MDT: Installing Windows 7 Updates as Packages

This is a really nice feature that MDT has allowing for all updates to be installed during the initial windows setup process. The problem is that certain updates will not install and cause the Install Updates function to fail, thereby halting the build. You will see the message Windows could not apply unattend settings during pass [offlineServicing]. The only way to resolve this is to remove the updates that caused it to halt.

The best way to locate the updates causing the problem is to create a structured package group. The way I setup my company's was to create the following structure:

1. Windows 7 Updates
1. Pre-Image Updates
1. Non-Security Updates
1. 2009
2. 2011
3. 2012
4. 2013
2. Optional Updates
3. Security Updates
1. 2010
2. 2011
3. 2012
2. Post-Image Updates
1. Non-Security Updates
2. Optional Updates
3. Security Updates

This gives an easy, sorted structure for the updates, which also allows you to find and remove those updates no longer needed after a service pack is installed. Plus, it allows you to activate/deactivate smaller sets of updates through the selection profile, thereby making narrowing down to the bad updates much easier. You might wonder where I got this structure. I use Windows Updates Downloader to download all of my windows updates and it uses this structure  I can verify that it works out great. This also allowed me to more easily find those updates that caused the build to crash during the offline installation. As far as associating them with a task sequence, all you have to do is check-mark each folder to be included in the selection profile, allowing all of the folders to be installed under a single task sequence. 

As far as the list of updates I found to halt the build of Windows 7 64-Bit with SP1, here it is:

• KB2496898
• KB2533552
• KB2604521
• KB2726535

Once I removed these updates, the offline update worked flawless. I did not bother trying to get these updates back in the system. I allow WSUS to install them.

Read More