The Settings dialog box in System Center Updates Publisher contains the Import List, Update Server, Data Source, Trusted Publishers, and Advanced tabs. These tabs are used to add catalogs to the import list, whether to automatically check for newer versions for catalogs added to the update list, enable and configure publishing to an update server, set the database location for Updates Publisher, remove publishers that are no longer trusted, configure whether to check digitally signed software updates catalogs for certificate revocation, and disable the per-user MSI dialog box warning.

The dialog box contains the elements described in the following table.

Import List

Provides the ability to add, remove, modify, or find software updates catalogs. The following elements are available:
  • Automatically check for updates to my catalogs on startup: Specifies that during startup, Updates Publisher will automatically check for newer versions of the software updates catalogs that have been added to the Import List, since they were last imported, and display the results on the Updates Publisher start page. If there is a newer version of a catalog, it can be imported from the startup page or by running the Import Software Updates Catalog Wizard.

  • Import List: Contains a list of the catalogs that have been added to the import list. The catalogs in the list can be imported in bulk by using the Import Software Updates Catalog Wizard or checked automatically for newer versions. The following columns are displayed for the catalogs in the import list:

    • Publisher: Specifies the name for the publisher.

    • Name: Specifies the name for the software updates catalog.

    • Path: Specifies the download location for the software updates catalog.

    • Source: Specifies whether the catalog is from a Microsoft Partner or created internally.

    • Obsolete: Specifies whether the software updates catalog is obsolete.

  • Add: Opens the Add Catalog dialog box where a catalog is specified that will be added to the import list. Specify the following information: Choose Path, Name, Description, Support, Require approval of unsigned catalogs from this location during import, and Always flag these updates for publishing. For more information, see How to Add Catalogs to the Import List.

  • Find: Opens the Add Vendor Catalog dialog box, which retrieves the discovery list of all vendor catalogs that have been registered with Microsoft and provides the ability to add discovered catalogs to the import list. For more information, see How to Discover and Import External Catalogs.

    Note
    Updates Publisher 4.5 provides a proxy server credentials dialog box when the connection fails for the current user. When this dialog box displays, enter the proxy server name, port, and the user name and password for an account that has appropriate proxy server permissions.
  • Edit: Opens the Modify Catalog dialog box where the following information for the highlighted catalog can be modified: Path, Name, Description, Support Contact, Require approval of unsigned catalogs from this location during import, and Always flag these updates for publishing settings.

  • Remove: Deletes the highlighted software updates catalog file from the import list.

  • Remove All: Deletes all software updates catalog files from the import list.

Update Server

Provides the ability to enable and configure Updates Publisher to publish the software updates that are flagged for publishing to an update server. The following options are available:
  • Enable publishing to an update server: Specifies whether Updates Publisher will publish the software updates that are flagged for publishing to an update server. When this setting is selected, the other controls on this page are enabled.

  • Connect to a local update server: Specifies that the update server is local to the Updates Publisher computer. The local update server settings are automatically detected.

  • Connect to a remote update server: Specifies that the update server is remote to the Updates Publisher computer. When connecting to a remote update server, the following settings must also be specified:

    • Use Secure Sockets Layer (SSL) when communicating with the update server: Specifies that SSL is used when the Updates Publisher computer connects to the update server.

    • Name: Specifies the NetBIOS name of the update server. The update server name is validated when clicking Test Connection, OK or Apply. An error message is displayed if validation is unsuccessful. The required field indicator reappears and a new update server name must be entered.

    • Port: Specifies the port used when connecting to the update server. Use the HTTP port number for the update server, or the HTTPS port when the Use Secure Sockets Layer (SSL) when communicating with the update server setting is selected. The default port setting values are 80 for HTTP and 443 for HTTPS.

  • Test Connection: Tests the connection to the update server. A dialog displays indicating whether the connection was successful. An error message is displayed if validation is unsuccessful. The required field indicator reappears and a new update server name must be entered.

  • File: Specifies the digital certificate used to sign the software updates that are published to the update server. The following controls are available:

    • Browse: Opens a browse dialog that allows the certificate file to be selected. This option is only available when the Updates Publisher is local to the update server or when SSL is used when connecting to a remote update server. Select the certificate and then click Create to add the certificate to the WSUS certificate store on the update server.

    • Create: Specifies that the update server will create a new certificate, or use the certificate that was specified using Browse, and add the certificate to the WSUS certificate store on the update server. Enter the PFX file password for certificates that were selected by using Browse.

    • Remove: Specifies that the certificate is removed from the WSUS certificate store on the update server. This option is only available when the Updates Publisher is local to the update server or when SSL is used when connecting to a remote update server.

The Certificate issuer and Expiration date for the last recorded update server certificate, if one exists, is displayed at the bottom of the dialog box.
Important
The certificate must be copied to the Trusted Publishers certificate store, and for self-signed certificates, to the Trusted Root Certification Authorities certificate store on the update server before the software updates can be published. The certificate must also be copied to the same certificate stores on the Updates Publisher computer if it is remote from the update server. There are several methods for adding the certificates to certificate stores. For more information about configuring the update server settings and adding the certificate to the certificate store on the update server, see How to Configure the Update Server.
Data Source

Provides the Updates Publisher database information. The following elements are available:
  • Server Name: Specifies the SQL Server computer name or SQL Server computer and instance names. Updates Publisher connects to this computer to access the database. For example, MyServerName or MyServerName\InstanceName. If the SQL Server computer name is entered without an instance name, the default instance is used. The SQL Server computer must be accessible to the Updates Publisher user and the database must be created on computer before configuring it as the data source. For more information about creating the Updates Publisher database on a new server, see How to Create the Updates Publisher Database. The SQL Server computer name is validated when clicking OK or Apply. The required field indicator displays if validation is unsuccessful.

  • Test Connection: Tests the connection to the server specified in the Server Name text box. A message displays indicating whether the connection test succeeded or failed. If the connection failed, verify the SQL Server computer name, verify that the database has been created with the appropriate permissions for the using Updates Publisher, verify that SQL Server computer and database are accessible to the user using Updates Publisher, and then re-test the connection.

  • Current Connection Details: Displays the following read-only information about the publishing tool database:

    • Server name: Specifies the configured data source server name.

    • Database: Specifies the publishing tool database name.

    • Integrated security: Specifies whether the database uses integrated security.

    • Connection timeout: Specifies when the timeout period when connecting to the database.

Trusted Publishers

Provides the option to remove trusted publishers added during the Import Software Updates Catalog Wizard. If Always Accept catalog from <publisher> is selected during the import process, the publisher will be added to the trusted publishers list. Updates Publisher will automatically accept any new catalogs imported from publishers that are in the trusted publishers. Select a publisher and click Remove to remove a publisher that is no longer trusted.
Advanced

Provides the option to control certificate revocation list (CRL) checking and warnings about Windows Installer packages that were installed per-user. The following elements are available:
  • Enable certificate revocation checking for digitally signed catalog files: Specifies whether to check the certificate revocation list (CRL) for the digital certificates that are used to sign software updates catalogs. The CRL is checked to verify that the certificate used to sign a software updates catalog has not been revoked from the approved list issued by the Certification Authority (CA). This option is not enabled by default because of the additional overhead to the import process that occurs when Updates Publisher determines whether the catalog is on the CRL. Enable this option to ensure that digitally signed software updates catalogs are on the CA approved list. For more information, see the Certificate Revocation and Status Web page (http://go.microsoft.com/fwlink/?LinkId=65980).

  • Do not display warnings about per-user MSIs: Specifies whether to display a warning dialog box when MSI rules are created in Updates Publisher. The Windows Update Agent (WUA) can detect Windows Installer packages on client computers only if they are installed per-system. If an MSI rule is created for a software update definition and the Windows Installer package was installed per-user, the WUA will be unable to access the user account to detect the package. When MSI rules are created in Updates Publisher, a dialog box is displayed by default that warns about this issue and helps to remind users that creating an update definition with only an MSI rule can result in a Windows Installer package not being detected when it is installed on a client computer. By default, this setting is not enabled. For more information about creating rules to detect Windows Installer packages, see Per-User MSI Issues in Best Practices for Updates Publisher.

  • Prompt for re-signing updates while publishing: Specifies whether to provide a prompt while publishing that allows the software updates to be re-signed with the digital signature configured on the Update Server tab. By default, this setting is not enabled.

  • Enable compatibility mode with previous update format: Specifies whether to configure Updates Publisher 3.0 for compatibility mode so that software updates can be exported to a catalog that supports both the Updates Publisher and Custom Updates Publishing Tool schemas. Because some attributes are not in the previous schema, the attributes are removed when exporting software updates. For more information, see About Updates Publisher Compatibility Mode. By default, this setting is not enabled.

    Important
    This setting applies only to System Center Updates Publisher 3.0.
OK

Saves the changes and exits the dialog box.
Cancel

Exits the dialog box without saving any changes.
Apply

Saves the changes and remains in the dialog box.

See Also