I'm using SCCM 2012 R2 and having some issue deploying updates requiring EULA approval. This affects updates such as Silverlight & IE 11. In software center, the update fails. Logs in SCCM indicate a problem with the EULA. If I paste the link to the file into IE ( http://myserver.domain.com/Content/AE/C3248EB572CB5F82E63CE9C6D73CFBF39B1052AE.txt ) I get the following Error.

The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.

Thanks for any help.

Mike Pietrorazio

We recently installed WSUS and a SUP on our primary server. No errors or issues, the logs show the connection OK.

I set SCCM to point to an upstream server for meta and content, again this shows as being successful in the logs, the sync completes OK, i have even managed to create an update group/package/deployment and the content is in the folder, so it is being access from the upstream WSUS without issue.

HOWEVER...... There are exactly 1000 updates showing in the SCCM console and no more....

When running the WSUS console itself, there are 8479 updates. We are synchronising Win 7 and Office 2010 updates, so there are definitely more than 1000 (a suspiciously specific value indicative of a limit somewhere).

Like i say, the SCCM logs show nothing but successes on each sync. What can be causing SCCM to only sync 1000 updates?

We are running SCCM 2012 SP1 CU4 on Server 2012.

I'm trying to create a configuration baseline / item for a particular piece of software using a powershell script of data type Boolean. However, I'm having the issue that the evaluation is always returning compliant whether the workstation is or not. The script is as follows:

$ErrorActionPreference = "SilentlyContinue"

$Condition1 = (Test-Path -LiteralPath 'HKLM:\SOFTWARE\Adobe\Premiere Pro')
$Condition2 = (Test-Path -LiteralPath 'C:\Program Files\Adobe\Adobe Premiere Pro CS6\Presets\Textures\720_govt1_bar.png')

if ($Condition1) {
    if ($Condition2) {echo $true}
    else {echo $false}
}
else {echo $true}

This script works perfectly fine when run locally and always returns $true or $false as expected. However it only ever returns Compliant when used in a CI. It doesn't matter what the state of the 2 conditions are, it always evaluates Compliant.

Any ideas?

Is it possible to prestage content for software updates? The reason I am asking is because for new remote workstations in remote sites connected over slow WAN links, I don't want a huge amount of updates to be pushed over the slow connection and saturate the bandwidth. So how would one go about updating brand new workstations that come online and need to be updated with all the previous updates without monopolizing the link? By the way, a remote DP will be located there?

Thanks

Hi,

We get many report with same computer in the SCEP alerts.

I have an email sent to support desk for "Malware detection", but same computer ends upp severaltimes long time after it have been cleand with success. I dont have "repeated malware detection" alerts enable.

So why same alerts reported several times even if it have been removed?

/SaiTech

Hi,

I'm using SCCM 2012 R2 and having issues with getting the software updates to sync.

Below is a extract from the wsyncmgr.log file:

The update that is failing to sync is the Windows Malicious Software Removal Tool x64 - October 2014 (KB890830) for some reason.

Any help is very much appreciated.

TIA.

Adz.

SCCM 2012 SP1 with the client setting "Suspend BitLocker PIN enrty on restart" problem is after suspending the PIN entry and the system is retarted by SCCM the bitlocker PIN protector is resumed followed by another reboot. From the rebootcoordinator.log

Reboot initiated RebootCoordinator 10/1/2014 10:12:00 AM 844 (0x034C)
Retry resuming bit-locker TPM PIN protector. Retry count 1 RebootCoordinator 10/1/2014 10:16:55 AM 4588 (0x11EC)
Attempting to resume TPM PIN protector. RebootCoordinator 10/1/2014 10:16:55 AM 4588 (0x11EC)
Resumed bit-locker protectors on system volume RebootCoordinator 10/1/2014 10:16:58 AM 4588 (0x11EC)
Retry resuming bit-locker TPM PIN protector. Retry count 1 RebootCoordinator 10/1/2014 10:21:08 AM 1108 (0x0454)
Didn't suspended bit-locker. Do nothing and return. RebootCoordinator 10/1/2014 10:21:08 AM 1108 (0x0454)
Entered ScheduleRebootImpl - requested from 'UpdatesDeploymentAgent'. Rebootby = 0. RebootCoordinator 10/1/2014 10:21:09 AM 4728 (0x1278)
Scheduled non mandatory reboot from agent UpdatesDeploymentAgent RebootCoordinator 10/1/2014 10:21:09 AM 4728 (0x1278)
Raising client SDK event for class NULL, instance NULL, actionType 3l, value NULL, user NULL, session 4294967295l, level 0l, verbosity 30l RebootCoordinator 10/1/2014 10:21:09 AM 4728 (0x1278)

So when you log on the prompt for restart ballon starts showing up

Thanks.

Hi, 

now i have created around 10 baselines for the driver compliance check for different make and model of laptops and desktops, the os platform on the computer will be Win 7 X 64 computers 

CI's working fine and iam curious to learn what is the  ( Remediate non Compliant Rule when supported ) option actually ment for , what all we can use it for ?

and i need a example with complete steps too please

all i can understand from the word Remediate is that it will either run a query or initiate a process such as install the correct version of driver etc , please correct me if iam wrong

Thank you

OSLM ENGINEER - SCCM 2007 & 2012

Almost all of the ConfigMgr 2012 R2 Clients are failing to install software updates.

When I look updateshandler.log I see lot's of errors:

Deployment status shows:

Since the daylight-saving time change from last weekend (1 hour earlier) we see that a large group of SCEP clients start their scheduled scan at 11:00 where we have it set in the policy in SCCM2012 at 12:00.

Most workstations still begin their scan at 12:00.

Any idea?

Regards, Bob

Trying to deploy IE 10 to a Win 7 x64 client using Software Updates. The client has IE 8. It never installs and checking the deployment state is looks like it thinks it's not required. Has anyone seen this before?

Orange County District Attorney

Hi,

I've been trying to clean up old expired updates on my SCCM 2012 SP1 server and for whatever reason it seems that the updates files are never actually getting removed.

At first I tried the instructions at http://blogs.technet.com/b/configmgrteam/archive/2012/04/12/software-update-content-cleanup-in-system-center-2012-configuration-manager.aspx

When I run the script they provide it appears to go thru all the updates but never actually deletes any of them. The script always seems to say found it found an existing folder and then later it says that that it is excluding the same folder because it is active.

Then I read that SP1 for SCCM 2012 is actually supposed to do the clean up process automatically.  But in this case do I need to do anything like expire the updates manually or does SCCM now do that?  How can I see what is preventing either the manual script or the automatic clean up process from actually removing the unneeded files and folders?

And does anything need to be done with superseded updates as well?

Also I've always thought that when you SCCM 2012 to do your updates that you should never go to the WSUS console and do anything but I read http://blog.coretech.dk/kea/house-of-cardsthe-configmgr-software-update-point-and-wsus/ and he is going the WSUS console and doing a clean up there as well.

Thanks in advance,

Nick

Due to the limitation in SCCM on working directly with DLs, I have found a work around that is posted in following blog

http://myitforum.com/myitforumwp/2012/02/11/collection-based-on-distribution-lists-2/

I tried to take this approach to deploy a compliance base line setting but it does not seem like doing anything. Its been nearly 2 days but the users in DL are not getting any settings. The DCM baseline is targeted to an AD security group that has DL as its member.

Does anyone know if its never going to work or its now just waiting game?  I have been waiting over 24 hours and logged on and off several times with user account but with no luck.

I work for an organization with about 11,000 computers, and we are switching from Altiris/SMP to SCCM. We've always struggled with pushing patches in SMP, and have experienced a lot of issues with their patching product (especially lately). Now I've always been a big proponent of preventive maintenance, so I have always been on the side that we should push hotfixes, and product updates, along with security related patches. Unfortunately we have had a bad spell with patching lately, and I am starting to rethink this strategy.

I was curious what the general consensus is. We don't have a lot of time for patching, and I am worried the issues with non-security patches are going to distract us away from patching that really is critical. Basically consider anything that has a severity rating of 'none'.

So what is the general consensus; do you only push security updates, or do you push non security updates too?

Appreciate your time.

I know it has to be me, but I have verified this on a couple different systems and am still scratching my head.

I am using the powershell cmdlet Get-CMSoftwareUpdate with the parameter -Id.  When I wrote the script, it worked great, job done!

Went back to figure out why the script is not working and it now throws the error:

[DBG]: PS S00:\>> Get-CMSoftwareUpdate -Id $update
Get-CMSoftwareUpdate : A parameter cannot be found that matches parameter name 'Id'.
At line:1 char:22
+ Get-CMSoftwareUpdate -Id $update
+                      ~~~
    + CategoryInfo          : InvalidArgument: (:) [Get-CMSoftwareUpdate], ParameterBindingException
    + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ConfigurationManagement.Cmdlets.Sum.Commands.GetSoftwareUpdateCommand

I am at a complete loss since the documentation says this parameter still exists.

Jim

I am running SCCM 2012 SP1 on Windows 2012 R2. The configuration is a primary site in our colo and secondary sites at each office.  The primary site has a database hosted on a separate SQL 2008 R2 instance. I installed WSUS on the primary site and added the SUP role. Synchronization appeared to complete successfully as I have all of the updates I need in the software library.

I have a test collection for testing updates. I went through the deployment wizard which created a deployment package and software update group which it deployed to the test collection. I confirmed that the content has been distributed properly to the local site server.

The problem is that I still can't get these updates to show up in Software Center.

I did some research and learned of the group policy to point Windows Updates to the local WSUS instead of Microsoft. Some info I read said that software center is supposed to update the local policy on the machine. Some info I read said that we need to push out a group policy ourselves. I checked gpedit on one of the machines in the test collection but the WSUS server was not specified. I specified the WSUS server on that machine and the number of available updates in Control Panel | Windows Updates has changed (so it appears to be communicating with WSUS) but there are still no updates in Software Center.

I didn't find anything useful in WUAHandler, UpdatesStore, UpdatesHandler, or WindowsUpdate logs but would be happy to post any of these.

Thanks in advance for the help!

Hi all,

I have an issue about SCCM 2012, please help me to solve!!!

Currently, I installed SCCM 2012 in Window Server 2008 for deploying update patches for System Endpoint Protection.

It operates normal now.

But Now, I have to install some specify security update patches that my Boss give through SCCM 2012 for client

But I dont know how to import them from our server to SCCM 2012??

Please help me!!!

Thanks

I have a software update deployment that is configured to install software updates on a collection of servers at 4:00 AM with a suppressed reboot. The updates get deployed and no reboot occurs as expected.  Then ~8 hours later WUA starts up and the servers get rebooted.

There is a maintenance window applied to the collection from 4:00 AM to 6:00 AM to allow the updates to install.

I've read a few forum and blog posts on this issue and have implemented some settings via GPO, but the reboots are still occurring.  The settings that were applied are referenced in the link below.

https://support.microsoft.com/kb/2476479?wa=wsignin1.0

Here is a snippet from the WindowsUpdate.log:

2014-10-22 12:00:26:153 1428 8a88 AU Received AU Resume timeout
2014-10-22 12:00:26:153 1428 8a88 AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Pre-install notify} added to AU services list
2014-10-22 12:00:26:153 1428 8a88 AU Can not perform non-interactive scan if AU is interactive-only
2014-10-22 12:02:08:512 1428 8a88 AU AU received policy change subscription event
2014-10-22 12:16:43:463 1428 8a88 AU ###########  AU: Uninitializing Automatic Updates  ###########
2014-10-22 12:16:43:479 1428 8a88 WuTask Uninit WU Task Manager
2014-10-22 12:16:43:697 1428 8a88 Service *********
2014-10-22 12:16:43:697 1428 8a88 Service **  END  **  Service: Service exit [Exit code = 0x240001]
2014-10-22 12:16:43:697 1428 8a88 Service *************
2014-10-22 12:19:29:728 1428 e584 Misc ===========  Logging initialized (build: 7.8.9200.16604, tz: -0400)  ===========
2014-10-22 12:19:29:728 1428 e584 Misc   = Process: C:\WINDOWS\system32\svchost.exe
2014-10-22 12:19:29:728 1428 e584 Misc   = Module: c:\windows\system32\wuaueng.dll
2014-10-22 12:19:29:728 1428 e584 Service *************
2014-10-22 12:19:29:728 1428 e584 Service ** START **  Service: Service startup
2014-10-22 12:19:29:728 1428 e584 Service *********
2014-10-22 12:19:29:744 1428 e584 Agent   * WU client version 7.8.9200.16604
2014-10-22 12:19:29:744 1428 e584 Agent   * Base directory: C:\WINDOWS\SoftwareDistribution
2014-10-22 12:19:29:744 1428 e584 Agent   * Access type: No proxy
2014-10-22 12:19:29:744 1428 e584 Service UpdateNetworkState Ipv6, cNetworkInterfaces = 2.
2014-10-22 12:19:29:744 1428 e584 Service UpdateNetworkState Ipv4, cNetworkInterfaces = 2.
2014-10-22 12:19:29:744 1428 e584 Agent   * Network state: Connected
2014-10-22 12:19:29:744 1428 e584 Service UpdateNetworkState Ipv6, cNetworkInterfaces = 2.
2014-10-22 12:19:29:744 1428 e584 Service UpdateNetworkState Ipv4, cNetworkInterfaces = 2.
2014-10-22 12:19:29:791 1428 e584 Agent ***********  Agent: Initializing global settings cache  ***********
2014-10-22 12:19:29:791 1428 e584 Agent   * Endpoint Provider: 00000000-0000-0000-0000-000000000000
2014-10-22 12:19:29:791 1428 e584 Agent   * WSUS server:http://Internal-WSUS.Domain:8530
2014-10-22 12:19:29:791 1428 e584 Agent   * WSUS status server:http://Internal-WSUS.Domain:8530
2014-10-22 12:19:29:791 1428 e584 Agent   * Target group: (Unassigned Computers)
2014-10-22 12:19:29:791 1428 e584 Agent   * Windows Update access disabled: No
2014-10-22 12:19:29:791 1428 e584 Misc WARNING: Network Cost is assumed to be not supported as something failed with trying to get handles to wcmapi.dll
2014-10-22 12:19:29:806 1428 e584 WuTask WuTaskManager delay initialize completed successfully..
2014-10-22 12:19:29:822 1428 e584 Report CWERReporter::Init succeeded
2014-10-22 12:19:29:822 1428 e584 Agent ***********  Agent: Initializing Windows Update Agent  ***********
2014-10-22 12:19:29:822 1428 e584 DnldMgr Download manager restoring 0 downloads
2014-10-22 12:19:29:838 1428 e584 AU ###########  AU: Initializing Automatic Updates  ###########
2014-10-22 12:19:29:838 1428 e584 AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Pre-install notify} added to AU services list
2014-10-22 12:19:29:838 1428 e584 AU AIR Mode is disabled
2014-10-22 12:19:29:838 1428 e584 AU   # Policy Driven Provider:http://Internal-WSUS.Domain:8530
2014-10-22 12:19:29:838 1428 e584 AU   # Detection frequency: 22
2014-10-22 12:19:29:838 1428 e584 AU   # Approval type: Disabled (User preference)
2014-10-22 12:19:29:838 1428 e584 AU   # Auto-install minor updates: No (User preference)
2014-10-22 12:19:29:838 1428 e584 AU   # ServiceTypeDefault: Service 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782 Approval type: (Pre-install notify)
2014-10-22 12:19:29:838 1428 e584 AU   # Will interact with non-admins (Non-admins are elevated (User preference))
2014-10-22 12:19:29:838 1428 e584 AU WARNING: Failed to get Wu Exemption info from NLM, assuming not exempt, error = 0x80240037
2014-10-22 12:19:29:853 1428 e584 AU AU finished delayed initialization
2014-10-22 12:19:29:884 1428 e584 AU #############
2014-10-22 12:19:29:884 1428 e584 AU ## START ##  AU: Search for updates
2014-10-22 12:19:29:884 1428 e584 AU #########
2014-10-22 12:19:29:884 1428 e584 Agent SkipSelfUpdateCheck search flag set for serverId: 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782
2014-10-22 12:19:30:416 1428 e584 Report ***********  Report: Initializing static reporting data  ***********
2014-10-22 12:19:30:416 1428 e584 Report   * OS Version = 6.2.9200.0.0.197008
2014-10-22 12:19:30:416 1428 e584 Report   * OS Product Type = 0x00000008
2014-10-22 12:19:30:416 1428 e584 Report   * Computer Brand = HP
2014-10-22 12:19:30:416 1428 e584 Report   * Computer Model = ProLiant BL460c Gen8
2014-10-22 12:19:30:416 1428 e584 Report   * Platform Role = 1
2014-10-22 12:19:30:416 1428 e584 Report   * AlwaysOn/AlwaysConnected (AOAC) = 0
2014-10-22 12:19:30:431 1428 e584 Report   * Bios Revision = I31
2014-10-22 12:19:30:431 1428 e584 Report   * Bios Name = Default System BIOS
2014-10-22 12:19:30:431 1428 e584 Report   * Bios Release Date = 2014-02-10T00:00:00
2014-10-22 12:19:30:431 1428 e584 Report   * Bios Sku Number = 641016-B21     
2014-10-22 12:19:30:431 1428 e584 Report   * Bios Vendor = HP
2014-10-22 12:19:30:431 1428 e584 Report   * Bios Family = ProLiant
2014-10-22 12:19:30:431 1428 e584 Report   * Bios Major Release = 255
2014-10-22 12:19:30:431 1428 e584 Report   * Bios Minor Release = 255
2014-10-22 12:19:30:431 1428 e584 Report   * Locale ID = 1033
2014-10-22 12:19:30:431 1428 e584 AU <<## SUBMITTED ## AU: Search for updates  [CallId = {2787252C-D4B8-46B5-BB42-0C616042113C} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2014-10-22 12:19:30:431 1428 dae0 Agent *************
2014-10-22 12:19:30:431 1428 dae0 Agent ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
2014-10-22 12:19:30:431 1428 dae0 Agent *********
2014-10-22 12:19:30:431 1428 dae0 Agent   * Online = No; Ignore download priority = No
2014-10-22 12:19:30:431 1428 dae0 Agent   * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2014-10-22 12:19:30:431 1428 dae0 Agent   * ServiceID = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} Third party service
2014-10-22 12:19:30:431 1428 dae0 Agent   * Search Scope = {Machine & All Users}
2014-10-22 12:19:30:431 1428 dae0 Agent   * Caller SID for Applicability: S-1-5-18
2014-10-22 12:19:30:494 1428 dae0 Agent   * Found 0 updates and 0 categories in search; evaluated appl. rules of 0 out of 0 deployed entities
2014-10-22 12:19:30:494 1428 dae0 Agent *********
2014-10-22 12:19:30:494 1428 dae0 Agent **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2014-10-22 12:19:30:494 1428 dae0 Agent *************
2014-10-22 12:19:30:509 1428 d158 AU >>##  RESUMED  ## AU: Search for updates [CallId = {2787252C-D4B8-46B5-BB42-0C616042113C} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2014-10-22 12:19:30:509 1428 d158 AU   # 0 updates detected
2014-10-22 12:19:30:509 1428 d158 AU #########
2014-10-22 12:19:30:509 1428 d158 AU ##  END  ##  AU: Search for updates  [CallId = {2787252C-D4B8-46B5-BB42-0C616042113C} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2014-10-22 12:19:30:509 1428 d158 AU #############
2014-10-22 12:19:30:509 1428 d158 AU All AU searches complete.
2014-10-22 12:19:30:525 1428 e584 AU #############
2014-10-22 12:19:30:525 1428 e584 AU ## START ##  AU: Search for updates
2014-10-22 12:19:30:525 1428 e584 AU #########
2014-10-22 12:19:30:525 1428 e584 AU Additional Service {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} with Approval type {Pre-install notify} added to AU services list
2014-10-22 12:19:30:525 1428 e584 Agent SkipSelfUpdateCheck search flag set for serverId: 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782
2014-10-22 12:19:30:525 1428 e584 AU <<## SUBMITTED ## AU: Search for updates  [CallId = {A3E41A4C-E9CB-4172-B6B0-99D556FB9102} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2014-10-22 12:19:30:525 1428 dae0 Agent *************
2014-10-22 12:19:30:525 1428 dae0 Agent ** START **  Agent: Finding updates [CallerId = AutomaticUpdates]
2014-10-22 12:19:30:525 1428 dae0 Agent *********
2014-10-22 12:19:30:525 1428 dae0 Agent   * Online = Yes; Ignore download priority = No
2014-10-22 12:19:30:525 1428 dae0 Agent   * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0 and DeploymentAction='Uninstallation' and RebootRequired=1"
2014-10-22 12:19:30:525 1428 dae0 Agent   * ServiceID = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} Third party service
2014-10-22 12:19:30:525 1428 dae0 Agent   * Search Scope = {Machine & All Users}
2014-10-22 12:19:30:525 1428 dae0 Agent   * Caller SID for Applicability: S-1-5-18
2014-10-22 12:19:30:525 1428 dae0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab:
2014-10-22 12:19:30:541 1428 dae0 Misc  Microsoft signed: Yes
2014-10-22 12:19:30:541 1428 dae0 Misc  Infrastructure signed: Yes
2014-10-22 12:19:30:556 1428 dae0 EP Got 9482F4B4-E343-43B6-B170-9A65BC822C77 redir SecondaryServiceAuth URL: "http://fe2.ws.microsoft.com/w81/2/redir/v2-storeauth.cab"
2014-10-22 12:19:30:588 1428 dae0 Agent Checking for updated auth cab for service 117cab2d-82b1-4b5a-a08c-4d62dbee7782 athttp://fe2.ws.microsoft.com/w81/2/redir/v2-storeauth.cab
2014-10-22 12:19:30:588 1428 dae0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\117cab2d-82b1-4b5a-a08c-4d62dbee7782.cab:
2014-10-22 12:19:30:603 1428 dae0 Misc  Microsoft signed: Yes
2014-10-22 12:19:30:603 1428 dae0 Misc  Infrastructure signed: Yes
2014-10-22 12:19:30:775 1428 dae0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\117cab2d-82b1-4b5a-a08c-4d62dbee7782.cab:
2014-10-22 12:19:30:791 1428 dae0 Misc  Microsoft signed: Yes
2014-10-22 12:19:30:791 1428 dae0 Misc  Infrastructure signed: Yes
2014-10-22 12:19:30:791 1428 dae0 Misc Validating signature for C:\WINDOWS\SoftwareDistribution\WuRedir\117CAB2D-82B1-4B5A-A08C-4D62DBEE7782\wuredir.cab:
2014-10-22 12:19:30:806 1428 dae0 Misc  Microsoft signed: Yes
2014-10-22 12:19:30:806 1428 dae0 Misc  Infrastructure signed: Yes
2014-10-22 12:19:30:822 1428 dae0 EP Got 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782 redir Client/Server URL: "https://fe2.ws.microsoft.com/v6/ClientWebService/client.asmx"
2014-10-22 12:19:30:978 1428 dae0 PT +++++++++++  PT: Synchronizing server updates  +++++++++++
2014-10-22 12:19:30:978 1428 dae0 PT   + ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}, Server URL =https://fe2.ws.microsoft.com/v6/ClientWebService/client.asmx
2014-10-22 12:19:31:025 1428 dae0 Agent   * Found 0 updates and 0 categories in search; evaluated appl. rules of 0 out of 0 deployed entities
2014-10-22 12:19:31:025 1428 dae0 Agent *********
2014-10-22 12:19:31:025 1428 dae0 Agent **  END  **  Agent: Finding updates [CallerId = AutomaticUpdates]
2014-10-22 12:19:31:025 1428 dae0 Agent *************
2014-10-22 12:19:31:025 1428 d158 AU >>##  RESUMED  ## AU: Search for updates [CallId = {A3E41A4C-E9CB-4172-B6B0-99D556FB9102} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2014-10-22 12:19:31:025 1428 d158 AU   # 0 updates detected
2014-10-22 12:19:31:025 1428 d158 AU #########
2014-10-22 12:19:31:025 1428 d158 AU ##  END  ##  AU: Search for updates  [CallId = {A3E41A4C-E9CB-4172-B6B0-99D556FB9102} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2014-10-22 12:19:31:025 1428 d158 AU #############
2014-10-22 12:19:31:025 1428 d158 AU All AU searches complete.
2014-10-22 12:19:31:025 1428 d158 AU AU setting next detection timeout to 2014-10-23 14:19:28
2014-10-22 12:19:36:025 1428 e214 Report REPORT EVENT: {E04012FD-8FFD-4259-96D5-A5A34127F0A0} 2014-10-22 12:19:31:025-0400 1 147 [AGENT_DETECTION_FINISHED] 101 {00000000-0000-0000-0000-000000000000} 0 0 AutomaticUpdates Success Software Synchronization Windows Update Client successfully detected 0 updates.
2014-10-22 12:19:36:025 1428 e214 Report CWERReporter finishing event handling. (00000000)
2014-10-22 12:29:29:914 1428 e584 AU AU invoking RebootSystem (OnRebootNow)
2014-10-22 12:29:30:055 1428 e584 AU Allowing auto firmware installs at next shutdown
2014-10-22 12:29:30:102 1428 e584 Misc WARNING: SUS Client is rebooting system.
2014-10-22 12:29:30:102 1428 e584 AU AU invoking RebootSystem (OnRebootRetry)
2014-10-22 12:29:30:367 1428 e584 Shutdwn Checking to see whether install at shutdown is appropriate
2014-10-22 12:29:30:367 1428 e584 Shutdwn user declined update at shutdown
2014-10-22 12:29:30:367 1428 e584 AU AU initiates service shutdown
2014-10-22 12:29:30:367 1428 e584 AU ###########  AU: Uninitializing Automatic Updates  ###########
2014-10-22 12:29:30:399 1428 e584 WuTask Uninit WU Task Manager
2014-10-22 12:29:30:445 1428 e584 Agent Sending shutdown notification to client
2014-10-22 12:29:30:445 5788 8084 COMAPI WARNING: Received service shutdown/self-update notification.
2014-10-22 12:29:30:461 1428 e584 Report CWERReporter finishing event handling. (00000000)
2014-10-22 12:29:30:539 1428 e584 Service *********
2014-10-22 12:29:30:539 1428 e584 Service **  END  **  Service: Service exit [Exit code = 0x240001]
2014-10-22 12:29:30:539 1428 e584 Service *************

Any assistance is appreciated.

-Tim

I am trying to find the machines without the AV installed.

I created a single Configuration Item with two compliance rules specified for 32bit and 64bit machines, these rules were set to check for a particular registry folder, if it exists it will show compliant.

Baseline was created and deployed to a test collection containing two 32bit and two 64bit machines.

Only 64bit machines have reported as Compliant. When checking 32bit machines, it shows at the end of the report that Non compliant rule which was scanned was the one which was set for 64bit machines.

My intention to set two rules was to check two registry entries as its different for 32 and 64bit machines. If it doesnt find entry at one place, it can check at the other defined. I am not sure how to it will differentiate between 32 or 64bit machines, so set two rules to be scanned.

It seems that it scanned any rule out of two randomly and once that was shown non compliant, it didnt check further hence showing as non compliant.

Is it the case ? If yes, how should i proceed?

Hi, Just wondering if anyone has seen this before and resolved it?

Basically, 2012 Software Updates have been working fine for over a year. Last months Patch Tuesday updates were fine too.

However, this week I added a new update to a Software Update Group/deployment. This update did not deploy, and when I run a report, I get "Enforcement state unknown" for ALL clients in the collection. This happens to any deployment I amend. And also if I create a new update group and new deployment - same thing - "enforcement status unknown".

However, updates previous to this week continue to download and install fine for all deployments. Deployments which I have not changed appear to continue to report correctly (unknown, compliant, pending system restart, etc).

In the SCCM console for Software Updates, the "required" and "installed" figures are still showing correctly.

Custom software packages continue to download and install too.

All servers have sufficient disk space. Most collections dont have maintenance windows, and the deadlines are correct.

Not sure what this could be, a problem with the Management Point? But I can see any errors in the "monitoring" view on the server. The client log files like "wuahandler.log" and "windowsUpdate.log" appear fine also, no obvious errors.

I cant see any evidence of a group policy conflict. The WSUS entry is still correct in the local group policy (GPEDIT.MSC/admin template/windows comp/ windows update).

Any ideas here? Thanks