Tag: Software Updates (page 1 of 2)
A couple of weeks ago I went through the history of how the cadence of Windows 10 Feature Updates has changed since Microsoft cooked up their initial cockamamie scheme. You can find that here: You’re getting SAAAAAAAC’d Last week people started asking me about various Windows 10 updates that weren’t showing up in their WSUS […]
1/9/19 Update: The most recently released SSU (KB4486458) was given a distinctive title (2019-01 Servicing Stack Update for Windows 10 Version 1703). If Microsoft is reliable in this (to be determined) you could create an specific ADR for them and deploy ahead of your regular scheduled patch cycle. Still seems kinda janky to me though. […]
12/20/18 Update: Removed a check for WSUS cmdlets that prevented the script from working on 2008 R2 and the ReSyncUpdates from the WSUS standalone config file. 12/10/18 Update: Fixed a configuration file parsing problem and added licensing information for GPLv3. Note: When updating you will need to update any existing plugins as well. Despite a […]
The first release of my update reports was a total lie. There was absolutely no dashboard in what I called ‘Yet Another Software Update Dashboard’. I’ve fixed that.
Things got real last week and ‘all of a sudden’ organization realized that what the product MVPs have been saying for years is true and simply not optional: you must be running a software update maintenance script. I’ve updated mine to be more useful. Because I’m like that I guess.
Configuration Manager’s Automatic Deployment Rules are the ‘killer app’ that makes the product one of the most powerful tools for software updates. However, with that power and flexibility comes complexity that can be daunting for the uninitiated. In this post I try to brain-dump the lessons I had to learn when coming up to speed in the hope that it might help others.
When looking to prove that Configuration Manager was actually patching devices I quickly found the built-in reports lacking. I looked at existing solutions but I wanted something just stupidly simple that I could send to management and be informative at that level. At the same time I wanted to be able to drill-down so that administrators could identify and resolve any issues. Here’s what I came up with … let me know what you think in the comments section.
There’s lots of ways to define compliance but if/when you move to the cumulative update model the biggest question is simply: do I have the latest cumulative update applied. You’d think that’d be easy to report on but it gets messy quickly. Here I’ve released my first shot at it.
Installing updates during operating system deployment should be easy. I mean there’s a step called Install Software Updates for crying out loud. How hard could it be?
Historically it’s been considered taboo to touch WSUS when part of a Configuration Manager environment. Those times have now past and if you’re not actively maintaining WSUS on a regular basis it’s more than likely failing causing scan failures.