Support Forum: Get Support for Patch My PC Products and Services

Microsoft Configuration Manager and Intune (Enterprises/Paid) => Support and General Questions (Enterprises Using ConfigMgr and Intune) => Topic started by: Uenal on February 21, 2020, 01:01:32 PM

Title: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Uenal on February 21, 2020, 01:01:32 PM
Hi @all,

we have a seperate WSUS Server installed on Network an out PatchmyPC on that..
after that i do add an additional WSUS Server as Downstream Server in same LAN.

Wen we Select an Update in PatchmyPC an Approve metadata only it appears on WSUS Server where PatchmyPC installed on..
but it doesn't replicate to Downstream Server..

Can anyone give us some help?

greetings

Uenal
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Justin Chalfant on February 21, 2020, 02:01:10 PM
Is this a standalone WSUS environment?

Hi @all,

we have a seperate WSUS Server installed on Network an out PatchmyPC on that..
after that i do add an additional WSUS Server as Downstream Server in same LAN.

Wen we Select an Update in PatchmyPC an Approve metadata only it appears on WSUS Server where PatchmyPC installed on..
but it doesn't replicate to Downstream Server..

Can anyone give us some help?

greetings

Uenal
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Uenal on February 21, 2020, 03:14:59 PM
yes it's an Standalone WSUS Environment...
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Justin Chalfant on February 21, 2020, 03:15:59 PM
Is the child WSUS servers using a WID or full SQL DB?

yes it's an Standalone WSUS Environment...
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Uenal on February 21, 2020, 07:06:01 PM
Both WSUS Servers (Upstream & Downstream) uses their own internal WID Databases...
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: David Courtel - Admin on February 21, 2020, 11:56:15 PM
Hi Uenal, does the downstream server trust the certificate used by the upstream server to sign the packages published by PMP?
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Uenal on February 22, 2020, 03:38:14 AM
yes David, i have imported the SiningCertificate that Issued from our Internal PKI on the Downstream Server in LocalMachine\TrustedPublishers..
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: David Courtel - Admin on February 22, 2020, 09:53:49 AM
Is the downstream server a replica of the upstream server?
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Uenal on February 22, 2020, 10:44:00 AM
Is the downstream server a replica of the upstream server?
yes it's configured as DownstreamServer in Replica Mode for UpstreamServer where PMP is up and running..
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Uenal on February 24, 2020, 03:39:15 AM
Hi Guys,

is it generally supported Environment for PatchmyPC to use Standalone WSUS Server with one or more Downstream Servers (in Replica Mode).

The WSUS Server and Downstream Servers has no SCCM Integration and all Servers has their own WID Databases..

We are currently in fulltrial mode and are about to buy.
But we would make sure that it is a supported environment...

greetings

Uenal

 
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Justin Chalfant on February 24, 2020, 09:48:15 AM
Would you be able to install the publishing service on the downstream server and launch the modify published updates wizard, and let us know if there are third-party updates listed?
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Uenal on February 24, 2020, 01:36:28 PM
Would you be able to install the publishing service on the downstream server and launch the modify published updates wizard, and let us know if there are third-party updates listed?

Hi Justin, yes we are be able to Install the publishing service on DownstreamServer..

After we installed the PublishingService on DownstreamServer and configure it up with Licence and Certificate.. as we do it on UpstremServer..
and launch "modify updates wizard" the Third-Party Updates listed that we Published on UpstreamServer.. but not listed in the WSUS Console..

if we select one or all listed Updates and press "Show in WSUS" button.. the updates are visible in the WSUS Console on DownstreamServer..

is this way correctly to do..??

greetings

Uenal
Title: Re: ThirdParty Updates from PatchmyPC doesn't appear on WSUS Downstream Server
Post by: Justin Chalfant on February 24, 2020, 05:43:20 PM
The issue is actually related to the way WSUS sync the downstream server. The way our publishing service works in standalone mode, we will configure an update after it's publishing to have a value in the database to IsLocallyPublished = 0. This essentially makes the update appear as a non-third-party update meaning it will show in the WSUS console. The issue is during the sync process to the downstream server, it appears this value does not get replicated therefore, the update is not visible on the downstream server.

Do you actually approve the updates on the downstream server differently than the top-level WSUS server?

Would you be able to install the publishing service on the downstream server and launch the modify published updates wizard, and let us know if there are third-party updates listed?

Hi Justin, yes we are be able to Install the publishing service on DownstreamServer..

After we installed the PublishingService on DownstreamServer and configure it up with Licence and Certificate.. as we do it on UpstremServer..
and launch "modify updates wizard" the Third-Party Updates listed that we Published on UpstreamServer.. but not listed in the WSUS Console..

if we select one or all listed Updates and press "Show in WSUS" button.. the updates are visible in the WSUS Console on DownstreamServer..

is this way correctly to do..??

greetings

Uenal