ASK MDTGuy! Redundant Windows Updates?

Got a great question from a long time reader today:

I’ve googled this and cannot seem to find a good explanation.  What are the differences between the following with regards to windows updates:

  1. Task Sequence, Windows Update (Pre-application)
  2. Task Sequence, Windows Update (Post application)

The updates are taking an obscene amount of time to apply (2 hours).  And I just updated the image with updates on 7/1.  So, I’m just trying to find anything I really don’t need to be doing (redundant steps).

Both are simply steps in the task sequence that will pull windows updates from either Microsoft’s public windowsupdate.com site or if you have MDT configured to do so; pull from a WSUS server. I use WSUS at work, and it runs like a champ. There’s two separate steps in the default task sequence (pre-apps and post apps) incase you’re installing office or some other MS apps, its going to run updates for those again, post application install. This is particularly helpful when you’re building images, or you’re installing Visio for instance as part of a bundle as part of a state restore for a limited amount of users.

WinUpdate

As an image gets older and older, the updates will take longer and longer to apply. Fun story, I once had an image that took 28minutes to run as a task sequence, over the course of a year and a major office service pack later, take almost two hours to run. Its not that the network was getting slower, it was the windows updates steps that were pulling from a public site (we had no WSUS at that location) and then patch, and then patch again, and those were taking longer and longer to run as the image got older.

Best advise is to get a WSUS box up ASAP, and make sure you have a build lab that you use for building images.

My build lab is a separate deployment share separate from my production share that’s fully automated and optimized for building images once a month after patch Tuesday, I call that day image thurdsay. We reimage a lot where I work, so having a freshly patched image keeps our image times down to a minimum.

Advertisements