SCCM 2012 Questions
HI Guys,
I need help with the questions below in regards to SCCM 2012.
When I click on software updates, I have placed the updates in a software up[date group, and created an automatic deployment rule in order to update this group automaticallly.
When I expand the software update group, this gives me the list of updates.
there is a required field - i presume the meaning of this is the machines that this update is required on - how do i find out which machines this update is required on?
Installed - means the machines its currently installed on - how do i find out which machines this is installed on?
percent complete - does this mean the percentage it has deployed on machines?
Also with the automatic deployment rule - what does last evaluation state mean?
how do i verify the updates have been installed on the client machines?
thank you in advance.
Regards,
Kay
I need help with the questions below in regards to SCCM 2012.
When I click on software updates, I have placed the updates in a software up[date group, and created an automatic deployment rule in order to update this group automaticallly.
When I expand the software update group, this gives me the list of updates.
there is a required field - i presume the meaning of this is the machines that this update is required on - how do i find out which machines this update is required on?
Installed - means the machines its currently installed on - how do i find out which machines this is installed on?
percent complete - does this mean the percentage it has deployed on machines?
Also with the automatic deployment rule - what does last evaluation state mean?
how do i verify the updates have been installed on the client machines?
thank you in advance.
Regards,
Kay
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Which help you to configured and monitor the completely sccm.. it was papered on 2008 but same option can use for 2012.. not much changes..
Patching Procedure using WSUS integrated with SCCM 2007
This document describes the steps that need to be taken to patch windows servers using SCCM 2007
Prerequisites:
1. Approvals from ......
2. Servers have sufficient drive space on C.
3. Make sure and confirm that the patches are downloaded prior to start of the change and approved for XP, 2000 and 2003 operating systems.
4. All the servers should be having remote access (ILO, VC Console or Sentinel). Or Onsite physical assistance with any issues with server reboots.
5. All servers, whether required or not, should be rebooted after the patches are applied. Like servers will be rebooted on a rolling schedule. (ABC01, ACTX02, CTX03, etc.)
6. Make sure that you have successful previous backup of all the critical servers.
• Resources from Exchange Active nodes are failed over to passive node before backup starts using cluadmin.exe (XND01 to XND04) and (XNE01 to XNE04). At 12:00AM CST Exchange backup job will be triggered which will be backup the Exchange database from passive node. Wait for the backup job on passive node to get completed and after successful backup completion fail back the resources to Active node. Failing back must be completed by 5AM.
• If there is a backup scheduled that is to run during the patching hours, pre-pone the backup manually if it is likely to complete in the window prior to patching. If not Disable the schedule backup for that particular day.
7. Make sure that any Server console is not locked during the patching.
8. Suppress the traps on monitoring tools like Blackout, MOM/SCOM during patching so that we can avoid unnecessary tickets.
Important steps:
1. NEED TO MAKE SURE TO CROSS CHECK THE LIST OF SERVERS AGAINST WSUS ad GROUP
Patch Schedule:
Group 0: 2nd Wednesday of the month
Group 1: 3rd Monday of the month
This Document has steps to patch **** Patch group 0 servers
Synchronize updates from Microsoft Site
Login to SCCM console using admin privileges and Site Database - > Navigate to Computer Management-> Software Updates-> Update Repository, right click and select "Run Synchronization", below refer the below screenshot
Verify WSUS Sync process:
Navigate to "C:\Program Files (x86)\Microsoft Configuration Manager\logsWsyncmgr.log file" and open with notepad and search for below message (Note: this may take few minutes)
"Done synchronizing SMS with WSUS Server vps0scm01.generalgrowth.co
Create a new Search Folder for a specific Year
Navigate to Site Database -> Computer Management -> Software Updates -> Search folders and create folder called "Enterprise Searches folder"
1. Right click the "Enterprise Searches folder" under search folders and choose New Search Folder
2. In “Step 1: Select object properties to search” Choose the following
a. Bulletin ID
b. Expired
c. Superseded
3. In “Step 2: Edit the property’s search criteria”
a. Bulletin ID
i. Set this to MS0{year} example:MS10
b. Expired
i. Set this to NO
c. Superseded
i. Set this to NO
4. In “Step3: Specify search option” put a check in “Search all folders under this feature”
5. In Step 4: Enter a name for the search folder
a. Name the folder - 2010 patches
6. Click OK
Create a New Search Folder for New Monthly Releases
1. Right click the folder that you created under search folders and choose New Search Folder
2. In “Step 1: Select object properties to search” Choose the following:
a. Bulletin ID
b. Date Released
c. Date Revised
d. Expired
e. Superseded
3. In “Step 2: Edit the property’s search criteria”
a. Bulletin ID
i. Set this to “MS”
b. Date Released
ii. Set this to “Last 1 month”
c. Date Revised
iii. Set this to “Last 1 month”
d. Expired
iv. Set this to NO
e. Superseded
v. Set this to NO
4. In “Step3: Specify search option” put a check in “Search all folders under this feature”
5. In Step 4: Enter a name for the search folder
a. Name the folder “Jan2010 Server Patches”
6. Click OK
Create the below mentioned collections
Servers Patching Group 0: 2nd month
Servers Patching Group 0: 2nd month
Creating a Deployment Template below steps is for creating a group
Create a standard template and name it as "Servers Patching Group 0: 2nd Wednesday of the month"
1. Right Click Deployment Templates
2. This will begin the Template Wizard
First enter a name for the Template as "Servers Patching Group 0: 2nd month"
3. Next select the collection as "Servers Patching Group 0: 2nd month"
3. Next is the Display time setting
a. Choose “Allow Display Notifications on Clients”
b. Change the time to “Client Local Time”
c. Change Duration to 1 days
4. Next is the Restart Settings
a. Suppress both types (Servers & Workstation)
b. Make sure you do NOT have a check in the “Allow system to restart outside of maintenance windows”
5. Next is Event Generation
Click on Disable SCOM Alerts
6. Next is the Download Settings
Make sure that you choose download for both settings.
Note: SCCM will always download the patches before installation to prevent the system from being corrupted if the network goes down during the installation
6. Next is the SMS 2003 Setting
As we don’t have SMS2003 clients, don’t change any settings
8. Next is the Summary
a. Click Next
b. Next is the Progress it should go straight to the confirmation.
9. Edit the deployment management task and update the time frame of reboot and time frame as
Windows Updates should be made available at 12:30AM ,The Deadline for installing the updates should be 5:00AM
Create below mentioned Deployment templates referring the above steps
Servers Patching Group 0: 2nd month
Configure automatically restart servers after patching
Servers Patching Group 0: 2nd month
Configure automatically restart servers after patching
To Populate Computers based on the collections:
Right click on collections (for example - group 0) and click on properties and edit the System resource SQL query and add below mentioned query, this will populate the computers in the collection based on the Active directory groups
select SMS_R_System.ResourceID,SM
Deploying Software Updates
Login to SCCM console using admin privileges and Site Database - > Navigate to Computer Management-> Software Updates->Update repository -> 2012 patches - > January 2012 patches
1. Select the patches which needs to be installed and right click and select "Deploy Software Updates Wizard" deploy
2. Choose yes to UAE agreement
3. Specify the name as "according to month" (for example January 2010 patches)
4. Select the Deployment template created earlier "Servers Patching Group 0: 2nd Wednesday of the month"
5. Create a new deployment package
6. Specify the folder name as "\\servername\sharedfolder
(Make sure that the share security is set to full control for everyone so that SCCM can publish the patches to the server. Otherwise the download will fail)
7. Choose Send Priority as "High"
8. Put a check in “Enable Binary Differential replication”
9. Click next and choose your DP’s and click on next
10. Choose to download software updates from the internet
11. Click next and choose the languages that need to be downloaded
12. Set Your Schedule for when the software updates will be available to “As soon as Possible"
13. Choose : Do not set a deadline for software update installation
14. On the Summary Page click next
15. Next you will see a progress page that will remain until all patches are downloaded
16. Lastly you will see a Confirmation page.
17. Click finished.
18. After completing this task you will have the following
19. Update list
20. Deployment Management task
21. Deployment package