SCCM 2012 SP1 on Server 2012


  • We are running SCCM 2012 SP1 on Windows Server 2012. We are looking to in-cooperate WSUS into the mix. I tried the WSUS role on the 2012 server and apparently that is the wrong version that works with SCCM 2012. So, I created a Windows server 2008 R2 running WSUS 3.0 SP2 with KB2720211 & KB2734608. Then I added the role of software update point to the SCCM server as my 2008 R2 server. I verified the ports are 80 and 443 on the SCCM server and in IIS on my WSUS server, yet I cannot get it to sync to microsoft's update site. Any suggestions? Is this the preferred method to add WSUS to SCCM 2012 SP1? Please help.

    Friday, July 26, 2013 4:34 PM

All replies

  • 2012 should work as well. I did read yesterday that it's necessary to run through the WSUS wizard on server 2012 where in previous versions it was suggested not to. Personally I don't ever use the default ports. Could it be that you used custom ports and opened the default? I always run WSUS directly on my primary site server.

    John Marcum |

    Friday, July 26, 2013 5:53 PM
  • There are two wizards now, one to complete the role installation and one to configure WSUS. The second wizard is the same as it was in 2008 R2 and is the one that needs to be skipped. The first wizard is a result of the server manager re-design in 2012 and needs to be initiated to complete the install of WSUS.

    Jason |

    Friday, July 26, 2013 8:14 PM
  • The WSUS role is installed on the primary site  server and I did not run the setup wizard. I did run the first wizard that is the finalization of the WSUS role installation. I do see updates in the WSUS interface, but SCCM will not sync with it. I keep getting a WSUS Sync failed. Message ID 6703. The SUP is set to 8530 and 8531 as I was understanding that these are the default ports of the WSUS role on Server 2012. Should I use something else? Do I run the setup wizard? Please let me know. 
    Tuesday, July 30, 2013 10:03 AM
  • Examine wsusctrl.log, wsyncmgr.log and wcm.log.

    Torsten Meringer |

    Tuesday, July 30, 2013 10:29 AM
  • The only failure I get is. "Sync failed: UssCommunicationError: WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time". This is in the wsyncmgr.log. WCM.log shows successfully connected to server: <our sccm server>. The WSUSCtrl.log shows all successful connections. Ideas?
    Tuesday, July 30, 2013 12:15 PM
  • check the network settings on the server (e.g. the gateway,...)
    Tuesday, July 30, 2013 12:37 PM
  • The network settings on the server look perfect. (e.g. gateway, dns, IP, ...) If these were wrong SCCM wouldn't be working right. They are as I can deploy packages and run inventories and such. Just need to get the WSUS portion working. Anything else I should check?
    Tuesday, July 30, 2013 2:11 PM
  • Have you tried opening the WSUS console?

    Jason |

    Tuesday, July 30, 2013 2:15 PM
  • Yes. It opens and I see that it is downloading updates from Microsoft. I just don't see these updates listed in the "all software updates" section of SCCM.
    Tuesday, July 30, 2013 2:23 PM
  • So, taking a step back, is this a local install of WSUS on the ConfigMgr site server?

    Jason |

    Tuesday, July 30, 2013 2:27 PM
  • Yes. I tried both scenarios. Sorry, I started this post with WSUS as a separate server (Windows Server 2008 R2 w/ WSUS 3.0 SP2), but after other replies I was told this can be done on the primary site even though it is Windows Server 2012. So, I installed the role and did the first wizard to finish the install, but not the setup wizard (final) to configure WSUS. It appears that WSUS is pulling updates from Microsoft on the primary site but SCCM is not seeing the updates. Should I go back to he separate server (2008) or continue with all of it on primary site server for SCCM (Windows 2012)?
    Tuesday, July 30, 2013 2:40 PM
  • WSUS on server 2012 does work; just examine the logs I already mentioned.

    Torsten Meringer |

    Tuesday, July 30, 2013 2:46 PM
  • I think I have it working, but I still cannot see the updates in the Software Library - All software Updates. The problem was the proxy config. I have that all sorted out now, but how can I tell the updates are getting into SCCM? I see nothing but success in the 3 log files. I want to see a newer update than 5/28/2013. I am sure they exist. Do I have to approve them in WSUS or is all control done is SCCM? I thought it was all SCCM. Thank you for your patience and help. 
    Tuesday, July 30, 2013 4:16 PM
  • No, never approve or perform any admins activity directly in WSUS.

    You need to initiate a sync from ConfigMgr and then monitor the wsyncmgr.log on the server -- the initial catalog sync to ConfigMgr will take a while.

    Jason |

    Tuesday, July 30, 2013 4:34 PM
  • Ops, I should have mentioned the proxy (settings, WinHttp,..) as well because it was clear from the log there is a connection issue.
    Tuesday, July 30, 2013 6:40 PM