Introduction:
Updated: This post is valid only if your Configmgr is running Current Branch 1702 and above versions due the change in powershell cmdlet New-CMSoftwareUpdateDeployment .
Software update groups provide you with an effective method to organize software updates in your environment. Software update group consists of multiple software updates (metadata Only) .You can manually add software updates to a software update group or automatically add software updates to a software update group by using an ADR.
One of the major advantage using software update group is ,easier to track the compliance status using reports or console method for multiple updates that you have deployed and delegate software update administration (You can set a security scope for each software update group).
Problem:
If you have multiple software update groups to deploy to multiple collections as part of monthly patching ,it would be difficult to do it via console .why is it difficult ? well ,the user interface takes very long time (depends on the number of updates in each update group) to process the updates in each software update group ,validate and deploy to collection with some settings like available date,deadline date/time ,reboot settings,download settings etc. If you have already doing it from the console with user interface ,you really need to look at other methods like tools or powershell script to save your time .
Solution:
There are lot of 3rd party tools and scripts available to deploy software update groups to collections but in this blog post, i will share the simple powershell script that i have created to deploy multiple software update groups to multiple collections reading from CSV file and pipe the information to Log file whether the deployments are created or not.
The CSV file is input for the script to read variables like Software update Group Name,collection name,deployment name,deployment type,available date,deadline date,time ,restart servers or workstations. I considered these variables in my script because they are most common settings that we go with.
If you want to customize variables like download settings etc ,you can pipe this information into CSV file and modify the script to read these custom variables.
This powershell script uses the basic Configmgr powershell cmdlets with some custom powershell commands to read the input variables from CSV file ,check if the deployment name already exist or not and then create deployments.
Note: This script will check if the deployment name already exist or not before it create new one similar to user interface .Using console, you cannot use deployment name that already exist but using powershell ,you can create N number of deployments with same name however i did not allow that in my script.
If you want to create the deployment names without prior checking, you can delete Get the deployments and check the deployment if exist or not from the script.
What information do you need to input into CSV file ?
You need to pipe softwareupdate group name,collection name,deploymentname,type ,available date ,time etc ,restart workstation ,restart server. what you see in below snippet.
Always try to use the deployment name as Softwareupdate group + collection Name to have unique name and easy for identification while running the reports.
SUName: Software update group
CollName:Collection Name
DeploymentName: Deployment Name
DeployType: Deployment Type (Required or Available)
Restart workstation=true means supress the reboot on the workstations after the patches installed ,False means ,reboot the workstation after the patches installed .
you do not need to install any excel components on the machine that you run the script .Script can read the CSV file using notepad.
Download the script from Technet Gallary , (updated one that support Current branch 1702 and above ) extract zip file, open the CSV file using excel on your machine that has excel installed ,when you are ready with CSV file ,run the script to create deployments.
Zip file has 2 powershell scripts 1) If you are not running on current branch 1702 (Create SU deployments_Lower_CB1702.ps1) 2) if you are running current branch 1702 and above (Create SU deployments_CB1702_Above.ps1)
Hope it helps!
26 Comments
Hello Eswar,
The technet gallery moved to an other part on the Microsoft website.
Where can i find your amazing script now?
Regards,
William
Hi William,
I have uploaded the script to github, please try https://github.com/eskonr/MEMPowered/tree/master/Scripts/Configuration%20Manager/Software%20Updates
Thanks,
Eswar
Hi Eswar,
Thx for your the link and i got it!
I am currently managing a 2012 and a 1902 CB SCCM. Where is the below 1702 script at I don't see it in the technet download.
Hi Cory,
it looks like i lost 1702 and is older version. there are lot of changes in the recent days with powershell cmdlet with new cmcb versions .
you can always get the old powershell cmdlets and replace it with new ones that are available in the script.
Thanks,
Eswar
Hi Eswar, Thanks for the script In the script even after providing the specific time in $Availabletime variable its taking the default time in SCCM, can you help me in this
Hi Chaitanya,
Please check the timeformat that you have used. What version of configmgr are you using ? There are some changes in the powershell cmdlets in the recent times with new builds. I have not updated the script for a while.
Thanks,
Eswar
Hello, Eswar. I was wondering if you still had the code that was compatible with Configuration Manager 2012. It's no longer on the technet site. Thank you!
hi,
I do not have the code as it is been very long with CM12 but you can edit the script and change the powershell cmdlets that exist in CM12 . This would not take much time for you to replace it .
thanks,
Eswar
Hi Eswar, Thanks for the script In the script even after providing the specific time in $Availabletime variable its taking the default time in SCCM, can you help me in this
What's up Eswar.. This is great.. Is there anyway to add an option to base the schedule off of UTC..
Also, the only other thing I would suggest is to change your "RestartSer" and "RestartWrk" variables to be named "SupressServRestart" and "SupressWrkRestart" in your CSV / PS1.. Reason being.. When editing the CSV I found myself questioning over and over 'Does False mean it won't restart the server?" when really, it means it WILL restart the server..
Thanks mate! Love the script!
Hi Tom,
Appreciate your feedback .For the UTC , haven't looked at the powershell cmdlet but there must be option to add that condition as well.
Yes ,i will rename the description for the restartser etc to make it more meaningful way.
Thanks,
Eswar
Thank you Eswar, fantastic work! The "If any update in this deployment requires a system restart, run updates deployment evaluation cycle after restart" is even enabled as well--excellent!
-Matt
Thank you Matt.
Regards,
Eswar
Hi Eswar,
From techGallery zip file found only one .ps1 file to run 1702 and above, can you upload for 1702 below version run script to download. Thanks in Advance!!
Hi Jeorge,
Let me check if I still have the script with me to upload. Env already migrated to above 1702 long time back.
Regards
Eswar
Eswar,
You're far too nice. It's not your job to modify your script to make it work for them. They can modify it themselves. I would expect this area would be only utilized for pointing out bugs.
Thank you for posting this!
Kevin
How we use SCCM 1606 Software Update new feature (If any update in this deployment requires a system restart, run updates deployment evaluation cycle after restart) using your script, can you please update your script.
There is script posted on http://eskonr.com/2017/03/sccm-configmgr-powershell-to-enable-the-option-software-update-deployment-re-evaluation-behaviour-upon-restart/ . Please utilize it for now .
I will update the script later on this.
Regards,
Eswar
Thanks eshwas
Hi Eshwar,
I recently upgraded my SCCM infra to SCCM CB 1702, for that this script not working with new Features and New Software Update Cmdlet: New-CMSoftwareUpdateDeployment, can you please share updated Script for SCCM CB 1702 or latest.
Hi,
Ok ,I will check and update the script with new cmdlet.
Regards,
Eswar
Hi Eshwar,
can we have PS script to delete SUG deployment for multiple Device collections in same way.
Hi Kumar,
deletion of 1 or many SUG deployments from the collections that are being deployed can be done using sccm. If you go software update groups and particular deployment tab ,you can select multiple collections and choose delete which is available in GUI and doesnt need any powershell script.
But if you want to delete multiple deployments (SUG's) that are deployed to specific collection then you need script as GUI do not allow this. Only one by one must delete.
Thanks,
Eswar
Hello Eswar, thanks for writing this script it saved me a lot of time.
I did however find an error in your script, I'm not registered on Technet so thought I'd let you know here.
The var for the deployment name in the script is set to $DeploymentName=$var.DeploymentName, but in the CSV you named the header DeployName. The script throws an error unless you change the heading in the CSV to DeploymentName. After that it runs fine and does the job.
Before it creates each deployment it does give an Invalid namespace "root\sms\site_sgp" error but this doesn't seem to stop it from working.
Thanks again.
Hi Paul,
I looked at the script ,found that it uses static SMS sitecode which you need to replace it with yours. root\sms\site_sgp
I have now updated the script to get the sitecode without manual entry in technet gallary.
Thanks for pointing it out.
Regards,
Eswar