Patch for SCCM, powered by Shavlik

Manually Publishing Third-Party Updates

Show Me!

A video tutorial is available on this topic. To access the video, click the following link:

Watch a related video (10:09)

Overview Information

You can manually publish one or more third-party updates. The updates can be published immediately or be scheduled for publication at some point in the future. The Microsoft Task Scheduler is used to schedule the publication. The publication always runs as a separate task, but can be monitored while it is running.

Manual Publication Process

1.Within the Configuration Manager Software Library workspace, expand the Software Updates folder and click on Ivanti Patch.

2.Enable the Selected check box for each update that you want to publish.

The Selected check box will be disabled if the latest revision of the update has already been published or has recently been scheduled for publication.

To locate the desired updates you can:

Use a filter

Use the Group by vendor check box

Sort the columns by clicking in the column headers

3.Click Publish.

The Publish selected updates dialog is displayed.

4.Specify when and how you want to publish the update(s).

Now: The publishing process will begin as soon as you click OK.

Once: Schedule the publication process to occur at some time in the future.

Run the publication task offline: If enabled, the publication task will be run in offline mode. This means the console will not attempt to download the selected update files. In order for the publication to be successful, the update(s) must already reside in the Local Source folder.

This check box is automatically enabled if Run disconnected is enabled on the Offline Options tab.

Publish metadata only: If enabled, this will publish detection logic for the update but not the actual software update binaries. You might do this if you want to detect if an update is needed by your clients but ensure that the update cannot be installed. This is useful only in very specific scenarios and server configurations.

If you edit an update that is published as metadata-only, the original update will be deleted and the edited update republished as metadata-only. This means the revision number for these updates will always be 1. An update that is published as metadata-only cannot be re-signed because there is no content to sign. An attempt to re-sign it will result in a warning message in the log file.

Accept all metadata updates in the catalog: If you want to automatically update WSUS with any metadata revisions that are available for updates that have been previously published, enable this check box.

Synchronize after publishing selected updates: If you want Configuration Manager to automatically synchronize itself with the WSUS database as part of this task, enable this check box. This will cause an incremental synchronization to be performed. If you do not enable this check box, the published update(s) will not be available for deployment until your regularly scheduled synchronization process occurs. Synchronization can also be started by selecting the Home tab and then clicking Synchronize Software Updates.

Logged on user: If enabled, specifies that you will use the credentials of the currently logged on user to add the publishing task to Microsoft Scheduler. The User box is automatically populated so you only need to type the account password.

Different user: If enabled, specifies that you want to use a different user account when adding the publishing task to Microsoft Scheduler. For example, you might specify a service account whose password does not expire.

The account must:

Have Log on as a batch job rights

Be a member of the WSUS Administrators group on the WSUS server

Be a member of the local administrators group on the WSUS Server if the WSUS Server is remote

When specifying a different user, you must indicate if credentials are required to authenticate to a proxy server.

Proxy authentication is required – use these credentials: If enabled, indicates that proxy server credentials are required when using the user account. If you then choose Same as above, the user account credentials will be used as the proxy credentials. If you choose Credentials below, you can provide a separate set of proxy credentials.

User name: Type the user name for an account on the proxy server. It may be necessary to specify a domain as part of your user name (for example: mydomain\my.name).

Password: Type the password for the proxy server account.

Verify password: Retype the same password.

5.Click OK.

A status message will indicate if the publication task was successfully scheduled.

6.During the publication process the Published column status will show Scheduled.

You may need to click the refresh button () to update the data in the grid.

7.(Optional) Use the Configuration Manager Trace Log Tool to open the AutoPublish.log file and monitor the publication process.

AutoPublish.log is written by all one-time or recurring scheduled jobs that publish to WSUS.

Here is an example of the AutoPublish.log file:

8.When the update is successfully published the Published column status will change to Yes the next time the grid is refreshed.

Note that the check box in the Selected column will be disabled if the latest revision of an update has been published.

You can sort the Published column to see the list of updates that have been published, or you can use the *Published filter.

 

 


Was this article useful?    

The topic was:

Inaccurate

Incomplete

Not what I expected

Other