Accedi
 
HomeLibraryRisorseFormazioneDownloadSupportoCommunityForumBlog
Risorse per professionisti IT >
FCS definition update report is showing false information

Bloccato FCS definition update report is showing false information

  • lunedì 6 settembre 2010 12:16
     
     
    Registrati per votare
    0

    Hello!

    I have one strange problem. 

    I have FCS infrastructure with seperate SCCM server (+WSUS) which is deploying definition updates on a daily basis. 

    Definition update status on FCS report is showing that from 2500 systems about 2000 systems have old definition updates.

    Although WSUS reports show that definition updates have been deployed successfully to 2300 systems.

    Any ideas, where to look?

       

    Tutte le risposte

    • martedì 7 settembre 2010 09:06
      Moderatore
       
       
      Registrati per votare
      0

      Hi,

      Thanks for the post.

      WSUS allows administrators to manage approval settings for deployment of updates to client computers. You should consider the default Client Security configuration of setting definition updates as automatically approved. Although it is recommended that you allow the definition updates to remain automatically approved to distribute definition updates as quickly as possible, there may be reasons to not configure automatic approval:

      • Testing of definition updates
      • Staged roll out of definition updates to reduce network traffic

      To make certain that your WSUS server synchronizes the Client Security client components and they can be downloaded and installed by your managed computers after you deploy your Client Security policy, you must add Updates to the Update classifications list in Synchronization Options in WSUS. For more information, see Approving the client components in WSUS (http://go.microsoft.com/fwlink/?LinkId=88895)

      Thanks,

      Miles

      Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
      • Contrassegnato come risposta Miles ZhangModerator lunedì 13 settembre 2010 01:29
      • Contrassegno come risposta annullato Marmeks mercoledì 13 ottobre 2010 08:21
      •  
         
      • mercoledì 13 ottobre 2010 08:21
         
         
        Registrati per votare
        0

        Yes, WSUS settings are correct.

        I'll try to describe our problem more in a more detailed manner.

         

        WSUS reports show, that computers have the most current definition updates, but FCS reports this with delays.

        When I look at the Deployment reports in FCS, definition version deployment list shows that majority of computers have updates from yesterday (6am), atlhough WSUS shows that definition updates are current.

        Since from yesterday's 6am there have been 3 additional definition updates, pie charts show, that majority of computers have updates "older" marked in red color.

        How could I change settings so that these reports would show the most current information?

           
        • mercoledì 13 ottobre 2010 09:36
           
           
          Registrati per votare
          0

          Hello Marmeks,

           

          There are a lot of reasons that can make FCS to display different information then WSUS,

          As you know, FCS is based on MOM server for reporting etc’

          Please follow these next steps:

          Make sure all the correct services are running and are automatic on each client computers. (Netlogon, Remote registry, Bits)

          Make sure the MOM agent is installed and reports correctly on all clients.

           

          Please, keep us update with the solution!


          Thanks,

          Ohad Plotnik - Plotniko System & Network Security Architect Security User Group Leader @Microsoft Security Leader@Hi-Tech College My Blog: Http://blogs.microsoft.co.il/blogs/Plotniko Come Visit Us @ http://www.ForefrontSecurity.ORG
             
          • mercoledì 13 ottobre 2010 12:56
             
             
            Registrati per votare
            0

            Hello, thank you for response!

            Just checked - Netlogon, Remote registry and BITS services are running almost on every client computer.

            MOM agents are installed and running - they are reporting about computers, detected malwares etc.

            Could this issue be related to SQL job schedule? I believe that the execution of the jobs are left as default.

               
            • mercoledì 13 ottobre 2010 13:14
               
               
              Registrati per votare
              0

              Your welcome :) happy to help in any opportunity...

              Look, the SQL job schedule defaults are:

              http://technet.microsoft.com/en-us/library/cc179682.aspx

              Anyway,from my experience  I don't think it's related to your problem...

              You said it's a two server topology right?

              I would try reinstalling the Wsus - FCS component on the Wsus server, under Appwiz.cpl, you will see the component, try uninstall and reinstall it again,

              Please update.

              Thanks, 

              Ohad Plotnik - Plotniko System & Network Security Architect Security User Group Leader @Microsoft Security Leader@Hi-Tech College My Blog: Http://blogs.microsoft.co.il/blogs/Plotniko Come Visit Us @ http://www.ForefrontSecurity.ORG
              • Proposto come risposta Ohad Plotnik giovedì 21 ottobre 2010 09:29
              • Proposta come risposta annullata Marmeks venerdì 22 ottobre 2010 09:44
              •  
                 
              • venerdì 22 ottobre 2010 09:44
                 
                 
                Registrati per votare
                0

                hello!

                We did the "Distribution" component reinstallation on our SCCM server. Still, FCS shows that majority of computers have "older" definition updates (from yesterday's 6AM.