Hotfixing with DSC

william-ponder · November 9, 2015, 4:34am

I wish to use DSC to apply all the required windows security patches. From the examples I have seen I have two issues I do not understand.

The MS Windows update site or WSUS determines which hotfixes are required for a given node so I’m not sure how this deterministic logic can be incorporated in a DSC node.
Does anyone have an example on leveraging WSUS for DSC based hotfixing?

Example using local path.
Configuration DownloadHotfixFromPath {
xHotfix m1 {
Path = “c:\WindowsBlue-KB2937982-x64.msu”
Id = “KB2937982”
Ensure=“Present”
}
}

donj · November 13, 2015, 6:15am

DSC isn’t meant to be a replacement for Windows Update. The best use of DSC would be to ensure that Windows Update was correctly configured - and then letting Windows Update do its thing. You’re correct in that DSC doesn’t implement any of the logic in WSUS.

DSC’s not supposed to replace all the other tooling - you’re meant to use DSC to make sure those other tools are set up the way you want.

william-ponder · November 13, 2015, 7:17am

That makes sense but what value does the DSC module xWindowsUpdate have?

donj · November 13, 2015, 7:21am

It’s an open-source module. Open it up in the ISE and have a look at its parameters ;).

Topic		Replies	Views
Windows Updates via DSC DSC	4	421	May 16, 2024
Introducing DSC to my company DSC	6	244	May 16, 2024
Upgrading xWebAdministration Module/DSC Resource DSC	1	184	May 16, 2024
Install Windows Update Standalone Installer remotely using DSC DSC	2	212	May 16, 2024
DSC and scheduled maintenance windows DSC	5	264	May 16, 2024

Hotfixing with DSC

Related topics