Dec 26 2018 09:12 AM - edited Dec 27 2018 01:57 AM
Hi,
I have 1 site with 3 server 2 2012 r2 with SUP installed working with the same SUSDB and one 2016 with MP and DP. One 2012 is our site system and server and the second one is in our DMZ network for ICBM.
I'm trying to deploy third party updates. When I publish those updates and sync them the source content of the updates changes to our DMZ server location for some reason and when I try to download the updates I get 404 error so I can't deploy them.
I would really appreciate the help because I tried googling and didn't find anything.
Thanks in advance.
Jan 11 2019 10:22 AM
SolutionHello @RahamimL
In general, for 404 first check that you can access the download URL manually with the same network configuration(like proxy)in DMZ.
Based on the details you provided you seem to be using the Shared DB option for WSUS and this has some unique issues. There are 2 things to be aware of when using the shared db option for WSUS with Configuration Manager:
1 – (Possibly the issue you describe) The WSUS content share must be configured with a UNC and accessible for primary SUP server so downloads can happen. The UNC requirement is already mentioned in our docs around “shared db”, and again in this blog post:
2 –The certificate management functions will not work correctly because sync will use a random SUP for cert operations instead of the default SUP. This is a known issue that we are working on.
Workarounds:
For #1 it is a configuration issue.
For #2 use SCUP or other tools to configure WSUS content signing cert and install the same cert on both WSUS at top-level site. Don’t let ConfigMgr manage the cert or don’t use shared db.
I hope this helps
Yvette
Jan 11 2019 10:22 AM
SolutionHello @RahamimL
In general, for 404 first check that you can access the download URL manually with the same network configuration(like proxy)in DMZ.
Based on the details you provided you seem to be using the Shared DB option for WSUS and this has some unique issues. There are 2 things to be aware of when using the shared db option for WSUS with Configuration Manager:
1 – (Possibly the issue you describe) The WSUS content share must be configured with a UNC and accessible for primary SUP server so downloads can happen. The UNC requirement is already mentioned in our docs around “shared db”, and again in this blog post:
2 –The certificate management functions will not work correctly because sync will use a random SUP for cert operations instead of the default SUP. This is a known issue that we are working on.
Workarounds:
For #1 it is a configuration issue.
For #2 use SCUP or other tools to configure WSUS content signing cert and install the same cert on both WSUS at top-level site. Don’t let ConfigMgr manage the cert or don’t use shared db.
I hope this helps
Yvette