locked
issues with post windows updates task sequence over wsus RRS feed

  • Question

  • Hi all,

    i have issues with the post application windows update task sequence.

    While os deployment instantly after searching for updates the deployment failed.

    I created a new custom task sequence for testing and copied the post application windows updates in there.

    I´m using a shared wsus, with https and target groups

    I remember in my old company where i worked, i set up mdt with wsus  and there it worked just fine. Wsus was there http not https don’t know if that might be the problem.

    I followed this:

    https://www.peppercrew.nl/index.php/2015/10/add-wsus-target-group-option-to-mdt-deployments-2/ 

    used Method 2

    When i look in regedit HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate wsus and the right target group are in there, still the task sequence didnt work.

    When i do the windows updates normal over settings everything is working.

    Does someone had experienced same issues or does anybody have a tip for me?

    Any help much appreciated.

    I uploaded the logs 

    https://uploadfiles.io/oi7hv 

    Monday, January 21, 2019 7:43 AM

All replies

  • I would stay away from WSUS and Windows update in MDT and use Manage Engine Desktop Central for workstation patching. Its cost effective, and easy to deploy and manage.
    Monday, January 21, 2019 5:36 PM
  • I would stay away from WSUS and Windows update in MDT and use Manage Engine Desktop Central for workstation patching. Its cost effective, and easy to deploy and manage.

    What's more cost effective than MDT and WSUS?  They are free!

    MDT and WSUS are easy to deploy and manage.


    -Tony

    Saturday, February 2, 2019 6:18 AM
  • I don't like editing the script files provided by Microsoft because they are replaced during upgrades. Just be sure to document your changes and reapply them after an upgrade. However, the peppercrew article should work.

    Make sure you set the WsusServer variable correctly.  Such as, "http://wsus.ourdomain.local:8530"

    http or https shouldn't matter.  Although, I've never tried it via https.

    The key settings are:

    • Set the WsusServer variable
    • Set "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\TargetGroupEnabled" = 1 (DWORD)
    • Set "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\TargetGroup" = "Group name"

    After looking at your logs, I saw this:

    "The action (Windows Update (Post-Application Installation)) has been skipped because it is disabled"

    Make sure it's not disabled.


    -Tony

    Saturday, February 2, 2019 6:30 AM