSUS had a sync error. Once that was resolved everything worked.
Also make sure the patches all appear in the console as "downloaded" = yes. Microsoft call it provisioning.
To test you could forget the ADR and just create an update group + package with a few of the missing patches and target a collection of a machine or two. When in doubt, simplify.
Finally the WindowsUpdate.log (in Windows) is invaluable. The ccm\logs are OK but WindowsUpdate is the one to watch.
Mike
PS: I noticed you ticked the bottom two options "get from Microsoft if nothing works" and "use this link even if you have to pay for it" - I'm guessing you checked those as things were not happening but things will work without those. They were added in SP1 just for extreme cases.
Activating the OS is definitely going to affect things.
I recently set SUP up and had issues with nothing new installing because WSUS had a sync error. Once that was resolved everything worked.
Also make sure the patches all appear in the console as "downloaded" = yes. Microsoft call it provisioning.
To test you could forget the ADR and just create an update group + package with a few of the missing patches and target a collection of a machine or two. When in doubt, simplify.
Finally the WindowsUpdate.log (in Windows) is invaluable. The ccm\logs are OK but WindowsUpdate is the one to watch.
Mike
PS: I noticed you ticked the bottom two options "get from Microsoft if nothing works" and "use this link even if you have to pay for it" - I'm guessing you checked those as things were not happening but things will work without those. They were added in SP1 just for extreme cases.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
accepted as solution because the information in my comment was what resolved the problem.
Those settings look good to me, have you tried enabling the option "Wake on LAN'?
I had the exact same issue when I tested the Eval of SCCM 2012 but for some reason I couldn't get it to work either.
Is your WSUS server the same server your SCCM 2012 server?
Is there any GPO(s) setup/defined for System Updates? If so you may want to disable them for now to test because GPO>SCCM rules.
Good LUCK!!