What mechanism tells the site server that an update is installed? Is that through status messages after installation or is it the next software update scan?
The reason I ask is I have a machine with updates installed and the software update reports say it isn't. Communication between the client and the site server is fine. Software updates are scanning each day, still the report is inaccurate.
I queried wmi directly and the update is listed as installed.
I have had a lot of issues getting he WSUS role implemented in my SCCM 2012 r2 setup . I was wondering if the WSUS is mandatory. Can I configure the SCCM client to pull the updates directly from Microsoft Update and manage the settings through the Software Deployment leaf? Any help would be appreciated.
Andrew
APH
Recently we've noticed on multiple servers that the antimalware service suddenly stops. I can restart it only for it to stop again within what I can tell a few short hours. We are alerted that the 'antimalware service is not running, or the antimalware engine is corrupted. To restart the service, run the recovery task in Health Explorer.' I've tried updating the definitions which didn't help and ran a full scan. I also ran a scan off of Microsoft Safety Scanner which netted 0 results found. This started a few weeks ago.
Anything else I can check besides re-installing the client? As far as I know, this could get worse and I can't tell why this is happening on these servers and I'd like to understand the cause. All servers are running Windows Server 2012 R2 and we use Configuration Manager 2012 R2 SP1 to manage the client.
Antimalware Client Version: 4.8.204.0
Engine Version: 1.1.11903.0
Antivirus definition: 1.203.767.0
Antispyware definition: 1.203.767.0
Network Inspection System Engine Version: 2.1.11804.0
Network Inspection System Definition Version: 115.3.0.0
Event log:
Fault bucket , type 0
Event Name: AntimalwareEngineHang
Response: Not available
Cab Id: 0
Problem signature:
P1: Microsoft Antimalware
P2: 4.8.204.0
P3: 1.1.11903.0
P4:
P5:
P6:
P7:
P8:
P9:
P10:
Attached files:
These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Critical_Microsoft Antima_ab796d2cb14f8953f02ca26a42dbd4f89adc432b_00000000_0066ec00
Analysis symbol:
Rechecking for solution: 0
Report Id: 9fea92ea-362c-11e5-80ce-f80f41fc3303
Report Status: 4100
Hashed bucket:
hello
wanted to find out something i have been running into an issue. so we deploy patches every month i go through the monitoring in sscm to check patch erros that did not go through.once i fix them how soon does the error count go away? does sccm have a default report time that checks back with the client? i know that i have fixed bunch of patches that failed and fixed them but didnt notice the error and the machine go away.
thanks
Hi all - Question in regards to how SCCM/WSUS determines if a patch is applicable to a machine. Some background info. We have 168 Dell Venue tablets running Windows 8, not 8.1 (that's another story). All were imaged from SCCM with the same image so they should all be identical in regards to software and patch levels. I'm trying to deploy KB2756872. Of the 168 machines 150 are showing as "Not Required" for the patch, 18 are showing as "Required". I've successfully manually installed the .msu on a couple of the "Not Required" machines with no problem. Running the "My Dell" utility shows the patch as required on the machine so why does SCCM think it is not?
Questions is why are most showing as "Not Required" when the patch is applicable? Is there a way to figure out what exactly is being evaluated to determine whether a patch is or is not required?
Thanks as always,
Rick
Following a recovery of our primary site (due to upgrading to Server 2012) all appears to be working ok apart from none of our secondary sites are updating their SUP. The link state is 'Active' but the last sync attempt and Catalog version are all pre-recovery (ie not up to date). The wsyncmgr.log file on one of the affected secondary sites has very little information - doesn't look like its even tried to check in.
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 28/07/2015 20:33:35 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 28/07/2015 21:33:35 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 28/07/2015 22:33:35 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 28/07/2015 23:33:35 3132 (0x0C3C)
Wakeup by SCF change SMS_WSUS_SYNC_MANAGER 29/07/2015 00:00:08 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 01:00:13 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 02:00:13 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 03:00:13 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 04:00:13 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 05:00:13 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 06:00:13 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 07:00:13 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 08:00:13 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 09:00:14 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 10:00:14 3132 (0x0C3C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 11:00:14 3132 (0x0C3C)
SMS_EXECUTIVE started SMS_WSUS_SYNC_MANAGER as thread ID 3256 (0xCB8). SMS_WSUS_SYNC_MANAGER 29/07/2015 11:46:06 1372 (0x055C)
Log level 2 SMS_WSUS_SYNC_MANAGER 29/07/2015
11:46:06 3256 (0x0CB8)
Wakeup by SCF change SMS_WSUS_SYNC_MANAGER 29/07/2015 11:46:23 3256 (0x0CB8)
Wakeup by SCF change SMS_WSUS_SYNC_MANAGER 29/07/2015 12:20:15 3256 (0x0CB8)
Wakeup by SCF change SMS_WSUS_SYNC_MANAGER 29/07/2015 12:20:25 3256 (0x0CB8)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 13:20:30 3256 (0x0CB8)
Wakeup by SCF change SMS_WSUS_SYNC_MANAGER 29/07/2015 13:39:18 3256 (0x0CB8)
Thread terminated by service request. SMS_WSUS_SYNC_MANAGER 29/07/2015 14:07:06 3256 (0x0CB8)
SMS_EXECUTIVE started SMS_WSUS_SYNC_MANAGER as thread ID 3356 (0xD1C). SMS_WSUS_SYNC_MANAGER 29/07/2015 14:10:20 2024 (0x07E8)
Log level 2 SMS_WSUS_SYNC_MANAGER 29/07/2015
14:10:20 3356 (0x0D1C)
Wakeup by SCF change SMS_WSUS_SYNC_MANAGER 29/07/2015 14:10:40 3356 (0x0D1C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 15:10:45 3356 (0x0D1C)
Wakeup for a polling cycle SMS_WSUS_SYNC_MANAGER 29/07/2015 16:10:45 3356 (0x0D1C)
If anyone can point me in the right direction it would be really appreciated!
Whether SCEP has the nature of scanning the removable drive immediately at the time when they are inserted???
We are dealing with an issue that SCEP did not scan the removable drive when it was inserted.
What are the steps that i should follow when the scep client doesnt update automatically??
Im aware of checking the logs related to SCEP.. Apart from that I need to know the other troubleshooting steps that I should follow.!!
Vivin Paul
Hey,
been having issues with updates and SUGs for a few weeks and I can't figure out what's wrong. "All of a sudden" some updates and SUGs regularly switch icons to a red cross which means that the binaries are not present on a DP. The first time this happened I redistributed the deployment package to all DPs but it didn't fix the problem. I then redownloaded all the updates to a new deployment package which made the red cross go away for a day or two. Now it's back. I don't know why this keeps happening. The deployment package content status is all green.
I have looked through WCM.log, WSUSCtrl.log and wsyncmgr.log and find no errors. If I should upload any log files I'd be happy to oblige.
One thought that struck me know: after I redownloaded the updates to the new deployment package and distributed it to all my DPs I deleted the old one. They basically contained the same binary files so could that have messed things up this time?
I am trying to get a clear understanding of how maintenance windows and deadlines work together in SCCM.
If I deploy a patch group to a collection with a maintenance window of say 1am to 4am and the group has a deadline two weeks in the future, with multiple maintenance windows before that deadline, will the patches get installed before the deadline?
I cannot seem to find a straight answer to this question. Some people suggest that it will not install until the first Maintenance Window after the deadline. This strikes me as odd behaviour, as I would have thought a deadline is by definition the last available time to install something so an earlier opportunity would be seized?
Thanks in advance
MJ
Recently noticed the following error with sync :
Sync failed: Unknown: IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host~~at System.Net.ConnectStream.Read(Byte[] buffer, Int32 offset, Int32 size). Source: Microsoft.SystemsManagementServer.SoftwareUpdatesManagement.WsusSyncAction.WSyncAction.SyncWSUS
1. assumed it may be related to firewall appliance, so i bypassed it into DMZ - No joy
2. changed the SUP classifications. Found if I just leave definitions on it works. Checking anything else from critical updates to updates, to feature packs, etc, causes the error repetitively.
3. removed SUP, rebooted, removed WSuS (windows 2012 R2- site is hosted on the Windows 2012 R2 box). No joy.
4.Server cleanup wizard in wsus console - no joy
5. considering reindexing the sql WID DB, but i dont think will make a difference.
I have wrestled with this for weeks without success. no proxy involved. this is a primary site with the WSUS and SUP role.
Any ideas?
Hi all,
I'm drafting a process for patching Windows 7 clients on a schedule using ADRs. Currently we do patch clients, however I want to implement an automated process.
The estate has a SCCM2012 hierarchy of SCCM2012 R2 CU3 primary site, management, software update, reporting and distribution points. 1200+ Windows 7 SP1 Ent. x64 clients.
Currently Windows client patching is not on a schedule, but does happen. We have 2 pilot groups, IT Users will receive the deployment first, if successful will be deployed to another pilot-group of standard users a week later. If successful again, an estate deployment will occur a week later. (Success rate is based on patch compliance and no reported issues from users).
There's lots of articles on the web on how to create the rules, I would like to know what other SCCM admins are doing for patching client using ADRs, I would would like to determine in our process, number of pilots groups, evaluation and deployment frequencies etc... However I would like to incorporate our current pilot groups using ADRs and still achieve automatic Windows updates to clients with little administration as possible!
Any advise would be great!
Regards,
Craig
MCTS | MCITP | MCSA
Hi guys,
I'm implementing SUP in SCCM 2012 R2 and I'd like to know how must I deal with old software updates.
I've already installed the role and sincronized the updates. Also, I've configured successfully the automatic deployment rule to the Microsoft's Patch Tuesday and I can see that the machines are able to download and install the new patches released montlhy.
Now i'm in doubt: how should I configure the distribution of old software updates for new machines im my enviroment? There are some best practice to do this?
Thanks a lot!
--
emnavarro02
-- emnavarro02
We recently moved over to SCEP from FF. I have noticed that the scans seem to be taking quite a while. We scan at noon on Thursdays, and the scan is never completed by the time I shut down around 4:30 for the day. What I would like to know is if my machine is shut down prior to the end of a scan, does it then restart the scan completely as if nothing had every been scanned (file 1 of XXX) or does it start from the point at which it had previously completed? It writes event ID 1000 in system log when it starts and event id 1000 when it stops. I've seen that if I interrupt it, then as soon as the machine restarts, it writes 1000 event. It will do that till it is completed and write 1000, but it is not clear if that is a start from file 1 or a point to where to restart from.
I've spent a fair amount of time trying to research this and can't find an official answer. It *looks* to me like the answer is that it starts from scratch, but I'm a bit reluctant to declare that as an official answer because I hate being called a dumba** if I'm wrong.
Thanks in Advance.
Dears,
I have posted this issue before but didn't get the correct answer, and I will post it again hopefully some one can help me to find the solution, my case is I have almost 170 mix Windows server 2008 and 2012, and I wants to deploy windows updates through WSUS in SCCM 2012, I have created group package based on security updates and other requirement updates, and I deployed the updates package based on specific configuration which I selected required and automatic installation and restart the server after the installation completed, because I want to mention specific time which start and end date, I have used all the methods even windows maintenance in device collection, the updates will install automatically but message come after update it said restart required which is I have to do it manually I don't want restart manually I want the computer restart update finish automatically because I can't login to 170 servers to restart servers manually, this see below snapshot, kindly any advice..
We usually deploy the Adobe updates using SCUP.
Currently used certificate expired and hence we had to deploy the new certificates via GPO.
We then tried to deploy the newly signed updates, but it still failed to install with error code 0x80246002 (-2145099774) in software center.
I even tried to re-download the content and then deployed it but still it won't work. Can anyone advise how to fix this. I would be glad to provide more information if needed.
Hello Everyone,
We are facing issues deploying SCEP on machines. The deployment state for clients shows as un-managed. Client settings & AntiMalware policy have been configured properly. SCCM Client has been installed successfully, however the Endpoint Protect deployment state would not change to "To be Installed"/'Managed" from "unmanaged". Even after trying to install SCEP manually along with policy it shows as unmanaged. Please suggest how do i proceed further in this case.
Thanks
Sumit
Hi,
Would like to know the pros and cons of enabling the option "Require SSL communication to the WSUS Server" upon creating the Software Update point? Would this mean that the clients connect to the SCCM server to get updates using SSL connection?
Thanks!
Hi,
Would like to know how others treat old downloaded software updates? Do you archive them or just delete them once expired or they have been deployed already?
Hi,
All client PC updates not running properly. Please refer the below image.(All Update % is 0.update not Downloading)
Thanks,
Gayan.