다음을 통해 공유

MDT 2010 - Installing WSUS updates during SCCM Task sequence with WSUS targeted groups

  • 아티클

If you have been deploying Windows 7 via SCCM using MDT you might wonder how to update your base image during Task Sequence, here are some simple configurations you need to do in order to get it working.

Go to your SCCM server and find the MDTscripts folder, inside you will  find the  ZTIWindowsUpdate.wsf file. Make a backup of this file, we are going to modify it, you can leave it in the same folder and rename it as ZTIWindowsUpdate.bak. Now edit the file with notepad and find the below section:

*
‘//—————————————————————————-*

*  ‘//  Configure Windows Update settings*

*  ‘//—————————————————————————-*

*  If oEnvironment.Item(“WsusServer”) <> “” then*

*                  ‘ Configure the WSUS server in the registry.  This needs to be a URL (e.g. http://myserver).*

*                  oLogging.CreateEntry “Configuring client to use WSUS server ” & oEnvironment.Item(“WsusServer”), LogTypeInfo*

*                  oShell.RegWrite “HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateWUServer”, oEnvironment.Item(“WsusServer”), “REG_SZ”*

*                  oShell.RegWrite “HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateWUStatusServer”, oEnvironment.Item(“WsusServer”), “REG_SZ”*

from this point add those 2 lines bellow, it will target your machine to a specific WSUS group, if this portion is not added you will receive updates from a default WSUS group (not so recommended).

*                  oShell.RegWrite “HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateTargetGroupEnabled”, 1, “REG_DWORD”*

*                  oShell.RegWrite “HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateTargetGroup”, “YOUR-WSUS-TARGET-GROUP“, “REG_SZ”    *

Next step is to configure WSUS server name, go to MDT settings folder and find the file CustomSettings.ini, edit the file and add the following strings:

**[**Settings]

Priority=Default,WSUSServer

[Default]

OSInstall=Y

[WSUSServer]

WSUSServer=http://your-WSUS-server:1234

Now add a Task Sequence step to execute the  ZTIWindowsUpdate.wsf script:  “cscript.exe “%DeployRoot%scriptsZTIWindowsUpdate.wsf”, if you modified the script as above and you wish to target desktops and laptop over same task  you might need to configure MDTTS conditions:

laptops: ISLAPTOP equals “TRUE”

desktops: ISDESKTOP equals “TRUE”

and create 2 files: ZTIWindowsUpdateDesktop.wsf and ZTIWindowsUpdateLaptop.wsf, each one for different platform, the TS steps should look like this:

cscript.exe “%DeployRoot%scripts ZTIWindowsUpdateDesktop.wsf”

cscript.exe “%DeployRoot%scripts ZTIWindowsUpdateLaptop.wsf”**