Jump to content


anyweb

using System Center 2012 Configuration Manager - Part 5. Adding WSUS, Adding the SUP role, deploying the Configuration Manager Client Agent

Recommended Posts

Hello,

 

I currently have three systems, one each dedicated to perform a service, WDS, WSUS, and Endpoint Definition File updates (SCCM 2012). With that said, I would like to consolidate all three into one, if not WDS, at least WSUS and Endpoint Updates in one.

 

I see that is possible, thanks to your tutorial, however, can I use the existing WSUS updates contents, and migrate that over to the new WSUS server? I rather not have to download all updates.

 

Consolidating an existing WSUS server and Endpoint Definitions (SCCM) into a new server, SCCM is this achievable with your tutorial? Also I do not want to implement a CAS, only a primary server.

Share this post


Link to post
Share on other sites

I wanted to say thank you for these step-by-steps. I have used them exclusively to deploy SCCM12 throughout my environment, so thank you.

 

However I get a monthly report that runs on the Sunday following Patch Tuesday (See Captures Below). I have the workstations apply these updates between Wednesday and Friday of the same week and then the report runs that Sunday.

 

Why does it tell me that I have Critical and Security Patches that are needed on my workstations but not being deployed?

post-18089-0-90696600-1369262458_thumb.jpg

post-18089-0-88835100-1369262460_thumb.jpg

Share this post


Link to post
Share on other sites

It should be noted, as it caught me out, that WSUS 3.0 needs the SP2 update, as well as KB2720211 and KB2734608 to succeed. Until then, you keep getting "Supported WSUS version not found" errors.

 

Strictly speaking... only KB2734608 is required, as all of the content from KB2720211 was rolled up into KB2734608.

Share this post


Link to post
Share on other sites

Hello,

 

I currently have three systems, one each dedicated to perform a service, WDS, WSUS, and Endpoint Definition File updates (SCCM 2012). With that said, I would like to consolidate all three into one, if not WDS, at least WSUS and Endpoint Updates in one.

 

I see that is possible, thanks to your tutorial, however, can I use the existing WSUS updates contents, and migrate that over to the new WSUS server? I rather not have to download all updates.

 

Consolidating an existing WSUS server and Endpoint Definitions (SCCM) into a new server, SCCM is this achievable with your tutorial? Also I do not want to implement a CAS, only a primary server.

 

If you're using a Configuration Manager SUP for Endpoint Updates, but a standalone WSUS for Windows updates, you will not be able to roll them up into a single system, as they will have two completely different configurations for the WSUS environment.

 

WDS and WSUS will happily co-exist on the same system. I have WDS and WSUS running together. To migrate your existing WSUS environment to the current WDS server, the easiest methodlogy is simply to install a new WSUS role on the WDS server as a replica, and replicate from your existing WSUS server (which will transfer all updates, groups, approvals, and content). When the replication is completed, reconfigure the server as an upstream server, synchronize, verify normal operation, and point the clients to the new server. If the WSUS URL is configured via GPO, you should see all of the clients registered/reported to the new server within a couple hours of updating the GPO.

Share this post


Link to post
Share on other sites

I'm wanting some feedback on deploying the client through the SUP. I have that enabled and a GPO to enable Windows updates on clients. I have tested and the client gets deployed. I'm a little concerned going forward that the automatically approved WSUS updates will get picked up by clients and they will reboot outside of the control of ConfigMgr. This is how I currently have my ConfigMgr Client GPO configured. I've read a little and wonder if these two highlighted policy settings will get my clients installed faster and avoid any reboots caused by WSUS

 

If someone has feedback, that would be appreciated.

 

post-19919-0-59495600-1369321590_thumb.jpg

 

 

 

 

Share this post


Link to post
Share on other sites

can you clarify this

 

 

that the automatically approved WSUS updates

 

 

 

have you configured WSUS ? you shouldn't, you should let ConfigMGr do all the configuring of WSUS via the SUP

Share this post


Link to post
Share on other sites

At the moment I have an SCCM server, configured your recommended way and dishing out Endpoint Protection, and a separate WSUS server performing Windows updates (pointed to in Group Policy). What's the best way to rationalise this? Can I configure WSUS on the SCCM server to perform normal Windows update duties and decommission the other server?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.