I'm a little confused by this. I have an IBCM MP/DP right now and IBCM clients are working properly.
I want my clients while on the internet to go to Microsoft Update (not my internet facing MP/DP/SUP). Are you saying the default behavior is for my internet clients to go to Microsoft Update to get updates, not my IBCM SUP? Is this correct? How does it know to go to Microsoft Update and not my IBCM SUP? Finally, my requirements would be an internet facing MP/DP/SUP and clients would still go to Microsoft Update? Thanks, Brian From: [email protected] To: [email protected] Subject: RE: [mssms] IBCM clients go to Microsoft Update for patches Date: Tue, 15 Apr 2014 19:54:44 +0000 Yes, MPs are mandatory. All ConfigMgr clients must be able to communicate with an MP to retrieve policy and submit inventory, state messages, status messages, etc.. For Internet based clients, this must be an Internet-facing MP. And yes, for software updates, a SUP with an underlying WSUS is also mandatory. All ConfigMgr clients that you wish to update using Software Updates must be able to communicate with the WSUS instance to download the update catalog for your organization and EULAs. For Internet based clients, this must be an Internet facing SUP & WSUS instance. These don’t have to be on the same system but certainly can be and usually are in many organizations. J From: [email protected] [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Tuesday, April 15, 2014 2:42 PM To: [email protected] Subject: RE: [mssms] IBCM clients go to Microsoft Update for patches For clarification, I need to have WSUS installed/configured on the internet facing MP? What is this mandatory? Brian From: [email protected] To: [email protected] Subject: RE: [mssms] IBCM clients go to Microsoft Update for patches Date: Tue, 15 Apr 2014 19:36:52 +0000 This is default behavior in 2012. They still need access to the Internet facing MP and WSUS instance, but actual binaries for the updates will come from Microsoft. J From: [email protected] [mailto:[email protected]] On Behalf Of Brian McDonald Sent: Tuesday, April 15, 2014 2:21 PM To: [email protected] Subject: [mssms] IBCM clients go to Microsoft Update for patches Hey everyone, Is it possible to configure IBCM clients to go to the Internet for security updates when not on the intranet? Is there a GPO that needs to be configured to enable this to switch back/forth (e.g. on the intranet go to local SUP, on internet go to Microsoft Update)? Thanks, Brian
