When building software update packages in SCCM we run into having to build a deployment package to see what size the updates are. The issue we are having is managing the size of these packages which are frequently getting into the multiple GB range. One we ran recently hit almost 6 GB.

This information is on the Windows Update Catalog site, but it doesn't appear to be in SCCM or WSUS. I'm guessing that it isn't in the data that is available to WSUS and as a result SCCM doesn't get it either. It would be very useful if we could see the update size in the All Updates view, in Update Groups and in the Update Packages views as well.

Sometimes (one time per week) we have a failed automatic deployment rule (ADR).

Error Code:
SMSRULEENGINE
Message ID: 8706
Decription:
Content download failed.
Message: Failed to download one or more content files.
Source: SMS Rule Engine.

Most of the time it is the one of the Windows Defender Definition updates. If I Re-run (Run Now) the ADR it works perfectly. Maybe there is not enough time between sync sup and run ADR. I don't know. After I click "Run Now" it's always success.

It would be great if you can add an option "Re-run failed ADR, after X minutes, try it X times" something like that.

On our Primary site server, under Admin > Site System properties, we have set the proxy settings with username and password.

In our company, Domain Admins are blocked at the proxy server from accessing the internet. My colleague, who is an SCCM admin, but not a Domain Admin, can download Software Updates and add them to a Deployment Package. I am a Domain Admin, and when I try this, it fails with: "Error: Failed to download content ID 16902216. Error %1 is not a valid Win32 application."

So, that proxy setting is used by some functions of ConfigMgr, but not all.

According to Scott Breen [MSFT]:

Configuration Manager needs to connect to the Internet to download the source files for Software Updates. This process is initiated via:
- The Configuration Manager server during the execution of an Automated Deployment Rules (ADR);
- The Configuration Manager console (in the user context on the computer where the console is running) during creation of a Software Update package.

The download process requires the computer or user account where the download originates to have access direct to the internet or through a proxy server.

The proxy server configured within Configuration Manager settings is for the server initiated downloads only - NOT the console initiated downloads.

What I would like is for the admin console to have a proxy settings section, so that for software downloads, it can used a specific user account to do the downloads. In my case, using Internet Options proxy settings is not feasible, as that account doesn't have rights to logon to the server.

Desired behaviour: Either use the proxy settings set in the Site Server properties to do the downloads, OR, allow us to specify the settings in the console (including specifying user/password there).

M365 Apps Update fails to download by DownloadError = 30101 when unable to download from peer cache source.
The expected behavior is fallback to DP and continue to download even if fails to download from peercache, however an error occurs before fallback and client cannot continue to download from DP.

The Peer Cache cannot be used effectively, so we request improvement.

Enviroment

ConfigMgr version 2006 , 2010 and 2103
Microsoft 365 Apps Update in March, April and May.

Repro Step

1. Peer cache client's AlternateHandler begin to download.

BeginDownload: contentID =750d04a4-8178-4cb6-9c72-f8bf2a096a7a and contentVersion=1 AlternateHandler

1. Data Transfer Service download error from peer and switched to location next peer.
2. Data Transfer Service download error from 2nd peer.

(Now it is expected download from next peer or DP, but actually...)

1. AlternateHandler.log is DownloadError = 30101.
2. UpdateHandler.log is Error = 0x80077595.

• AlternateHandler.log
  DownloadStatus = eDOWNLOAD_FAILED
  DownloadError = 30101

• UpdateHandler.log
  CAS failed to download update (750d04a4-8178-4cb6-9c72-f8bf2a096a7a). Error = 0x80077595. Releasing content request

It would be great to have a menu item to view the specific update reports in the All Software Updates view and within the Software Updates Groups view. Currently we can ascertain the updates' status details, required count, install count etc... from the Software Update list view but this information is not interactive. To actually identify the specific list of systems these updates are needed by or installed on we have to manually run a compliance report for the software update. It would be nice to have that functionality built into the Software Library module where highlighting an update will enable a selection menu to run off reports for that update.

We have an issue with business wanting to know within a 15-30 minute timeframe when the server reboots. With the maintenance windows today we can only open for installation and reboot but do not know when during the maintenance window the reboot will happen. Would it be possible to allow a setting to wait with the reboot to the end of the maintenance window. This way the reboot time would be predictable and installation would happen during the maintenance window. The option could be something like "If reboot is required wait until the end of the maintenance window to reboot" and a single checkbox.

We create "year packages" for several products so older updates are in a "static software upgrade". But we still have to maintain these SUG periodically to remove superseeded updates.
An example:
I'd like to have an ADR which selects all updates from 2015 for all my server OS'es and checks this every month or quarter so expired updates are automatically removed and reinstated updates are added again.

In addition, I want my current ADR to select all updates from 1st of Januar till now. This is not possible at the moment because all moments are relative.

Why(?) this seems strange since the option "add to existing Software update group" the SUG cleans before adding the selected updates. This makes the "adding" variant obsolete, isn't it?

I'd like to have the option, when pushing out software updates to have deadlines for maintenance windows. For example, you set the deadline for automatic install and reboot for sunday at 10pm and set the deadline behaviour to not do anything outside of the maintenance window. This means the patches will only automatically install during the maintenance window and wont interrupt the users during the day. However, I'd like a secondary deadline, so that say on Wednesday night I can set the patches to install outside of the maintenance window from say 6pm onward (i.e the users have had enough time to install the patches out of hours and are now getting them regardless during the business day), as this is how I initially thought the deadline behaviour worked (but obviously doesn't), as at present I have to go into all my deployments after a week and change the behaviour to install patches and reboot outside of maintenance windows (to catch all the people who turn their machines off or take laptops home etc)