SCCM 2012 R2 - unable to get any collection results, and WSUS sync doens't work

Hello Guru's, We have a brand new installation of SCCM 2012 R2 SP2 (running on Windows 2012 R2) and all looks good (no errors anyway).

But we cannot successfully create any collections. It appears to not be reaching out to active directory(?)? No matter what the collection query we use, it always come back with nothing.

Also WSUS is not working with SCCM either. We followed exactly the same steps outlined on Microsoft's website, in that exact order, but still, it doesn't work. The sync (with Microsoft update) fails every time. We use a proxy, and the proxy itself works perfectly. Doing a best practice analyzer it says IIS does not have a "Selfupdate" folder, but it does have it.

Any of you SCCM guru's can give me a heads up on what to check with these two problems?

We really appreciate all your help.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mike TLeading EngineerCommented:

The first issue of talking to AD needs a few things as pre-reqs. First you need to add a system manager object to AD for SCCM to store info there.
Then you need to configure Discovery Methods in the Admin node. It's under Hierarchy at the top. There are multiple things to discover: Forest, Groups, Systems (machines), Users, Networks and Heartbeat. The first 4 require you to choose which section(s) of AD you want look at. Be selective. This does require you to have a well organised AD tree in the first place.

Once you configure it, do a Full discovery and objects will populate in Devices and Users.

As for WSUS and SUP, you need to dig into the logs. wsysmgr.log is the main log to check, but WCM.log is also key. Attach them here but feel free to remove server names etc.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TECHSANTAAuthor Commented:
Hello Mike! Thank you.

My WSUS just started working, with no input from me. Go figure. It just starting syncing up after waiting two days.

However, we still can't do any device or user collections.

All the items you mentioned for AD discovery have already been done. Still, nothing is working for device collections.

Is there anything else I can look at or troubleshooting in order to get the collections to work?

Thank you for your assistance.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.