Jump to content


Scott

Software Update silent deployment through SCCM

Recommended Posts

Hi,

We are currently looking at using SCCM to deploy windows updates, however i am having a problem with the updates getting to the clients.

 

I would like to be able to deploy updates through SCCM, but supress any notifications and reboots - basically so that the end user can continue to work uninterupted. The update packages are set to deploy as soon as possible and the deadline is set 2 weeks in advance, however depsite synchronising the client etc the updates aren't installing.

 

I know i should enable the notifications in testing so i can see whether anything is happening, but i would like to know whether the desired setup is even possible?

 

To clarify, I want to pick,download and deploy updates as soon as possible, without notifications to the clients, with supressed reboots. I don't particularily want to wait until the deadline passes, as this will mean that it will reboot the machine on the deadline without warning. Is this possible? How would i go about doing it?

 

Hopefully this makes sense?

 

Cheers

Scott

Share this post


Link to post
Share on other sites


have a read of the following

 

http://technet.microsoft.com/en-us/library/bb632393.aspx

 

Hide all deployments from end users

 

This setting specifies that all deployments are hidden when they are received on client computers. Use this setting to deploy software updates to computers without any display notifications or notification area icons. Also, end users will not be able to open the Available Software Updates dialog box to manually install updates. By default, this setting is not enabled.

Share this post


Link to post
Share on other sites

have a read of the following

 

http://technet.microsoft.com/en-us/library/bb632393.aspx

 

Hide all deployments from end users

 

Ive had a look at that and the setting was already set. I can deploy updates to devices silently, if i tick the box on the client to install on a schedule - however there doesnt seem to be a way to set this centrally?

 

I was hoping that the updates would work in the same was as software distribution, ie, deploy as soon as possible would begin installing the next time the client sync'd? As it seems, when you set it to as soon as possible it won't install until the deadline?

Share this post


Link to post
Share on other sites

well create the deadline as one minutes ahead of when you are creating the deployment management task to speed it up a bit

Share this post


Link to post
Share on other sites

well create the deadline as one minutes ahead of when you are creating the deployment management task to speed it up a bit

 

But if i set that, then the reboots will be enforced straight away and that will cause disruption?

 

I'm considering scheduling the updates to install daily at 10, using this VBScript?

 

dim updatesDeployment

' Create the COM object.

set updatesDeployment = CreateObject ("UDA.CCMUpdatesDeployment")

 

' Set the local schedule by using the SetUserDefinedSchedule method

' and the recurrence and hour values passed in.

updatesDeployment.SetUserDefinedSchedule 8, 10

' Output success message. I left this message out as well.

'wscript.echo "Set Local Software Update Schedule."

Share this post


Link to post
Share on other sites

why use a script, thats what maintenance windows are for, have you looked into using maintenace windows on collections yet ?

Share this post


Link to post
Share on other sites

why use a script, thats what maintenance windows are for, have you looked into using maintenace windows on collections yet ?

 

Not yet..

But surely even if the maintenance windows were set, the updates wouldnt be installed until the deadline passes and then the tick box would allow the pc to reboot outside of the windows?

Share this post


Link to post
Share on other sites

what tickbox ? if you remove 'ignore main....' then the updates should only install during the maintenance window

Share this post


Link to post
Share on other sites

what tickbox ? if you remove 'ignore main....' then the updates should only install during the maintenance window

 

So it should install the maintenance window before the deadline? Or would it install it the window after the deadline?

 

In our test lab without any windows set up, it would reboot the machine (despite the reboots being supressed) if it was past the deadline?

 

I think scheduling the updates through the client should be OK, as that is the most similar way that WSUS is currently deploying the updates. I take it that if the updates are assigned as soon as possible, the client begins the download whenever they pick it up, but doesnt install until the schedule? The main thing we want to avoid is everyone trying to download it all in one go (despite WSUS being in that situation already!)

Share this post


Link to post
Share on other sites
The main thing we want to avoid is everyone trying to download it all in one go (despite WSUS being in that situation already!)

well then you stagger the deployments by shifting the collection target (in the deployment management task(s)) or using maintenance windows

 

i'd suggest to test both ways

 

imagine this scenario i set a maintenance windows of every thursday at 3pm - 5pm and i have some new updates for xp boxes, i advertise those new updates via a deployment management task and i set the deadline to one minute from now.. on thursday between 3pm - 5pm (during the maintenance window) the updates get installed to that specific collection

you can have multiple maintenance window collections or multiple patch collections that you can stagger the software updates installation to.. see what i mean ?

Share this post


Link to post
Share on other sites

well then you stagger the deployments by shifting the collection target (in the deployment management task(s)) or using maintenance windows

 

i'd suggest to test both ways

 

imagine this scenario i set a maintenance windows of every thursday at 3pm - 5pm and i have some new updates for xp boxes, i advertise those new updates via a deployment management task and i set the deadline to one minute from now.. on thursday between 3pm - 5pm (during the maintenance window) the updates get installed to that specific collection

you can have multiple maintenance window collections or multiple patch collections that you can stagger the software updates installation to.. see what i mean ?

 

Yeh, i think so... I'll have a look into the possibilities and see which one fits us.

 

If i do schedule the deployment at say 9pm, but the PC is switched off, does it install the following morning, or will it try daily at 9 until its on at that time?

Share this post


Link to post
Share on other sites

Yeh, i think so... I'll have a look into the possibilities and see which one fits us.

 

If i do schedule the deployment at say 9pm, but the PC is switched off, does it install the following morning, or will it try daily at 9 until its on at that time?

 

If my memory serves me correctly, I think that it will install the following morning but that depends on how you have your Maintenance Windows configured. Also in the Deployment Management properties of a deployment on the Schedule tab there is a check box, "Ignore maintenance windows and install immediately at deadline" which could impact this behavior as well.

Share this post


Link to post
Share on other sites

Dear AnyWeb

 

I am facing serious Issue regarding deploying software Updates. My clients always facing the Error that shows in WUAHandlor Log

 

![LOG[Added Update Source ({7ECD7166-9B49-4887-95BF-EB6D2876A5F1}) of content type: 2]LOG]!><time="12:18:25.513+000" date="05-28-2010" component="WUAHandler" context="" type="1" thread="12340" file="sourcemanager.cpp:1381">

<![LOG[Async searching of updates using WUAgent started.]LOG]!><time="12:18:25.545+000" date="05-28-2010" component="WUAHandler" context="" type="1" thread="12340" file="cwuahandler.cpp:587">

<![LOG[Async searching completed.]LOG]!><time="12:18:26.904+000" date="05-28-2010" component="WUAHandler" context="" type="1" thread="12192" file="cwuahandler.cpp:2099">

<![LOG[OnSearchComplete - Failed to end search job. Error = 0x80244018.]LOG]!><time="12:18:26.904+000" date="05-28-2010" component="WUAHandler" context="" type="3" thread="12340" file="cwuahandler.cpp:2966">

<![LOG[scan failed with error = 0x80244018.]LOG]!><time="12:18:26.904+000" date="05-28-2010" component="WUAHandler" context="" type="3" thread="12340" file="cwuahandler.cpp:3223">

 

 

I tried to check in many thread but unsuccessfull. Please help me out

 

 

Regards

 

Saad

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...