Good news everyone! System Center Configuration Manager Current Branch 1810 was released today, and similar to previous releases, I’m going to walk you through the process on how I updated my production environment.
Not much has changed, but I know someone will fancy to have an A-Z guide as inspiration, and as of such, I here give you the exact steps I went through to update SCCM to the very latest and greatest version.
There is a precise cook book (checklist) on how to update your Configuration Manager Current Branch to the latest version. Obviously, not everything listed in there is relevant to all environments, so therefore I’m only covering those parts relevant to me. If interested in the complete checklist, you can find that right here: https://docs.microsoft.com/en-us/sccm/core/servers/manage/checklist-for-installing-update-1810
- 1810 is released to the “Early Update Ring”, which means not everyone has it listed (by the time of writing) as available in the SCCM console. You have to opt in to get it, and to do so you download following script: https://gallery.technet.microsoft.com/ConfigMgr-1810-Enable-57a7c641
- When downloaded and extracted (it comes as an .exe), fire up an elevated powershell and run it like shown below (EnableFastUpdateRing1810.ps1 <nameofyoursiteserver> (without the < >)
- Disable maintenance tasks. A good practice, also according to the checklist, is to disable following highlighted maintenance tasks. There is a chance that the upgrade might fail, if one of the mentioned tasks runs while the upgrade is running. (another approach is to run the upgrade, outside the schedule of those tasks)
- Next, make sure you have backup! Backup of the SQL and backup of the CD.latest folder. As per above screenshot, I’m currently not using the built in backup task (I use something custom in SQL), but whatever backup method you use, make sure you have a relevant backup. That includes both SQL and the CD.latest folder. The CD.latest folder can be found in the installation directory of Configuration Manager:
- Disable Antivirus. That’s right. The recommendation is to disable any running antivirus. My server is running Server 2016 and therefore comes with Windows Defender built in. To quickly disable Windows Defender, launch the Local Group Policy Editor from run: gpedit.msc and find Computer Configuration / Administrative Templates / Windows Components / Windows Defender and set Turn off Windows Defender to Enabled
- Now find the available 1810 update in the ConfigMgr console. We opted in for the fast update ring previously using the PS script, which will gives us the 1810 update available to install. I started out running the prerequisite check. I do so to make sure that the connection/permissions to the SQL is OK prior to beginning the upgrade (we unfortunately still have the SCCM DB on a remote server. I will be moving it back locally soon enough). All prerequisite checks will be logged to C:\ConfigMgrPrereq.log.
- In this scenario, I actually encountered a prerequisite warning: SQL Server Native Client version. Configuration Manager sites require a supported SQL Server Native Client. To enable TLS 1.2 support, you must install a supported version of SQL Server Native Client on the specified site database server. For more information, see https://go.microsoft.com/fwlink/?linkid=2026746
- This is fixed by updating the SQL Server Native Client allowing support for TLS 1.2. You do have the option to ignore the prerequisite check, but if you want to be able to support TLS 1.2 and for good practice and measures, you should make sure to apply the update. More information on that part here, as well as link for download: https://support.microsoft.com/en-us/help/3135244/tls-1-2-support-for-microsoft-sql-server
- Head to the URL above and find and download the relevant SQL Server Native Client version. In my case that’s SQL Server 2012 Native Client.
- Running the installation for the new SQL Server 2012 Native Client confirms that I’m running an older version
- Rerunning the prerequisite check, post updating the SQL Server Native Client, now yields a green completed status
- Back in the Updates and Servicing node, install the Configuration Manager 1810 update on Install Update Pack and work through the wizard
- Ignore the prerequisite checks – we already did that
- Select and enable optional features. They can also be added later, post-update
- Make a selection of whether you want to test the new SCCM client or not. I went on without testing it (I have never ever seen any issues that made me wish that I tested the client first in pre-production, but I’m also testing Technical Previews)
- Accept the license terms. Filling out the SA expiration date is optional. I didn’t fill it out. This is the final step before getting the mandatory summary
- By now the upgrade is installing. The progress can be followed in the Monitoring / Updates and Servicing Status node. Use refresh regularly as the status is not real time
- Monitor SCCM-InstallDir\Logs\CMUpdate.log and SCCM-InstallDir\Logs\hman.log if curious to see what happens real time. When everything is done, CMupdate.log will be quiet with no more pending update packages to process:
- And the monitoring node when refreshed looks like this:
Post Upgrade Steps
- Review site status and component status
- Enable the maintenance tasks that previously was disabled
- Enable Windows Defender that previously was disabled through the Local Group Policy Editor. When you do so, make sure to start the Defender service again. Start now