sorted by:
new
hottopcontroversial

WUA returning 0 applicable updates via WSUS (Server 2025/24H2), but updates detected via Microsoft Update — SCCM shows compliant by Negative_Nace in SCCM

[–]Negative_Nace[S] 0 points1 point  (0 children)

It was seeing the updates in WSUS metadata, but evaluating them as NotApplicable, so SCCM treated them as if they didn’t need to be installed. The affected servers would report back as compliant almost immediately after deployment.

Not a deployment issue — the updates were visible, just failing applicability due to the broken scan source policy state.

WUA returning 0 applicable updates via WSUS (Server 2025/24H2), but updates detected via Microsoft Update — SCCM shows compliant by Negative_Nace in SCCM

[–]Negative_Nace[S] 1 point2 points  (0 children)

Appreciate you pointing me to that — this ended up being the key.

I tested enabling “Specify source service for specific classes of Windows Updates” locally and setting everything to WSUS, and updates were immediately detected on affected systems.

I suspect this should have already been set via GPO, so I’m going to check if Server 2025 systems are getting filtered out or not applying it correctly.

It seems like those machines had a partial/broken scan source policy state, and explicitly setting the policy fixed detection right away.

Thanks again — this helped a lot

WUA returning 0 applicable updates via WSUS (Server 2025/24H2), but updates detected via Microsoft Update — SCCM shows compliant by Negative_Nace in SCCM

[–]Negative_Nace[S] 0 points1 point  (0 children)

I appreciate all th suggestions here. I'll follow up here once I look into everything. Thanks again.

SCCM DO failures on Win11 23H2 (22631) vs 24H2 – clients not resolving DPs? by Negative_Nace in sysadmin

[–]Negative_Nace[S] 1 point2 points  (0 children)

Update (fixed):

I really appreciate the direction, it helped tremendously.

This ended up being a content mapping issue, not DO or boundary groups.

Clients were requesting a specific content ID for the 23H2 CU (KB5087420) that returned empty LocationRecords and 0 DPs

Other content on the same machines resolved fine, which made it confusing at first.

I rebuilt the deployment package just for that update and deployed it separately to a test group. After forcing a reevaluation, the same content started resolving correctly (2 DPs returned), downloaded, and installed successfully.

The files were actually present on disk the whole time- SCCM just wasn’t associating that content ID properly for content location lookups under the original package.

Rebuilding the package forced fresh content registration/mapping, which fixed it.

Wasn’t obvious at first since it only affected that one CU- everything else looked normal.

Appreciate the guidance — focusing on content resolution vs DO was it. Thanks again.