Understanding the Software Update Chain

Understanding the software update process from clients to servers.

Video Guide

Scenario 1: Configuring Software Update Policy

When you first start off with configuration manager and software updates there are always a lot of questions, what options should l use, how do they work and more.

Software Update Scan Schedule

When does this REALLY Happen

Anytime a NEW software update group is assigned AND machine policy Runs
Anytime a scheduled instance of Software Update Scan Schedule Hits
Anytime a Deployment is completed
Sometimes after a reboot is completed - Depends on assignment configuration
After a servicing stack update https://docs.microsoft.com/en-us/mem/configmgr/sum/plan-design/plan-for-software-updates#bkmk_ssu

Schedule Deployment Re-evaluation

This does NOT contact WSUS
Uses the existing locally stored policies in WMI

WMI Explorer is a fantastic tool to review the classes that are involved in all of this

Release WMI Explorer 2.0.0.2 · vinaypamnani/wmie2GitHub

What is It

WMI Path

Software Update Objects

\MACHINENAME\ROOT\ccm\ClientSDK:CCM_SoftwareUpdate

Update Manager

\MACHINENAME\ROOT\ccm\ClientSDK:CCM_SoftwareUpdatesManager

Update CI Assignment

\MACHINENAME\ROOT\ccm\Policy\Machine\ActualConfig:CCM_UpdateCIAssignment

Maintenance Windows

\MACHINENAME\ROOT\ccm\Policy\Machine\ActualConfig:CCM_ServiceWindow

Cient Policy

\MACHINENAME\ROOT\ccm\Policy\Machine\ActualConfig:CCM_SoftwareUpdatesClientConfig

Enable Third Party Updates

Client settings - Configuration ManagerMicrosoftLearn

When you set this option to Yes, it sets the policy for Allow signed updates for an intranet Microsoft update service location and installs the signing certificate to the Trusted Publisher store on the client.

Delta Updates

Explanation from microsoft.com

Client settings - Configuration ManagerMicrosoftLearn

Set this option to Yes to allow clients to use delta content files. This setting allows the Windows Update Agent on the device to determine what content is needed and selectively download it.

Before enabling this client setting, ensure Delivery Optimization is configured appropriately for your environment. For more information, see Windows Delivery Optimization and the Delivery Optimization client setting.
This client setting replaces Enable installation of Express installation files on clients. Set this option to Yes to allow clients to use express installation files. For more information, see Manage Express installation files for Windows 10 updates.
When this option is set, delta download is used for all Windows update installation files, not just express installation files.
When using a CMG for content storage, the content for third-party updates won't download to clients if the Download delta content when available client setting is enabled.

Deltaldownload.log - is the log file that tracks this behavior

Maintenance Windows

The feature, that used to be a bug - ish.

Client settings - Configuration ManagerMicrosoftLearn

When you set this option to Yes, and the client has at least one "Software Update" maintenance window defined, software updates will install during an "All deployments" maintenance window.

By default, this setting is set to No. This value uses the same behavior as before: if both types exist, it ignores the window.

Scenario 2: Maintenance Windows

Types of Windows

Value

Type

All Deployment Service Window

Program Service Window

Reboot Required Service Window

Software Update Service Window

Task Sequences Service Window

Corresponds to non-working hours

How To Schedule a Maintenance Window

Finding Maintenance Windows in ConfigMgr

SELECT  sw.Name AS [MW Name],
	Sw.CollectionID,
    sw.Description, 
    sw.StartTime, 
    sw.Duration AS 'Duration Minutes',
    sw.IsEnabled AS 'MW Enabled', 
    sys.Name0 AS ServerName,
	sys.Resource_Domain_OR_Workgr0, 
    sys.Operating_System_Name_and0 AS OperatingSystem
FROM  dbo.v_ServiceWindow AS sw INNER JOIN 
      dbo.v_FullCollectionMembership AS fcm ON sw.CollectionID = fcm.CollectionID 
INNER JOIN  dbo.v_R_System sys ON fcm.ResourceID = sys.ResourceID 
WHERE  (sys.Name0 = 'DEMO6') 
ORDER BY [MW Name], sys.Name0

The not really maintenance window

Business hours, and clients.

https://techcommunity.microsoft.com/t5/configuration-manager-archive/business-hours-vs-maintenance-windows-with-system-center-2012/ba-p/273032techcommunity.microsoft.com

Log File on the Client

https://ServiceWindowManager.logservicewindowmanager.log

Introduction to software updates - Configuration ManagerMicrosoftLearn

PreviousUnderstanding How ConfigMgr Interacts with WSUS NextUnderstanding the ConfigMgr Application Model

Last updated 4 years ago

Was this helpful?

hashtagVideo Guide

hashtagScenario 1: Configuring Software Update Policy

hashtagSoftware Update Scan Schedule

hashtagSchedule Deployment Re-evaluation

hashtagEnable Third Party Updates

hashtagDelta Updates

hashtagMaintenance Windows

hashtagScenario 2: Maintenance Windows

hashtagTypes of Windows

hashtagHow To Schedule a Maintenance Window

hashtagFinding Maintenance Windows in ConfigMgr

hashtagThe not really maintenance window

hashtagLog File on the Client

Video Guide

Scenario 1: Configuring Software Update Policy

Software Update Scan Schedule

Schedule Deployment Re-evaluation

Enable Third Party Updates

Delta Updates

Maintenance Windows

Scenario 2: Maintenance Windows

Types of Windows

How To Schedule a Maintenance Window

Finding Maintenance Windows in ConfigMgr

The not really maintenance window

Log File on the Client