windows-it
asked on
Using stand-alone WSUS in SCCM environment
Hi @ all,
We are using Microsoft SCCM 2012 in our environment. Due to technical problems to deploy Microsoft Updates with SCCM and the lack of knowledge about SCCM, we decided to temporarily migrate the MS patch level management to a stand-alone WSUS environment. Unfortunately the clients do not report fully to the new WSUS server. The clients appear in the computer group, attachend with client side targetting, but with "Not yet reported" state.
What we allready did:
1. Removed the Software Update Point component configuration from the Configuration Manager 2012 environment.
2. disabled the "Software updates on clients" option in the sccm client agent settings
2. deactivated the WSUS that was installed on the sccm server
3. Reinstalled WSUS to be used as a standalone environment (with SSL communication).
4. Configure Group Policies to point the clients to the new standalone WSUS server.
when I run the command:
wuauclt /resetauthorization /detectnow
I can find one of these warnings i the eventvwr:
It seems that the sccm agent installed on the computer is responsible for this problem.
What shall we do?
Thanks a lot for your help!
We are using Microsoft SCCM 2012 in our environment. Due to technical problems to deploy Microsoft Updates with SCCM and the lack of knowledge about SCCM, we decided to temporarily migrate the MS patch level management to a stand-alone WSUS environment. Unfortunately the clients do not report fully to the new WSUS server. The clients appear in the computer group, attachend with client side targetting, but with "Not yet reported" state.
What we allready did:
1. Removed the Software Update Point component configuration from the Configuration Manager 2012 environment.
2. disabled the "Software updates on clients" option in the sccm client agent settings
2. deactivated the WSUS that was installed on the sccm server
3. Reinstalled WSUS to be used as a standalone environment (with SSL communication).
4. Configure Group Policies to point the clients to the new standalone WSUS server.
when I run the command:
wuauclt /resetauthorization /detectnow
I can find one of these warnings i the eventvwr:
It seems that the sccm agent installed on the computer is responsible for this problem.
What shall we do?
Thanks a lot for your help!
In the group policy you need to make sure you configured the right URL and port for updates. In this case it seems that the client can not access the server. This is usually either a firewall problem or a wrong value in the group policy. I would use GPRESULT to read out the values. Usually the internal path should be something like "http://192.168.1.99:8530". You also need to enable the option to allow signed updates from an intranet address.
ASKER
Hi Kyoday,
Thanks for your fast answer. The url configured in the GPO is correct and there is no firewall problem... It seems there is another problem.
Thanks for your fast answer. The url configured in the GPO is correct and there is no firewall problem... It seems there is another problem.
Then I'd hook a sniffer in between and see if the packages reach the server properly. I assume you already tried to reboot one of the clients having that problem?
ANother thing i would try - maybe switch from SSL to unencrypted just to see if the problem is SSL related...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://support.microsoft.com/en-us/kb/2828185
^^ This is the most recent update and includes KB2734608^^
Notes
Update 2720211 and update 2734608 are included in this update. These updates strengthen the WSUS communication channels.
^^ This is the most recent update and includes KB2734608^^
Notes
Update 2720211 and update 2734608 are included in this update. These updates strengthen the WSUS communication channels.
ASKER
found a KnowledgeBase article which solved a big part of the issues