3rd party patching has always been a big headache for SCCM/ConfigMgr Admins. Because most of the organizations don’t have packaging team, who can handle the 3rd patch packages. Also, it’s not an ideal scenario to put efforts on creating patch packages of each third party applications. In the modern world, every organization would be looking for automation of 3rd party application patching.
[Related Posts – SCCM Third Party Software Update Support without SCUP]
The top rated/voted SCCM/ConfigMgr User voice item here is the biggest proof that the 3rd party application patching is the most tedious activity for SCCM admins. The SCCM technical community has always been the vocal amount the issues of 3rd party application patching. In this post, I will go through the process SCCM admin should have to follow to get Adobe patches into Windows devices. As I noted down in my previous post “Now Automate Third-Party Patch Management using SCCM ConfigMgr,” there are great solutions available in the market to improve the productivity of SCCM admins.
What is the most tedious task for SCCM administrators? Undoubtedly it is patching of third-party updates. Yes, setting up the SCUP environment it self is huge task and there are cert dependencies in that setup. I didn’t cover that part in this post. More details of SCUP installation and configuration is covered in the following post here. From manually loading the catalog in SCUP, publishing the patches to WSUS and to syncing the patches with SCCM for further deployment, it is not just complex but also time consuming. Let us see the steps involved when third party updates are patched manually,
1) Open SCUP and select Import
2) Browse and select the required patch catalog file and click Next. Over here we have downloaded and imported the readily available Adobe catalog.
3) Confirm the settings by clicking Next.
4) Select Accept to trust the catalog certificate.
The patches will get imported now.
5) Now select the patches which you want to publish to the Update Server, click Publish
6) Select the type of publish you want and click Next.
The patches will get published now.
7) Now open SCCM, Go to Administration, Expand Site Configuration, Click Sites, Right click on your primary site > Configure Site Components > Software Update Point
8) Select Products tab, choose the required applications and click OK.
9) In the home tab, enable Synchronize Software Updates options
You can now view the updates in all software updates view
From this view you can deploy the required patches to the client computers using SCCM.
In the Adobe example shown above the catalog was readily available and these types of readymade catalogs are generally not available for many applications. Imagine if you have to generate a cab file, create catalog and then load them to SCUP? This is going to be a far more exhaustive patching routine.
As a solution to all this complexity ManageEngine offers Patch Connect Plus. It is an add-on to SCCM to patch third party applications. Patch Connect Plus provides pre-tested patches for 250 plus third party applications which can be automatically pushed to WSUS and SCCM. Thus easing your third party patch management. Getting things done in a simpler way increases your productivity. Try Patch Connect Plus, with few click deploy the third party patches and maximize your SCCM investment.
- How tedious it is to patch third party applications manually?
- Complexity behind manual third party patching
- How to patch third party applications manually?
- SCUP 2011 Installation and Configuration Guide – here
- Enable SCUP in ConfigMgr 2012 R2 with WSUS 4.1 – Here
- SCUP Signing Certificate Requirements & Step-by-Step Guide – here