In most cases, you are able to deploy client hotfixes after OS Deployment with a software package. In some scenarios, the hotfix addresses a problem that occurs during OS Deployment. In these scenarios, you’ll want to install the hotfix during the client installation portion of OS Deployment. One of my customers recently asked about this in regards to the deployment of KB2905002. I also want to thank Frank Rojas for first making me aware of this.
You'll first install the hotfix on your site server. I’ll use KB2905002 as an example in this post. This applies to SCCM2007 and SCCM2012. The only different between 2007 and 2012 is that you’ll have to manually copy the hotfix files into the client’s package source.
After you install the hotfix, you’ll need to copy the following folder: ======================================================= < Install Directory>\hotfix\KB2905002\Client\i386\configmgr2012ac-r2-kb2905002-i386.msp To: < Install Directory>\Client\i386\hotfix\KB2905002\configmgr2012ac-r2-kb2905002-i386.msp
And: < Install Directory>\hotfix\KB2905002\Client\x64\configmgr2012ac-r2-kb2905002-x64.msp To: < Install Directory>\Client\x64\Hotfix\configmgr2012ac-r2-kb2905002-x64.msp =======================================================
Then, “Update Distribution Points” on your “Configuration Manager Client Package”.
To install any patches during the initial client installation, you’ll use the PATCH= Please refer to the following KB for full details: KB907423: How to include an update in the initial installation of Systems Management Server 2003 Advanced Client http://support.microsoft.com/kb/907423
To install any client patches during the "Setup windows and ConfigMgr" task of an SCCM OSD Task Sequence, include the following line in the "Installation properties" box of the "Setup windows and ConfigMgr" task: PATCH="C:\_SMSTaskSequence\OSD\<Package_ID>\i386\hotfix\<KB_Folder>\<KB_MSP_File>.msp"
Where: < Package_ID> is the package ID of the ConfigMgr client installation package specified in the "Setup windows and ConfigMgr" task < KB_Folder> is the folder that contains the KB hotfix and MSP file in the Client Installation folder < KB_MSP_File> is the file name of the MSP file in the <KB_Folder>
Make sure to include quotes as part of the path.
For example, if the ConfigMgr client package ID was XXX00002 and the KB2905002 hotfix patch needs to be installed during the initial ConfigMgr client installation, the cmd line should read the following: For x64: PATCH="C:\_SMSTaskSequence\OSD\XXX00002\x64\hotfix\KB2905002\Configmgr2012ac-r2-kb2905002-x64.msp" For x86: PATCH="C:\_SMSTaskSequence\OSD\XXX00002\i386\hotfix\KB2905002\Configmgr2012ac-r2-kb2905002-i386.msp"
PLEASE NOTE: The drive letter C: needs to be hard coded into the path for the PATCH= option. A variable cannot be used (for example %SystemDrive% or %DeploySystemDrive%). This is because the "Setup windows and ConfigMgr" task is usually run while in WinPE, and not while in the Windows OS being deployed. This may cause the variable to be improperly resolved because it will either resolve to the value is in WinPE (in the case of %SystemDrive%, usually X: instead of C:) or the drive letter as it has been enumerated in WinPE (in the case of %DeploySystemDrive%, usually E: instead of C:). This should usually not be a problem except for the rare case that the Windows OS resides in a driver letter other than C:.
Hope this helps!
Hey there Ryan, it's great that you PFEs blog all your tips and tricks! For this topic of applying hotfix or CU at client_install during OSD, isn't calling the patchfile from the "volatile" SMSTS folder a risk? Wouldn't it be better to use a non-volatile
installation source path, maybe UNC to DFS or some other install source? I reckon that there are likely to be issues later, where the MSPfile can't be resolved/sourced?
Hello Don, In a single environment where bandwidth isn't a problem, you could probably get away with calling it from a UNC. The benefit to the method above is that the content will still be downloaded from a local distribution point with a standard ConfigMgr
content request. The only time that you should have to use this method is with a hotfix for an issue that has to be addressed at build time. With most patches you can simply deploy post build. During OS Deployment, all content is downloaded to and then being
run from the smsts folder. Thanks! Ryan