Cumulative Update 1 for System Center 2012 R2 Configuration Manager has been released by Microsoft. To download and get more detailed information about what this update fixes please visit the official Microsoft KB Article, http://support.microsoft.com/kb/2938441.
I will walk through how to update a primary site with a single site server. How to create custom collections to deploy those updates to clients. How to update the boot images after the update has been applied and how to verify the update has been applied.
Please be aware that with cumulative updates, the clients will need to have the update deployed to them separately. If you have the Auto Update Client feature enabled that will only update clients with a major service pack is installed.
Installing The Update
The following are basic step by step instructions on how to install the cumulative update. I left all the settings default, however there are some settings you may want to look at for your environment.
- The first step is to download the cumulative update from Microsoft’s site. You can find the update here. Download and extract the file to location on the site server.
- Run CM12-R2CU1-KB2938441-X64-ENU.exe
At this point we are ready to install the update to your other site servers, the clients, and the systems that may have the console installed. We should also update the boot images as well. Below, I will go into how to create custom collections to help with the deployment of the updates and how to update the boot images as well.
Creating Custom Collections
I will create the following 6 new custom collections that will help deploy the cumulative update. The below chart shows the name of my new collections and the type of membership rules they have. For smaller organizations some of these collections may not be needed depending on the hierarchy design.
|Central Administration Site Server||Direct Membership|
|All Primary Site Servers||Direct Membership|
|All Secondary Site Servers||Direct Membership|
|All x86 Clients||Query Membership|
|All x64 Clients||Query Membership|
|Computers With Configuration Manager Console||Direct Membership|
|Remote Computers with SMS Provider Installed||Direct Membership|
The following are the queries you can use for the x86 and x64 client collections:
Select * from SMS_R_System inner join SMS_G_System_SYSTEM on SMS_G_System_SYSTEM.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SYSTEM.SystemType = “X86-based PC”
Select * from SMS_R_System inner join SMS_G_System_SYSTEM on SMS_G_System_SYSTEM.ResourceID = SMS_R_System.ResourceId where SMS_G_System_SYSTEM.SystemType = “X64-based PC”
Deploying Updates using Software Deployment
We can now deploy the update packages the installer created to the collections we just created.
- To deploy these packages from the Configuration Manager console click on the Software library Workspace.
- Expand the Application Management Folder
- Expand Packages
- Click on Configuration Manager Updates folder.
- Right click the first package R2 CU1 – Console Update – SITE and then click Deploy
- Under the Deploy Software Wizard Window select the collection that we will be deploying this package to. For this package we will be deploying it to the “Computers with Configuration Manager Console” collection we pervious created. Click Next.
- If by this point you have not already added content destination, then we will added our distribution points to the proper distribution group/distribution points.
- Click Add and select Distribution Group or Distribution Point
- Select the proper groups or distribution points you want to assign this package to.
- Click OK and then click Next.
- On the ‘Specify settings to control how this software is deployed” select the appropriate purpose and optional settings. Depending on your environment these settings will vary. For this example I will leave the default Required setting and click Next.
- Specify the schedule you would like for this deployment. In most cases you will have pre-defined internal policies on when and how you can deploy updates, applications, etc.. For this example I will add As soon as possible to the assignment schedule and leave everything else default. Once again, you should already have some policies in place within your organization for change control.
- On the User Experience window, since we have made this deployment “Required” giving the user any control isn’t necessary. However, you can check the box that Allows users to run the program independently of assignment.
- Since this is a required deployment I will also allow this installation to be performed outside of the maintenance windows. ***Note, this probably should be communicated first to employees receiving this update for their console.***
- Click Next
- Click Next on the Distribution Points window. You may need to change some of these settings depending on your environment.
- Click Next on the Summary Window.
- Click Close on the Completion Window.
You will want to repeat the steps above for the remaining site roles and clients as well. So for R2 CU1 – x64 Client Update you would deploy it to the All X64 Clients collection, the R2 CU1 – x86 Client Update you would deploy to the All X86 Clients collection. The R2 CU1 – Server Update package you would then deploy to the following collections: All Primary Site Servers, All Secondary Site Servers, Central Administration Site Server, and Remote Computers with SMS Provided Installed.
My advice in choosing between ‘Required’ or ‘Available’ deployment on those servers is to go with ‘Available’. My best practice is to make the deployment available and then manually run the software deployment from the servers themselves. This prevents the update from kicking off and unintentionally interfering with production usage of the servers.
As for the clients, I would make them “Required” with no user notification.
Updating Boot Images
Once we have updated our site server we will also need to update our current boot images. To update our boot images follow these steps:
- Open the Configuration Manager Console and click on Software Library workspace.
- Expand the Operating systems folder.
- Click on Boot Images
- Select the boot image that we are going to update
- Right-click and then select the Update Distribution Points action.
- You will need to repeat these steps for all boot images that were previously distributed.
Just a warning, doing this may cause some network issues for your remote sites. Plan to do this off hours when possible if you have slower connections at your remote sites where these boot images will be updated.
How to verify if computer has Cumulative Update 1 installed
How to determine the installation status of this cumulative update
This cumulative update changes the following Configuration Manager version numbers and installation properties.
The CULevel value is located under the following registry subkey:
Note The CULevel value is set to 1 for Cumulative Update 1.
The version that is displayed in the About System Center Configuration Manager dialog is 5.0.7958.1203.
The version that is displayed on the General tab of the Configuration Manager Control Panel item or the Client Version field of device properties in the Administrator Console is 5.00.7958.1203.
Endpoint Protection Client
This update brings the anti-malware client version to 4.5.0216.0. You can find the version information by clicking About on the Help menu of the Endpoint Protection client UI.