MS SCCM 2012 Windows patches

anthonxanthonx Member Posts: 109 ■■■□□□□□□□
Hello All,

I'm currently reviewing the patch management process and it seems like a lot of the work involves SCCM. Currently, we identified unpatched servers using the compliance 6 reports. We entered the patch update ID number where the state name: Update is required. The patches were required and approved but not installed. The reason is that the servers identified do not belong to any server patch groups. In other words, to receive the patch updates, the servers should belong to a patch group. My question now is how do we scan the network using SCCM 2012 for any server that doesn't belong to a patch group? Does SCCM have built in functionality to do a scan for servers? Please let me know if you need clarification.

Thanks All!
AnthonX

Comments

  • PCTechLincPCTechLinc Member Posts: 646 ■■■■■■□□□□
    We have a query-based collection for servers, since we have them in different OUs based on their functions:

    System Resource.Operating System Name and Version is like "%Server%"
    or
    System Resource.System OU Name is like "%Server%"

    I've created other query-based collections based on specific version number, such as Windows 10 1607 and 1709.
    Master of Business Administration in Information Technology Management - Western Governors University
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
  • anthonxanthonx Member Posts: 109 ■■■□□□□□□□
    PCTechLinc wrote: »
    We have a query-based collection for servers, since we have them in different OUs based on their functions:

    System Resource.Operating System Name and Version is like "%Server%"
    or
    System Resource.System OU Name is like "%Server%"

    I've created other query-based collections based on specific version number, such as Windows 10 1607 and 1709.

    Hi PCTechLinc,

    Do you mean, you have to create and run a script in SCCM? What about built-in functionalities? Nothing too complex, just wanted to find out what's available in SCCM report or monitoring tools. BTW, any good materials or blogs you can share? Like links to good websites. Thanks for your reply!
    AnthonX
  • PCTechLincPCTechLinc Member Posts: 646 ■■■■■■□□□□
    No, not scripts. In SCCM, when you create a collection, you can either do a Direct Membership where you put an object's name, or you can make a query-based rule. The query-based uses built-in WMI queries.

    I learned this because the person that was assigned to managed our SCCM 2012 infrastructure got a promotion and left our location, and I took a look at the existing collections she created. SCCM is definitely the weakest area of my skills, so it's been a lot of trial-by-error. We've had a ton of deadlines lately, so I haven't had a lot of time to do independent research, so I'm not sure what materials to use.

    My go-to resources are Skillport and Safari Books Online, because I have free subscriptions through my school.
    Master of Business Administration in Information Technology Management - Western Governors University
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
Sign In or Register to comment.