SCCM Third-Party Software Updates Setup Step by Step Guide Post 1

Let’s learn how to configure SCCM third-party Software Updates. A comprehensive guide to setup 3rd party patching with SCCM.

SCUP helped many of us to deploy third-party software updates for many years. Now, SCCM doesn’t require SCUP to deploy Third-party updates. Let’s dive into the SCCM third-party software update setup.

Microsoft applications are patched as part of the Microsoft Software Update patching process. However, the third-party applications (non-Microsoft) are NOT patched using Microsoft updates.

NOTE! – There is no option to customize the end-user experience using 3rd party patching solution from Microsoft. For example, Adobe Acrobat and Reader when the applications are open, and the SCCM / WSUS patching is applied. It might force the termination of the applications without notice.

Patch My PC

You should have a different process for 3rd party updates. This post will teach you how to enable 3rd party patching using SCCM and WSUS without using SCUP. The patching of applications like Chrome, Java, etc… is not easy.

Introduction

This post is a step-by-step SCCM third-party software updates setup guide for all SCCM admins.

First of all, you need to analyze and understand the business requirement of third-party updates. From my perspective, third-party patching is critical for the overall IT security landscape.

The following are some of the questions that will help you get ready for a third-party software update setup.

Adaptiva
  • What is the current process for patching third-party applications?
  • Are you using the standard packaging process to perform third-party updates?
  • How many application vendors are providing SCCM-friendly “Update Catalogs” for free?
  • Do you need to spec up the SCCM server hardware before enabling third-party updates?

Video Guide – SCCM Third-Party Software Updates Setup Step by Step Guide Post Video Guide

SCCM Third-Party Software Updates Setup Step by Step Guide Post 1

Prerequisites

You can enable third-party updates from SCCM (without SCUP integration) when you have 1806 or a later version.

The SCCM third-party software updates feature allows you to subscribe to partner and custom catalogs from the SCCM console and publish the updates to WSUS.

  • Partner catalogs are software vendor catalogs partnered with Microsoft. The following are the two partner catalogs (DELL & HP) available with SCCM 1902 release.
  • Custom Catalogs are the third-party software catalogs that you can add manually to the SCCM console. You can find more detail in the below section.

NOTE! – There are only a few vendors that provide FREE custom catalogs. You can find more details in the blog post free List of Catalogs SCCM Third-Party Software Updates.

The following is the quick list of prerequisites that you want to ensure before enabling the update feature.

  • WSUS and SUP should be configured and working fine.
  • Updates Classification should be enabled from Software Update Point Component Properties.
  • Valid Business requirements and find sponsorship from management.
  • License cost – SCCM support is free, but if you want to use other third-party products to get more vendor application support (via Custom Catalog), you need to pay the extra licensing cost.
  • SCCM Server Specs & Disk Space – Consider Upgrading Disk Space per your requirement.
  • Adjust your proxy and Firewall configurations – port 443, and you might need to white list all the third-party vendor URLs to download metadata, CAB files, and source files of updates.
  • Check out Certificate requirements at the Server and client-side. Also, you might need to adjust the Group Policy setting on the client-side.
  • SCCM Client Settings – Enable third-party software updates policies to YES.
  • Additional requirements when the SUP is remote from the top-level site server

NOTE! – Some Certificate Details – 1. WSUS (Publishers Self Signed) – Code Signing – Only WSUS Server 2. Trusted Publishers – WSUS Server & Client 3. Trusted Root Certificate – WSUS Server & Client

Enable SCCM Third-Party Software Updates

As I mentioned in the prerequisites, ensure that you have a working WSUS and SUP environment before enabling the third-party updates.

The following steps should be completed from the top site, either SCCM CAS or the Standalone primary server. The below steps will help you to enable SCCM third-party update feature.

  • In the SCCM console, go to the Administration workspace. Expand Site Configuration, and select the Sites node.
  • Select the top-level site in the hierarchy. Click Configure Site Components from the ribbon menu, and select Software Update Point.
  • Click on the Third-Party Updates tab and select the option Enable third-party software updates from Software Update Point Component Properties.

NOTE! – I would recommend using the default options of the SCCM configuration wizard unless you have a specific reason to select another option. I have chosen the configuration manager-managed certificate option.

If you don’t have any PKI certificate requirements for SCCM third-party updates, you can use the default option as I mentioned above.

You might be able to see a new certificate type “third-party WSUS Signing” (as I showed in the below picture) when you use Configuration Manager to manage the certificate option from the above wizard.

Navigate to – \Administration\Overview\Security\Certificates

Subscribe to Partner Catalog

In this section, you can subscribe to partner catalogs (out-of-box settings, as I mentioned above).

  • Launch SCCM Console
  • Navigate \Software Library\Overview\Software Updates\Third-Party Software Update Catalogs node
  • Click on the “Lenovo” partner catalog from the list on the right side
  • Click on Subscribe
Subscribe to Partner Catalog - SCCM Third-Party Software Updates
Subscribe to Partner Catalog 6

Add a Custom Catalog

The next step in setting up SCCM third-party software updates is to add the custom catalogs. In the console, you can add the custom catalogs from \Software Library\Overview\Software Updates\Third-Party Software Update Catalogs.

You might already see the partner catalogs in the SCCM console. HP and Dell are the only two(2) partner catalogs available for SCCM 1902 version.

You can follow the below steps to add a custom catalog to SCCM.

  • Navigate to \Software Library\Overview\Software Updates\Third-Party Software Update Catalogs.
  • Click on Add Custom Catalog from the ribbon menu.

You must provide the following details in the Third-Party Software Updates Custom Catalogs Wizard. The next four(4) values are mandatory.

NOTE! You will wonder how I got the DOWNLOAD URL Details for Adobe Reader 11 Third-Party Updates? I will explain this to you in a different blog post.

Subscribe to Custom Catalogs

The Subscribe to Catalog step is the following configuration for enabling the SCCM Third-Party Software Updates setup. The Third-Party Software Update Catalogs node allows you to subscribe to third-party custom and partner catalogs.

The subscription of partner and custom third-party catalogs helps SCCM environments to get regular updates (or patches) from third-party application vendors.

The following steps ensure that the SCCM environment is subscribed to the vendor’s product updates, similar to Microsoft Software updates.

  • Navigate to the Software Updates Library workspace from the SCCM console.
  • Expand Software updates, and select the Third-Party Software Update Catalogs node.
  • Select the Custom Catalogs to which you want to Subscribe to:
    • I selected Adobe Reader 11
  • Click the NEXT button from Third-Party Software Updates Wizard
  • On the Download page of the third-party software update wizard, SCCM will download the CAB file using the URL you provided while adding a custom catalog.

NOTE! – You need to have appropriate internet connections, as I mentioned in the prerequisites section above. If not, the download will fail, and you won’t be able to proceed with the third-party software update wizard. This wizard uses the same proxy connection you set up in the SUP configuration.

  • Review and Approve the catalog certificate from the review and approve page of the Third-party updates wizard
  • Click on the View Certificates box to view the certificate properties and review them.

NOTE! – I would recommend reviewing and installing the Certificate to the Local Machine (Default location) – If you don’t do this, the Publishing of third-party update content will fail in the later stage of this process. You can check the certificate details in the Certificates node of the SCCM console, as I mentioned in the above section.

  • Click the OK button on certificate properties windows.
  • Click on the Checkbox near “I have read and understood” to agree and proceed further.
  • Click on the Next button to continue and finish the subscription process of the third-party catalog.
  • Click on NEXT on Confirm Settings page.
  • FINISH the wizard to start the metadata updates synchronization on to WSUS.
  • Click on Adobe Custom Catalog and initiate a Sync (Sync Now button from the ribbon) from the Third-Party Software Update Catalogs node.
  • Make sure the Last Sync Status is SUCCESS.

The above sync will make all the Adobe Reader 11 updates into the WSUS database. You can refer to the log file called SMS_ISVUPDATES_SYNCAGENT.log.

NOTE! – The above Sync (use Sync Now button from the ribbon) from \Software Library\Overview\Software Updates\Third-Party Software Update Catalogs won’t make the metadata of adobe reader 11 updates available in the SCCM console.

Products Selection

Now, you would be able to see the Adobe Reader underneath “All Products – Adobe Systems. Inc.” on the Software Update Point Component Properties window.

Select the product “Abode Reader” as I showed in the below picture and click OK.

NOTE! – I have seen people complaining about some of the Abode patches are missing from the SCCM console. It could be possible that Adobe changed the product name. So, it’s recommended to check whether any new products got added or not. You might need to enable those new products from software update point component properties.

Another Sync

It’s time for another Sync. But, this time, it’s not from the same place. You need to follow the below steps to make all Adobe Reader 11 updates (metadata) available in the SCCM console “All Software Updates” node.

  • Navigate to \Software Library\Overview\Software Updates\All Software Updates.
  • Click on the Synchronize Software Updates button from the ribbon menu.
  • After finishing this sync successfully (WSYNCMGR.log to verify), you will be able to see all the Adobe Reader 11-related updates, as you can see in the following picture.

NOTE! – Check out the BLUE color icons for Adobe Reader 11 updates metadata (metadata-only updates = BLUE). More details about the change of Third-Party Software Updates icons are below.

Publish Third-Party Software Update Content

Once the third-party software updates are available in the console, you can publish those Adobe Updates to WSUS.

The following steps will help you publish Adobe Reader Third-Party Software Update content to WSUS.

  • Navigate to \Software Library\Overview\Software Updates\All Software Updates node
  • Select the Abode Reader Updates you want to publish.
  • Click on Publish Third-Party Software Update Content button from the ribbon menu.
  • Check out SMS_ISVUPDATES_SYNCAGENT.log to monitor the progress.
  • The update files (for Adobe, it was . MSP files) will get downloaded to a temporary folder called C:\Program Files\Microsoft Configuration Manager\ISVTemp. (the folder name ends with .mrm or .mgm or some random name – that is nice)

NOTE! – When you publish third-party software update content, any certificates used to sign the content are added to the site. If you don’t install the certificates used to sign the third-party update content, publishing the content might fail.

You can also check whether the certificate status is BLOCKED or UNBLOCKED from the SCCM console (\Administration\Overview \Security\Certificates). If the certificate is blocked, there is a chance of failure in the publishing process.

  • Once the publishing process is finished, you might need to perform another Sync (WSyncMGR.log) to make the software update available for SUP to deploy and change the icon from BLUE to GREEN.

Download and Deploy SCCM Third-Party Software Updates

Now, it’s time to download and deploy the SCCM third-party software updates to Windows devices.

Create Software Update Group

The following steps will help you create a Software Update Group, Download and Deploy the third-party updates.

  • Navigate to \Software Library\Overview\Software Updates\All Software Updates node.
  • Select the third-party software updates which you want to download and deploy.
  • Click on Create Software Update Group.
    • Enter the name of the software update group = Reader 11 0 23 (“.” is not allowed)
    • Enter the description of the group.
  • Click OK to finish the creation of Software Update Group.

Start Deploy Software Update Wizard

You have already created Software Update groups in the above section. Now, you can start the deployment wizard for third-party updates.

In this section, you can select the third-party update deployment name and device collection name.

  • Navigate to \Software Library\Overview\Software Updates\Software Update Groups.
  • Select the Reader 11 0 23 groups created above, and click on the Deploy button from the ribbon button.
  • Follow through with the deployment wizard.
    • Deployment Name = Adobe Systems, Inc. Third-Party Software Updates
    • Select the Collection of devices you want to deploy Third-Party Software update and Click Next.

Scheduling & Deployment Settings

This section helps to schedule the third-party software updates.

  • Specify Deployment Settings for this deployment.
    • Type of deployment = Required.
    • Details level = Only Success and error messages.
  • Click on the Next button.
  • Configure Schedule Details for this Deployment.
    • Schedule Evaluation – Time Based on: Client Local Time.
    • Software Available Time – As soon as possible.
    • Installation Deadline – Specific Time.
  • Click on the Next button to continue…

User Experiences & Alerts

I selected all the default settings in the following two pages of User Experiences & Alters.

  • Specify the User Experience for this Deployment – User Visual Experience.
    • User Notifications – Display in Software Center and show all notifications – Default option.
    • Deadline Behavior – When the installation deadline is reached, allow the following activities to be performed outside maintenance windows:
      • Software update installation
      • System Restart (if necessary)
  • Device Restart Behavior – Some software updates require a system restart to complete the installation process. You can suppress this restart on servers and workstations.
      • Suppress the system restart on the following Devices:
        • Servers
        • Workstations
    • Write filter handling for Windows Embedded devices
      • Commit changes at the deadline or during a maintenance Windows (requires restarts) – Default option
  • Specify Software Update Alert Options for this deployment
    • Configuration Manager Alerts
    • Operation Manager Alerts

Create Deployment Package Third-Party Software Updates

The section will help you understand how to create a third-party software update package.

  • Specify the Package to Use page
    • Create a new deployment package:
      • Name – Adobe Reader 11 0 15
      • Package SourceUNC Path – \SCCM_Prod\Sources\Third-Party Updates\Adobe\Reader 11 0 15
      • Sending PriorityMedium
      • Enable Binary Differential Replication (Not Mandatory – But Recommended settings)
      • No Deployment package (NOT Mandatory Option)
        • Clients download content from peers or Microsoft Cloud (NOT a Suitable option for Third-Party Updates).
        • Click Next to go next page.
  • Specify the Distribution point groups to host the content
      • Add Distribution Point and click Next.
    • Specify the source location for the Software Update that you will download
      • Download software updates from the Internet
  • Specify the Languages of the updates
    • Product – There are two products-Windows Update and Office 365 Client Update – The language selected is English
    • There is an Edit option to add another language if available from third-party software updates.
    • Click NEXT
  • Specify Download Settings of this Deployment
    • Deployment Options
      • Do not install software updates
    • Deployment Options
      • Download and Install Software Updates from the Distribution points in the site default boundary group

Conclusion

Now, you deployed the third-party software updates. You can check out the content distribution status from the SCCM console. The deployment success with third-party software updates compliance report from SSRS.

Resources

Bonus Details

Subscribe to a custom catalog Wizard template:

Subscribe To Catalog
• Catalog Name: Adobe Reader 11
• Publisher: Adobe
• Description: More Details
• Support URL :
• Support Contact :
• Download URL: https://armmf.adobe.com/arm-manifests/win/SCUP/Reader11_Catalog.cab

Create, Download, and Deploy Third-Party Software Updates Package Template:

Updates Targeted:
• Reader 11.0.11 Update APSB15-10(Article ID)
General:
• Deployment Name: Adobe Systems, Inc. Software Updates
• Collection: Test Static Collection
Deployment Settings:
• Send wake-up packets: No
• Verbosity Level: Only success and error messages
Scheduling:
• Deployment schedules will be based on: Client’s local time
• Available to target computers: 13-04-2019 02:41:00
• Deadline for software update installation: 20-04-2019 00:07:00
• Delayed enforcement on deployment: No
User Experience:
• User Notifications: Display in Software Center and show all notifications
• Install software updates outside the maintenance window when the deadline is reached: No
• Restart system outside the maintenance window when the deadline is reached: Suppressed
• If a restart is required, it will be: Allowed
• Commit changes at the deadline or during a maintenance window (requires restarts): Yes
• If any update in this deployment requires a system restart, run updates deployment evaluation cycle after restart: No
Alerts:
• On software update installation error generate a Window Event: No
• Disable Window Event while software updates install: No
Package:
The software updates will be placed in a new package:
• Adobe Reader 11 0 15
Content (1):
• SCCM_PROD.INTUNE.COM
Software updates that will be downloaded from the internet
Reader 11.0.11 Update
Windows Update Language Selection:
English
Office 365 Client Update Language Selection:
English (United States)
Download Settings:
• Computers can retrieve content from remote distribution points: No
• Download and install software updates from the fallback content source location: Yes

Author

Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is a blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. E writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…

49 thoughts on “SCCM Third-Party Software Updates Setup Step by Step Guide Post 1”

  1. Hello,
    I’ve followed your step by step but I’ve a strange behavoir.
    I’ve tried with the “Adobe Flash Player Plugin” Update (version 32.0.0.171).
    I have deployed it to a test computer with an older version installer (32.0.0.141).
    The update isn’t seen from the computer and from the report it says: ALREADY COMPLIANT.
    Also the required column is 0, and also the column already installed is 0.

    Reply
  2. Hello Anoop,
    Cert is installed (although if there was a problem with the certificate, I would have problem with the installation, not the detection).
    Policy is set to allow third party (also via CM Client Policy; and checked regkey it’s present and configured).
    I’ve checked the client side troubleshooting section and unfortunately no clue in the logs.

    Reply
    • Unfortunately, I don’t have any other suggestion because I don’t have any clue what is happening. I might need to test and re-pro the issue later whenever I get time.
      I would still think there would some hints like whether the policy is received by client or is it evaluated by client etc … that would help you further troubleshooting

      Reply
      • Solved 😆
        my bad … this Adobe Flash update nomenclature is getting me crazy. On SCCM you have PPAPI & Plugin … I needed the Plugin one and not the PPAPI…
        I will test out also Reader & Pro just to make sure it works.
        Thank you in advice and sorry 😆

  3. Thanks for the guide Anoop! It was helpful.

    I am trying to deploy an Adobe Reader 2015 Classic Track update using your instructions.

    The SMS_ISVUPDATES_SYNCAGENT log gives me this error when I try to publish third-party software update content:

    Failed to publish update “07c4ec0f-71cd-49f7-94f3-aa3da81fb72b” due to missing update metadata.

    Possible cause: The update may have been synchronized to WSUS outside of Configuration Manager.
    Solution: Synchronize the update with Configuration Manager before attempting to publish it’s content. If an external tool was used to publish the update metadata then use the same tool to publish the update content.

    I followed your instructions exactly. I did not use an external tool like the message indicates. Do you know where I might look to solve the problem?

    Thanks for any insight you may have.

    Reply
  4. How does this work with machine updates? I installed the Lenovo.cab and it downloaded a bunch of drivers, which was my intention. I’m learning how to use SCCM to image our machines. Can I use this method for Driver Packages? If so, how would I go about doing that?

    Reply
  5. Hello,
    Again great article.
    I still have a problem with the 3rd party updates.
    For Adobe Reader DC & Adobe Acrobat DC – I can sync updates but under “REQUIRED” I have 0 for every available update.

    Reply
  6. Hello,
    Again Great article.
    I can get the adobe reader & adobe acrobat updates to work.
    The updates are synced successfully but show that aren’t required on any machine (which obviously isn’t true).

    I then checked the Report: Compliance 2 – Specific software update and break it down to my computer to see what it was showing.
    I then selected “Update Class” and … I can see only Adobe Flash player as a result of “indexed” updates – no trace of a Adobe Reader or Adobe Acrobat update.

    So my guess is now, is it possible that the hw inventory in some way doesn’t report back to the update point the whole software list?

    Reply
  7. Hi,

    Thanks for your great post.
    I’ve suscribed to Dell catalog, and I notice that I’ve no Dell drivers which are required by my clients (1500 Dell machines).
    Which is quite strange..

    Do you think I need to enable additional hardware inventory classes in Client Settings? Or is there any reasons?

    Thanks in advance

    Reply
    • Hi, I never a heard about updating hardware inventory to cater the requirement of driver updates.
      Have you checked the Dell machines and checked the requirement of driver update ?

      What I’m trying to say is “are those machines require a driver update” ? Or the drivers installed on those machines are not there in the dell catalog

      Reply
  8. Hi Anoop

    This is very helpfull post to configure the third party updates, Please help to share how we can cleanup the older updates metadata and contents from SCCM site server and systems as well as content from source location. So that we can maintain our SCCM environment.

    Reply
  9. Hello!

    Great article! As far as the update package creation is concerned, what is the source of the files? I don’t have \SCCM_Prod\Sources\Third-Party Updates and checking the content tab of one of the Adobe updates shows another UNC path that I can’t seem to locate on my server.

    Any help is appreciated!

    Reply
  10. Hi Anoop

    After Turning on the SSL on update point, all the clients were stopped getting any updates. WuHandler showed error:

    OnSearchComplete – Failed to end search job. Error = 0x80240440. WUAHandler 8/10/2019 2:32:10 PM 4552 (0x11C8)
    Scan failed with error = 0x80240440. WUAHandler 8/10/2019 2:32:10 PM 4552 (0x11C8)
    Its a WSUS Update Source type ({D3FC19DE-264D-4295-A309-0C42523AAF3E}), adding it. WUAHandler 8/10/2019 2:32:21 PM 4552 (0x11C8)
    This device is not enrolled into Intune. WUAHandler 8/10/2019 2:32:21 PM 6748 (0x1A5C)
    Device is not MDM enrolled yet. All workloads are managed by SCCM. WUAHandler 8/10/2019 2:32:21 PM 6748 (0x1A5C)
    SourceManager::GetIsWUfBEnabled – There is no Windows Update for Business settings assignment. Windows Update for Business is not enabled through ConfigMgr WUAHandler 8/10/2019 2:32:21 PM 6748 (0x1A5C)
    Existing WUA Managed server was already set (https:SERVERNAME:8531), skipping Group Policy registration. WUAHandler 8/10/2019 2:32:21 PM 4552 (0x11C8)
    Added Update Source ({D3FC19DE-264D-4295-A309-0C42523AAF3E}) of content type: 2 WUAHandler 8/10/2019 2:32:21 PM 4552 (0x11C8)
    Scan results will include superseded updates only when they are superseded by service packs and definition updates. WUAHandler 8/10/2019 2:32:21 PM 4552 (0x11C8)
    Search Criteria is (DeploymentAction=* AND Type=’Software’) OR (DeploymentAction=* AND Type=’Driver’) WUAHandler 8/10/2019 2:32:21 PM 4552 (0x11C8)
    Async searching of updates using WUAgent started. WUAHandler 8/10/2019 2:32:21 PM 4552 (0x11C8)
    Async searching completed. WUAHandler 8/10/2019 2:32:25 PM 2824 (0x0B08)
    OnSearchComplete – Failed to end search job. Error = 0x80240440. WUAHandler 8/10/2019 2:32:25 PM 4552 (0x11C8)
    Scan failed with error = 0x80240440. WUAHandler 8/10/2019 2:32:25 PM 4552 (0x11C8)

    Restarted the Server and client machines and still same issue. And as soon as I turned off the SSL , all start working again? Is there am misisng?

    Reply
  11. Hi Anoop,
    thanks for the very good help for all of us.
    How is it possible to remove third party products in: Administration – Site Configuration – Sites – Software Update Point Component Properties?
    Thanks for your help

    Reply
  12. Hi Anoop,

    Any idea how can we avoid the third party software updates [mainly the driver updates] to get install during the OSD process?

    The updates are increasing the OSD time huge to complete.

    Thanks you in advance!

    Reply
  13. Hello,
    How to cleanup the third party patches coming from SCUP or from Software Library > Overview > Software Updates > Third Party Software Update Catalogs?
    All these patches remain under Software Library > Overview > Software Updates > All Software Updates …
    Thanks,
    Dom

    Reply
  14. Hello,

    wouldn’t it be possible to just create an automatic deployment rule for all required updates?
    I tryed this as I did for normal windows updates but it won’t download anything (and yes in All Updates it is shown as “required”).

    Would be nice to see a guide for this.

    Thank you in advance.
    Manu

    Reply
  15. Hi Anoop,

    many thanks for the great post! . It would be really good if you can guide , about updating drivers for existing clients with help of this ( such as if any special manufacturer related agent needs to be instlled first) specially Dell and HP

    Thanks

    Reply
    • Hello – Thank you. Can you give some specific examples from Dell or HP so that I can be sure about what you are looking for? If I understand correctly this is something to do with the Dell experience application for touchpad gestures (3 taps).

      Reply
  16. Dear Anoop C Nair,
    I have an issue with 3rd party updates. our environment is running adobe DC 2017 and upgrade was downloaded in SCCM and deployed on some machines as well smoothly but, WSUS server certificate “3rd party WSUS signing certificate” expired and we regenerated a new signing certificate from our CA Server which is working with all the products updates except the adobe reader DC 2020 update. the .cab file which is available on WSUS is showing the old certificate in its properties. I have tried all the possible solutions but clients are still getting that old .cab file. i have removed that file from WSUS also from CM_sources and CM_packages but clients are still getting that old .cab file and giving error “Failed to download updates to the WUAgent datastore. Error = 0x800b0101.” I will be very grateful if you guide me how can I redownload the .cab file with updated certificate so client didn’t receive this error.
    Thanks

    Reply
  17. Hi Anoop,

    Excellent site…really informative and useful. I wondered if you’ve ever come across the following scenario. I’ve followed the steps, published a third party update (doesn’t matter which one, this happens to them all), downloaded the update to a content folder on the network, created a SUG and a deployment package and deployed to a test collection containing 1 machine. Deployment works fine…but the update also installs on all other devices running the application. I haven’t enabled any ADRs. This obviously makes it impossible for me to test any patch before deployment.

    Thanks in advance.

    Reply
  18. Hi, we have a old 2008R2 server with SCCM 2002. I want to put in a new 2019 Server with SCCM 2107 and retire the old SCCM server. We are also using Endpoint and co-managed. What is the best method to get there?
    Regards
    Phil

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.