Understanding the Software Update Chain
Understanding the software update process from clients to servers.
Video Guide
β
Scenario 1: Configuring Software Update Policy
When you first start off with configuration manager and software updates there are always a lot of questions, what options should l use, how do they work and more.
Software Update Policy
Software Update Scan Schedule
When does this REALLY Happen
- Anytime a NEW software update group is assigned AND machine policy Runs
- Anytime a scheduled instance of Software Update Scan Schedule Hits
- Anytime a Deployment is completed
- Sometimes after a reboot is completed - Depends on assignment configuration
- After a servicing stack update https://docs.microsoft.com/en-us/mem/configmgr/sum/plan-design/plan-for-software-updates#bkmk_ssuβ
Schedule Deployment Re-evaluation
- This does NOT contact WSUS
- Uses the existing locally stored policies in WMI
WMI Explorer is a fantastic tool to review the classes that are involved in all of this
Release WMI Explorer 2.0.0.2 Β· vinaypamnani/wmie2
GitHub
What is It
WMI Path
Software Update Objects
\MACHINENAME\ROOT\ccm\ClientSDK:CCM_SoftwareUpdate
Update Manager
\MACHINENAME\ROOT\ccm\ClientSDK:CCM_SoftwareUpdatesManager
Update CI Assignment
\MACHINENAME\ROOT\ccm\Policy\Machine\ActualConfig:CCM_UpdateCIAssignment
Maintenance Windows
\MACHINENAME\ROOT\ccm\Policy\Machine\ActualConfig:CCM_ServiceWindow
Cient Policy
\MACHINENAME\ROOT\ccm\Policy\Machine\ActualConfig:CCM_SoftwareUpdatesClientConfig
Enable Third Party Updates
Client settings - Configuration Manager
docsmsft
When you set this option to Yes, it sets the policy for Allow signed updates for an intranet Microsoft update service location and installs the signing certificate to the Trusted Publisher store on the client.
Delta Updates
Explanation from microsoft.com
Client settings - Configuration Manager
docsmsft
Set this option to Yes to allow clients to use delta content files. This setting allows the Windows Update Agent on the device to determine what content is needed and selectively download it.
- Before enabling this client setting, ensure Delivery Optimization is configured appropriately for your environment. For more information, see Windows Delivery Optimization and the Delivery Optimization client setting.
- This client setting replaces Enable installation of Express installation files on clients. Set this option to Yes to allow clients to use express installation files. For more information, see Manage Express installation files for Windows 10 updates.
- When this option is set, delta download is used for all Windows update installation files, not just express installation files.When using a CMG for content storage, the content for third-party updates won't download to clients if the Download delta content when available client setting is enabled.
Deltaldownload.log - is the log file that tracks this behavior
Maintenance Windows
The feature, that used to be a bug - ish.
Client settings - Configuration Manager
docsmsft
When you set this option to Yes, and the client has at least one "Software Update" maintenance window defined, software updates will install during an "All deployments" maintenance window.
By default, this setting is set to No. This value uses the same behavior as before: if both types exist, it ignores the window.
Scenario 2: Maintenance Windows
Types of Windows
Value
Type
1
All Deployment Service Window
2
Program Service Window
3
Reboot Required Service Window
4
Software Update Service Window
5
Task Sequences Service Window
6
Corresponds to non-working hours
How To Schedule a Maintenance Window
Finding Maintenance Windows in ConfigMgr
1
SELECT sw.Name AS [MW Name],
2
Sw.CollectionID,
3
sw.Description,
4
sw.StartTime,
5
sw.Duration AS 'Duration Minutes',
6
sw.IsEnabled AS 'MW Enabled',
7
sys.Name0 AS ServerName,
8
sys.Resource_Domain_OR_Workgr0,
9
sys.Operating_System_Name_and0 AS OperatingSystem
10
FROM dbo.v_ServiceWindow AS sw INNER JOIN
11
dbo.v_FullCollectionMembership AS fcm ON sw.CollectionID = fcm.CollectionID
12
INNER JOIN dbo.v_R_System sys ON fcm.ResourceID = sys.ResourceID
13
WHERE (sys.Name0 = 'DEMO6')
14
ORDER BY [MW Name], sys.Name0
Copied!
The not really maintenance window
Business hours, and clients.
Business Hours vs. Maintenance Windows with System Center 2012 Configuration Manager
TECHCOMMUNITY.MICROSOFT.COM
Log File on the Client
https://ServiceWindowManager.log
servicewindowmanager.log
Introduction to software updates - Configuration Manager
docsmsft
β
Deep Dives - Previous
Understanding How ConfigMgr Interacts with WSUS
Next - Deep Dives
Understanding the ConfigMgr Application Model
Last modified 4mo ago
Copy link
Contents
Video Guide
Scenario 1: Configuring Software Update Policy
Software Update Scan Schedule
Schedule Deployment Re-evaluation
Enable Third Party Updates
Delta Updates
Maintenance Windows
Scenario 2: Maintenance Windows
Types of Windows
How To Schedule a Maintenance Window
Finding Maintenance Windows in ConfigMgr
The not really maintenance window
Log File on the Client