Hotfixing with DSC

This topic contains 3 replies, has 2 voices, and was last updated by  Don Jones 1 year, 10 months ago.

  • Author
    Posts
  • #31818

    WKPSInCincinnati
    Participant

    I wish to use DSC to apply all the required windows security patches. From the examples I have seen I have two issues I do not understand.
    1. The MS Windows update site or WSUS determines which hotfixes are required for a given node so I'm not sure how this deterministic logic can be incorporated in a DSC node.
    2. Does anyone have an example on leveraging WSUS for DSC based hotfixing?

    Example using local path.
    Configuration DownloadHotfixFromPath {
    xHotfix m1 {
    Path = "c:\WindowsBlue-KB2937982-x64.msu"
    Id = "KB2937982"
    Ensure="Present"
    }
    }

  • #31939

    Don Jones
    Keymaster

    DSC isn't meant to be a replacement for Windows Update. The best use of DSC would be to ensure that Windows Update was correctly configured – and then letting Windows Update do its thing. You're correct in that DSC doesn't implement any of the logic in WSUS.

    DSC's not supposed to replace all the other tooling – you're meant to use DSC to make sure those other tools are set up the way you want.

  • #31953

    WKPSInCincinnati
    Participant

    That makes sense but what value does the DSC module xWindowsUpdate have?

  • #31954

    Don Jones
    Keymaster

    It's an open-source module. Open it up in the ISE and have a look at its parameters ;).

You must be logged in to reply to this topic.