Windows Core Server Patching from SCCM

    Greeting for the day!!!

Hope you all are enjoying and like to get reported solution.  Its my pleasure to many solution one roof. I have received many positive feedback by resolving issue on error basis. 

Let's discussed more about Core server patching. Many have queries that how we can manage core server patching with SCCM. Is is possible to manage core server patching with SCCM?  Answer is Yes.  As Per Microsoft recommendation below two method . However if you still want to manage Core patching with SCCM We can do as normal servers. Let have look.


·         Using Windows Update automatically or with Windows Server Update Services (WSUS). By using Windows Update, either automatically or with command-line tools, or Windows Server Update Services (WSUS), you can service servers running a Server Core installation.

·         Manually. Even in organizations that do not use Windows update or WSUS, you can apply updates manually.


Below are the key point we have to consider to manage core server using sccm.

( Note : 1st Check if you can manage the Core server from the SCCM server like if you can connect the Core Server Computer management Console from SCCM & the admin$ , c$ is accessible from the SCCM server if yes directly push the SCCM client and monitor the logs. If not then perform the below steps)

 

    Step 1: You will need to open Group Policy Management Console.

 

    Step 2: Create a new GP or modify the Default Domain Policy as per your requirement.

 

    Step 3: Edit the GP you will get the below screen Go to Windows Firewall with Advance Security option.

 

    Step 4: Click on Windows Firewall Properties. 

    

    Step 5: Make the below settings. 


    

    

Step 6: Right Click on Inbound Rules  -->  New Rules 


    

    

Step 7: Create the rules as shown below. (No Outbound Rules Required) 


    


    Step 8: Close the Group Policy Management Console (Verify it’s properly linked & enforced on the required target systems)

    Step 9: Run gpupdate /force on the core systems.

    Step 10: Push SCCM Client from sccm console

    Note: Make sure Client Push account must local administrator on all the core servers. 

    Step 11: monitor the logs CCMSetup.logs 

    Step 12: Once the server’s shows active you are ready to deploy patches either in Available / Required mode as per your requirements. 

Now you are ready to start patching server as Normal servers.

Now you can login on the Core Server and in the Command Prompt Window you can type

C:\Windows\ccm\scclient.exe which will launch the Software Center with the patches required.

(For troubleshooting you will have to check the wuahandler, updatesdeployment logs by browsing the c$ of the Core server from SCCM or any other server.)


Yes its simple but many of are not aware. 

Happy Learning !!! Keep Watching https://hiraniconfigmgr.com space. 


Haresh Hirani
Email: hiraniconfigmgr@outlook.com
Follow me: Twitter @hirravi1 

LinkedIn: 
https://www.linkedin.com/in/hiraniconfigmgr  

Facebook: https://www.facebook.com/Hiraniconfigmgr-120189361980772/








0 Comments

    No Comments

Leave a Comment