Category: Microsoft

Windows 10 disaster!

The latest version of Windows 10 has been a disaster thus far since it was released on October 2nd and it appears that the “file deletion” bug after upgrading to version 1809 appears to be the straw that broke the camels back as Microsoft finally decided to remove the latest update from their sites effective October 6th and have put version 1803 back in its place.  It’s situations like this as to why it does not pay to be an early adopter.  Since I’m in charge on creating / maintain our Windows 10 images, I have stood up a few virtual machines for testing purposes but no way would I ever deploy any new version of an OS so soon without having all the bugs getting worked out.  Even with version 1803, we did not start deploying it until August as it too had its fair share of issues.  Who knows when version 1809 will be fixed and made available again for the masses…stay tuned!

Breakdown of different types of WSUS Updates

Recently, I had to explain the difference between the types of updates showing in our SCCM update catalog and figured that it might be helpful to others looking for a detailed explanation.

The update categories are as follows:

 

A security-only quality update:

• A single update containing all new security fixes for that month
• This will be published only to Windows Server Update Services (WSUS), where it can be consumed by other tools like ConfigMgr, and the Windows Update Catalog, where it can be downloaded for use with other tools or processes. You won’t see this package offered to PCs that talk to Windows Update.
• This will be published to WSUS using the “Security Updates” classification, with the severity set to the highest level of any of the security fixes included in the update.
• This (like all updates) will have a unique KB number.
• This security-only update will be released on Update Tuesday (commonly referred to as “Patch Tuesday”), the second Tuesday of the month. (This is also referred to as a “B week” update.)

A security monthly quality rollup:

• A single update containing all new security fixes for that month (the same ones included in the security-only update released at the same time), as well as fixes from all previous monthly rollups. This can also be called the “monthly rollup.”
• This will be published to Windows Update (where all consumer PCs will install it), WSUS, and the Windows Update Catalog. The initial monthly rollup released in October will only have new security updates from October, as well as the non-security updates from September.
• This will be published to WSUS using the “Security Updates” classification. Since this monthly rollup will contain the same new security fixes as the security-only update, it will have the same severity as the security-only update for that month.
• With WSUS, you can enable support for “express installation files” to ensure that client PCs only download the pieces of a particular monthly rollup that they haven’t already installed, to minimize the network impact.
• This (like all updates) will have a unique KB number.
• This monthly rollup will be released on Update Tuesday (also known as “Patch Tuesday), the second Tuesday of the month. (This is also referred to as a “B week” update.)

A preview of the security monthly quality rollup:

• An additional monthly rollup containing a preview of new non-security fixes that will be included in the next monthly rollup, as well as fixes from all previous monthly rollup. This can also be called the “preview rollup.”
• This preview rollup will be released on the third Tuesday of the month (also referred to as the “C week”).
• This will be published to WSUS using the “Updates” classification as an optional update. It will also be available via Windows Update (where all consumer PCs will install it) and on the Windows Update Catalog.
• With WSUS, you can enable support for “express installation files” to ensure that client PCs only download the pieces of a particular monthly rollup that they haven’t already installed, to minimize the network impact.
• Starting in early 2017 and continuing for several months, older fixes will also be added to the preview rollup, so it will eventually become fully cumulative; installing the latest monthly rollup will then get your PC completely up to date.
• This (like all updates) will have a unique KB number.

Common SCCM Site System Roles

Recently I was asked to give a breakdown of the different site roles within SCCM.  Hopefully this serves as a good reference for those requesting it and/or needing it:

Software update point   A site system role that runs Microsoft Windows Server Update Services (WSUS) and allows Configuration Manager to use the WSUS catalog to scan Configuration Manager clients for software updates.

  • Application Catalog web service point: A site system role that serves as an Application Catalog web service point.
  • Component server: Any server requiring a Configuration Manager service to be installed.
  • Distribution point: A Configuration Manager server role that stages packages for distribution to clients.
  • Endpoint Protection point: A site system role that serves as a endpoint protection point.
  • Management point: A site system role that replies to Configuration Manager client requests and accepts management data from Configuration Manager clients.
  • Site server: The main site system role that hosts the Configuration Manager components and services.
  • Site system: A server or server share that hosts one or more site system roles for a Configuration Manager site.
  • Component server: Any server requiring a Configuration Manager service to be installed.
  • Reporting services point: A site system role that  provides integration with SQL Server Reporting Services to create and manage reports for Configuration Manager.