SCCM report and deployment status showing fake ‘compliant’ status for servers
Question
For some good number of servers mainly 2012 R2and 2016 we are getting fake compliance status.
Sccm showing as compliant but when we manually check the servers we can see that no patches got installed. But if we manually try to install these patches,it will get installed.
I have already tried the following with no success.
1) deleted Registry.pol
2) deleted softwaredistribution folder.
3) Applied latest SSU.
4) verified all required services are up and running from client side.
5) software updates are enabled from client settings.
Please help me on this
Answers ( 6 )
Please check if the below mentioned patches are installed on any one 2012 serever. If not then install them on any one 2012 sever first reboot the server then deploy other patches on that server.
These are the mandatory patches for 2012 R2 server, without these patches other patches will not install on server but in SCCM you will find server as compliant.
https://www.microsoft.com/en-us/download/details.aspx?id=42334
this patch is already installed
There are around 8 patches mentioned in the link I have shared. If all of them are installed as per order mentioned in the link and still you are not able to install the other patches on 2012R2 server than there could be something else which is causing this issue.
Hi,
– let me know which month patch are you trying with compliance report
– The SCCM Client is active and is healthy?
– what is status of WUA handler log
– In Report, it is reflecting as compliance means installed or not required state?
-I am trying previous month patches on our production servers.
-sccm clients are healthy even I tried repairing one.
-wuahandler looks clean showing successfully completed scan
– states 3 report showing kbs as update not required but manual installation is happening for the same Kbs
That is strange. It is difficult to provide the support using Forums. I would request to contact the MS customer support.