Product Information

Improvements to Software Update Management in SMS 2003

Published: October 22, 2003

Related Links

•	Product Overview
•	What's New
•	Security Patch Management
•	Features
•	Datasheets
•	Demos
•	System Requirements
•	How to Buy

Read about the improvements to software update management in Systems Management Server (SMS) 2003.

Improvements to Software Update Management in SMS 2003

Business Value

Description

Administrative control

•	Emergency security patch management in SMS 2003 fully supports the Microsoft Solution for Management update deployment process
•	Ability to enforce a "run-in-window" to prevent updating during restricted hours
•	Update deadlines are enforced independently of the advertisement schedule
•	Ability to maintain the resilient source locations on Distribution Points dynamically for MSI-based applications (no more prompts for the installation CD-ROM during updating or MSI repair)
•	Support for creating and editing multiple program items in each package and the use of custom program names
•	Support for easy transitions from pilot deployment to production deployment
•	Ability to deploy package subset and superset content using different end-user settings (for example, some users get a 7 day deadline while others get a 14 day deadline)
•	Ability to create and import reference computer templates to define standard image desired state baselines for each package
•	Integration with the Windows Server™ 2003 Shutdown Event Tracker (SET) to identify downtime resulting from known updating operations
•	Allows administrators to easily enforce scanning and update installation immediately using a "Re-run Advertisement..." context menu
•	Ability to target updates to Active Directory containers and provide enhanced delegation of targeting
•	Added a client API that can be called to wake the agent on-demand and check for new, pending actions

Administrative experience

•	Performance has been improved in wizard query operations
•	Improved default settings for programs and advertisements
•	Support for unattended authentication through the proxy and firewall during catalog and software update download
•	Support for Distribution Point Groups within the Wizard
•	Improved usability in the Distribute Software Updates Wizard for client agent settings
•	Ability to deploy MSI-based updates (.msp) directly, not just .exe
•	Scan tools support an upgrade capability rather than prior uninstall and reinstall behavior
•	Support for instance-level delegation in the SMS 2003 object security model
•	Improved management of Distribution Point refresh events to reduce network bandwidth and server load during deployment of a new update
•	Ability to quickly view software update compliance from the console view (just two clicks and the compliance is visible)
•	Ability to review both software update properties and Web links from a console property page (easy access to bulletins and KB articles)
•	Ability to efficiently leverage representative computers from the production environment for expedited assessment and update authorization
•	Ability to deploy to a pilot group while updates safely replicate to full production staging locations (makes the final move to production faster)

End-user experience

•	Periodic reminders on a 3 hour interval enable users to click an icon to view the reminder for upcoming deadlines and not be surprised
•	Users can update at their convenience, independently of the SMS 2003 advertisement schedule
•	Installing an update and rebooting can be scheduled separately from one another
•	Unscheduled reboots preserve open applications with unsaved data by using graceful reboot requests
•	The ability to provide custom contextual information ("why this update might apply to you…") for each update is available
•	Less impact on the user experience by faster scanning and reduced resource consumption as compared to Feature Pack 1.0
•	Fewer reboots needed due to optimized reboot detection for temp files versus required file replacement and previous update attempts
•	New feature for silent install phase with reboot reminders and deadlines

Deployment status tracking

•	New reports for infrastructure health, deployment status, and compliance
•	Customized compliance and status dashboard feature (with auto-refresh)
•	Compliance data is automatically summarized in SQL views for high-performance reporting
•	Status messages are clearer, and include localized, detailed text with remediation procedures for failures and warnings
•	Tracking of metrics for enforced versus voluntary updating and other events such as reboot pending
•	Up-to-the-minute status messaging for rapid compliance tracking during the deployment
•	Ability to detect and report up-to-the-minute when updates are uninstalled
•	Scan, install, and rescan support and ability to rescan after reboot as needed for installation verification
•	Expedited inventory is available after a reboot without a user logon
•	Support for general distribution release (GDR) and local distribution release (LDR) updates for Windows Server 2003 (details in Knowledge Base Article 824994)