Or you could create a gpopack and import just the settings you need during your TS……
From: [email protected] [mailto:[email protected]] On Behalf Of Daniel Ratliff Sent: Tuesday, September 10, 2013 10:38 PM To: '[email protected]' Subject: RE: [mssms] ZTIWindowsUpdate.wsf and WSUS Although not recommended by MS you can run a gpupdate from the ts. Cmd /c gpupdate /force /wait:0 -Daniel Ratliff -----Original Message----- From: Jeff Poling [[email protected] <mailto:[email protected]> ] Sent: Tuesday, September 10, 2013 06:11 PM Eastern Standard Time To: [email protected] <mailto:[email protected]> Subject: [mssms] ZTIWindowsUpdate.wsf and WSUS I have an odd issue in migrating from CM07/MDT2010 to CM12/MDT2012SP1. An OSD task sequence executes the ZTIWindowsUpdate.wsf script from MDT. In the CM07 environment, it works without issue. In CM12, it fails due to not being able to verify digital signatures for third-party publishers. The environment uses WSUS with a third-party product. The certs and proper registry setting are deployed via GPO. It is my understanding that the TS will update group policy after it exits, so the system will not get the certs and registry entries that are applied via GPO prior to the ZTIWindowsUpdte script running. How do I get the script to work in an environment with third-party updates being deployed via WSUS? I've thought about adding a package to the TS that installs the certs and registry settings. Is there a better way? Any insight is greatly appreciated. If my description is unclear let me know as well. Thanks! Jeff The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
