I am new to the site and please need some assistance. I recently deployed SCVMM 2012 R2 into our infrastructure and its working pretty well. HOWEVER today I was looking into CAU and how to perform updates properly and I am running into issues.
Infrastructure is as follows: 6 x 2012 R2 Datacenter HyperV, SCOM2012 R2, SCCM 2012 R2 + WSUS 3, SCVMM 2012 R2.
My findings so far and what Im trying to do;
Im trying to configure the CAU for my servers so VMs are not down during update periods. SCVMM does the CAU for you as far as I know so I dont need to enable the CAU manually for my cluster.
I created a baseline with the updates for my 2012 R2 servers and pointed the baseline to my hosts. When I run a compliance scan against my WSUS I get errors from 5 servers, and only 1 succeeds.
Windows Updates are working manually on the servers (all of them).
Error (24035) Compliance scan failed with error: 80240438.
Recommended Action Ensure the WinHTTP proxy settings are correctly configured for the communication with WSUS. If WSUS is configured to use SSL, ensure the WSUS certificate is installed in Trusted Root CA for the machine and then try the operation again.
I have verified connectivity between my hosts and WSUS server – port 8530 non-SSL, no proxy is enabled and all servers have “netsh winhttp reset proxy” run on them, Automatically Detect Settings was turned off via a PS script as well, running Windows Updates from the servers themselves works, SCVMMAgent is running alongside WinRM service (restarted both), WSUS rebooted with its latest patches, same for SCVMM2012.
What on earth can I do to fix this? I have read and got zero info that assisted me.
Am I meant to enable CAU first and then try? Does SCVMM not eliminate the need for CAU to be manually configured?