Fix the Software Update Task Sequence (built-in TS patching during OSD)
How is this still a problem? Ask any MVP and they all agree: the built-in task sequence for patching during OSD doesn't work. It doesn't survive double reboots, it has a upper patch limit before it crashes ... it's basically garbage. I don't mind making golden images in MDT, but I shouldn't _have_ to ... and yet I do. I makes SCCM feel less like a singular solution.
I’m updating the status. For 1606 we’ve made some changes, listed below.
As more are added we’ll update what Tech Preview/Release they appear in.
Timeout scan is now configurable
We added a new task sequence variable to allow a configurable timeout for scan. Variable name is SMSTSSoftwareUpdateScanTimeout, default is 30 minutes. Value is set in seconds so an hour is 60×60=3600
In the SMSTS.log we list the log files to check for updates download and evaluation.
These are UpdateDeployment.log, UpdatesHandler.log, WUAHandler.log and WindowsUpdate.log
New Option for full scan
There’s a new checkbox added to the Install Updates step – ‘Evaluate software updates from cached scan results’
If the checkbox is on we use cached results, if the checkbox is off we do a full scan
Task Sequences that are upgraded will have this option checked on – this is parity with the existing behavior
Power management changes
Clients maintain active power state during OS deployment Software Updates tasks.
Some devices (Surface Pro 3 for example) were going into Connected Standby state preventing completion of deployment, this was occurring in the Install Updates step
Windows upgrade roll ups
These are now filtered from the list of applicable updates
Ozzie Santiago commented
I'm running to this issue exactly. This is super terrible to troubleshoot and worse when you have to explain to a customer.
I have a similar problem on Windows 10 Stuck at 44 of 66 updates
Got the same Problem as James. You can see in the windows update log, that the updates have been correctly installed, but the TS agent does not seem to recognize this. Using SCCM 2012 R2 SP1 CU1.
James Jankowski commented
Not sure if its related, but the "Software Update" task started to hang (stop) when we added in the January 2016 updates. The task stops at Office update (KB3054785). We tried taking the update out but then the task hung at update KB3114486 (another Office update). All signs point to the task just stopping like we would see if we had 150+ updates. Total number of updates being installed by the task is 59. Thoughts? Any viable alternatives to using the "Software Update" task?
Update via SCCM or Microsoft Update option
Daniel Clemow commented
This is getting ridiculous - With Windows 8.1, .Net (various versions) and Office 2013 etc etc etc, there are around 300 updates. I thought it was doing well to *finally* install 200+ updates during install and capture, but then deployed this image to a test computer, and still has another 100+ updates to install after deploy task. Grrrr!!!! Wasting sooo much time with this.
Yeah, make it work guys
Jeppe Nielsen commented
Fix the issue please... ;)
Paul Cunningham commented
This problem has been around since CM 2007 RTM !!!! 8 years later and we are still talking about this. This shouldn't even need to be a suggestion. Get it fixed!
David O'Neil commented
An additional comment to add (not related to patches needing a double reboot). I would like to see a new feature for SCCM packages and applications to also be able to handle double reboots. For example, in an OSD task sequence I would like to use DISM to convert the Windows Edition to a higher level if needed. After running the DISM command to do this, a double reboot is required and later breaks the task sequence completely. I know that a double reboot is also sometimes required when installing certain Roles and/or Features within the Windows OS. Not sure how to get around this.
Bram Vlasblom commented
This issue is for our organization also a pain point. A build and capture task sequence with Windows 7 SP1 out of the box, some middleware and runtimes does not install all updates. Even when multiple update steps are used. Triggering a software update scan with PowerShell in between does not solve the problem either. Building images is one of the key features that are needed for a deployment of our devices. Every month the image must be regenerated. It is very frustrating that it does not work properly. We have a filed support case with number 11506081282209.
Last weekend we tested this feature again with CU1 on SCCM 2012 R2 SP1, still the same issues.
I find the same frustration. Having to add several software update steps to make sure the build and capture works. Also double reboots cause task sequences to bug out.
Stephen Owen commented
Totally agreed, this is a big pain point, and I'd love to see it addressed.
The link below does not work for some reason. This one does https://support.microsoft.com/en-us/kb/2894518
Aaron - Your comment implies that this is not a well known/established problem, a quick search online of blogs and SC communities confirms this is a known issue, which the majority of users must work around.
When I logged this with premier support, the response was to enable continue on error on the software update step (!) and to put in multiple software update steps. This prevents the TS from failing, but renders that (critical) process unreliable. Updates performing multiple reboots also causes the process to fail as per https://support.microsoft.com/en-gb/kb/2894518
Ultimately, this seems to stem from the insistence to integrate with WSUS, I can totally understand the logic behind that decision, but perhaps the priority should be reliability. The MDT approach to point at a folder full of MSUs is a simpler one and therefore more reliable.
Thomas Forsmark Soerensen commented
I will be glad to explain what I am experiencing.
1. General patching with the “Install Software Updates” task is very slow. It takes 10-15 minutes saying “Installing Software Updates” before it starts to install the actual updates.
2. After installing the last update it stays for along time at “Installing update x og x updates”
3. When installing a large number of updates it will break the TS. A large number of updates will be 160+ updates. If I do this it will break the “Prepare Configuration Manager Client” step as explained here https://social.technet.microsoft.com/Forums/en-US/8140c022-5ca2-4bac-b8fc-f8b686566e44/build-and-capture-ts-fails-in-prepare-configuration-manager-client-task?forum=configmanagerosd
4. Having more than one “Install Software Updates” tasks in the TS can break the TS like in 3. Removing tasks so there is only one left will make the TS run through if there are not too many updates to be installed.
AdminAaron Czechowski [ConfigMgr Product Team] (Admin, System Center Configuration Manager) commented
Justin/Thomas - can you please expand on this with some more details? Have you filed support cases or Connect feedback on these issues? What OS are you deploying when you encounter these problems? How many updates are you deploying?
Thomas Forsmark Soerensen commented
I couldn't agree more. The multiple reboot problem might be fixed in the SP1 for SCCM 2012 R2 but the unstable "install Software Updates" task that cannot handle a lot of updates is making patching in a TS unusable. Please fix this.