Let’s learn how to recover Expired Updates from the admin console. The SCCM patch management is not easy if you are new to this process.
Sometimes you might get confused with missing patches in the admin console. Let’s understand the options to recover expired and deleted updates from SCCM Console.
Microsoft released a couple of blog posts (more details in the resources section below) to clarify Windows 10 KB5003637 June Cumulative Update Confusion. You can read more about this from the SCCM Patching Issue with Windows 10 KB5003637 June CU issues.
Do you see the SCCM patching issue with Windows 10 KB5003637 June Cumulative Update? Learn how to recover Expired Update KB5003173 from the SCCM admin console from this post. You need to have appropriate SCCM RBAC access to complete this activity.
Where are SCCM Supersedence Rules?
You can check the Supersedence rules from the SCCM admin console. These Supersedence rules can help you manage software updates in a bit cleaner method. Let’s see where the option is in the admin console.
- Navigate to \Administration\Overview\Site Configuration\Sites
- Select the primary server/CAS and click on Configure Site Components option from the ribbon menu.
- Select Software Update Point from the drop-down list.
From the Supersedence Rules tab from Software Update Component Properties.
Use WSUS Console also to get back the Accidentaly Declined Updates
To Recover Expired or declined Updates from WSUS console, you can use the following option. You can start syncing from SCCM console to get these settings up to recover the expired or declined updates.
- In the WSUS administrative console, click Updates and then click All Updates.
- change Approval to Declined and click Refresh. The list of declined updates loads.
- In the list of updates, select one or more declined updates that you want to reinstate or recover.
To reinstate a particular update, right click on the update and select Approve. In the Approve Updates dialog, click OK to re-apply the default Not Approved approval status. The update will show in the list as Not approved instead of Declined.
How to Recover Expired Updates from SCCM
Let’s understand how to recover expired updates from SCCM (Configuration Manager). You can get into a situation where you need to deploy a superseded update that has been marked as expired in SCCM.
Learn how to Recover Expired Updates from SCCM Console | ConfigMgr. Go through the following steps to recover the expired software updates:
- In the above section, you have already seen where is the option to configure Supersedence rules.
- Once you are in the Supersedence rules tab, you can check the Supersedence behavior of updates other than the feature updates section.
Make sure you have selected the option:- “Do not expire a superseded software update until the software update is superseded for a specific period.“
You need to change the number of months following the option from Months to wait before a superseded software update is expired.
In the following example, you can see that the number of moths selected is three (3). Click on OK to continue and save the new expired updates settings.
NOTE! – if the software update marked as expired was superseded 2 months ago, the months to wait for interval would need to be greater than 2 months. And the minimal interval value should be 3 months.
Manual WSUS Scan Sync
Once you change the Software Updates expired configuration interval to 3 months, you can recover the expired software updates 2 months before with a manual WSUS sync.
- Navigate to \Software Library\Overview\Software Updates.
- Right-click on the All Software Updates node.
- Select Synchronize Software Updates to initiate a manual WSUS sync.
- Click on OK to start the sync.
NOTE! – Let’s wait for WSUS sync to complete so that you can see all the expired updates back in the SCCM admin console. You can refer to wsyncmgr.log to verify the completion of WSUS sync.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.
I did the same procedures which you mentioned in here but my issue still same. How to do this? Please suggest me.