Ben Hunter

Architect - Microsoft Enterprise Services - Redmond

BDD 2007 - Tips and Tricks - Patching Vista

BDD 2007 - Tips and Tricks - Patching Vista

  • Comments 4
  • Likes

 

Patching XP images is common topic of discussion with many of my customers. When deploying XP should they continuously update their “master” image every time a new patch is released or should they deploy the image without every patch and wait for the machines to be updated automatically via SMS or WSUS?

One of my favourite features of Vista is the ability to patch images offline. This will hopefully mean that the “patching discussion” will be short from now on!!

BDD 2007 leverages this functionality and will patch a Vista client directly after an image is deployed in the Windows PE phase of the deployment. This means that you have a fully patched client when Vista launches for the first time.

Unfortunately for this process to work you will need to update the script that performs the patching process “ztipatches.wsf”. This is due to an a feature that was intended to prevent the addition of the same language pack multiple times.

To fix the problem simply find the following block of code and comment out the line “fLangCanContinue = FALSE”.

                 fLangCanContinue = TRUE

                 If not oExistingLang is nothing then

                       If oExistingLang.Length > 0 then

                             fLangCanContinue = FALSE

                      End if

                 End if

It is also important to know that patches must be converted into a CAB file format before they can be imported into BDD. To do this you simply use the expand command as shown below and then import the expanded CAB file.

                 Expand patch.msu -F:*.CAB c:\temp

Hopefully with these two tips you will be well on the way to a secure fully patched Vista environment.

UPDATE - 16th June 2007:  This fixes detailed in this blog have now been fixed by BDD patch 1. You will find further details here

NOTE: This process is for Vista only, NOT XP....  sorry.

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use.

Comments
  • Ben is a great BDD resource and the original creator of the idea to open notepad as an application during

  • Well the first patch for BDD 2007 has been released, download it here . This fixes a number of those

  • Unfortunately I am missing something here...  On page 176 of the Vista Resource Kit book. It states that I should:  Download the security updates from the Microsoft websites and install them as a part of the image-build process. You mention above that i have to edit the “ztipatches.wsf”. the expand the patches. When I try to download the patches of course it opens my control panel.

  • Hi Tim, You no longer need to edit the ztipatches.wsf script. Please see the update referenced above for more information.  If you are not sure where to download the patches then the following blog by Aaron Tiensivu is a good starting point: http://blog.tiensivu.com/aaron/archives/1123-Updated-list-of-Vista-pre-SP1-hotfixes,-sorted-by-category.html

    Thanks,

    Ben