Category: Software Updates (page 1 of 2)
In Part I of this pathetic little series I tried to cover enough of the technical details so that if you don’t currently patch your devices with Intune you could get a feel for it without actually having to do it. In Part II I want to get into the meat of the thing: can […]
I helped implement Intune at work (Recast Software) which was a great opportunity to dig into the patching side of things. In this first part I’m going to try and cover the technical details and make sense of some of the docs. In the second part I’ll talk more about what I like, what I […]
Update: After doing a full-court press on this we were able to get Microsoft to address this officially. My thanks to Mary Jo Foley and Donna Ryan for help make that happen. Updating Windows 10, version 1903 using Configuration Manager or WSUS Apparently Microsoft isn’t ready to talk about this yet so I guess I […]
A couple of weeks ago I went through the history of how the cadence of Windows 10 Feature Updates has changed since Microsoft cooked up their initial cockamamie scheme. You can find that here: You’re getting SAAAAAAAC’d Last week people started asking me about various Windows 10 updates that weren’t showing up in their WSUS […]
12/20/18 Update: Removed a check for WSUS cmdlets that prevented the script from working on 2008 R2 and the ReSyncUpdates from the WSUS standalone config file. 12/10/18 Update: Fixed a configuration file parsing problem and added licensing information for GPLv3. Note: When updating you will need to update any existing plugins as well. Despite a […]
The first release of my update reports was a total lie. There was absolutely no dashboard in what I called ‘Yet Another Software Update Dashboard’. I’ve fixed that.
Things got real last week and ‘all of a sudden’ organization realized that what the product MVPs have been saying for years is true and simply not optional: you must be running a software update maintenance script. I’ve updated mine to be more useful. Because I’m like that I guess.
Configuration Manager’s Automatic Deployment Rules are the ‘killer app’ that makes the product one of the most powerful tools for software updates. However, with that power and flexibility comes complexity that can be daunting for the uninitiated. In this post I try to brain-dump the lessons I had to learn when coming up to speed in the hope that it might help others.
When looking to prove that Configuration Manager was actually patching devices I quickly found the built-in reports lacking. I looked at existing solutions but I wanted something just stupidly simple that I could send to management and be informative at that level. At the same time I wanted to be able to drill-down so that administrators could identify and resolve any issues. Here’s what I came up with … let me know what you think in the comments section.
There’s lots of ways to define compliance but if/when you move to the cumulative update model the biggest question is simply: do I have the latest cumulative update applied. You’d think that’d be easy to report on but it gets messy quickly. Here I’ve released my first shot at it.