SCCM 2012 SP1 Beta: a very welcoming feature for Software Updates

11 Dec

From a personal point of view, the options provided by SCCM 2012 create a superior experience by its flexibility and options the Software Update Point (SUP). Especially the features Automatic Deployment Rules and Offline Servicing allows administrators to create a very powerful set of tools to automate Software Updates. You can extend its capabilities by using System Center Updates Publisher (SCUP) 2011 which allows publishing your own Software Updates either by a vendor’s catalog or updates published by yourself.

Any Software Update Point that is on top of a hierarchy connects to connect to Microsoft Update to synchronize and download the Software Updates your organization requires. This works fine for most organizations who allow the SUP to be connected to the Internet. A proxy server can be set if required.

But what if an Internet connection is not available? Some high security environments have company policies which forbid the internal network to be connected to the Internet.

The only option is having a separate WSUS server running which is located in a perimeter network which does have access to the Internet.

You can use WSUSUtil.exe to export and import Software Updates but this requires quite an amount of administrative effort.

The other option is configure an upstream server in the WSUS SDK Console temporarily. This can be done either manually or you can write a script. This requires quite an amount of administrative effort and it is not a best practice to modify WSUS settings in the WSUS SDK Console. SCCM 2012 sets the required values by itself.

Fortunately, the issues mentioned are no longer required with SCCM 2012 SP1.

At the following TechNet page you can view what’s new in SCCM 2012 SP1:

I quote the welcoming feature regarding Software Updates:

‘At the top-level Configuration Manager site you can now specify an existing WSUS server as the upstream data source location. During synchronization, the site connects to this location to synchronize software updates. For example, if you have an existing WSUS server that is not part of the Configuration Manager hierarchy, you can specify the existing WSUS server to synchronize software updates.’

Keep in mind though that an additional WSUS server is required which is able to communicate with Microsoft Update…

In order for this to work you need to install hotfix KB2720211 on the Site server that hosts the SUP


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Steve Thompson [MVP]

The automation specialist

Boudewijn Plomp

Cloud and related stuff...

Anything about IT

by Alex Verboon

Deployment Made Simple

Modern Workplace

Azure, Hybrid Identity & Enterprise Mobility + Security

Daan Weda

This site is all about System Center and PowerShell

IT And Management by Abheek

Microsoft certified Trainer -Abheek

Heading To The Clouds

by Marthijn van Rheenen

%d bloggers like this: