Michael Ballack
Member
- Messages
- 5
- Reaction score
- 0
- Points
- 1
This is using a single primary MS SCCM 2012 R2 site server. There are around 150 windows clients, be them win7, win8, win8.1, w2k3 r2, w2k8 r2, or w2k12 r2. Software updates have been rollout to most (if not all) of the clients. The setup and configuration is followed the steps and instructions from SCCM guru - Mr. Prajwal Desai.
Few important selections as follows:
- MS WSUS is setup on the same site server, configured to sync with MS Updates
- Software Updates classification chosen - Definition updates, Critical updates, and Security updates
- Product chosen - Office 2002/2003/2007/2010; Win7/8/8.1/2003/2008/2008 r2/2012/2012 r2
After that, Windows update group for each win7 64-bit, win8 64-bit, win8.1 64-bit, win2k8 r2 64-bit, & win2k12 r2, were created. These followed by the package deployment for each group and collection. However, each package only include windows patches in 64-bit that "explicitly" selected. no Office patches are chosen. The up-to-date patches are only up to MS15-093, backdated to August, this year. All these package deployments already scheduled to run and completed quite some time from now.
Now, my boss ask for the record - a report to show the software update compliance for individual computers. I go to the reporting > reports, and tried the software updates - Compliance A Overall compliance; I was checking win7, and the results being 88 compliance, 19 non-compliance, and 5 unknown. I click the 88 compliance, and I was linked to the Report: Compliance A - Compliance for specific computer (for the whole list of computers that complied); simply click any of the computer name, to my surprise, I saw quite a number of patches shown * required instead of * installed (screenshot as attached).
I just want a compliance report to compare up to MS15-093, and without office. I heard that I may have to create base configuration in Asset and Compliance workspace > compliance setting; Is that true? if so, what would be the step? Or if need to create a custom report against the selective windows update group, if so, how to create?
Appreciate your help.
Few important selections as follows:
- MS WSUS is setup on the same site server, configured to sync with MS Updates
- Software Updates classification chosen - Definition updates, Critical updates, and Security updates
- Product chosen - Office 2002/2003/2007/2010; Win7/8/8.1/2003/2008/2008 r2/2012/2012 r2
After that, Windows update group for each win7 64-bit, win8 64-bit, win8.1 64-bit, win2k8 r2 64-bit, & win2k12 r2, were created. These followed by the package deployment for each group and collection. However, each package only include windows patches in 64-bit that "explicitly" selected. no Office patches are chosen. The up-to-date patches are only up to MS15-093, backdated to August, this year. All these package deployments already scheduled to run and completed quite some time from now.
Now, my boss ask for the record - a report to show the software update compliance for individual computers. I go to the reporting > reports, and tried the software updates - Compliance A Overall compliance; I was checking win7, and the results being 88 compliance, 19 non-compliance, and 5 unknown. I click the 88 compliance, and I was linked to the Report: Compliance A - Compliance for specific computer (for the whole list of computers that complied); simply click any of the computer name, to my surprise, I saw quite a number of patches shown * required instead of * installed (screenshot as attached).
I just want a compliance report to compare up to MS15-093, and without office. I heard that I may have to create base configuration in Asset and Compliance workspace > compliance setting; Is that true? if so, what would be the step? Or if need to create a custom report against the selective windows update group, if so, how to create?
Appreciate your help.
