This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 4%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
I have tinkered with SCCM many years ago, but never really dove into the application really deep since it was not a server that I managed. Now, I am looking to install and use MECM in the environment that I support. The IT admins that typically image systems use a third-party application along with passing a USB hard drive. I am trying to improve how they image and deploy new systems by implementing a MECM server. Microsoft surely knows how to over complicate a system. I have MECM installed and I am able to image systems, but I am having issues deploying the MECM client to workstations as well as apply updates to these systems. I tried to push the client as well as manually install the client, but my workstations still show up as unknown. The only client to show as having the client installed is my MECM server.
My MECM server is set up in an airgapped environment. At the current time, I am in the "testing" phase, so if I need to blow the server away an reinstall it is possible. Since MECM requires an Active Directory environment, I added the ADDS role to my server. At the current time, all services are running on the same server (ADDS, MECM, WSUS). It is taking a lot of reading and watching of videos, but I still don't have things working properly. As mentioned above, I am able to image systems using a task sequence, but just can't figure out the last few things. Ultimately, I am looking to use this offline environment for imaging of systems as well as applying updates and configurations for securing the systems. Once the systems are hardened, they will be moved to a scanning environment where they will be scanned for vulnerabilities prior to moving them to our production environment.
Since my MECM environment does not have Internet connectivity, how can I upgrade to the latest version (2409)? For Windows Updates, I am utilizing an Online/Offline WSUS model. Hopefully, this will be the only areas where we will utilize USB hard drives moving forward. Feel free to make any recommendations to resolve my issues and better our environment.
--Michael L. Little CISSP, CCNA, CySA+
Hi,
Thank you for posting in Microsoft Q&A forum.
To upgrade your MECM to the latest version (2409), you may configure your service connection point in offline mode and use the service connection tool to upgrade.
https://learn.microsoft.com/en-us/mem/configmgr/core/servers/manage/use-the-service-connection-tool
For the client push issue, you may start from checking ccmsetup.log on client.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Add comment".
Just checking if there's any progress or updates?