Hi all, I'm in the process of setting up Patching using SCCM.
I have specified Maintenance windows and created the packages using Software Updates within SCCM. I have however discovered a couple of issues.
The main issue is that some of our servers require a shutdown sequence, i.e. taking down certain services and application in a controlled manner, via batch file currently. The patching routines need to be automated so I thought using a Task sequence for the following would work;
1.) Install Updates
2.) Run Commands
3.) Reboot (with condition that services etc are in a stopped state)
However the test servers appear to reboot after the updates have installed regardless meaning 2 reboots.
In the setup of the package it is set to supress reboots on servers but this doesn't appear to apply when initialising them from a task sequence.
What would be the best method?
How about
1.) Take down services / commands for shutting various apps
2.) Install updates
In theory that would work? Anyone see any issue there or suggest a better way of controlling it. This all needs to happen in a maintenance window i.e.
Hit maintenance windows at 05:00 am
Install updates
Reboot
End maintenance window at 06:00 am
I know the calculation of time required needs to fit in the window for it to work, so allocating 5 mins to apply a patch, 10 mins for a reboot.
Another question is with regards to calculating required time;
If there are 20 updates approved in a package and only one is appplicable, is sccm clever enough to calculate the time for the single update or does it just calculate for the whole lot?
The other option would be to setup the package to target the desired collection, so the updated would install at the start of the window, but then is there a way to trigger a task sequence once the updates complete, I don't seem to be able to think of a way of doing it maybe status message rules? As the Software Updates are not a 'real' package it seems pretty damn difficult.
One last item is to do with SCUP, will that inhance the Software Update functionality for us / make any of this easier? currently we are running SCCM2007R3 in Native mode with only MDT added functionality
Any help or advice would be appreciated, what are you folks doing and is there a better way to achieve what we need?
I do have some other questions so please let me know if you are willing to help me via email etc.
I have specified Maintenance windows and created the packages using Software Updates within SCCM. I have however discovered a couple of issues.
The main issue is that some of our servers require a shutdown sequence, i.e. taking down certain services and application in a controlled manner, via batch file currently. The patching routines need to be automated so I thought using a Task sequence for the following would work;
1.) Install Updates
2.) Run Commands
3.) Reboot (with condition that services etc are in a stopped state)
However the test servers appear to reboot after the updates have installed regardless meaning 2 reboots.
In the setup of the package it is set to supress reboots on servers but this doesn't appear to apply when initialising them from a task sequence.
What would be the best method?
How about
1.) Take down services / commands for shutting various apps
2.) Install updates
In theory that would work? Anyone see any issue there or suggest a better way of controlling it. This all needs to happen in a maintenance window i.e.
Hit maintenance windows at 05:00 am
Install updates
Reboot
End maintenance window at 06:00 am
I know the calculation of time required needs to fit in the window for it to work, so allocating 5 mins to apply a patch, 10 mins for a reboot.
Another question is with regards to calculating required time;
If there are 20 updates approved in a package and only one is appplicable, is sccm clever enough to calculate the time for the single update or does it just calculate for the whole lot?
The other option would be to setup the package to target the desired collection, so the updated would install at the start of the window, but then is there a way to trigger a task sequence once the updates complete, I don't seem to be able to think of a way of doing it maybe status message rules? As the Software Updates are not a 'real' package it seems pretty damn difficult.
One last item is to do with SCUP, will that inhance the Software Update functionality for us / make any of this easier? currently we are running SCCM2007R3 in Native mode with only MDT added functionality
Any help or advice would be appreciated, what are you folks doing and is there a better way to achieve what we need?
I do have some other questions so please let me know if you are willing to help me via email etc.
