SCCM: Didn’t Deploy Updates


We had an issue where we checked the updates on Wednesday night and they showed 2 compliant and 63 pending. This can be normal as long as there is no errors. The next morning we came in to check on the updates and found the same screen:

We then checked the deployment package and the software update group and it showed they were downloaded and deployed:

But many of the clients only showed Endpoint updates, not Windows Updates installed:

To Resolve:

1. First check that the clients got the updates. You can see this by checking c:\windows\ccmcache and sorting by date modified. This should have the CAB files from the updates.
In our case, they were deployed, so we just needed to recreate the deployment package and have it run again the next night.

2. Another thing you can do is run the following as Admin Powershell:

3. If you see a bunch of Computers in the “Unknown” tab, use the following trick to copy them to a script:

Go to SCCM Console – Monitoring\Overview\Reporting\Reports\Software Updates – C Deployment States
States 4 – Computers in a specific state for a deployment (secondary)

Now just look for those with ‘unknown’.