Installation and Configuration Guide

Similar documents
Installation and Configuration Guide

Publishing Updates Guide

Enabling Secure Sockets Layer for a Microsoft SQL Server JDBC Connection

SolarWinds. Patch Manager. Evaluation Guide. Version 2.1.2

Copyright

Software Center Update Publisher (SCUP) / Software Update Point (SUP) APSCNLAN Support

Step-by-step installation guide for monitoring untrusted servers using Operations Manager

Configuring Windows 7 VPN (Agile) Client for authentication to McAfee Firewall Enterprise v8. David LePage - Enterprise Solutions Architect, Firewalls

SCCM Plug-in User Guide. Version 3.0

20411D D Enayat Meer

VMware AirWatch Integration with RSA PKI Guide

VMware AirWatch Integration with SecureAuth PKI Guide

AirWatch Mobile Device Management

Workspace ONE UEM Certificate Authority Integration with JCCH. VMware Workspace ONE UEM 1810

Workspace ONE UEM Integration with RSA PKI. VMware Workspace ONE UEM 1810

S/MIME on Good for Enterprise MS Online Certificate Status Protocol. Installation and Configuration Notes. Updated: November 10, 2011

Using SSL to Secure Client/Server Connections

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

GO Software Pty Limited Map: 27 Tacoma Blvd, Pasadena SA 5042 ABN: ACN: How to Export a Self Signed Server Certificate

BROWSER-BASED SUPPORT CONSOLE USER S GUIDE. 31 January 2017

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP. For VMware AirWatch

Configuring Alfresco Cloud with ADFS 3.0

Configuration of Microsoft Live Communications Server for Partitioned Intradomain Federation

Setting up Certificate Authentication for SonicWall SRA / SMA 100 Series

Module 3 Remote Desktop Gateway Estimated Time: 90 minutes

Troubleshooting smart card logon authentication on active directory

VMware AirWatch Certificate Authentication for EAS with ADCS

NBC-IG Installation Guide. Version 7.2

Windows Smart Card Logon Use Case

PST for Outlook Admin Guide

Symantec Managed PKI. Integration Guide for ActiveSync

White Paper. Deployment of ActiveX Controls via Microsoft Windows Active Directory. Fabasoft Folio 2016 Update Rollup 6

Ekran System High Availability Deployment Guide

V7610 TELSTRA BUSINESS GATEWAY

Parallels Mac Management for Microsoft SCCM

5.5.3 Lab: Managing Administrative Settings and Snap-ins in Windows XP

Configuration examples for the D-Link NetDefend Firewall series

Install and Issuing your first Full Feature Operator Card

ms-help://ms.technet.2004apr.1033/win2ksrv/tnoffline/prodtechnol/win2ksrv/howto/efsguide.htm

Using SSL/TLS with Active Directory / LDAP

How to Configure S/MIME for WorxMail

Nimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]

Copyright and Trademarks

Installation Guide. Mobile Print for Business version 1.0. July 2014 Issue 1.0

VMware Horizon JMP Server Installation and Setup Guide. 13 DEC 2018 VMware Horizon 7 7.7

Assureon Installation Guide Client Certificates. for Version 6.4

Logon to Windows Vista using smartcard and CertiID in a Windows 2008 environment.

Patch Manager INSTALLATION GUIDE. Version Last Updated: September 25, 2017

Microsoft Dynamics GP Web Client Installation and Administration Guide For Service Pack 1

ms-help://ms.technet.2004apr.1033/ad/tnoffline/prodtechnol/ad/windows2000/howto/mapcerts.htm

Dealing with Event Viewer

Wavecrest Certificate SHA-512

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server

Parallels Mac Management for Microsoft SCCM

Privileged Access Agent on a Remote Desktop Services Gateway

BitLocker: How to enable Network Unlock

SOA Software Intermediary for Microsoft : Install Guide

SAPO Trust Centre: Certificate Installation on Exchange Manual

Module 1 Web Application Proxy (WAP) Estimated Time: 120 minutes

Enabling Smart Card Logon for Linux Using Centrify Suite

Configuring EAP for Wireless Network Connectivity By Victor Zapata

Install the ExtraHop session key forwarder on a Windows server

Genesys Security Deployment Guide. What You Need

App Orchestration 2.0

The information in this document is based on these software and hardware versions:

www. t ha lesesecur it y. com Thales e-security Integration Guide for Microsoft Windows Server 2016

Enabling Microsoft Outlook Calendar Notifications for Meetings Scheduled from the Cisco Unified MeetingPlace End-User Web Interface

How to Import a Certificate When Using Microsoft Windows OS

Acronis Backup & Recovery 11 Beta Advanced Editions

V1.0 Nonkoliseko Ntshebe October 2015 V1.1 Nonkoliseko Ntshebe March 2018

PEAP under Cisco Unified Wireless Networks with ACS 4.0 and Windows 2003

Deploying Windows 7 Using MDT UDI

Algo Lync Interface for SIP Audio Alerter User Guide

www. t ha les-esecur it y. com Thales e-security Integration Guide for Microsoft Windows Server 2012 and 2012 R2

VMware Horizon FLEX Administration Guide

Toolkit Activity Installation and Registration

Aspera Connect Windows XP, 2003, Vista, 2008, 7. Document Version: 1

App Orchestration 2.6

Configuration Note. snom 360 Phone with VX for Branch Survivability. Release 1.0

Configure the IM and Presence Service to Integrate with the Microsoft Exchange Server

12 Lead ECG CardioVu Software Installation Guide

Install Certificate on the Cisco Secure ACS Appliance for PEAP Clients

Access SharePoint using Basic Authentication and SSL (via Alternative Access URL) with SP 2016 (v 1.9)

Using Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)

YubiKey Smart Card Deployment Guide

Parallels Mac Management for Microsoft SCCM

Enabling Smart Card Logon for Mac OS X Using Centrify Suite

Best Practices for Security Certificates w/ Connect

Enterprise Architect. User Guide Series. Model Wizard

Module 4 Network Controller Estimated Time: 90 minutes

AMS Device View Installation Guide. Version 2.0 Installation Guide May 2018

Configuring Network Composer and workstations for Full SSL Filtering and Inspection

HP Server Updates Catalog for System Center Configuration Manager 2007 User Guide

Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS)

Windows Server 2012 Immersion Experience Enabling Secure Remote Users with RemoteApp, DirectAccess, and Dynamic Access Control

Ekran System v.6.1 Deployment Guide

Mitel MiVoice Connect Security Certificates

Provisioning Mobile Device Manager in the Control Panel. Admin Guide

Ekran System v.5.5 Deployment Guide

Table of Contents. Section 1: DocSTAR WebView v1.0 Requirements & Installation CD... 1 Section 2: DocSTAR WebView v1.

Transcription:

Installation and Configuration Guide 1

Document Versions: Date Version Description June, 14, 2014 1.0 Initial Release March, 14, 2016 1.1 Minor Changes 2

Installing SCUP 2011: Install WSUS (If needed). This can be WSUS 3.0 SP2 or WSUS on Server 2012 or greater. If using WSUS 3.0 SP2, You should also install KB2734608. If SCUP 2011 console is going to be installed remote from the WSUS server, you need to install the WSUS Admin Console using the RSAT installer for the OS you are running. The hotfixes should be applied on the WSUS Server and SCUP console (if remotely installed) for WSUS 3.0 SP2. If using WSUS 3.0 SP2, You will need to install KB2530678. The hotfixes should be applied on the WSUS Server and SCUP console machine (if remotely installed). Download and Install Microsoft.NET Framework 4.0 (If Needed). 3

Run SCUP 2011 Installer from an elevated command prompt. Click Next. Click Next. 4

Review and accept the license agreement then click Next. Accept the default installation location and click Next. Click Next to begin the installation. 5

SCUP 2011 Configuration: Start System Center Updates Publisher 2011 from the start menu ensure to run as Administrator. From the ribbon, click Options. On the Update Server Tab, Click the checkbox to enable publishing to an update server. In the settings, choose one of the radio buttons to Connect to a local update server or Connect to a remote update server:. If your SCUP console is installed remotely from the WSUS server choose the remote option and configure the server settings. Note: In this example, we choose the Connect to a local update server since SCUP is installed on the WSUS server. Click the Test Connection button. 6

Next you need to determine if you will use a self-signed certificate or a certificate from a PKI (If using PKI see this guide to certificate creation). If using Server 2012 R2 and selfsigned certificates, view this post on how to allow Server 2012 R2 WSUS server to create a selfsigned certificate. Click the Create (creates a selfsigned cert) or Browse (to select PKI cert you created) button and choose OK on the message box. Note: In this example, we clicked the Create button and will use a self-signed certificate. Click on the ConfigMgr Server tab in the Options pane. Check the Enable Configuration Manager integration checkbox. This allows us to use the Automatic publication type from the SCUP console. In the Settings, Choose the Connect to a local Configuration Manager Server or Connect to a remote Configuration Manager server:. Note: In this example, we choose Connect to a local Configuration Manager server. 7

Click the Test Connection button. Click OK on the message box. Note: You can optionally configure the values used for the Automatic publication type in this tab. Open up a MMC console Click Start, Run and Type MMC then click Enter Click Ctrl + M to open the Add/Remove Snap-in wizard Click on Certificates and click add. 8

Choose the Computer account option and then click the Next button. Click the Finish button. Click the OK button to open the Certificate Snap-in. In the Certificates Snap-In, Browse to Certificates > WSUS > Certificates. You will see the WSUS self-signed certificate in this node. Right click the certificate > Click All Tasks > Click Export. 9

Click Next on the Welcome Wizard. In the Export Private Key page, leave the default No, do nor export the private key selected and click Next. In the Export File Format page, leave the default DER encoded binary X.509 (.CER) selected and click Next. In the File to Export page, Browse to a location and enter a filename for the certificate file and click Next. Note: we will use this file and import it into a group policy object. In this example, we saved the file to C:\WSUSCert.cer. Click Finish and then OK on the message box. 10

We will now distribute this certificate using Group Policy. We will create a new GPO at the root level so all machines will be able to install third-party updates. You can optionally use the Default Domain Policy. Right click the Domain and choose Create a GPO in this domain, and lick it here.. In our environment, we called the GPO SCUP Settings. Right click the SCUP Settings GPO and Click Edit. 11

Navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies. Right Click Trusted Root Certification Authorities and Click Import Click the Next button on the Welcome wizard. On the File to Import page, browse out to the certificate file location where the certificate was exported. In our environment, the File name was C:\WSUSCERT.CER In the Certificate Store page, verify Trusted Root Certification Authorities is set and click Next. Click Finish. Click OK on the import was successful message box. 12

Verify the Certificate was added to the Trusted Root Certification Authorities node within the Group Policy Object. Repeat the previous three steps for the Trusted Publishers store within the Group Policy Object. Verify the Certificate was added to the Trusted Publishers node within the Group Policy Object. 13

Within the same group policy, Navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Update. Choose Allow signed updates from an intranet Microsoft update service location. Click Enabled. Click the OK Button. Run a gpupdate /force command on the machine where the SCUP console was installed to ensure the certificate is trusted. You should now have the selfsigned certificate in the Trusted Publishers and Trusted Root Certification Authorities stores on the machine where the SCUP console is installed. SCUP 2011 is now installed and configured. We will go over importing our catalog into SCUP 2011 in the next guide. 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback