Hi,
I've built up new SCCM infrastructure and cut over the existing clients to the new SCCM. My SCCM environment is currently at build 1802.
I have a mix of Server 2008/R2, 2012 and 2016.
I have configured an IP Range, that has my site system associated with the boundary and has a boundary group assigned. This Boundary group is set to allow it to be used for site assignment. No fallback relationships have been configured.
For all OS versions, SCEP deployments work fine and populate in the ccmcache folder and install like normal. So this leads me to believe that my DP and Boundaries and Boundary Groups are configured correctly.
2008 Servers
These servers seem fine, they seem to install their patches and show up as 'Pending system restart' like normal. These are also in the same IP range as the 2012 and 2016 servers.
2012 Servers
Since I cut over to the new SCCM all but a very small percentage of the 2012 servers have been showing as 'compliant' straight away. It seems they only ever download one patch but never install it (KB890830).
For the servers that do work, they are in the same IP range boundary as the ones that don't work.
I can't find anything suspicious in clientlocation.log, locationservices.log, updatehandler.log.
I just can't seem to work out what the difference is between those that work and those that don't.
2016 Servers
These servers are showing as non-compliant and never seem to want to do anything else.
I recreated the SUG for these from scratch, and it left out the KB890830 patch and deployed it to two servers (both domain controllers). Both servers create three folders in their SCCM cache location. One server has only one folder populated with a KB file and the other server has two folders populated with Kb files. Both servers have one empty folder. Still they insist on sitting at non-compliant.
Any help would be greatly appreciated. None of it makes any sense to me.
I've built up new SCCM infrastructure and cut over the existing clients to the new SCCM. My SCCM environment is currently at build 1802.
I have a mix of Server 2008/R2, 2012 and 2016.
I have configured an IP Range, that has my site system associated with the boundary and has a boundary group assigned. This Boundary group is set to allow it to be used for site assignment. No fallback relationships have been configured.
For all OS versions, SCEP deployments work fine and populate in the ccmcache folder and install like normal. So this leads me to believe that my DP and Boundaries and Boundary Groups are configured correctly.
2008 Servers
These servers seem fine, they seem to install their patches and show up as 'Pending system restart' like normal. These are also in the same IP range as the 2012 and 2016 servers.
2012 Servers
Since I cut over to the new SCCM all but a very small percentage of the 2012 servers have been showing as 'compliant' straight away. It seems they only ever download one patch but never install it (KB890830).
For the servers that do work, they are in the same IP range boundary as the ones that don't work.
I can't find anything suspicious in clientlocation.log, locationservices.log, updatehandler.log.
I just can't seem to work out what the difference is between those that work and those that don't.
2016 Servers
These servers are showing as non-compliant and never seem to want to do anything else.
I recreated the SUG for these from scratch, and it left out the KB890830 patch and deployed it to two servers (both domain controllers). Both servers create three folders in their SCCM cache location. One server has only one folder populated with a KB file and the other server has two folders populated with Kb files. Both servers have one empty folder. Still they insist on sitting at non-compliant.
Any help would be greatly appreciated. None of it makes any sense to me.
