Enable and Configure SCCM Third-Party Software Updates
This article covers the steps to enable and configure third-party software updates using SCCM (ConfigMgr). You can use this SCCM third-party software updates deployment guide in your enterprise to setup 3rd party patching with SCCM.
The Third-Party Software Update Catalogs node in the Configuration Manager console allows you to subscribe to third-party catalogs, publish their updates to your software update point (SUP), and then deploy them to clients.
If you are planning to deploy third-party software updates using SCCM, there are a series of configurations that you require in place. I have covered the steps required to enable and configure SCCM Third-Party software updates. Refer to the guide on deploying software updates using SCCM.
https://jdm.social/viewtopic.php?t=412
https://jdm.social/viewtopic.php?t=39561
https://expectingtheunexpected.com/showthread.php?tid=1384
https://www.mcmon.ru/showthread.php?tid=7935
http://www.yypf.com/showthread.php?tid=1413
http://www.hondaikmciledug.co.id/HRIS/showthread.php?tid=1138
https://www.csoyuncu.net/showthread.php?tid=13946
http://mystrotain.free.fr/forum/showthread.php?tid=65328
https://www.openhelbreath.com/showthread.php?tid=2
http://ordemdospsicologos.org/forum/showthread.php?tid=883&pid=10323
http://forum.analysisclub.ru/index.php/topic,52329.0.html
http://forum.analysisclub.ru/index.php/topic,7053.0.html
http://forum.analysisclub.ru/index.php/topic,44124.0.html
https://tasarhoa.com/hoa/viewtopic.php?t=2855
https://tasarhoa.com/hoa/viewtopic.php?t=51464
http://www.iphoneforumz.com/forum/viewtopic.php?t=56824
Prerequisites for Setting up third-party software updates
The following are the list of prerequisites that are required for setting up the third-party software updates in SCCM.
- Make sure there is a sufficient disk space on the top-level software update point’s WSUSContent directory to store the source binary content for third-party software updates.
- The third-party software update synchronization service requires internet access.
- For the partner catalogs list, download.microsoft.com over HTTPS port 443 is needed.
- Internet access to any third-party catalogs and update content files. Additional ports apart from 443 may be needed.
- Third-party updates use the same proxy settings as the SUP.
Steps to Enable SCCM Third-Party Software Updates
We’ll now go through the steps to enable SCCM Third-Party software updates on the server. Perform each of the steps in sequential order to configure the third-party updates.
Step 1: Enable SSL on Software Update Point
Since custom SCCM catalogs require HTTPS, you must enable SSL communication on the Software Update Point. Note that SSL must be enabled on the SUP when it’s remote.
Use the following steps to enable the SSL on Software Update Point:
- Go to Administration > Overview > Site Configuration > Servers and Site System Roles.
- Select the server and in the bottom pane, right click Software Update Point and click Properties.
- Under WSUS configuration, enable “Require SSL Communication to the WSUS server“.
- Click Apply and OK.
http://www.iphoneforumz.com/forum/poddox-the-easy-way-to-copy-your-music-to-your-ipod-t139679.html
http://www.iphoneforumz.com/forum/viewtopic.php?t=127508
http://www.iphoneforumz.com/forum/viewtopic.php?t=40051
http://junlinro520.gain.tw/viewthread.php?tid=137819&extra=
http://junlinro520.gain.tw/viewthread.php?tid=151185&extra=
http://junlinro520.gain.tw/viewthread.php?tid=340910&extra=
http://junlinro520.gain.tw/viewthread.php?tid=150718&extra=
http://huayang.eu.org/viewthread.php?tid=2094&extra=page%3D1
http://huayang.eu.org/viewthread.php?tid=3094&extra=page%3D1
http://forum.kirmash.biz/viewtopic.php?id=14785
http://forum.kirmash.biz/viewtopic.php?id=3
http://forum.kirmash.biz/viewtopic.php?id=15387
https://medtalk.info/viewtopic.php?t=811
https://medtalk.info/viewtopic.php?f=4&t=54
https://medtalk.info/viewtopic.php?t=10
Step 2: Enable third-party updates on Software Update Point
You can subscribe to third-party update catalogs in the Configuration Manager console if you enable this option. The updates can then be published to WSUS and distributed to clients. To enable and configure the feature for use, repeat the steps below once per hierarchy. If the top-level SUP’s WSUS server is ever replaced, the steps may need to be repeated.
Perform the following steps to enable third-party software updates on software update point:
- Launch Configuration Manager console.
- Navigate to Administration > Overview > Site Configuration > Sites.
- Select the site, right click and then select Configure Site Components > Software Update Point.
- Switch to Third-Party Updates tab and select the option Enable third-party software updates.
- Click Apply and OK.
Step 3: Configure WSUS Signing Certificate
In the above step, you enabled third-party updates on SUP. The next step is to configure WSUS signing certificate. This is important because custom catalogs must use HTTPS and the updates must be digitally signed.
Under SUP Properties > Third-party updates tab, you will find two options to configure WSUS signing certificate.
- Configuration Manager manages the certificate
- Manually manage the certificate
Both the above options are self-explanatory. Microsoft gives you two options to manage the WSUS signing certificate. You can tell Configuration Manager to automatically manage the third-party WSUS signing certificate using a self-signed certificate. If you need to manually configure the certificate, for example use a PKI certificate, you can do that using SCUP tool.
https://foro.iwivox.com/viewtopic.php?t=1844
https://foro.iwivox.com/viewtopic.php?t=1875
https://foro.iwivox.com/viewtopic.php?t=1854
https://www.yefeng.org/thread-4196-1-1.html
https://www.yefeng.org/thread-4601-1-1.html
https://www.yefeng.org/thread-504-1-1.html
https://www.yefeng.org/thread-2267-1-1.html
Step 4: Enable third-party software updates on the clients
In this step, you’ll learn how to enable third-party updates on the clients in the SCCM client settings. The setting sets the Windows Update agent policy for Allow signed updates for an intranet Microsoft update service location. This client setting also installs the WSUS signing certificate to the Trusted Publisher store on the client.
- Launch Configuration Manage console.
- Navigate to Administration > Overview > Client Settings.
- Right-click Default Client Settings and click Properties.
- Click Software Updates on left pane. Select Yes to Enable software updates on clients.
- Set Enable third-party software updates to Yes. Click Apply and OK.
Steps to Configure Third-Party Updates in SCCM
After you have enabled the third-party updates in SCCM, we will look at some basic configurations which involve adding custom catalogs, synchronizing third-party updates etc.
Comments
Post a Comment