System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

How can we improve Configuration Manager?

Install Third Party Software Updates during TS Install Software Updates step

Currently (v1806 or later) Third Party Software Updates are not being installed during the Install Software Updates step in a Task Sequence.

Ideally third party software updates should be installed just like regular updates during the Task Sequence. A machine should be fully patched (secure and end-user ready) when it leaves the deployment bench.

26 votes
Sign in
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Tim De Keukelaere shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Sign in with: facebook google
Signed in as (Sign out)
  • Jeremiah Abbott commented  ·   ·  Flag as inappropriate

    I would like to see a version of this as well. I imagine having additional options added onto the Install Software Updates Task Sequence Step's settings pane:
    - A Check-Box to enable/disable 3rd Party Updates on the step; (sets the Local Publisher local policy/registry values)
    - A box to browse to, and select your code signing certificate, or an option to use/generate a Self-Signed certificate as ConfigMgr is currently doing in version 1806+ on fully-provisioned systems.

  • Markus B commented  ·   ·  Flag as inappropriate

    We don't need those updates during OSD, but' I've seen certificate trust errors within the "Install Updates" step lately.
    It might be required to deploy the WSUS signing certificate during OSD befor Installing updates, as the PKI GPO will not be applied.

Feedback and Knowledge Base