Windows Updates not deploying
Testing out the deploy of Windows Updates and I cannot get it to work.
My test computer currently has the latest Windows 10 1703 cumulative update. I'm trying to deploy cumulative update 1709 but it always fails with the "conditions not met" error.
Looking into the conditions I see that there is a step condition that requires the ReleaseId value in the registry key SOFTWARE\Microsoft\Windows NT\CurrenVersion to be set to "1709".
But the ReleaseId value of my test computer is set to "1703". Why would it be 1709 if it does not yet have that cumulative update installed?
Thanks, skdgry
Comments
Hi there! It sounds like you're talking about feature upgrades rather than cumulative updates. Feature upgrades are moving from one build of Windows 10 to another, whereas cumulative update apply security patches for a specific version of Windows 10. The Cumulative Update packages in the package library will only apply the appropriate cumulative update to machines of the same Windows 10 build.
In this case, you're trying to apply the patches for 1709 to a machine running 1703. We try to note these things in the package properties, but those get overlooked a lot. We set those conditions to avoid attempting an unnecessary install of the cumulative updates to the wrong machines.
Katie,
Thanks for the response. I was finally able to successfully install a 1709 cumulative update.
Another question though. I now have the latest version of the x64 1709 cumulative update from July 24 2018. How do I now go about getting the 1803 release/build installed if the step condition says the Releaseid value needs to be "1803"? Because currently, even w/ the latest 1709 release, my Releaseid is listed as "1709". I've inserted the output log below that shows why my deployment task failed.
Katie,
Thanks for the response. I was finally able to successfully install a 1709 cumulative update.
Another question though. I now have the latest version of the x64 1709 cumulative update from July 24 2018. How do I now go about getting the 1803 release/build installed if the step condition says the Releaseid value needs to be "1803"? Because currently, even w/ the latest 1709 release, my Releaseid is listed as "1709". I've inserted the output log below that shows why my deployment task failed.
The same logic applies here as well. A cumulative update does NOT perform a feature upgrade, which it sounds like you're trying to do. The 1803 cumulative update will only install all the security fixes on a machine running Windows 10 1803. Trying to install the 1803 cumulative update to a 1709 machine will fail because the patches were not meant for that build of Windows 10. Even if you removed the conditions. Those conditions are built into the package to avoid unnecessarily copying over a gigabyte or two to each target machine.
Back in the good ol' days, Microsoft patched Windows by releasing 1 KB per patch. As a result, I'm sure you remember installing a fresh, brand new copy of Windows 7 and then spending a couple hours installing about 300 Windows updates. Microsoft introduced a less cumbersome method with Windows 10 -- the cumulative updates. Instead of a whole bunch of individual patches to install, they're all bundled into one single install file. And because they're cumulative, this month's update contains last month's and last month's and the last month's, and on and on. You can spin up a brand new fresh Windows 10 install and apply the most recent cumulative update for that build, which will contain all of the relevant patches.
Each build of Windows 10 acts more like a different operating system. There are some pretty big changes to the guts of Windows with each build that gets released. Performing a feature upgrade is a lot more work than applying some patches to fix the latest vulnerabilities.
Deploy isn't really built to handle operating system deployments. There's a longer description of how Deploy works here, if you're interested in some light reading.
https://support.pdq.com/knowledge-base/1256-how-it-works-pdq-deploy
It relies upon the runner service, which is created on the fly as you deploy to machines. Your PDQ console machine waits for that runner service to do its work on the target machine, report back information on how the deployment went, and then tidy up after itself. Because of this, when you attempt to perform a feature upgrade, the runner service often gets prematurely killed, severing the connection between your PDQ console machine and reporting a failed deployment.
There are some clever admins out on the community who have found ways to successfully feature upgrade Windows, but it's not something that you'll find a package in the package library for.
If you have Win 10 1703 und you want to Upgrade to Win 10 1803 with PDQ try this:
How to Upgrade Win 10 Versions