Nov 13

How to manage Software Updates Using Microsoft System Center 2012 R2 Configuration Manager

5 Reasons Why Your Company Should Use an ERP System

Many IT network teams often delay important software updates because they can take up significant time, and may not seem that important. But, consider this is a blunder that may open the door open for hackers to access your private information, putting you at risk for identity theft, loss of money, credit, and more.

Did you hear about Equifax data breach, in which 143 million Americans were potentially affected? There was theft of Social Security numbers, birth dates, and home addresses et etc. A security fix for this was actually available couple of months before the hack, but the company failed to update its software.

Microsoft System Center 2012 R2 Configuration Manager provides a set of tools and resources that can  help you to manage software updates enterprise wide. SCCM 2012 R2’s maintenance window; dedicated for software updates installation; lets you configure a general maintenance window and a different maintenance window for software updates. Additionally, you can review the software updates before you create the deployment in the preview window.

This quick guide will help you to deploy software updates using SCCM 2012 R2. As you may know, there are 2 ways to deploy software updates using SCCM 2012 R2, Manual and Automatic. We will focus on manual software updates.

Quick steps for Manual Software updates using MS SCCM. First install the Software Update Point role.

  1. Launch the Configuration Manager Console and click on Administration, expand Overview, click Site Configuration.

  2. Click on Sites.

  3. At the top menu, click on Add Site System Roles.

  4. Check Software Update Point and click Next in the next window (From the Add Site System Roles Wizard).

  5. It is important to note that WSUS is configured to use ports 8530 and 8531 for client communications. You can specify whether to use the default Internet Information Services (IIS) or create a new custom WSUS website during installation of WSUS. When you use a custom website for WSUS 3.0, WSUS configures port 8530 for HTTP and port 8531 for HTTPS.

  6. In next screen, click Use credentials to connect to the WSUS server in WSUS Server Connection Account, click on Set and choose the account.

  7. Click Next.

  8. In next screen of proxy & account settings, select Synchronize from Microsoft Update and click Next.

  9. Select Enable synchronization on a schedule and let the schedule be set to default. You may also click Alert when sync fails on any site in hierarchy.

  10. Click Next.

  11. In the Supersedence behavior screen, select Immediately expire a superseded software update.

  12. Click Next.

  13. In classification screen, Select Critical updates, Definition Updates and Security updates.

  14. Click Next.

  15. In products screen, select all products that you want to sync,

  16. Click Next.

  17. Select languages,

  18. click Next.

  19. The Software Update Point role has been installed. Click Close.

  20. Click Software Library in the configuration manager console and expand Overview,

  21. Click Software Updates in top menu

  22. Click All Software Updates

  23. Click Synchronize Software Updates at the top menu.

  24. Open wsyncmgr.log and WCM.log file to check background processes,

  25. When the synchronization is completed, all updates can be seen by clicking All Software Updates option in the Console.

  26. You can also add criteria for filtering. Click on Add criteria. Select Expired, Product, Superseded, Bulletin ID.

  27. Click Add.

  28. Now select all the updates, right click on the updates and click Create Software Update Group.

  29. Provide the name to the software update group as desired.

  30. Click Create.

  31. Click on Software Update Group and you will find the software update group that was created in the previous step. Right click on the created Group and click Deploy.

  32. In Deploy Software Updates Wizard, provide a Deployment Name, description and choose the collection for which this software update deployment must be deployed.

  33. Click Next.

  34. Set the Type of deployment. You can also set detail level to Only success and error messages.

  35. Click Next.

  36. Configure the schedule for the deployment.

  37. Set the local Time.

  38. Click Next.

  39. On the User Experience page, you can set the restart for Server or Workstations.

  40. Click Next.

  41. For Deployment options, If the updates are not available with preferred deployment packages then select Download and install software updates from the fallback content source location.

  42. Click Next.

  43. Create a new deployment package by providing a name, location for the Package source and selecting priority.

  44. Click Next.

  45. Add the Distribution Point.

  46. Click Next.

  47. For Download Location choose Download software updates from the Internet.

  48. Click Next.

  49. Choose the language and click Next. The wizard will now download the updates and deploy them to the collection as per the schedule defined.

  50. Click on Close to close the wizard.

  51. You can check that the updates are installed on client machines in the collection

  52. You may be asked to get system restarted.

  53. You may restart the computer by choosing Restart now or you can select to be reminded later.



- My ASP.NET Application
We use cookies to provide the best possible browsing experience to you. By continuing to use our website, you agree to our Cookie Policy