Thank you for this! It might take me a bit to test it out in our dev environment as some other things have come up to take precedence recently. But I'll definitely check it out further at the next available opportunity.
Regards, -S > On Oct 28, 2014, at 1:20 PM, Wilbers, Scott <scott_wilb...@ctsinc.biz> wrote: > > I don’t have a blog…but I can sure share with this group. I have attached 2 > files, one is the PowerShell script and the other is a text file that the > script uses for controlling the updates that get automatically deployed. > > Some notes about how I have things set up before I go into what all the > script does: > · For Software Update Groups/Packages, I have one group per month for > the current year, and then consolidate older updates from previous years into > a single group, i.e. “2013-All” > o Packages are created using this same standard but are prefixed with > “Software Updates -”, i.e “Software Updates – 2013-All” or “Software Updates > – 2014-09” > · I created an ADR ahead of time that the script utilizes, these > settings will need to be configured: > o General Tab > § Collection – Doesn’t matter, I set mine to an empty collection b/c I > delete the group/deployment that is created when the ADR runs > § Add to an existing Software Update Group > o Deployment Settings Tab > § Automatically deploy all software updates found by this rule and approve > any license agreements > o Evaluation Schedule > § Do not run this rule automatically > o Software Updates Tab > § Can be set to anything, script will overwrite > o Deployment Package Tab > § Set to any existing package, script will overwrite > > > Now, this is what the script does… > · Loops through all the existing SU groups that start with “20”, so > it gets all the standard monthly groups, and then looks for any required > updates released during the relevant month/year > o If SU Group doesn’t exist for current month, it will then look for > updates for the current month > o I also have some other non-standard groups for SQL SPs and such that I > didn’t want included in the normal monthly updates, so they are ignored by > this script > · For each group, it will then search for updates that meet this > criteria using WMI (SMS_SoftwareUpdate class): > o IsDeployed=0 AND IsSuperseded=0 AND IsExpired=0 AND NumMissing > 0 > o DatePosted matches the Year and/or Month of the Group being processed > · When updates are found that need to be deployed: > o Verify that required package exists, if not it will create a new package > o Modify ADR to use the appropriate package > o Modify ADR to use the appropriate Search Criteria > § Required > 1 > § Superseded = No > § Title – it will add each Update the script found to the Title search > crieteria > o Run the ADR (using ConfigMgr cmdlet > “Invoke-CMSoftwareUpdateAutoDeploymentRule”) > o Waits for the ADR to complete and will logs/write-host the number of > updates that have been downloaded > o Deletes the Software Update Group created by the ADR > o Verifies all the updates are downloaded, if an update wasn’t downloaded, > it will modify/run the ADR again > o Validates the SU Package is on all DPs (does this based on DP Group) > o Adds updates to existing SU Group or creates a new SU Group if a new month > § If it creates a new group, it will also create the required deployments > > > Customizations for your environment: > Lines 110-114 – These lines create the deployments for a newly create group, > we create 2 deployments…you can modify as needed to fit your deployment > strategy > Lines 125 & 128 – Modify Package Source path as needed > Line 163 - there are a couple of strings that would need to be modified, > needs the site server and site code for your environment > Line 178 – Name of the DP group that includes all of the distribution points > Line 180 – Name of the ADR you want to use > > > The script also includes a –Review parameter that allows you just see the > updates that would be deployed. It will also do some simple logging, creates > a log file in the same dir the script is run from. Feel free to use any/all > of the script, I have been using it for 7-8 months and it has worked great > for me, but as always, I recommend testing in your environment!! > > > > From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] > On Behalf Of s kissel > Sent: Tuesday, October 28, 2014 11:50 AM > To: mssms@lists.myitforum.com > Subject: RE: [mssms] ADR and Dynamic Deployment Packages > > Scott, > > That sounds like what we're looking for. Care to strip any proprietary info > out of the script (Host names, etc.) and share? Have you blogged it? If not, > you should! Sounds like there are at least two other folks in this thread who > would be interested in something of this sort and have so far come up without > a solution. > > Regards, > -S > > From: scott_wilb...@ctsinc.biz > To: mssms@lists.myitforum.com > Subject: RE: [mssms] ADR and Dynamic Deployment Packages > Date: Tue, 28 Oct 2014 16:33:42 +0000 > > We have separate SU Group and packages for each month and couldn’t get the > ADR process to handle this out of the box. I wrote a PowerShell script to > handle all of it. It will create a new package and modify the ADR to use the > new package, and then invoke the ADR. I also wanted more control over which > updates get flagged when the ADR runs, so the script will also modify the > search criteria each time it runs. > > From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] > On Behalf Of s kissel > Sent: Monday, October 27, 2014 3:27 PM > To: mssms@lists.myitforum.com > Subject: [mssms] ADR and Dynamic Deployment Packages > > Hi - Suppose you had an ADR that created a new SU Group every month. You can > set the ADR up to download the updates into a new SU package, or a previously > created one. However, suppose you wanted the ADR to create a new SU package > each month, using variables such as %Month% or something along those lines. > Is this even possible? > > The main driver for this is that with 160 DPs spread worldwide and some with > very, very low bandwidth available, it's become increasingly difficult to > push 6 and 9 GB packages across WAN links repeatedly, and even more so as a > few new DPs are stood up every month. > > Regards, > -S > > ************************************************************************************************** > Note: > The information contained in this message may be privileged and confidential > and > protected from disclosure. If the reader of this message is not the intended > > recipient, or an employee or agent responsible for delivering this message to > > the intended recipient, you are hereby notified that any dissemination, > distribution or copying of this communication is strictly prohibited. If you > have received this communication in error, please notify us immediately by > replying to the message and deleting it from your computer. > ************************************************************************************************** > > > ************************************************************************************************** > Note: > The information contained in this message may be privileged and confidential > and > protected from disclosure. If the reader of this message is not the intended > > recipient, or an employee or agent responsible for delivering this message to > > the intended recipient, you are hereby notified that any dissemination, > distribution or copying of this communication is strictly prohibited. If you > have received this communication in error, please notify us immediately by > replying to the message and deleting it from your computer. > ************************************************************************************************** > > > <DeploySoftwareUpdates.ps1.txt> > <DeploySoftwareUpdateStrings.txt>
