Troubleshooting SCCM 2012 Software Updates download

Sometime SCCM returns error message when you try to download an update:

The first thing in the troubleshooting process is finding a log file named PatchDownloader.log. The log file location is not obvious, because it not stored in the standard Program Files\Configuration Manager\Log folder with all other SCCM logs.

Instead, the PatchDownloader.log is created on your local computer from witch you open the System Center 2012 Configuration Manager console. And the file location is %temp% folder.

%temp% folder itself is located within your user profile: C:\Users\<user_name>\AppData\Local\Temp.

If you open the System Center 2012 Configuration Manager console in a Remote Desktop session from a site server, then %temp% location will be a bit different: C:\Users\<user_name>\AppData\Local\Temp\2.

Once you find the PatchDownloader.log file, open it with the CMTrace tool and review it.

The most likely reason that one or more updates are blocked by your security scanner, for example Websense.

Solution is to download the required updates manually (see the PatchDownloader.log file for URL links to the updates) and then import them into SCCM from a local disk instead of from Microsoft Updates site.

Domain controller post-promotion tasks: time synchronization

After you finish installing a first domain controller in a new forest, couple of important settings must be configured:
  • Time synchronization
  • Windows Activation service location
This part will explains how to configure

Time synchronization

PDC Emulator must be synchronized with a reliable time source. In large companies it is usually one of the internal routers, that is configured to sync time with external NTP server.

Once you finish installing domain controller, logon to it, open the elevated Command Prompt and enter the following command:

w32tm /config /manualpeerlist:"<FQDN_of_internal_NTP_server> <IP_address_of_internal_NTP_server>" /syncfromflags:manual /reliable:yes /update

Ensure that the command has completed successfully.

Open the Event Viewer console from Administrative tools.
Select Windows Log > System node.

Ensure that events 35 and 37 from the Time-Service source are logged.

Open event 37 and read the message details: "The time provider NtpClient is currently receiving valid time data from <Your_NTP_server>" on port UDP:123.
The message indicates that valid time source server was successfully contacted and communication has successfully crossed all firewalls.

Open event 35 and read the message details: "The time service is now synchronizing the system time with the time source  <Your_NTP_server>" on port UDP:123.
The event indicates that domain controller (PDC Emulator) is able to receive regular time updates from the time server.