Anyone? Von: [email protected] [mailto:[email protected]] Im Auftrag von Nasse, Thorsten Gesendet: Montag, 21. Juli 2014 10:36 An: [email protected] Betreff: [MDT-OSD] AW: Deploying security updates within MDT - superseded updates vs. superseding updates
Thanks for your answer, but I know the different ways to inject updates technically. My question was to clarify whether it is right in principle what Microsoft write in my named article below. We integrate updates by the way I described below. We don't want to change our method if it is not necessary. Could anyone confirm that our method is basically OK? Von: [email protected]<mailto:[email protected]> [mailto:[email protected]] Im Auftrag von [email protected]<mailto:[email protected]> Gesendet: Montag, 21. Juli 2014 06:17 An: [email protected]<mailto:[email protected]> Betreff: [MDT-OSD] RE: Deploying security updates within MDT - superseded updates vs. superseding updates If you have SCCM, you can just offline inject them. Another way is the following, and have a separate WSUS server that your MDT build TS uses. https://mdtcustomizations.codeplex.com/releases/view/111427 ________________________________ From: [email protected]<mailto:[email protected]> [[email protected]] on behalf of Nasse, Thorsten [[email protected]] Sent: Thursday, July 17, 2014 10:31 AM To: [email protected]<mailto:[email protected]> Subject: [MDT-OSD] Deploying security updates within MDT - superseded updates vs. superseding updates Hello folks, in the technet article http://technet.microsoft.com/en-us/library/hh848254.aspx there is listed Operational Concerns for superseded updates in SCCM: When possible, deploy the superseding software update to client computers instead of the superseded software update. You can display a list of the software updates that supersede the software update on the Supersedence Information tab in the software update properties. What does it mean for deploying updates within MDT reference installation production? It is really "dangerous" to install all missing updates in the reference image even if several updates have to be updated by a newer one? In our Lab deployment share we build the reference image by installing first Windows 7 SP1 with all missing patches (up to date) - by using MDT-TS-step and the internal function of unattend.xml. After that we install all missing patches that could not be installed via MDT internal steps (actually 6 updates). Then we install Internet Explorer and all missing patches for the actual configuration. Then we install Office and all missing patches for that. Then we install .NET 4.5.1 and all missing patches for that. We even make several reboots between the steps above. What do you mean - is the way we install the patches above basically wrong ? Best regards, T.N.
