Disable windows updates (wufb) on selected devices using Intune

Wufb (windows update for business) is feature in Microsoft Intune that allows organizations to manage and control the deployment of Windows updates across their devices. With WUfB, Intune administrators can define update ring policies and settings to ensure that devices within their organization receive the necessary updates in a controlled manner. This helps organizations maintain…
Update scan failed due to Group policy settings were overwritten by a higher authority

Few years ago, I have blogged about the client update scan failure due to GPO’s. https://eskonr.com/2014/10/sccm-configmgr-2012-software-update-scan-error-group-policy-settings-were-overwritten-by-a-higher-authority-error-code-0x87d00692/ Introduction: When the software update point is configured for a site, client computers receive a machine policy that provides the active software update point server name (WSUS) and configures the Specify intranet Microsoft update service location local policy on…
SCCM Software Update installation failed with error code 0x87D00664

I was approached by a customer who had issues deploying the March 2022 windows 10 cumulative updates. The error code and the screenshot is provided below. The software updates are failed with error code 0x87D00664 (-2016410012). The error code 0x87D00664 translates to ‘Updates handler job was cancelled’. There could be several reasons why the updates…
Managing windows updates using Configuration Manager and Group policy

When a Configuration Manager client is installed and configured to use the software updates agent, it will automatically configured with a local Group Policy setting that specifies the Configuration Manager software update point. The Group Policy setting used is the intranet Microsoft update service location, specified as a Windows Update computer administrative template. The following…
SCCM Management Insights and dashboard in Current Branch 1902

Management insights are introduced from SCCM 1802 build to provide information about the current state of your environment. With build 1802 ,there are very limited insights added .These insights are based on analysis of data from the site database.These Insights help you to better understand your environment and take action based on rules that are…
Configmgr troubleshooting clients with update scan issues for office 365 client updates

Introduction: Office 365 ProPlus is one of the subscription service plans in the new Office. It is productivity software (including Word, PowerPoint, Excel, Outlook, OneNote, Publisher, Access, Skype for Business) that is installed on your desktop or laptop computer. Office 365 ProPlus is a user-based service that allows people to access Office experiences on up…
Configmgr SQL query to get the list of clients that require a specific software update patch

This is quick blog post about getting the list of clients that require a specific software update contained (it can be based on title,article ID(KB),bulletin ID). You can get the client list using the default software update compliance reports but it doesn't give you the inventory information about client ,like ip address,hardware scan,software update scan…
SCCM Configmgr SUP sync error The underlying connection was closed  Could not establish trust relationship for the SSL/TLS secure channel

  I was contacted by colleague that Configmgr is not showing the updates that were published day ago by SCUP . So i started checking the SCUP configuration (proxy) and the updates status if they are published or not using the date published and also verified SCUP logs. From SCUP perspective,all looks good. Next to…