question

ScottFairchild avatar image
0 Votes"
ScottFairchild asked Amandayou-MSFT edited

Configuration Manager 3rd Party Update Issue

I have enabled 3rd party updates in Configuration Manager and selected 1 model from each vendor for testing. When I perform a Sync Now the SMS_ISVUPDATES_SYNCAGENT.log shows the following:

SyncUpdateCatalog: 'Dell Latitude XT3 System BIOS,A14,A14' (Update:'06eefdb4-4f3b-4a8e-bbe9-d56641bf0c57') Vendor 'Dell' Product:'Bios' is not in a category configured for synchronization, it will be skipped.

All good so far since I didn't select that model.

When I click on Synchronize Software Updates in the All Software Updates node, I see this entry in the wsyncmgr.log

Synchronizing update 8838f0e8-5787-45a0-b3ab-45c4232b42bd - Dell Latitude XT3 System BIOS,A14,A14

I see tons of BIOS and driver updates for models I did not select being synched. Both Dell and HP updates are doing this and each are synchronizing 3,000+ updates. Interestingly, the Lenovo updates only synched the one model I selected (54 updates).

I need to only sync the models I selected as it adds extra burden on workstations scanning for 6,000 updates that are not applicable.

I have already tried unsubscribing and re-subscribing to the Dell and HP catalogs. Even though I only select one model when I subscribe, it still synchs all models.

I'm running Configuration Manager 2010 with hotfix rollup KB4600089 applied.

Any ideas?

Thanks,
Scott

mem-cm-updates
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ScottFairchild avatar image
0 Votes"
ScottFairchild answered Amandayou-MSFT edited

I wound up fixing the problem myself.

At one point all Dell and HP models were selected to sync. When you modify the 3rd party update subscription, and only select certain models to sync, WSUS does not remove the updates associated with the models you unselected. Once they are in WSUS, they are there for good.

While doing research I found a free utility created by Patch My PC that allows you to delete 3rd party updates from WSUS.

https://patchmypc.com/how-to-remove-third-party-updates-from-wsus-and-sccm

Here's a video explaining how to use the tool.

https://www.youtube.com/watch?v=S3kHKNDShyE

Based on the above, these are the steps I took to resolve my problem.

  1. In CM remove all deployments of 3rd party updates

  2. Unsubscribe from all 3rd party update catalogs

  3. Modify the properties of the SUP and uncheck all 3rd party catalogs on the Products tab

  4. On the SUP, under All Software Updates, run Synchronize Software Updates

  5. Verify all 3rd party updates in CM are expired

  6. Load the Patch My PC tool and delete all declined updates. In my case there were 29,000 declined 3rd party updates. After doing so, I noticed there were still 6,000+ 3rd party updates enabled. These were the ones that kept synching.

  7. Decline ALL 3rd party updates in the Patch My PC tool and then delete them using the tool. This left no 3rd party updates in WSUS

  8. On the SUP, under All Software Updates, run Synchronize Software Updates

  9. Monitor the wsyncmgr.log and wait for the sync to finish

  10. Once I got to this point, I was at a clean state in CM and WSUS related to 3rd party updates

  11. Subscribe to the Dell catalog, select the models you want, and perform a sync

  12. Monitor the SMS_ISVUPDATES_SYNCAGENT.log and wait for the sync to finish

  13. On the SUP, under All Software Updates, run Synchronize Software Updates

  14. Monitor the wsyncmgr.log and wait for the sync to finish

  15. Modify the properties of the SUP and select Dell on the Products tab

  16. On the SUP, under All Software Updates, run Synchronize Software Updates

  17. Monitor the wsyncmgr.log and wait for the sync to finish

  18. Repeat steps 11-17 for HP and Lenovo catalogs

After doing the above, I verified the updates for only the models I selected were enabled in CM. All of the other updates show as expired in the CM console and will be removed automatically during the next CM weekly cleanup process.

My CM console now has 204 Dell, 83 HP and 23 Lenovo updates available for deployment.

Scott

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

Thank you very much for the update and we're glad the problem is solved now. If you have any questions in future, we warmly welcome you to post in Q&A again.

Have a nice day!

Regards,
Amanda

0 Votes 0 ·
Amandayou-MSFT avatar image
0 Votes"
Amandayou-MSFT answered

Hi @ScottFairchild

I need to only sync the models I selected as it adds extra burden on workstations scanning for 6,000 updates that are not applicable.

We could try to unsubscribe the Dell and HP catalogs, only subscribe Lenovo updates, sync the one model of Lenovo, and check if there is the only one model in all software updates tab.

I see tons of BIOS and driver updates for models I did not select being synched. Both Dell and HP updates are doing this and each are synchronizing 3,000+ updates. Interestingly, the Lenovo updates only synched the one model I selected (54 updates).

The number of synchronizations depends on how the update is published, which could be no problem.



If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.