none
Deploy EXE Updates Using SCCM 2012 RRS feed

  • Question

  • Dears,

    I have to deploy critical outlook update via SCCM 2012 R2, I have opened another case before and didn't solve my issue. I know updates should deploy via normal software updates, but this updated is superseded and released by Microsoft with new one but new one is not cover our task, we want this update because it is required in our exchange migration, it is related to mailboxes migration issue.

    My hotfix update is .exe file and when I go to create new application package in application management, I do proper steps, but in installation program I'm writing outlookloc2013-kb2863911-fullfile.exe /quite /norestart and the problem is we have anther required filed create a rule that indicates the presence of this application, this is because it is outlook update I don't know which setting type and path choose, Kindly your advice. Please see snapshot

    Wednesday, July 27, 2016 3:43 PM

Answers

  • you need to specify something Unique in your Detection Method. For example an Uninstallation Key for this KB in the Registry.

    Simon Dettling | msitproblog.com | @SimonDettling

    • Marked as answer by Dana.Kadi Friday, July 29, 2016 8:44 PM
    Friday, July 29, 2016 2:35 PM
  • In your position a good option would be the one suggested by Damon,

    Another option:

    If you extract the exe with something like 7zip and look into the MSP with ORCA it will show you the target product code and patch code for it.

    From this you can also work out how to uninstall just the patch silently provided it's supported.

    Msiexec /package {90150000-001A-0409-1000-0000000FF1CE} /uninstall {12087F1E-35F9-4620-9157-BD9C3CFFA2E2} /passive REBOOT="ReallySuppress"

    If the above is exactly the same for the version you are installing then a detection rule might be:

    HKEY_Local_Machine

    SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109A10090400100000000F01FEC\Patches\E1F780219F5302641975DBC9C3FF2A2E

    I haven't tested this, but might point you in the right direction.

    This only apply's to the type of update you have as it contains a patch \ msp.
    • Edited by Richard.Knight Friday, July 29, 2016 3:43 PM
    • Marked as answer by Dana.Kadi Friday, July 29, 2016 8:44 PM
    Friday, July 29, 2016 3:07 PM

All replies

  • You could use file detection rules for the version numbers listed under "How to determine whether the update is installed" https://support.microsoft.com/en-au/kb/2863911
    Wednesday, July 27, 2016 11:14 PM
  • If this were me, I would look at using a package to deploy the update rather than the application model.

    Is this an option for you?

    Regards

    Damon

    Thursday, July 28, 2016 12:28 AM
  • Dears I have fixed my issue by specifying location path for were update is store in C:\Windows\SoftwareDistribution\Download, and in install program outlookloc2013-kb2863911.exe" /silent /norestart and in uninstall "outlookloc2013-kb2863911.exe" /silent /norestart /uninstall. now it is working.

    Please correct me if I'm wrong.

    Thursday, July 28, 2016 11:17 AM
  • That doesn't work. The Download Folder will pretty much always exist and therefoer your Application won't run on 99% of your Systems.

    Consider using a Package as Damon said. Much simpler for just deploying a single update.

    If you really want to deploy it as an application, then you need to specify something Unique in your Detection Method. For example an Uninstallation Key for this KB in the Registry.


    Simon Dettling | msitproblog.com | @SimonDettling

    Thursday, July 28, 2016 11:31 AM
  • But when I deployed above configuration, the installation successfully completed, what you mean even installed but it is not working?
    Friday, July 29, 2016 6:50 AM
  • I'm just saying that this Detection Method is not suitable for your Deployment. It may work on some Clients, but I personally wouldn't use it.

    Simon Dettling | msitproblog.com | @SimonDettling

    Friday, July 29, 2016 7:51 AM
  • Yes that detection method is going to give you a false positive - in that the folder will exist on most systems that don't have that update, therefore the installation may not be executed because the detection method is being satisfied.

    Friday, July 29, 2016 9:10 AM
  • So in this case what shall I do?
    Friday, July 29, 2016 2:26 PM
  • you need to specify something Unique in your Detection Method. For example an Uninstallation Key for this KB in the Registry.

    Simon Dettling | msitproblog.com | @SimonDettling

    • Marked as answer by Dana.Kadi Friday, July 29, 2016 8:44 PM
    Friday, July 29, 2016 2:35 PM
  • You could write a script which installs the update, and if successful places a file in the filesystem or sets a registry key, then use that as the detection mechanism.  Personally, I'd follow the advice of others and use a package.

    Friday, July 29, 2016 2:43 PM
  • In your position a good option would be the one suggested by Damon,

    Another option:

    If you extract the exe with something like 7zip and look into the MSP with ORCA it will show you the target product code and patch code for it.

    From this you can also work out how to uninstall just the patch silently provided it's supported.

    Msiexec /package {90150000-001A-0409-1000-0000000FF1CE} /uninstall {12087F1E-35F9-4620-9157-BD9C3CFFA2E2} /passive REBOOT="ReallySuppress"

    If the above is exactly the same for the version you are installing then a detection rule might be:

    HKEY_Local_Machine

    SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109A10090400100000000F01FEC\Patches\E1F780219F5302641975DBC9C3FF2A2E

    I haven't tested this, but might point you in the right direction.

    This only apply's to the type of update you have as it contains a patch \ msp.
    • Edited by Richard.Knight Friday, July 29, 2016 3:43 PM
    • Marked as answer by Dana.Kadi Friday, July 29, 2016 8:44 PM
    Friday, July 29, 2016 3:07 PM
  • Thanks all, it is working now by using registry key.
    Friday, July 29, 2016 8:44 PM
  • Hello,

    Another way to configure a detection clause is by using powershell.

    As simple as asking for Updates to WMI...

    Get-Hotfix | Where-Object {$_.HotFixID -match "KBXXXXXXX"}

    It rules.



    Tuesday, December 3, 2019 8:15 AM