Microsoft

System Center Configuration Manager Feedback

Suggestion box powered by UserVoice

How can we improve Configuration Manager?

Fix the Software Update Task Sequence (built-in TS patching during OSD)

How is this still a problem? Ask any MVP and they all agree: the built-in task sequence for patching during OSD doesn't work. It doesn't survive double reboots, it has a upper patch limit before it crashes ... it's basically garbage. I don't mind making golden images in MDT, but I shouldn't _have_ to ... and yet I do. I makes SCCM feel less like a singular solution.

1,829 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Justin King shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    I’m updating the status. For 1606 we’ve made some changes, listed below.
    As more are added we’ll update what Tech Preview/Release they appear in.

    Timeout scan is now configurable
    We added a new task sequence variable to allow a configurable timeout for scan. Variable name is SMSTSSoftwareUpdateScanTimeout, default is 30 minutes. Value is set in seconds so an hour is 60×60=3600

    Logging changes
    In the SMSTS.log we list the log files to check for updates download and evaluation.
    These are UpdateDeployment.log, UpdatesHandler.log, WUAHandler.log and WindowsUpdate.log

    New Option for full scan
    There’s a new checkbox added to the Install Updates step – ‘Evaluate software updates from cached scan results’
    If the checkbox is on we use cached results, if the checkbox is off we do a full scan
    Task Sequences that are upgraded will have this option checked on – this is parity with the existing behavior

    Power management changes
    Clients maintain active power state during OS deployment Software Updates tasks.
    Some devices (Surface Pro 3 for example) were going into Connected Standby state preventing completion of deployment, this was occurring in the Install Updates step

    Windows upgrade roll ups
    These are now filtered from the list of applicable updates

    58 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Ozzie Santiago commented  ·   ·  Flag as inappropriate

        I'm running to this issue exactly. This is super terrible to troubleshoot and worse when you have to explain to a customer.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Got the same Problem as James. You can see in the windows update log, that the updates have been correctly installed, but the TS agent does not seem to recognize this. Using SCCM 2012 R2 SP1 CU1.

      • James Jankowski commented  ·   ·  Flag as inappropriate

        Not sure if its related, but the "Software Update" task started to hang (stop) when we added in the January 2016 updates. The task stops at Office update (KB3054785). We tried taking the update out but then the task hung at update KB3114486 (another Office update). All signs point to the task just stopping like we would see if we had 150+ updates. Total number of updates being installed by the task is 59. Thoughts? Any viable alternatives to using the "Software Update" task?

      • Daniel Clemow commented  ·   ·  Flag as inappropriate

        This is getting ridiculous - With Windows 8.1, .Net (various versions) and Office 2013 etc etc etc, there are around 300 updates. I thought it was doing well to *finally* install 200+ updates during install and capture, but then deployed this image to a test computer, and still has another 100+ updates to install after deploy task. Grrrr!!!! Wasting sooo much time with this.

      • Paul Cunningham commented  ·   ·  Flag as inappropriate

        This problem has been around since CM 2007 RTM !!!! 8 years later and we are still talking about this. This shouldn't even need to be a suggestion. Get it fixed!

      • David O'Neil commented  ·   ·  Flag as inappropriate

        An additional comment to add (not related to patches needing a double reboot). I would like to see a new feature for SCCM packages and applications to also be able to handle double reboots. For example, in an OSD task sequence I would like to use DISM to convert the Windows Edition to a higher level if needed. After running the DISM command to do this, a double reboot is required and later breaks the task sequence completely. I know that a double reboot is also sometimes required when installing certain Roles and/or Features within the Windows OS. Not sure how to get around this.

      • Bram Vlasblom commented  ·   ·  Flag as inappropriate

        This issue is for our organization also a pain point. A build and capture task sequence with Windows 7 SP1 out of the box, some middleware and runtimes does not install all updates. Even when multiple update steps are used. Triggering a software update scan with PowerShell in between does not solve the problem either. Building images is one of the key features that are needed for a deployment of our devices. Every month the image must be regenerated. It is very frustrating that it does not work properly. We have a filed support case with number 11506081282209.

        Last weekend we tested this feature again with CU1 on SCCM 2012 R2 SP1, still the same issues.

      • joejoeinc commented  ·   ·  Flag as inappropriate

        I find the same frustration. Having to add several software update steps to make sure the build and capture works. Also double reboots cause task sequences to bug out.

      • Mike commented  ·   ·  Flag as inappropriate

        Aaron - Your comment implies that this is not a well known/established problem, a quick search online of blogs and SC communities confirms this is a known issue, which the majority of users must work around.

        When I logged this with premier support, the response was to enable continue on error on the software update step (!) and to put in multiple software update steps. This prevents the TS from failing, but renders that (critical) process unreliable. Updates performing multiple reboots also causes the process to fail as per https://support.microsoft.com/en-gb/kb/2894518

        Ultimately, this seems to stem from the insistence to integrate with WSUS, I can totally understand the logic behind that decision, but perhaps the priority should be reliability. The MDT approach to point at a folder full of MSUs is a simpler one and therefore more reliable.

      • Thomas Forsmark Soerensen commented  ·   ·  Flag as inappropriate

        I will be glad to explain what I am experiencing.

        1. General patching with the “Install Software Updates” task is very slow. It takes 10-15 minutes saying “Installing Software Updates” before it starts to install the actual updates.

        2. After installing the last update it stays for along time at “Installing update x og x updates”

        3. When installing a large number of updates it will break the TS. A large number of updates will be 160+ updates. If I do this it will break the “Prepare Configuration Manager Client” step as explained here https://social.technet.microsoft.com/Forums/en-US/8140c022-5ca2-4bac-b8fc-f8b686566e44/build-and-capture-ts-fails-in-prepare-configuration-manager-client-task?forum=configmanagerosd

        4. Having more than one “Install Software Updates” tasks in the TS can break the TS like in 3. Removing tasks so there is only one left will make the TS run through if there are not too many updates to be installed.

      • Thomas Forsmark Soerensen commented  ·   ·  Flag as inappropriate

        I couldn't agree more. The multiple reboot problem might be fixed in the SP1 for SCCM 2012 R2 but the unstable "install Software Updates" task that cannot handle a lot of updates is making patching in a TS unusable. Please fix this.

      1 3 Next →

      Feedback and Knowledge Base