/build/static/layout/Breadcrumb_cap_w.png

Obtain or extract currently approved WSUS updates as .msu files

Hi, this has been asked in various formats on different sites but hoping trusty IT Ninja can help me.

WSUS is fine for patching PC's that have been live for ages but not so great for patching PC's that have just been built (I patch monthly). I've come to accept using WSUS to instantly patch a computer is not possible (without a great deal of effort, moving computer OU's etc).

So, next best option is to update the WIM image with all the currently approved updates. Easy right? Unfortunately no. To be clear, updating the offline WIM image is easy, obtaining the updates is not.

If you go to the Windows Update catalog, that's a lot of fun downloading updates one by one after searching, also one by one. Re-capturing the WIM image by way of sysprep etc on a monthly basis is also out of the question, for many reasons not least of all the remaining re-arm count :)

So that leaves somehow downloading updates in msu format but only downloading updates which I've already approved in WSUS or extracting updates from WSUS directly, but again msu format is required as you can only inject updates into a WIM using DISM if they are in .msu format.

So, obtaining updates...go! :-)

 

Thanks.

Asked 10 years ago 6991 views
0 Comments   [ + ] Show comments

Answers (2)

Posted by: SMal.tmcc 10 years ago
Red Belt
0

I keep a master image that has never been sysprep'd so the rearm count remains 0.  I have a second hdd in my master system.  I use windows image backup and restore on my master so it never gets sysprep'd till I want to capture it for depolyment.  This master is in the domain so when I restore it, it reports in to sus and gets its updates.

It always creates a dir structure name WindowsImageBackup, I rename the old one so I can have archive copies and also can do many masters from the same machine.

my second drive has directories like

windowsimagebackup-atc101

windowsimagebackup-admin122113

windowsimagebackup-mws211

etc

 

Comments:
  • I just rename old one I need back to windowsimagebackup and when you boot with the dvd and go into "repair" - "restore your computer ..." it finds the one I want and restores it - SMal.tmcc 10 years ago
Posted by: ronco 10 years ago
Third Degree Brown Belt
0

twit,

Here's a KKE recording that specifically addresses keeping your system deployments up-to-date on patches:

http://www.kace.com/support/training/kke/archive?id=D60CBC89-0F5C-4883-AE3E-3D0869152E02&tag=patching&language=en

The solutions covered include both injecting patches to Scripted Installs, and patching newly imaged machines, in a completely automated manner (hands-off).  Really.

Ron Colson

KACE Koach

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ