Patch Management Process using SCCM. Part 1: Server Side process for SCCM with SUP/WSUS.
HTML-код
- Опубликовано: 6 фев 2025
- In this video, we'll guide you through the Patch Management Process using SCCM. This process is essential for maintaining your systems and infrastructure, and helps keep your network running smoothly.
If you're a system administrator, then you need to know about the Patch Management Process. This video will teach you everything you need to know about the process, from setting up patching to monitoring and managing your patches. Watch it today and improve your patch management skills!
In this video I will be showing you the Patch management process using SCCM and WSUS as Software update point.
This is a 1st video of 2 part series of patch management.
Part 1 - Server Side process for SCCM with SUP/WSUS
• Work flow of patch management process which includes SCCM, WSUS and Microsoft Update.
• User Experience notification - notifications and restart behaviour.
• Component responsible for Software Update at client side.
• Log files involved for sync and downloading updates.
• Demo on how to deploy updates.
This video will help you answering the queries related to:
How to deploy patches using SCCM
What is the flow of patches when deploying SCCM using Software Update Point
Part 2 of the video is “Track Software Update Deployment through client log flow”: • Track SCCM Software Up...
Follow me on:
Email: manishbangiacommunity@gmail.com
Blog Website: manishbangia.c...
Linkedin: / manishbangia
Twitter: / manish_bangia
Facebook group: / 183183326326502
![Felix "Unfair" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/Oswujxm2Ag0/mqdefault.jpg)
![Blox Fruits Dragon Rework Update [Full Stream]](http://i.ytimg.com/vi/EqDAp8udhm0/mqdefault.jpg)
Looking for this exact information since yesterday and finally found in this video all together. Very nice and detailed explaination including log file info! Thanks so much!
Glad this helped you.
Thank you so much sir. I have been intimidated by many videos on the internet about SCCM, however, yours was the best! I have an interview the next day. This will definitely help me.
Best of luck!
reassure me please did pass that interview???!!!
are you working now on sccm?
Thanks a ton Sir for such detailed explanations on complex topics.
You're welcome! Glad you found it helpful.
Really useful information. Thanks for sharing
My pleasure
Short n crisp. The way it was explained along with logs is good. If possible pls do talk about sccm site maintenance tasks in the upcoming sessions.
Thank You
When will be part 2 video coming??
Hopefully within a week, I am working on it.
Excellent Video as usual.. too the point within in short time
Thank you
Great video!
Thanks!
You are doing great👍
Thank you so much 😀
Hi Manish thanks for great video
👌👌👌
Hello Manish, I respect your video efforts. Thanks.
I want to give you one advise for video making. Please take it as a feedback not in negative manner.
Please try to be more energetic while making the video. And rest you have a great knowledge. Keep up the good work.
Thanks Jatin for the feedback. I will try my level best to be more energetic next time onwards. Really appreciate your honest feedback.
great
Thank you so much
Glad you found it helpful!
12:15 this is happening in sccm server or sup server? Please explain. I'm totally new to this concept.
This is happening on SCCM server
@ManishBangia tq
Sir what is the duration of maintenance window and what should be the compliance Target for server side patches and workstation patches
Maintenance window can be defined manually based upon organisation requirement. Compliance of 95% + is the one to expect as good compliance.
Hello, after I click Synchronize Update button, there are update file are appear in All software update, but required column is number 0, that mean client not require to update these update file. Am sure All my client PC not yet update at all since OS installation complete. So, How can check and troubleshoot this case? Thank you
Thanks, In the Part two video, please include few questions will be asked in patching interviews.
Thanks for your input. I will try to cover the answers which I can think of.
@@ManishBangia thanks sir
Hello sir,
I need your help.
Some update why not getting installed on my client pc ?
Not installed from software centre but same patch install successfully on Microsoft update catalogue
Where is the issue
Seems SUP configuration is not fully functional. Better to go through the following video I made for troubleshooting:
Track Software Update Deployment Client log flow
ruclips.net/video/mC_RyRAimvE/видео.html
I would prefer checking with scanagent.log, updatesstore.log, locationsevices.log first.
What's the Difference between software update agent and windows update agent?
Do both Same?
Windows update agent is a component every windows device has for searching, detection and applying the updates.
Software update agent is a specific component of SCCM, when software update is enabled via sccm, software update agent becomes responsible for scanning and updating. But in backend Windows update agent still exists, hence both agents work together in co-ordination when SCCM is used.
Hi manish,
How to reset policies using client tool and can we reset policies manually. Please reply ASAP.
Good Explanation! Just I have couple of queries ..I understood that device will download the software updates source files from SCCM server not from the WSUS server ..why does the device is pointing to 8531 port in local group policies, if it has nothing to do with WSUS server ? 2. Did we installed both SCCM and WSUS in the same server in this example ?
Good observation. SCCM and WSUS works together to provide updates. We have to install WSUS role (in my case it is local on SCCM). When we configure Software update point role (SUP Role) on SCCM, it automatically creates the local policy for the client, hence you are seeing WSUS server name in the policy.
Hi Manish,
Have 1 query please reply on it.
is SUG created automatically itself while in the manual process of software deploy because after you selected required updates you didn't created SUG by right click on the updates and create Software Update Groups after you selected the required updates,
yeah i know that with help of ADR these all steps will perform automatically but i need this small ans from your side "iis sug created automatically itself while in the manual process of software deploy?"
While selecting multiple updates, SUG gets created automatically.
However, when you try to download and deploy just one single update, it usually doesn't create SUG.
@@ManishBangia thank you a lot🙂
All was good but during the deployment time you have assigned a folder :: please reply about that , which folder was that and was it connected to WSUS. or was that only a location assigned for the downloading of updates
That was for downloading the updates locally from Microsoft
Sir I am not able to locate part 2 of this video.
Could you please reply with url?
Following is the link for part 2: ruclips.net/video/mC_RyRAimvE/видео.html
The title is Track Software Update Deployment through client log flow.
@@ManishBangia Lovely thank you.
You are great.
We have on Prem WSUS server so if I used updates in SCCM, will the updates come from Microsoft directly, or WSUS is working as its upstream server? In our current WSUS we are missing some important KBs that caused Win11 built in apps not working properly, and caused input methods not able to add by end users.
Thanks a lot. I'm going crazy as don't know how to troubleshoot and if we can take advantage on SCCM to overcome the issues in WSUS?
If you are using WSUS as Software update point in SCCM, then this setting can be easily be verified under "Software Update Point Compinent Properties" . If there is only 1 Primary Site, then surely option selected would be "Synchronize from Microsoft Update"
If there are multiple Primary sites, then other SUP settings should be using upstream server ( same setting property to see)
Could you please provide patching trouble shooting scenarios
Hi Uttam, there could be a very big list of issues for Patches failing to install or detect. Few of them I can highlight.
1. Patch on available on workstation: Not all patches are applicable for every device, based upon detection logic, patch applicability is applied. Any patch required or missing can be checked under updatesstore.log. If you don't see the info, the patch is not required. SCCM reports are also available to verify this.
2. Patch failing to download: There could be multiple issues here. Could be patch not available on DP. If patch is available on DP, still not downloading, then there could be Boundary / Boundary group issue as workstation won't be part of that DP boundary.
3. Windows Update Agent issue: This can also contribute to failure if Windows Update Agent has problem.
It is very difficult for me to comment on all scenarios, but ones are the most important one which I can think of.
@@ManishBangia thank u sir
@@ManishBangia could u provide resolution for server side patches also
@@ManishBangia also I need ur contact number sir
Sorry Uttam for late reply, today only I saw this old message. We can definitely get in touch via Linkedin. Here is the link to connect: www.linkedin.com/in/manishbangia/
Hi Manish can you create a step by step guide to install and create a SCCM lab?
I have a blog with step by step guide for creating SCCM lab:
www.manishbangia.com/sccm-install-guide-using-baseline-media/
There is an easy way also, by using SCCM evaluation lab kit provided by Microsoft, you may check:
www.manishbangia.com/create-sccm-lab-using-mem-evaluation-lab-kit/
@@ManishBangia nice! Thanks mate
Hi Sir,
Can you please make video on application deployment process from end to end. I mean the package when get from package team and till application deployment through sccm what are all actions is happening. Please make video
Sure, I will work on that and will include in my upcoming video.
@@ManishBangia can we have a Live session sir
I will be planning this soon.
Where is part 2
ruclips.net/video/mC_RyRAimvE/видео.html
Track software update client flow and troubleshooting
When one see the Cover Photo, no one will watch this video
Sorry.