How To Create A Software Patch
Let's learn how to create a New Software Update Patch Packages using SCCM | Configuration Manager. Most of the organizations are using SCCM to deploy patches to thousands of Windows devices. In this guide, you learn the basics of creating patch packages and deploying the patch packages.
Pre Requisites
The following are the high-level prerequisites that should be in place before you start creating the Software Update Patch Package using SCCM.
- ConfigMgr Infrastructure and healthy clients (WUA & SCCM).
- WSUS is installed for SCCM usage.
- SCCM Software Update Point (SUP) is configured and synced with Microsoft Windows Update services.
- Select the appropriate products from the WSUS products list. More details – Do Not Setup SUP With Default WSUS Product Selection ConfigMgr SCCM.
- Appropriate access right to create and deploy software update patch package. More details – about RBAC roles.
- Group policy settings for software updates for Windows clients
Select Patches & Create Software Update Group
Let's understand the patch package creation process using a manual method to understand it better way. We cover the Automatic Deployment Rule (ADR) in the future post.
- Launch ConfigMgr Admin Console
- Navigate to \Software Library\Overview\Software Updates\All Software Updates
- Select one of the patches from the list as you can see in the below screenshot
- Right-click on the selected patch and click on Create Software Update Group
- Create Software Update Group
- Enter the name of the software update group = "Windows 10 1909 March 2019 Updates"
- Enter the Description of Software Update Group (SUG)
- Click on Create button finish Software Update Group (SUP)
- Navigate to \Software Library\Overview\Software Updates\Software Update Groups
Create a New Software Update Patch Package using SCCM
Let's get into the meat of this guide. The following steps help you to create a New Software Update patch package using Configuration Manager.
- Navigate to \Software Library\Overview\Software Updates\Software Update Groups.
- Select the Software Update Group which we created in the above section.
- Right-Click on the Software Update Group and Select DOWNLOAD
NOTE! – If you want to edit existing Software Update Groups? Refer to the following post here https://www.anoopcnair.com/sccm-patches-to-existing-software-update-group/
- Specify a Deployment package from Download Software Update Wizard
- Create a new Software Update patch package using SCCM
- Enter the Name of the Software Update Package
- Windows 10 1909 March 2019 Updates
- Enter the Description of the Software Update Package
- Enter the package source path (UNC). You can use the BROWSE button also
- \CMMEMCM\Sources\Package Source\Patch Packages\Mar 2020
- Check the box Enable Binary differential replication
- Enter the Name of the Software Update Package
- Specify the Distribution Points for this Software Update patch package
- Click on Add button and select Distribution Point option
- Select the Distribution Point from the list of DPs to host the content of the Software Update Patch Package.
- Click on OK button to complete the selection
- Click on NEXT button to proceed to continue
- Specify the general distribution settings for this package
- Select Distribution Priority – Medium
- Specify the behavior that you want to occur when a distribution point is enabled for pre-staged content
- Automatically download content when packages are assigned to distribution points
- Click NEXT to continue
- Specify the source location for a Software update that you will download
- Downloaded Software Updates from the internet
- Specify the update language for products
- Select the Languages which you want to Windows Update – Update Language English
MetaData of Software Update Patch Package
Package: The software updates will be placed in a new package: • Windows 10 1909 March 2019 Updates Content (1): • CMMEMCM.MEMCM.COM Distribution Settings • Priority: Medium • Enable for on-demand distribution: Disabled • Prestaged distribution point settings: Automatically download content when packages are assigned to distribution points Software updates that will be downloaded from the internet 2020-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4551762) Windows Update Language Selection: English Office 365 Client Update Language Selection: English (United States)
Download Updates from the Internet
- Let's complete the download Software Updates to SCCM server during this phase the package
- Click NEXT, NEXT, & Close (once the download is completed)
Logs PatchDownloader.Log
The PatchDownloader.log file shall give you the details of the download from the %temp% folder from the system you are creating the Software Update Patch Package.
Downloading content for ContentID = 16777433, FileName = Windows10.0-KB4551762-x64.cab. Connecting - Adding file range by calling HttpAddRequestHeaders, range string = "Range: bytes=0-" Download http://dl.delivery.mp.microsoft.com/filestreamingservice/files/c9fae009-af60-48de-97c9-ca3ce45380fd/public/windows10.0-kb4551762-x64_add22bc4acb20b27873ad9c094bdcab53e759774.cab in progress: 10 percent complete Download http://dl.delivery.mp.microsoft.com/filestreamingservice/files/c9fae009-af60-48de-97c9-ca3ce45380fd/public/windows10.0-kb4551762-x64_add22bc4acb20b27873ad9c094bdcab53e759774.cab in progress: 20 percent complete Download http://dl.delivery.mp.microsoft.com/filestreamingservice/files/c9fae009-af60-48de-97c9-ca3ce45380fd/public/windows10.0-kb4551762-x64_add22bc4acb20b27873ad9c094bdcab53e759774.cab in progress: 30 percent complete . . . Checking machine config Cert revocation check is disabled so cert revocation list will not be checked. To enable cert revocation check use: UpdDwnldCfg.exe /checkrevocation Verifying file trust C:\Users\anoop.MEMCM\AppData\Local\Temp\CAB5CA3.tmp File trust C:\Users\anoop.MEMCM\AppData\Local\Temp\CAB5CA3.tmp verified: Verifying file hash C:\Users\anoop.MEMCM\AppData\Local\Temp\CAB5CA3.tmp File hash verified: C:\Users\anoop.MEMCM\AppData\Local\Temp\CAB5CA3.tmp Successfully moved C:\Users\anoop.MEMCM\AppData\Local\Temp\CAB5CA3.tmp to \CMMEMCM\Sources\Package Source\Patch Packages\Mar 2020\6bb57e44-c2f2-41c3-9a87-d063c9b6ed2b.1\Windows10.0-KB4551762-x64.cab Renaming \CMMEMCM\Sources\Package Source\Patch Packages\Mar 2020\6bb57e44-c2f2-41c3-9a87-d063c9b6ed2b.1 to \CMMEMCM\Sources\Package Source\Patch Packages\Mar 2020\6bb57e44-c2f2-41c3-9a87-d063c9b6ed2b Successfully moved \CMMEMCM\Sources\Package Source\Patch Packages\Mar 2020\6bb57e44-c2f2-41c3-9a87-d063c9b6ed2b.1 to \CMMEMCM\Sources\Package Source\Patch Packages\Mar 2020\6bb57e44-c2f2-41c3-9a87-d063c9b6ed2b
Results – Software Update Package Creation
Let's see the results package creation, download, and distribution of software update patch package.
- Navigate to \Software Library\Overview\Software Updates\Deployment Packages node
- Check and confirm the distribution point status
Deploy Patch Package
Now let's try to deploy software update patch package to Windows 10 devices in the organization.
- Navigate to \Software Library\Overview\Software Updates\Software Update Groups
- Select Software Update Group which you want to deploy
- Right-click on the Software Update Group and select Deploy
- Enter the name of the Deployment from specify general information for this deployment page
- Enter the description for the deployment
- Select the Collection using BROWSE button
- Click on NEXT button
Deployment Settings – Available | Required
- Specify deployment settings for this deployment
- Specify if this deployment is available for installation or if it's a required installation
- Select the deployment type as Required from Type of Deployment section
- Select the Details Level as Only success and error messages
Schedule Options
- Need to configure three settings from the schedule page
- Select the Schedule evaluation time (Time based on)- Client Local Time is the default and best option.
- Select Software Available Time – As Soon As Possible
- Select the installation deadline for Software update patch package – Specify Time as per your requirement.
- Click on NEXT button to continue
User Experience
- Specify the User Experience of Patch deployment from this page.
- Select the User Visual Experience – Display in Software Center and show all the notification.
- Deadline Behaviour – Select the option as per your requirement. The best option is to keep it as default as shown in the below picture.
- Device Restart Behaviour – Select the option as per your requirement. The best option is to keep it as default as shown in the below picture.
- Write Filter handling for Windows Embedded devices – Keep the default option even though this is not applicable for Windows 10 devices.
- Software Update Deployment Reevaluation Behaviour – Select the option as per your requirement. The best option is to keep it as default as shown in the below picture.
Alert Options for the Patch Deployment
- Let's select the alert options for Software update patches using SCCM | Configuration Manager.
- Configuration Manager Alerts – It's not enabled as default. I'm going to keep the same option for patch deployment.
- Operational Manager Alerts – It's not enabled as default. I'm going to keep the same option for patch deployment.
- Click on NEXT button to continue
Download Options
- Let's select the download options of this patch from Windows 10 client device
- There are two types of Download options here
- Download the content if the content NOT available in the local|Current DP
- DO NOT Download the content from neighboring DP because that might create bandwidth issues?
- DON NOT download the content from Site default boundary as well because that might create bandwidth issues?
- Click on NEXT, NEXT, and CLOSE to complete the deployment of Software update patch package using SCCM
- Download the content if the content NOT available in the local|Current DP
MetaData Deployment Information
Let's find the metadata information of Patch package deployment using SCCM | Configuration Manager.
Updates Targeted: • 2020-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4551762) 4551762(Article ID) General: • Deployment Name: Windows 10 1909 March 2019 Updates • Collection: All Desktop and Server Clients Deployment Settings: • Send wake-up packets: No • Verbosity Level: Only success and error messages Scheduling: • Deployment schedules will be based on: Client local time • Available to target computers: 3/24/2020 11:01:00 PM • Deadline for software update installation: 3/31/2020 8:45:00 PM • Delayed enforcement on deployment: No User Experience: • User Notifications: Display in Software Center and show all notifications • Install software updates outside the maintenance window when deadline is reached: No • Restart system outside the maintenance window when deadline is reached: Suppressed • If a restart is required it will be: Allowed • Commit changes at deadline or during a maintenance window (requires restarts): Yes • If any update in this deployment requires a system restart, run updates deployment evaluation cycle after restart: No Alerts: • On software update installation error generate a Window Event: No • Disable Window Event while software updates install: No Download Settings: • Computers can retrieve content from remote distribution points: No
Results from Windows 10 Device
Let's check the Software Center of Windows 10 device to understand the behavior of Software Update patch deployment using SCCM.
Log Files – Windows 10
Let's have a look at WUAHandler.log
Going to search using WSUS update source. Synchronous searching started using filter: 'UpdateID = 'b9f38079-d7b9-4519-8435-7a0fe43f511e' AND DeploymentAction = *'… Successfully completed synchronous searching of updates. Update: b9f38079-d7b9-4519-8435-7a0fe43f511e, 200 BundledUpdates: 1 Update: 6bb57e44-c2f2-41c3-9a87-d063c9b6ed2b, 200 BundledUpdates: 0 Update (Missing): 2020-03 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4551762) (b9f38079-d7b9-4519-8435-7a0fe43f511e, 200) Async installation of updates started. Installation of updates completed.
The Software Update patch installation using SCCM is completed successfully.
Resources
- Download software updates – https://docs.microsoft.com/en-us/configmgr/sum/deploy-use/download-software-updates
- Deploy software updates – https://docs.microsoft.com/en-us/configmgr/sum/deploy-use/deploy-software-updates
How To Create A Software Patch
Source: https://www.anoopcnair.com/create-deploy-new-software-update-patch-package/
Posted by: daystol1941.blogspot.com
0 Response to "How To Create A Software Patch"
Post a Comment