Introduction:
Software update groups provide you with an effective method to organize software updates in your environment. Software update group consists of multiple software updates (metadata Only) .You can manually add software updates to a software update group or automatically add software updates to a software update group by using an ADR.
One of the major advantage using software update group is ,easier to track the compliance status using reports or console method for multiple updates that you have deployed and delegate software update administration (You can set a security scope for each software update group).
Problem:
If you have multiple software update groups to deploy to multiple collections as part of monthly patching ,it would be difficult to do it via console .why is it difficult ? well ,the user interface takes very long time (depends on the number of updates in each update group) to process the updates in each software update group ,validate and deploy to collection with some settings like available date,deadline date/time ,reboot settings,download settings etc. If you have already doing it from the console with user interface ,you really need to look at other methods like tools or powershell script to save your time .
Solution:
There are lot of 3rd party tools and scripts available to deploy software update groups to collections but in this blog post, i will share the simple powershell script that i have created to deploy multiple software update groups to multiple collections reading from CSV file and pipe the information to Log file whether the deployments are created or not.
The CSV file is input for the script to read variables like Software update Group Name,collection name,deployment name,deployment type,available date,deadline date,time ,restart servers or workstations. I considered these variables in my script because they are most common settings that we go with.
If you want to customize variables like download settings etc ,you can pipe this information into CSV file and modify the script to read these custom variables.
This powershell script uses the basic Configmgr powershell cmdlets with some custom powershell commands to read the input variables from CSV file ,check if the deployment name already exist or not and then create deployments.
Note: This script will check if the deployment name already exist or not before it create new one similar to user interface .Using console, you cannot use deployment name that already exist but using powershell ,you can create N number of deployments with same name however i did not allow that in my script.
If you want to create the deployment names without prior checking, you can delete Get the deployments and check the deployment if exist or not from the script.
What information do you need to input into CSV file ?
You need to pipe softwareupdate group name,collection name,deploymentname,type ,available date ,time etc ,restart workstation ,restart server. what you see in below snippet.
Always try to use the deployment name as Softwareupdate group + collection Name to have unique name and easy for identification while running the reports.
SUName: Software update group
CollName:Collection Name
DeploymentName: Deployment Name
DeployType: Deployment Type (Required or Available)
Restart workstation=true means supress the reboot on the workstations after the patches installed ,False means ,reboot the workstation after the patches installed .
you do not need to install any excel components on the machine that you run the script .Script can read the CSV file using notepad.
Download the script from Technet Gallary ,extract zip file, open the CSV file using excel on your machine that has excel installed ,when you are ready with CSV file ,run the script to create deployments.