cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

OS Upgrade via SCCM on application control systems

Hello,

 

 Does anyone have procedure to upgrade Windows 10 OS via SCCM TS when there is McAfee application control (Solidecore) installed on systems in enabled mode?

We are having issues, we are unable to upgrade OS on systems where Solidecore is installed & enabled.

 

Thanks in Advance.

 

Girish

3 Replies
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: OS Upgrade via SCCM on application control systems

Hi @girishm21,

Thank you for your post.

May I know if you have already visited the below KBA?

How to upgrade to Windows 10 with Application and Change Control deployed:

https://kc.mcafee.com/corporate/index?page=content&id=KB86551

I sincerely hope this helps.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

Re: OS Upgrade via SCCM on application control systems

Hi,

 

KB article just says steps, but we are looking for more automation kind of solution, like, we have 700 system with application control deployed in enabled mode, to put system in update mode via ePo required manual intervention.

We need to know how can we automate OS upgrade via SCCM without manual intervention. is there any best practice/recommendations for policy configurations for SCCM like any exclusion, trusted users etc in policy?

 

Just my though was, is there any way to put system in update mode via SCCM TS using commands ? because using sdamin commands via TS, it required to put system in recovery mode which required password.

 

We want to know how can we achieve it via SCCM TS OS upgrade without manual intervention.

 

Thanks

Girish

 

AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: OS Upgrade via SCCM on application control systems

Hi @girishm21,

Excellent set of questions.

Without use of Solidcore's sadmin recover, I am afraid we cannot accommodate any third party tool (sccm) to execute any changes to solidcore without recovering cmd and using sadmin commands.

While you can gather list of executables related to SCCM and its folders and add updaters and exclusions as necessary (most of them are already a part of your McAfee default Policy), You can try Windows update in this method with Application Control in enabled mode.

Please refer to the below documentation that advises resolidification for major Windows updates:

https://docs.mcafee.com/bundle/application-change-control-8.3.x-product-guide-windows/page/GUID-0554...
While it should be possible to update Windows in enabled mode with the right exclusions and updaters in place, gathered from Microsoft, we would recommend first ensuring the MACC latest version is in place and then try performing the Windows update.

I sincerely hope this helps.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community