Patching XP images is common topic of discussion with many of my customers. When deploying XP should they continuously update their “master” image every time a new patch is released or should they deploy the image without every patch and wait for the machines to be updated automatically via SMS or WSUS?
One of my favourite features of Vista is the ability to patch images offline. This will hopefully mean that the “patching discussion” will be short from now on!!
BDD 2007 leverages this functionality and will patch a Vista client directly after an image is deployed in the Windows PE phase of the deployment. This means that you have a fully patched client when Vista launches for the first time.
Unfortunately for this process to work you will need to update the script that performs the patching process “ztipatches.wsf”. This is due to an a feature that was intended to prevent the addition of the same language pack multiple times.
To fix the problem simply find the following block of code and comment out the line “fLangCanContinue = FALSE”.
fLangCanContinue = TRUE
If not oExistingLang is nothing then
If oExistingLang.Length > 0 then
fLangCanContinue = FALSE
It is also important to know that patches must be converted into a CAB file format before they can be imported into BDD. To do this you simply use the expand command as shown below and then import the expanded CAB file.
Expand patch.msu -F:*.CAB c:\temp
Hopefully with these two tips you will be well on the way to a secure fully patched Vista environment.
UPDATE - 16th June 2007: This fixes detailed in this blog have now been fixed by BDD patch 1. You will find further details here.
NOTE: This process is for Vista only, NOT XP.... sorry.