More Related Content Similar to System Center Configuration Manager 2012 SP1 and the new way of handling software updates explained (20) More from Microsoft TechNet - Belgium and Luxembourg (20) System Center Configuration Manager 2012 SP1 and the new way of handling software updates explained 1. Click to edit Master title style
LiveMeeting:
System Center Configuration
Manager 2012 SP1 and the new
way handling of Software Updates
explained
Kenny Buntinx
Configuration Manager MVP
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
2. Click to edit Master title style
Agenda
• Introduction
• Infrastructure Changes
• Operational “Best Practices”
• Q&A
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
3. Click to edit Master title style
About me
Kenny Buntinx
Inovativ : Principal Consultant
Kenny.Buntinx@Inovativ.be
http://www.inovativ.be
@KennyBuntinx
http://be.linkedin.com/pub/kenny-buntinx/3/639/107
http://scug.be/blogs/sccm
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
4. Click to edit Master title style wanted
SUM Top 5 Improvements
100% Update Cleanup
76%
64% Infrastructure
Improvements
46% 44% Auto Approval
50% 37%
Supersedence
User Experience
0%
SUM Top 5 "Needs Improvement"
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
5. Click to edit Master title style
Infrastructure Changes since SP1
Multiple SUPs per Site with cross-forest SUP support
The active software update point concept is deprecated in
Configuration Manager SP1
Source top level SUP off of internal WSUS servers
Optional client content download from Windows Update
Windows Embedded support
3X delivery of definitions through software updates
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
6. Click to edit Master needs
Infrastructure title style
• WSUS 3.0 SP2
- WSUS-KB2720211
- WSUS-KB2734608
• You are allowed to put your WSUS db on the same SQL
box as where your CM db lives.
• Use a custom Web site during WSUS 3.0 installation
• Installing SP1 will reset custom ports to 80/433
• Store Updates locally = License agreement
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
7. Multiple Software Update Points per site
Click to edit Master title style
• Add multiple SUP’s per site (8 per Site)
• You can add SUP’s cross-forest
• NLB no longer required (but still supported through
the SDK or Powershell)
• Clients will automatically fail over to additional SUPs
in the same forest if scan fails (same mechanism as
MP)
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
8. Click to edit Master title style
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
9. WSUS SOURCE FOR TOP LEVEL SUP
Click to edit Master title style
• No longer required to source top-level SUP from
Windows Update / Microsoft Update
• Can specify an internal, independent WSUS server
as an update catalog source
• The active software update point concept is
deprecated.
• You no longer have the option to configure a
software update point as an NLB in the
Configuration Manager console (thru PowerShell
with Set-CMSoftwareUpdatePoint)
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
10. Click to edit Master title style
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
11. OPTIONAL CLIENT CONTENT
Click to edit Master title style FROM WU/MU
• Support for using Windows Update / Microsoft
Update as an update content source for clients
• Local content sources (distribution points) are still
prioritized
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
12. Click to editDAY DEFINITIONS THROUGH SUM
3X PER Master title style
• Architectural changes to improve SUP synch and
client scans to support delivering Endpoint
Protection definition updates 3X per day (delta
synchs and category scans)
• Simplified out of box templates for :
• Endpoint Protection Auto Deployment
• Patch Tuesday
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
13. Click to edit Master title style SP1
Operational Changes since
• Not only related to SP1 !
• Stop using the SMS 2003 - ConfigMgr
2007 Methods !
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
14. Click to edit Master title style Superseded Updates
Configure:
Publisher can expire
or supersede
software updates
ConfigMgr 2007 did
automatically
expires superseded
updates
In CM12, you control
supersedence
behavior
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
15. Click to editSimplified update groups
Deploy: Master title style
Improved search to find updates
Lists and deployments combined into Update
Groups
Updates added to groups automatically
deployed
Groups can be deployed and/or used for
aggregate compliance
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
16. Click to edit Master title style
Deploy: Automated deployments
Automated deployment of desired updates
Schedule or run rules manually
Daily (Forefront) and
monthly (Patch Tuesday) scenarios
Rules create update groups that can be
further edited or used manually
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
17. Click to edit Content title style
Maintain: Master optimization and cleanup
Updates optimized
with new content
model to reduce
replication and
storage
Expired updates and
content
automatically
cleaned up
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
18. Click to edit Master title style
Operational Best Practices
Keep your SUG’s Limited
Keep them under 1000 Updates
Don’t split up products
Keep your SDP’s tight
Enable delta replication
High priority for SDP’s
Multiple deployments of the same SUG
Detail view thru reporting
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
19. Click to edit Master title style
Software Update Group Best Practices
• Don’t split up SUG into products.
• Split up per year and then per month !
• Stay under 1000 updates per SUG
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
20. Software Update Icons
Click to edit Master title style
The icon with the red X represents an invalid software update.
The icon with the blue arrow represents a metadata-only
software update.
The icon with the green arrow represents a software update group
that contains only normal software updates.
The icon with the black X represents a software update group
that contains one or more expired software updates.
The icon with the yellow star represents a software update group
that contains one or more superseded software updates.
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
21. Click to edit Master title style
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
22. Click to edit Master title style
Software Update Deployment Packages Best Practices
• Don’t split up all SDP per month.
• Split up per year and save all updates in that
SDP !
• Enable “delta updates” for DP
• Do the work once, also for yearly maintenance.
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
23. Click to edit Master title style
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
24. Click to edit Master title style
Deployment Best Practices
• Pre-Production / Production
• Create Templates
• Required for workstations
• Set your Alerting Target not too high !
• Available for servers
• No Reboot = Not patched in most cases.
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
25. Click to edit Master title style
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
26. Click to edit MasterPractices
Reporting Best title style
• Split up per year and then per month !
• Split up deployments per collection as you want
to know compliance per Month/Collection
• What you see isn’t always what you get ! Look at
your deployment rates.
• Reporting is quite powerfull.
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
27. Click to edit Master title style
Troubleshooting Server Side
Log Types of issues
SUPsetup.log Installation of SUP Site Role
WCM.log, WSUSCtrl.log Configuration of WSUS Server/SUP
WSyncMgr.log SMS/WSUS Updates Synchronization
Issues
Objreplmgr.log Policy Issues for Update
Assignments/CI Version Info policies
RuleEngine.log Auto Deployment Rules
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
28. Click to edit Master title style
Troubleshooting Client Side
Log Types of issues
UpdatesDeployment.log Deployments, SDK, UX
UpdatesHandler.log Updates, Download
ScanAgent.log Online/Offline scans, WSUS location
requests
WUAHandler.log Update status(missing/installed –
verbose logging), WU interaction
UpdatesStore.log Update status(missing/installed)
%windir%WindowsUpdate.log Scanning/Installation of updates
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
29. Click to edit Master title style
TechNet goes virtual
© Microsoft Corporation. All Rights Reserved.
30. Next Steps
Download and Evaluate More Resources
Microsoft System Center 2012 SP1: System Center
http://www.microsoft.com/en-us Marketplace:
/server-cloud/system- http://systemcenter.pi
center/default.aspx npoint.microsoft.com
• Virtual Machine Manager
Blogs:
• Operations Manager http://blogs.technet.c
• Orchestrator om
/systemcenter
• Service Manager
• Data Protection Manager http://scug.be/blogs/s
ccm
• Configuration Manager