This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I have SCCM CU 2006. I just enabled Third Party Updates under SUP tab and chose "Configuration Manger manages the certificate." I configured client settings to allow third party updates. I am able to sync up drivers with WSUS and I get a list off all Dell drivers. However, when I choose and updates and click on "Publish Third-Party Software Update Content" I get the following in my logs:
I am not using certs in my SCCM environment and have allowed SCCM to manage certs. Any recommendations would be greatly appreciate it.
Thanks.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 65%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
you can get third party password from security option on mail .
I ended up calling Microsoft Premier support. I spoke with a support engineer and spent about five hours trying to figure out he problem. I asked my TAM to escalate the case. I second guys that helped me was a Senior WSUS Support Engineer. He spent the first hour undoing everything that the first guys did. Then, in about 10 minutes he figure out the problem. My D:\WSUS folder was missing some folders and permissions that did not get created when I installed WSUS. He explained to me that those folders and permissions have to exist when you have a remote WSUS server. Once he fixed that, it started working right away.
Hi,
Thank you very much for your feedback and sharing. We're glad that the question is solved now. It may help others who have similar issue. If you have any questions in future, we warmly welcome you to post in Microsoft Q&A forum again.
Have a nice day!
Best Regards,
Simon
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 69%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)
Could you possibly share what folders and permissions were the problem?
Hi,
Thanks for posting in Microsoft MECM Q&A forum.
1.When you use Configuration Manager manages the certificate option, a new certificate of type Third-party WSUS Signing is created in the Certificates node under Security in the Administration workspace. Please help check whether the certificate status is BLOCKED or UNBLOCKED status from SCCM console (\Administration\Overview \Security\Certificates). If the certificate is blocked, then there is a chance of failure in the publishing process.
2.Please help check the SMS_ISVUPDATES_SYNCAGENT.log and wsyncmgr.log to see if there is any further information about the issue.
3.Maybe it's a known issue listed by the official document:
Configuration Manager has a new version for the catalog cab file format. The new version includes the certificates for the vendor's binary files. These certificates are added to the Certificates node under Security in the Administration workspace once you approve and trust the catalog.
You can still use the older catalog cab file version as long as the download URL is https and the updates are signed. The content will fail to publish because the certificates for the binaries aren't in the cab file and already approved. You can work around this issue by finding the certificate in the Certificates node, unblocking it, then publish the update again. If you're publishing multiple updates signed with different certificates, you'll need to unblock each certificate that is used.
For more information, please refer to:
SCCM third-party updates known issues
SCCM Third-Party Software Updates Setup Step by Step Guide Post 1
SCCM Enable third-party updates
Thanks for your time.
Best regards,
Simon
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you very much for a such detailed answer. I am using SCCM CU 2006 and I see the new Dell driver certs being published and unblocked. Also the cert form my WSUS server is unblocked. Looking at sms_isvupdates_syncagent.log I observed some interesting entries:
STATMSG: (SRVMSG_SMS_ISVUPDATES_SYNCAGENT_CATALOG_SYNCED). SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:33:56 PM 11160 (0x2B98)
SyncUpdateCatalog: 3966 updates were synchronized to WSUS successfully, and 0 failed to publish. SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:33:56 PM 11160 (0x2B98)
Launcher : Work item SyncUpdateCatalog has completed queued time was 00:00:00.0625043 run time was 00:34:24.3789542 SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:33:56 PM 11160 (0x2B98)
Launcher : About to start work item: SyncUpdateCatalog. SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:33:56 PM 11160 (0x2B98)
SyncUpdate: dd20759b-6979-483d-9dc3-0c030daf06b2 - No WSUS signing certificate appears to be configured, unable to add content to WSUS. SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:56:40 PM 11064 (0x2B38)
STATMSG: (SRVMSG_SMS_ISVUPDATES_SYNCAGENT_UPDATECONTENT_NO_SIGNING_CERT). SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:56:40 PM 11064 (0x2B38)
STATMSG: (SRVMSG_SMS_ISVUPDATES_SYNCAGENT_UPDATECONTENT_FAIL). SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:56:40 PM 11064 (0x2B38)
Launcher : Work item SyncUpdate has completed queued time was 00:00:00.1093865 run time was 00:00:00.3125335 SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:56:40 PM 11064 (0x2B38)
SyncUpdate: dd20759b-6979-483d-9dc3-0c030daf06b2 - Completed. SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:56:40 PM 11064 (0x2B38)
PollingWorkMonitor: There are 1 jobs that are pending in the jobs table. SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:57:40 PM 2816 (0x0B00)
PollingWorkMonitor: Starting job 72057594037928899 for subject dd20759b-6979-483d-9dc3-0c030daf06b2. SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:57:40 PM 2816 (0x0B00)
Creating a new SyncUpdate work item for update dd20759b-6979-483d-9dc3-0c030daf06b2, jobid is 72057594037928899 SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:57:40 PM 2816 (0x0B00)
Launcher : About to start work item: SyncUpdate. SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:57:40 PM 2816 (0x0B00)
SyncUpdate: 'Dell OpenManage Inventory Agent(for Dell Business Client Systems), 1.8.9.1' (Update:'dd20759b-6979-483d-9dc3-0c030daf06b2') Vendor 'Dell' Product:'Drivers and Applications' is synchronized to WSUS without content. SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:57:40 PM 11348 (0x2C54)
SyncUpdate: Checking if certificate is registered for server wsus SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:57:40 PM 11348 (0x2C54)
SyncUpdate: Unable to find a signing certificate for server 'wsus' SMS_ISVUPDATES_SYNCAGENT 10/21/2020 3:57:40 PM 11348 (0x2C54)
It seems like SCCM is looking for the wrong cert or the wsus cert is not valid. I have checked the expiration date and it looks good.
Hi,
Thanks for your detailed information.
This is a strange issue. I will do more research, if there is any update, I will let you know. Thanks for your understanding.
Best regards,
Simon