top of page
amber64353

Unlocking SCCM's Potential: Third-Party Software Updates Made Easy



In any environment, patching third-party applications can be one of the more time consuming or difficult processes.


Some applications automatically update, but on their own schedule, some require a manual attempt to check for updates from a specific menu inside the application, others can require an update file to be pulled down and deployed to update if the application is deployed out via SCCM from an executable.


Thankfully, SCCM/Intune Configuration Manager has a Third-Party Application catalog option installed and enabled by default in the Software Updates section of SCCM you likely already use for general Windows and Microsoft product patching.



(This patching option is an evolution of now deprecated Systems Center Update Publisher stand-alone feature that used to be the easy way to push vendor application patches and updates into SCCM and WSUS)


The Third-Party Software Update Catalogs section allows you to put in software vendor application update catalog URLs to pull in updates for applications (examples include OEM software and driver packages from Dell, HP, Lenovo, End User Applications like Adobe software, Chrome, Etc.) and deploy them via either full deployments, or merged into the Windows Updates channel in the Software Update Point so they appear in the “windows updates” section in Windows with all the normal monthly updates and patches you already push out.


You can also leverage the same Automatic Deployment Rules methodology you may already use for automating the creation and deployment of monthly updates to further streamline the process.


To use Third-Party Software update catalogs, you will need a few prerequisites to be completed before you can start pulling in vendor catalogs and publishing out software updates.

 

  • You must be running an up-to-date version of current-branch Microsoft Configuration Manager. (i.e., version 2303, 2309, or 2403, while older versions may still work, you will need to enable the additional feature for Third-Party update catalogs in versions 21xx or older)

  • If you have not already previously enabled the catalog feature in SCCM, you will need to enable it from the following path:

    • Start at the administration blade in SCCM> Site Configuration>Sites

    • Select the top-level site if you have a multi-site hierarchy

    • In the ribbon menu at the top select the “Configure Site Components” section and then select “Software Update Point”

    • Click the “Third Party Updates” tab and check the box to “Enable third-party software updates” if it is not already selected.

    • You will then need to choose if you will let SCCM manage the certificate, or, if you already have a signing certificate from an internal or external CA you would prefer to use.

    • Click apply, ok, and exit back to the root of the Administration blade.



  • You now need to enable third-party updates in Client settings.

    • From Administration select the “Client Settings” node

    • Edit your existing custom client settings, or make a new one

    • In the settings window that opens find the “Software Updates” tab on the left-hand side (if this does not appear, ensure you checked the “software updates” box when the settings window first opened)

    • Under the “Enable Third-Party software updates” setting, ensure it is set to “Yes”

  • You can now go to the Software library blade and should be able to configure catalogs and updates under the “Third-Party Software update Catalogs” section.



  • Start adding custom catalogs using the “add custom catalog” button on the ribbon



  • On the General page, specify the following items:

    • Download URL: A valid HTTPS address of the custom catalog.

    • Publisher: The name of the organization that publishes the catalog.

    • Name: The name of the catalog to display in the Configuration Manager Console.

    • Description: A description of the catalog.

    • Support URL (optional): A valid HTTPS address of a website to get help with the catalog.

    • Support Contact (optional): Contact information to get help with the catalog.

  • Once created, you will need to “Subscribe” to the catalog you just made



  • Follow the wizard to categories of updates (if offered by the catalog URL)

  • Set your schedule for synchronization and finish out the wizard to allow the catalog to begin downloading and synchronizing with the SUP database.

  • You should now be able to find the updates in the “All Updates” node of the Software Updates section with all the other normal Microsoft updates and patches. (just like normal updates, you will need to publish them manually to update deployments or using an automatic deployment rule like all other updates)

 

 

Source links, further resources links, and more in-depth walkthrough links

59 views0 comments

Comentarios


New Genesis Solutions

Copyright  2018 New Genesis Solutions.

All Rights Reserved.

Privacy Policy

Terms of Conditions

  • LinkedIn
bottom of page