Easy2Patch v4.0
Easy2Patch v4.0
  • Infrastructure Documents
  • Overview
    • What is Easy2Patch?
    • Request a new 3rd Party Applications
    • FAQs
    • Road Map
    • Release Notes
    • Version Compare
    • Licensing
  • Planning
    • POC Requirements for Easy2Patch 3.1
    • POC Requirements for Easy2Patch 4.0 Web Edition
    • Supported Configurations
    • Windows Operating System Requirements
    • SQL Server Requirements
    • Other Requirements
    • Network Considerations
    • Antivirus Exclusion List for Easy2PatchV3
    • Design
      • Update & Application & Intune (Server Deployment)
      • Standalone WSUS Deployment
      • Standalone Intune Deployment
  • Deployment
    • Installing WSUS Console
    • Installing SCCM Admin Console
    • Installing IIS Component for Easy2Patch 4.0
    • Configuring Intune Application Registration
    • Getting Code-Signing Certificate
    • Installing Easy2Patch 3.1
      • Upgrading to Easy2Patch 3.1.10
      • Licensing Easy2Patch 3.1
    • Installing Easy2Patch 4.0
      • Upgrading Easy2Patch 4.0
      • Easy2Patch Backup & Restore
      • Licensing Easy2Patch 4.0
  • Configuring
    • SSL Configuration in WSUS for 3rd Party Update
    • Configuring ConfigMgr for 3rd Party Updates
    • Easy2Patch 3.1 Settings
      • General
        • Certificate Management
        • Backup Settings
          • Restore Easy2Patch 3.x
        • General Settings
        • Application Deployment
        • Intune Deployment
        • Maintenance
      • Notification
        • E-Mail
        • Telegram
          • Creating a Telegram Bot
          • Telegram Chat ID
      • SCCM / WSUS / INTUNE
        • WSUS Settings
        • SCCM Settings
        • Database Settings
        • Intune Settings
      • Proxy
    • Easy2Patch 4.0 Settings
      • Migrate from Easy2Patch 3.x
      • General Settings
        • General
        • Identity
          • Active Directory
          • EntraID
            • Required Permissions for EntraID
        • Proxy
        • Log
        • Maintenance
        • Login
      • Deployment Settings
        • Process Conflict
        • Update
        • Application Deployment
        • Intune Deployment
        • Defender
      • Connection Settings
        • Database
        • SCCM
        • WSUS
        • Intune
      • Managements
        • Role
        • License
        • Certificate Management
      • Alert Settings
        • Notification
          • E-Mail
          • Telegram
            • Creating a Telegram Bot
            • Telegram Chat ID
            • Telegram Setting
        • Alerts
        • Recipients
  • Managing Easy2Patch
    • Easy2Patch 3.1
      • Update
      • Application Deployment
      • Intune Update
      • Intune Application
      • License Management
    • Easy2Patch 4.0
      • Dashboard
        • WSUS
        • SCCM
        • Intune
      • Update
        • Application Custom Settings
        • WSUS Maintenance
        • Side Menu
      • Application
        • Application Deployment Right Click Menu
        • Application Custom Settings
        • SCCM Maintenance
        • Side Menu
      • Intune Update
        • Intune Update Right Click Menu
        • Application Custom Settings
        • Intune Maintenance
        • Side Menu
      • Intune Application
        • Intune Application Right Click Menu
        • Application Custom Settings
        • Intune Maintenance
        • Side Menu
      • CVE List
      • Schedule
      • Reporting
        • Update Status
  • Troubleshooting
    • Schema files not found!
    • Failed to sign package
    • Fixing 500.19 web.config error
    • Securing Windows Server
Powered by GitBook
On this page
  • Some settings are missing in SCCM Settings tab
  • SCCM Collection and/or DP Lists are empty
  • SCCM rights for Administrator and Service Account

Was this helpful?

  1. Overview

FAQs

Scope: Easy2Patch (All Versions)

Some settings are missing in SCCM Settings tab

The SCCM/WSUS/Intune tab under Settings is license sensitive. The tabs on this screen are visible or hidden according to the license and usage. The following describes the visibility and functionality of tabs by license and usage scenarios.

  1. Free License; In this licensing model, only the WSUS tab is visible and no configuration other than the Standalone WSUS configuration can be used. None of the SCCM settings are visible and functional on these screens.

  2. Standard License; If you have a Standard license, only the settings for WSUS will be visible on the screen. In this licensing model, Application Deployment via SCCM and Intune-related settings are not visible and non-functional.

  3. Advanced License; If you have a Advanced license, only the settings for WSUS and SCCM Application Deployment will be visible on the screen. In this licensing model, Intune-related settings are not visible and non-functional.

  4. SCCM Console; If the SCCM console is not installed on the system where Easy2Patch is installed, the SCCM related settings will appear and will not be functional. The console must be loaded and the Easy2patchSvc service and, if open, the Easy2Patch screen must be restarted.

SCCM Collection and/or DP Lists are empty

SCCM DB Settings; The Distribution Point and Collection list on the SCCM Settings screen will be empty if the SCCM database settings have not been made. The user account configured on the System account or SCCM screen must have read rights defined in the relevant database.

Following SQL batch running on ConfigMgr database to give permission for service account of user who use Easy2Patch and Easy2PatchSvc service account.

E2PPermissions.sql
-- Replace the DB name that says E2P with the appropriate name in your environment
USE [CM_E2P]
GO

-- {Domain\Username | Domain\ServerName$} replace it with the appropriate user account
DECLARE @UserName nvarchar(128) = 'Domain\Username'
  --DECLARE @UserName nvarchar(128) = 'Domain\ServerName$'
  
DECLARE @QuotedUserToGrant nvarchar(128) = QUOTENAME(@UserName);

IF NOT EXISTS(SELECT principal_id FROM sys.server_principals WHERE name = @UserName) BEGIN
DECLARE @LoginSQL as varchar(500);
SET @LoginSQL = 'CREATE LOGIN '+ @QuotedUserToGrant + ' FROM WINDOWS';
EXEC (@LoginSQL);
END

IF NOT EXISTS(SELECT principal_id FROM sys.database_principals WHERE name = @UserName) BEGIN
DECLARE @UserSQL as varchar(500);
SET @UserSQL = 'CREATE USER ' + @QuotedUserToGrant + ' FOR LOGIN ' + @QuotedUserToGrant;
EXEC (@UserSQL);
END

DECLARE @PermissionsSQL as varchar(500);
SET @PermissionsSQL = 'GRANT SELECT ON [dbo].[v_FullCollectionMembership] TO ' + @QuotedUserToGrant +
' GRANT SELECT ON [dbo].[v_GS_ADD_REMOVE_PROGRAMS] TO ' + @QuotedUserToGrant +
' GRANT SELECT ON [dbo].[v_Collection] TO ' + @QuotedUserToGrant +
' GRANT SELECT ON [dbo].[v_GS_ADD_REMOVE_PROGRAMS_64] TO ' + @QuotedUserToGrant +
' GRANT SELECT ON [dbo].[v_Add_Remove_Programs] TO ' + @QuotedUserToGrant +
' GRANT SELECT ON [dbo].[v_GS_INSTALLED_SOFTWARE] TO ' + @QuotedUserToGrant
EXEC (@PermissionsSQL);

SCCM rights for Administrator and Service Account

Publishing updates on SCCM, triggering synchronization, creating applicaiton automatically with Easy2Patch a user account to be created on Active Directory is required for SCCM jobs. This user account needs the following SCCM privileges.

  • Application: Read, Modify, Delete, Set Security Scope, Create, Move Object, Modify Folder

  • Software Updates: Read, Modify

  • Distribution Point: Read, Copy to Distribution Point

  • Distribution Point Group: Read, Copy to Distribution Point Group

  • Folder Class: Read, Modify, Create

  • Security Scopes: Read

  • Site: Read

PreviousRequest a new 3rd Party ApplicationsNextRoad Map

Last updated 11 months ago

Was this helpful?