I have recently been working on a few projects where I have been working on patching solutions with either Orchestrator or SMA. It is almost impossible to discuss patching in Orchestrator without referencing Neal’s cluster patching runbooks.  Neal did a great job of putting together a sample on how to patch clusters.  One thing I noticed about that solution is that it can take quite a while for the patches to install because a collection is generated dynamically and a deployment is also generated dynamically.  This means that the server needs to download all of the patches that are applicable before it will start patching.  I wanted to speed things up significantly so instead of dynamically creating the collections and deployments.  I deployed my Software Update Group to my servers with an installation deadline of the year 2030.  I do this as soon as the patches are released from Microsoft so it gives the servers plenty of time to download before my first actual patch cycle on my servers.

Now that the patches are downloaded, I just need to trigger the install to occur.  To do this I wrote this simple little script that I execute with PowerShell remoting:

[System.Management.ManagementObject[]] $Updates = Get-WmiObject -Query “Select * FROM CCM_SoftwareUpdate WHERE ComplianceState = ‘0’” -Namespace “ROOT\ccm\ClientSDK”

If ($Updates.Count -ne $Null)
{
write-output $updates.Count
$CMInstallMissingUpdates = (Get-WMIObject -Namespace ‘root\ccm\clientsdk’ -class ‘CCM_SoftwareUpdatesManager’ -List).InstallUpdates($Updates)
}
Else
{
return 0

}

This will do a quick scan for applicable updates and then immediately install those updates. Since the patches have already downloaded the time for installation is very quick.