SCCM Server OS Upgrade WSUS SUP Notes from Real World Configuration Manager ConfigMgr MEMCM? SCCM server OS upgrade (in place) is fully supported if your SCCM server is running SCCM CB 1606 version and above. However, with SCCM CB 1702, we have a hard requirement to have an operating system version of SCCM servers.
The minimum requirement for SCCM CB 1702 is to have Server 2012 and above. I have mentioned this in my previous post “Step by Step Video Tutorial of SCCM CB 1702 Baseline version Installation“. In this post, we will see some of the notes/experiences from the field (real world) during the in-place OS upgrade.
More details about the SCCM Server OS Upgrade Checklist in the post “SCCM CB 1702 Upgrade of CAS and Primary Sites A Real-world Experience“
Introduction – SCCM Server OS Upgrade WSUS SUP
Microsoft SCCM team has documented the steps which you need to perform before the SCCM server in-place OS upgrade. Apart from the pre-checks and actions before the in-place OS upgrade, there are some cautions also in that document.
Most of those cautions are pointing towards IIS configuration/reconfigurations. If you have some custom/out-of-box configurations in your IIS settings, then you need to put some research into the IIS setting before the in-place OS upgrades.
In my experience of upgrading 2 different SCCM CB hierarchies, when you have not done any custom configuration in your IIS, then you are going to be OK after the upgrade of the server OS as well.
Otherwise, you may need to reconfigure those custom settings again in IIS (most probably). I have post which explains about the default settings of IIS for SCCM servers here.
Pre SCCM Server In place OS Upgrade – Remove/Uninstall WSUS Services
We have removed the WSUS console from the server primary server and CAS, then removed WSUS components from remote SUP server before SCCM Server in-place OS upgrade. Make note that you don’t have (rather should NOT remove) to remove WSUS data, Logs and DB references while removing WSUS from SCCM SUP/Primary servers. You need to remove/uninstall only WSUS console and the core component like “Windows Server Update Service”. Ensure that you removed wsusservice and wsuscertserver services from SCCM server. No need to remove SUP role at all.
Post SCCM Server In place OS Upgrade – Install WSUS Console
Post-SCCM Server in place OS upgrade, I have noticed that IIS related services were stopped and disabled. If that is the situation in your case, you need to make sure that all these IIS related services are not in a disabled state. Make sure that IIS is working before you try to install WSUS 6.0 (for server 2012 R2) in the server.
Install WSUS console (via Add roles and features wizard in Server 2012) on SCCM Primary/CAS server if you have remote SUP server. No need to install DB and other services related to WSUS on primary and CAS servers if you are hosting SUP role on a remote server. Make sure; you install only following roles from “Add roles and features wizard” :-
Remote Server Administration Tools – Role Administration Tools – Windows Server Update Services Tools:-
– API and PowerShell cmdlets
– User Interface Management Console
Post SCCM Server In place OS Upgrade – Install WSUS Services
Once we install WSUS console on the SCCM primary/CAS server, then we can install WSUS core services on your remote SUP SCCM site system server. Launch Add roles and features wizard, select the following components as you can see in the pic below.
We need to complete two specific configurations as part of WSUS installation. 1.Specify the update store location 2. Specify an existing database server settings. In SCCM In place OS upgrade scenario, we need to use the same store location and Database name.
Another important point to remember is that we don’t have to click on “Launch Post -installation tasks”. Just launch WSUS console and click on RUN button to complete the WSUS installation process.
The Result SUP Sync Works Perfectly after Server OS in Place Upgrade
The result of this post-SCCM OS upgrade activity is that WSUS SYNC works fine with all the existing settings and configurations. No need to reconfigure and re-download anything as per my experience.
Upgrade on-premises infrastructure that supports SCCM/ConfigMgr – here