How can I use Express Updates when patching Windows 10 with Quality Updates in System Center Configuration Manager (Current Branch) ?

[anyweb]

Introduction

Windows 10 Enterprise first shipped in July 2015 with Windows 10 version 1507, and since then there have been 2 versions, Windows 10 version 1511 and Windows 10 version 1607. In spring of this year (2017) we will see another version of Windows 10 released (Creators Update), which will most likely be Windows 10 version 170x (the x is because I don't know what month it will release).

 

Every version of Windows 10 needs to be patched and those patches are released monthly, as each month goes by the patches are getting bigger and as a direct result, they are slower to transfer to the clients.

 

 

Express Updates versus Full Updates

When Microsoft releases security patches for Windows 10 on a monthly basis (called Quality Updates), these patches are cumulative, meaning everything in the previous months patches will be included in the latest cumulative update. This patch size growth continues through the lifecyle of the Windows release until after a year or so the cumulative update package itself can be over 1GB in size. For ConfigMgr admins that's a lot of content to send to your distribution points and Window 10 clients every month.

 

 

What would of course be better is if only the difference between previous months updates were distributed and that's what Express Updates facilitate.The graph above shows the difference in size between full updates and express updates. Express updates are the 'delta' or contain changed content between the current and previous releases.

 

Enabling Express Updates support in Windows 10 version 1607

Microsoft have added the ability to use express updates in Windows 10 version 1607 (and LTSB Enterprise 2016) with the cumulative update released on patch Tuesday (January 2017 release) as detailed here. If your version of Windows 10 is later than Windows 10 version 1607 build 14393.693 you are good to go (on the client side) with express updates.

 

Express updates from Microsoft will be released from February 14th 2017 onward.

 

 

Note: If you have a previous version of Windows 10, then they will not be able to use express updates.

 

Enabling Express Updates support in ConfigMgr

The capability (for dealing with express updates) has been added to System Center Configuration Manager (Current Branch) version 1610, but it is not yet visible in the console, the GUI components will be enabled with a hotfix for ConfigMgr due to be released soon. If you want to experiment with configuring express updates in ConfigMgr today, you can do so using SCCM Technical Preview, the capability was actually added in the 1612 TP release (see here).

 

For this guide I'll use the latest available Technical Preview release available at time of writing and that is SCCM version 1701 Technical Preview.

 

Below are details about the addition.

 

Express files support for Windows 10 Cumulative Update – Configuration Manager can support Windows 10 Cumulative Update using Express files. This functionality is only supported in Windows 10 version 1607 with a Windows Update Agent update included with the updates released on January 10, 2017 (Patch Tuesday). For more information see https://docs.microsoft.com/sccm/core/get-started/capabilities-in-technical-preview-1612#express-installation-files-support-for-windows-10-updates.

 

There are two components that need to be configured in ConfigMg, client settings and the Software Update Point role settings. to configure ConfigMgr do as follows:

 

In the Configuration Manager console, navigate to Administration > Site Configuration > Sites select your Primary site and right click, choose Configure Site Components then Software Update Point.

 

 

Click on the Update Files tab and select the second option (not enabled by default) which is Download both full files for all approved updates and express installation files for Windows 10.

 

Note: Selecting this option will allow you to use express installation files however keep in mind that those packages may become much bigger (on the server) than cumulative update packages as they contain deltas of all the cumulative updates released. This means that transferring express installation files to your distribution points may be larger than what you experience today with Cumulative Update packages, but express installation files downloaded to the client will only be small in size (the actual delta).

 

 

Apply your changes and close the Software Update Point properties.

 

Next, you need to enable Express Updates on clients and you do that via the Client Settings. In the Configuration Manager console, navigate to Administration > Client Settings and create a custom client device settings. Give it a suitable name like Enable Express Updates for Windows 10 and select the Software Updates node.

 

 

Click on Software Updates in the left pane and change the option Enable installation of Express installation files on clients from No to Yes.

 

 

The port beneath it is used by the ConfigMgr client agent to communicate with the distribution point (on this port) for downloading of those express files.

 

Once done, right click and choose deploy to deploy the custom client settings to a suitable collection containing Windows 10 version 1607 computers with the January 2017 cumulative update installed.

 

 

any computers in that collection will get the custom client settings as you see here

 

 

Once you have applicable computers in that collection you can verify that they have the client settings applied by checking the following DeltaDownload.log log (on the client) in this location:

C:\Windows\CCM\Logs\DeltaDownload.log

as shown here, before receiving the client settings defined above

 

 

and after receiving the client settings, look for

Software updates Enabled: 1; Express Enabled: 1; Express Port: 8005 

 

and with a simple netstat command you can see that it is listening on that port

netstat -ano -p tcp

 

That's it ! for more info about this topic see this video by Michael Niehaus.

 

Cheers

 

Niall.