Help Center

Follow

What about Windows Updates that the PDQ Deploy Package Library doesn’t provide?

Purpose:
You want to create and deploy packages for Windows updates using PDQ Deploy that are not offered in the Package Library.

Resolution:
The majority of Windows Updates can be installed using PDQ Deploy, as most Microsoft patches are Microsoft Update Standalone Package (MSU) files. As part of the magic that is PDQ Deploy, for an MSU file (wusa.exe), the Install Step automatically inputs the silent parameters of /quiet /norestart so you don't have to.

IMPORTANT DISCLAIMER:
Certain instructions in this document refer to deprecated operating systems. Windows XP and Server 2003 are not supported by Microsoft or PDQ.com and information pertaining to patching these operating systems is provided, as-is. We have not tested these packages against these operating systems and there is no warranty, expressed or implied, regarding the fitness of your package for this, or any other purpose. You assume all responsibility for the use or misuse of this package.

Matching Patches to OS:
Windows desktop and server operating system patches are the same files (same KB number), unless otherwise noted in the corresponding KB article from Microsoft. The following table can be used to determine which desktop and server operating systems can receive the same Windows patches:

Desktop OS

Server OS

Windows XP (32-bit)

N/A

N/A

Server 2003 (32-bit)

Windows XP (64-bit)

Server 2003 (64-bit)

Windows Vista (32-bit)

Server 2008 (32-bit)

Windows Vista (64-bit)

Server 2008 (64-bit)

Windows 7 SP 1 (32-bit)

N/A

Windows 7 SP 1 (64-bit)

Server 2008 R2

Windows 8 (32-bit)

N/A

Windows 8 (64-bit)

Server 2012

Windows 8.1 (32-bit)

N/A

Windows 8.1 (64-bit)

Server 2012 R2

Windows 10 (1503/Initial/RTM) (32-bit)

N/A

Windows 10 (1503/Initial/RTM) (64-bit)

N/A

Windows 10 (1511) (32-bit)

N/A

Windows 10 (1511) (64-bit)

N/A

Windows 10 (1607) (32-bit)

N/A

Windows 10 (1607) (64-bit)

Server 2016

Windows 10 (1703) (32-bit)

N/A

Windows 10 (1703) (64-bit)

N/A


Deploying MSU-based Windows Updates for Supported Operating Systems:
Supported operating systems (see note below) at the time of this writing include Windows 10, Server 2016, Windows 8.1, Server 2012 R2, Windows 8, Server 2012, Windows 7, Server 2008 R2, Windows Vista, and Server 2008): 

NOTE:
As of June 2017, Windows Vista, Windows 8, and Windows 10 (1503/Initial/RTM) are no longer supported by Microsoft or PDQ.com and any information pertaining to patching these operating systems is provided, as is.

The following steps can be used to create a package in PDQ Deploy for Windows (MSU) patches for the supported operating systems listed above (requires Pro or Enterprise mode):

1. Acquire the desired patch from the Microsoft Update Catalog and save into your Repository or desired location.

2. Create a new Package In PDQ Deploy.

3. Create a new PowerShell step to stop the Windows Update service: 

$ErrorActionPreference = "Stop"
$ServiceStartType = (Get-WmiObject win32_Service -Filter "Name='Wuauserv'").StartMode
$Destination = "$env:TEMP\StoredService.txt"
 
# Create $Destination file if it does not already exist
If (-not (Test-Path $Destination)) { 
 
    New-Item -Path $Destination -ItemType File
    
}
 
$ServiceStartType | Out-file -FilePath $Destination -Force
 
If ($ServiceStartType -match "Disabled"){
 
    Set-Service Wuauserv -StartupType Manual
    Write-Output "The Windows Update service startup type has been Changed from Disabled to Manual on $Env:COMPUTERNAME."       
 
}
 
Write-Output "Stopping Windows Update service on $Env:COMPUTERNAME"
Stop-Service -Name wuauserv -Force


4. 
Create a new Install Step and use the file picker [...] or type the path to select the downloaded Windows update file you downloaded in Step 1 for the
Install File.
01.png

Notice that we automatically add the silent parameters and call to wusa.exe for the MSU file.

5. Create a second new PowerShell step to restore the Windows Update service to the previous state:

$ErrorActionPreference = "Stop"
$Destination = "$env:TEMP\StoredService.txt"
$ServiceStartType = (Get-Content $Destination)
$ServiceObject = Get-Service -Name Wuauserv
 
If($ServiceStartType -match "Auto"){
 
    Write-Output "The Windows Update Service startup type is set to Automatic on $Env:COMPUTERNAME"
    Exit 0
 
}
 
Try {
 
    Set-Service Wuauserv -StartupType $ServiceStartType
 
} Catch {
 
     Write-Output "The Windows Update Service could not be reverted back to it's original state on $Env:COMPUTERNAME`n"
    $_
    Exit 0
 
}
 
Write-Output "The Windows Update Service startup type has been reverted back to $ServiceStartType on $Env:COMPUTERNAME"
 
If (Test-Path $Destination) {
    
    Remove-Item $Destination -Force
        
}


6. Adjust the Conditions tab on each step to only deploy to the correct operating systems and architecture as needed.

7. Deploy your newly created package to the desired machines. For example, a collection that lists computers missing a required patch.

Windows XP and Server 2003:
The following steps can be utilized to create a package in PDQ Deploy for Windows patches to Windows XP and Server 2003 machines:

1. Acquire the desired patch from the Microsoft Update Catalog and save into your Repository. For Example: KB3197835

2. Open PDQ Deploy, create a New Package.

3. Create a new Install Step and use the file picker [...] or type the path to select the downloaded Windows update file you downloaded in Step 1 for the Install File.

NOTE:
This can be done in PDQ Deploy operating in Free mode, but it will require a separate package for each step listed below.

The recommended Parameters are: /quiet /norestart /overwriteoem
The recommended Success Codes are: 0,1641,3010
02.png

4. Next, add another Install Step (or create a new package with an Install Step if operating in Free Mode) for Server 2003. Note that while the Install File has changed, the Parameters and Success Codes have not.
03.png

5. Optionally, add an additional Install Step for XP x64 and Server 2003 x64:
04.png

6. Adjust the Conditions tab on each step to only deploy to the correct operating systems and architecture as needed.

7. Deploy your newly created package to the Desired Machines.

See Also:
Identify Machines That Require A Specific Windows/Microsoft Update
Description of the Windows Update Standalone Installer in Windows
Can I Install Windows Updates Using PDQ Deploy?

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk