With the introduction of System Center 2012, Microsoft has adopted a quarterly based approach to releasing updates for the complete suite of components. Normally these are all released on the same day, which the most recently published (at the time of writing) is Cumulative Update 3 for System Center Configuration Manager (SCCM) 2012 SP1.
The process of deploying these update packs has remained unchanged with each update, making the procedure quite comfortable after the first update cycle you complete. (This would also suggest that the content of this post should remain relevant for any earlier updates, and quite likely for any upcoming updates for the 2012 SP1 product stream.)
If you are relative new to System Center Configuration Manager, and this is indeed your first time facing the update cycle, your initial reaction could easily be forgiven for assuming this to be a complicated process, as the documents available from Microsoft do little to help you get a warm confident feeling. My objective here is to give you back the confidence.
This goes without saying, whether you are having some confidence issues, or you are a tried-and-true expert: Stop now and make a backup of your site database.
Assuming you are following a best practice, this is already happening nighty via a SCCM task that you enabled. If so brilliant! Now go check that backup is actually working. You can check the SCCM log on the primary server (smsbkup.log) and see entries that read “Backup Succeeded for Component.”
Most of the confusion is going to be around where you apply the update. For example, if you have an environment similar to mine in which I have a primary server, two management servers, and more than 40 servers acting as deployment points, user state migration roles, etc., then you are likely not looking forward to this job at all.
Now, do you have to install the update on all these servers to which you deployed SCCM roles? And if so, what sequence do you need to approach? Fear not, as the single definite answer is NO, you do not need to update every one of these, you need only update your primary server.
If you have additional hierarchy servers (for example a CAS, additional primary servers, or even a secondary server), then you’ll need to apply the update to these top of hierarchy servers. In this case start from the top and work your way down.
Now that we have clarified the first of these questions about where do we apply the updates, we still need to address the roles we deployed, right? And your clients?
Sure, we do need to deal with them, but that’s actually the easy part! We are going to use SCCM itself to patch these. And, let’s clarify: If you try to take that update you downloaded for Microsoft and use it to patch these other servers, it’s not really going to work.
Why? Well that update is an archive of updates and scripts itself, and when you run it on the head of each level in your hierarchy, it will update the associated SQL databases, and – more importantly – it will offer to create in SCCM a set of four packages in your software scope, which will be used to update the rest of your managed environment. It is these four packages that contain the updates for your clients, servers, and we forget, the SCCM console itself.
As you run the installer, it will prompt you to provide a name for the package and its associated program. Eventually you will have provided details for the following new updates:
This is what the page looks like in the installer:
Okay, go ahead and run the update on your server. For example, as I have no secondarys or CAS, I am just going to run the update on my primary server (which I backed up), allow the database to be updated, and provide names for the four new updates we just listed, as you would like to see them in your SCCM console (or accept the default names if you prefer). You can click the button on the wizard to show the log so that you can easily monitor what is going on while you enjoy a nice coffee.
Really? You’re a SCCM guru – you don’t need me to tell you how to do this, right? Okay, well just to ensure that I have the right idea, I’ll share my understanding with you.
Essentially, the wizard created four new packages for us that we can see these in the Software view of the console. All I have to do is create a deployment for each of these packages, targeted at the respective systems, just as I would do for any other package I would like to distribute. The SCCM will do the rest.
And that is all there is to it! Not as scary as we first expected, right? Good luck with the updates!